#powershell Script: Find Active Directory User II

#powershell Script: Find Active Directory User II (Update v1.10)

—–
Find-AdUserII is one of the many PowerShell functions/utilities in my personal script toolbox repository designed to help simplify the management and administration of just about any Active Directory Directory Services (AD DS) environments.

This self-explanatory utility works in PowerShell v2.0 and higher without any dependency on the AD PowerShell Module or other third party add-on. It accepts displayname as a parameter; you can customize the search criteria to any supported AD user attributes, for example. With the (auto) discovered forest/domain names, the function performs LDAP searches across multiple domains in your entire AD forest automagically (thanks to the .NET Framework). Enjoy!

################################################################################
# Copyright (c) 201x-2017 leedesmond.com
# All Rights Reserved. Use at your own risk and responsibility.
# Find-AdUserII.ps1
# Version 1.00
#
# USAGE:
# Find-AdUserII “desmond lee”
#
# OUTPUT:
# An array of matching users’ AD properties.
#
################################################################################
function Find-AdUserII
{
param([string]$displayname)

$curforest = [DirectoryServices.ActiveDirectory.forest]::GetCurrentForest();
$rootdomain = $curforest.RootDomain.Name;
$base = $curforest.Schema.Name;
$base = $base.SubString($base.IndexOf(“,DC”)+1);
$users = @();

$curforest.Domains | % {
if ($_.Name -ne $rootdomain) {
$pfx = $_.Name.SubString(0,$_.Name.IndexOf(“.”));
$dom = “LDAP://DC=$pfx;$base”;

$root = New-Object System.DirectoryServices.DirectoryEntry $dom;
$searcher = New-Object System.DirectoryServices.DirectorySearcher;
$searcher.SearchRoot = $root;
$searcher.filter = “(&(objectClass=user)(displayname=$displayname))”;
$users += $searcher.FindAll(); #FindOne()
}
}
Write-Output $users;
} #Find-AdUserII()
#
#

$displayname = “Desmond Lee”;
$users = Find-AdUserII $displayname;
$users

Leave a Reply