Ok, I've searched through technet and google and not found much in the way of solid examples. I have found a few and I have one working but I'm getting some odd results.
$dn = 'ou=Accounts,dc=company,dc=com' $domain = "LDAP://ldap.company.com:389/$($dn)" $useragent = 'cn=dept-acct,dc=company,dc=com' $userpass = '1SuperSecretPassword!' $auth = [System.DirectoryServices.AuthenticationTypes]::FastBind #$auth = [System.DirectoryServices.AuthenticationTypes]::Secure $root = New-Object -TypeName System.DirectoryServices.DirectoryEntry($domain, $useragent, $userpass, $auth) $query = New-Object System.DirectoryServices.DirectorySearcher($root, "(objectclass=*)") $objClass = $query.findall() $objClass.Count $objClass |gm
So before we get started, $dn through $useragent have been modified to not display our internal setup, I do in fact get results with the proper information filled in.
I'm attempting to connect to an OpenLDAP server on campus, this server is not managed by me, nor is connecting via powershell supported by campus so this is a pet project of my own. I don't have control over this server, and my dept-acct can only browse things. I can in fact connect to the server via any LDAP client you may ask about and see data.
When the query is run $objClass = $query.findall() appears to run instantly, but when you $objclass to get the output it takes forever for anything to come back. I think that is due to the FastBind at the top, I did try Secure but only received an error.
When i type $objClass.Count after 5 minutes of talking to the server (viewing traffic in wireshark) i get nothing. The get-member has been running now for 30 minutes, it may or may not return anything I don't really know.
I think my first question is, has anyone queried a for real ldap server from powershell where you have to pass along credentials. If so, could you share what you have done and your experiences. I would at some point like to put together some scripts to pull various bits of information from our ldap server. You know the basic kind of stuff, accountname, email address and so on.
At the moment the script will run, and i will see account names and the like scroll by, but i don't appear to be able to access them after the fact.
Any help would be greatly appreciated.
Thanks!
Jeffrey S. Patton Assistant Director of IT School of Engineering Computing Services University of Kansas 1520 West 15th Street Lawrence, KS. 66045-7621 | http://patton-tech.com