Test LDAPS Connection using Powershell [ADSI] and alternate credentials

Rob D 0 Reputation points
2023-01-24T18:55:19.3066667+00:00

Hello,

I have a web server in a DMZ, and want to test a secure LDAP connection to the non-DMZ domain using alternate credentials. Is there a way to get Powershell to prompt for credentials with the [adsi] command?

I would like to be able to run [adsi]"LDAP://myadserver.mydomain.local:636" and have it prompt for user credentials. So far I am not having any luck.

Thanks for any help

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,575 questions
Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,282 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Rich Matheisen 44,081 Reputation points
    2023-01-24T20:22:34.59+00:00

    Try either of these:

    $user = Read-Host "User: "
    $password = Read-Host "Password: "
    $ADSI = New-Object System.DirectoryServices.DirectoryEntry("LDAP://$OUPath", $username, $password)
    
    
    $cred     = Get-Credential
    
    $ADSI = New-Object System.DirectoryServices.DirectoryEntry("LDAP://$OUPath", $cred.UserName, $cred.GetNetworkCredential().Password
                )
    
    
    1 person found this answer helpful.
    0 comments No comments

  2. Limitless Technology 44,011 Reputation points
    2023-01-25T16:26:59.9133333+00:00
    Hello there,
    
    You can use Test-LDAP to verify whether LDAP and LDAPS are available on one or more Domain Controllers.
    
    Function Test-LDAPConnection {
        [CmdletBinding()]
                   
        # Parameters used in this function
        Param
        (
            [Parameter(Position=0, Mandatory = $True, HelpMessage="Provide domain controllers names, example DC01", ValueFromPipeline = $true)] 
            $DCs,
      
            [Parameter(Position=1, Mandatory = $False, HelpMessage="Provide port number for LDAP", ValueFromPipeline = $true)] 
            $Port = "636"
        ) 
      
        $ErrorActionPreference = "Stop"
        $Results = @()
        Try{ 
            Import-Module ActiveDirectory -ErrorAction Stop
        }
        Catch{
            $_.Exception.Message
            Break
        } 
             
        ForEach($DC in $DCs){
            $DC =$DC.trim()
            Write-Verbose "Processing $DC"
            Try{
                $DCName = (Get-ADDomainController -Identity $DC).hostname
            }
            Catch{
                $_.Exception.Message
                Continue
            }
      
            If($DCName -ne $Null){  
                Try{
                    $Connection = [adsi]"LDAP://$($DCName):$Port"
                }
                Catch{
                    $ExcMessage = $_.Exception.Message
                    throw "Error: Failed to make LDAP connection. Exception: $ExcMessage"
                }
      
                If ($Connection.Path) {
                    $Object = New-Object PSObject -Property ([ordered]@{ 
                           
                        DC                = $DC
                        Port              = $Port
                        Path              = $Connection.Path
                    })
      
                    $Results += $Object
                }         
            }
        }
      
        If($Results){
            Return $Results
        }
    
    
    Hope this resolves your Query !!
    
    --If the reply is helpful, please Upvote and Accept it as an answer--
    
    1 person found this answer helpful.
    0 comments No comments