writing powershell function with DirectorySearcher instead of get-adcomputer

Thomas Garrity 22 Reputation points
2020-12-23T05:10:25.443+00:00

I'm trying to convert my PowerShell function to use DirectorySearcher with the relevant filter, properties, etc. to find stale computers because Microsoft's Search-ADAccount is insufficient for what I need, and so I don't want my new function to rely on any underlying modules, i.e. get-adcomputer, because I heard it's best practice to rely as little as possible on external functions.

Here's the code I have thus far which seems to get me most of the way there, but I'm having trouble formatting the data into human-readable results that get-adcomputer does so nicely. 

$FileTimeUTC = (get-date).adddays(-90).ToFileTimeUtc()
$Credential = get-credential 
$Searcher = new-object -typename system.directoryservices.directorysearcher
$Searcher.Filter = "(&(objectclass=computer)(operatingsystem=windows*)(!(primarygroupid=516))(!(operatingsystem=*server*))(lastlogontimestamp<=$filetimeutc))"
$Searcher.PropertiesToLoad.Add('Name')
$Searcher.PropertiesToLoad.Add('Description')
$Searcher.PropertiesToLoad.Add('DistinguishedName')
$Searcher.PropertiesToLoad.Add('OperatingSystem')
$Searcher.PropertiesToLoad.Add('OperatingSystemServicePack')
$Searcher.PropertiesToLoad.Add('Created')
$Searcher.PropertiesToLoad.Add('PasswordLastSet')
$Searcher.PropertiesToLoad.Add('LastLogonDate')
$DomainDN=([adsisearcher]"").SearchRoot.Path
$domain = new-object -typename system.directoryservices.directoryentry -argumentlist $DomainDN, $Credential.UserName, $Credential.GetNetworkCredential().password
$searcher.searchroot = $domain
$objs = $searcher.findall()
return $objs

What I get is a mess with just Path and Properties, not in the format that I would normally get if I had instead used this: 

get-adcomputer -filter * -properties Name,Description,DistinguishedName,OperatingSystem,OperatingSystemServicePack,Created,PasswordLastSet,LastLogonDate

Need help formatting the results in $objs if possible. Thank you in advance!

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
4,855 questions
Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,088 questions
Accepted answer
  1. Ian Xue (Shanghai Wicresoft Co., Ltd.) 22,191 Reputation points Microsoft Vendor
    2020-12-23T06:43:08.807+00:00

    Hi,

    The properties are stored in a hashtable and you can format the output as follows 

    $name = @{n="Name";e={$_.properties.'name'}}  
$distinguishedName = @{n="distinguishedName";e={$_.properties.'distinguishedname'}}  
$operatingSystem = @{n="OperatingSystem";e={$_.properties.'operatingsystem'}}  
$description = @{n="Description";e={$_.properties.'description'}}  
$objs | Select-Object -Property $name, $distinguishedName, $operatingSystem, $description

    Best Regards,
    Ian Xue

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Thomas Garrity 22 Reputation points
    2020-12-23T16:27:06+00:00

    Sorry but this isn't making any sense to me. you're using $_. which would imply you're piping from foreach-object, but I'm still not understanding how to build the new array.