Connect-LdapServer.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
Function Connect-LdapServer
{
    <#
    .SYNOPSIS
        Connect to an LDAP server.
 
    .DESCRIPTION
        Bind to an LDAP server on port 389 using Dot NET class System.DirectoryServices.Protocols
        and save the connection to the global variable LdapConnection
 
    .PARAMETER Server
        DNS name or IP address to connect to.
 
    .PARAMETER Credential
        PSCredential object to bind to the LDAP server with.
 
    .PARAMETER SecureSocketLayer
        Forces LDAPS connection
 
    .PARAMETER TimeOut
        LDAP timeout in seconds.
        Default value 10000 seconds (166 minutes)
 
    .PARAMETER Disconnect
        Disposes the LDAP connection and removes the global variable.
 
    .PARAMETER DirectoryVersion
        Connects to the LDAP server with a request version of LDAP.
        Defaul value 3
 
    .EXAMPLE
        Connect-LdapServer -Server 10.1.1.1 -Credential (Get-Credential)
        LDAP bind to IP address 10.1.1.1 after prompting the operator for credentials
 
    .EXAMPLE
        Connect-LdapServer -Server 10.1.1.1:637 -Credential (Get-Credential)
        LDAP bind to IP address 10.1.1.1 and on port 637 after prompting the operator for credentials
 
    .EXAMPLE
        Connect-LdapServer -Disconnect
        Disposes the LDAP connection and removes the global variable.
 
    .NOTES
        Author : Glen Buktenica
        Version : 1.0.0.0 20160704 Initial Build
    #>
 
    [CmdletBinding()]
    Param
    (
        [Parameter(Mandatory=$false, 
            ValueFromPipeline=$false)] 
            [ValidateNotNullOrEmpty()] 
            [string] $Server,
        [Parameter(Position=1,
            Mandatory=$false, 
            ValueFromPipeline=$false)] 
            [System.Management.Automation.CredentialAttribute()]
            $Credential,
        [Parameter(Mandatory=$false, 
            ValueFromPipeline=$false)] 
            [switch] $SecureSocketLayer,
        [Parameter(Mandatory=$false, 
            ValueFromPipeline=$false)]
            [string] $TimeOut = "10000",
        [Parameter(Mandatory=$false, 
            ValueFromPipeline=$false)]
            [switch] $Disconnect,
        [Parameter(Mandatory=$false, 
            ValueFromPipeline=$false)]
            [int] $DirectoryVersion = 3
    )
    #region Disconnect from LDAP server
    Write-Verbose "Function Connect-LdapServer running"
    If ($Disconnect -and $global:LdapConnection)
    {
        Write-Verbose "Disconnecting from:"
        Write-Verbose $global:LdapConnection.SessionOptions.HostName
        $global:LdapConnection.Dispose()
        Remove-Variable LdapConnection -Scope Global
        return
    }
    Elseif ($Disconnect -and -not $global:LdapConnection)
    {
        Write-Verbose "Nothing to disconnect"
        return
    }
    #endregion Disconnect from LDAP server
    Write-Verbose "Request to connect to $Server"
    Write-Verbose "Loading required assemblies"
    Add-Type -AssemblyName System.DirectoryServices.Protocols -ErrorAction Stop
    Add-Type -AssemblyName System.Net -ErrorAction Stop
    #region Connect to LDAP server
    # If a connection object exists to a different server to the one requested then remove all connection objects.
    if ($global:LdapConnection)
    {
        Write-Verbose "LDAP connection already present to:"
        Write-Verbose $global:LdapConnection.SessionOptions.HostName
        If ($global:LdapConnection.SessionOptions.HostName -ne $Server) 
        {
            Write-Verbose "Existing LDAP connection different to requested connection:"
            Write-Verbose $Server
            Write-Verbose "Disconnecting existing connection:"
            Write-Verbose $global:LdapConnection.SessionOptions.HostName
            $global:LdapConnection.Dispose()
            Remove-Variable LdapConnection -Scope Global
        }
    }
    # If no connection exists then build connection object and bind to LDAP server.
    if (-not $global:LdapConnection)
    {
        Write-Verbose "Connecting to LDAP Server"
        Write-Verbose $Server
        # Count the number of errors in standard error before Try.
        $ErrorCountBefore = $Error.Count
        Try
        {
            $global:LdapConnection = New-Object System.DirectoryServices.Protocols.LdapConnection $Server
            $global:LdapConnection.SessionOptions.SecureSocketLayer = $SecureSocketLayer
            $global:LdapConnection.SessionOptions.ProtocolVersion   = $DirectoryVersion
            $global:LdapConnection.AuthType = [System.DirectoryServices.Protocols.AuthType]::Basic
            $global:LdapConnection.Timeout = $TimeOut
            $global:LdapConnection.Bind($Credential)
        }
        Catch
        {
            # If connection fails then remove all connection objects.
            Write-Error "Could not bind to LDAP server"
            $global:LdapConnection.Dispose()
            Remove-Variable LdapConnection -Scope Global
        }
        # If the number of standard errors before the Try is the same as after the Try then connection was successfull.
        $ErrorCountAfter = $Error.Count
        If ($ErrorCountBefore -eq $ErrorCountAfter)
        {
            Write-Verbose "Connection successful"
        }
    }
    #endregion Connect to LDAP server
}
Export-ModuleMember -function Connect-LdapServer