The World According to Mitch

The day to day ramblings of an IT Professional (and so much more…)

Distinguished Names: How do I…

powershell1Yeah yeah, I know… A little while ago I talked about how to determine the Distinguished Name (DN) of an Active Directory Object, and I got a flurry of requests for doing it with PowerShell.

Now, normally I do like to show you how to do things via the GUI, and then what the PowerShell cmdlet would be for the same task.  However since I didn’t actually show a GUI way of doing it, I didn’t think to show you the PowerShell way of doing it.  My bad… Here you go!

1) Let’s say you want to get the DN of all objects with the name Mitch in it.  We can use the Get-ADObect cmdlet.  Like so:

Get-ADObject –Filter { CN –like “Mitch*” }

image

Okay, that’s not bad… but what am I going to do with a DN that includes an ellipses? Of course that is useless, so instead let’s use a full list,… or |fl:

Get-ADObject –Filter { CN –like “Mitch*” } |fl

image

So here we see the full DN (with the domain name hidden to protect the customer’s identity). 

Of course, if you don’t want a whole list, and you know the exact name of the Active Directory Object, you can change the parameters, so:

Get-ADObject –Filter { CN –eq “Mitchell Garvis” } |fl

image

We have eliminated the need for wildcards by changing the switch from –like to –eq, but we now need the exact name (no typos now!) for it to work.

2) The problem is, that doesn’t seem to work with Organization Units, which is what I was talking about in the first place.  So try this:

Get-ADObject –LDAPFilter “(objectClass=organizationalUnit)” |fl

image

Here we have changed the switch from –Filter to –LDAPFilter, and are able to see the entire list of our Object Class… in this case OUs, but you can change that for sites or domains or users.

Windows PowerShell may look complicated to those who grew in the GUI, but here’s the best part… you don’t have to memorize anything to become a PowerShell PowerUser!  All you have to do is know how to use Google (or Bing, if you are still drinking the KoolAid).  Type into the Search Bar PowerShell AD Distinguished and you will come up with a good starting point.

Now go forth and script!

Advertisement

Mitch Garvis

, , ,

One response to “Distinguished Names: How do I…”

  1. PowerShell: HELP! « The World According to Mitch Avatar
    PowerShell: HELP! « The World According to Mitch

    […] reading some of your blog articles today (not everyday, sorry!) and the one on Distinguished Names (see article) caught my attention, I started writing a comment but then thought it might be better to suggest a […]

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: