Get-LdapUser.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
Function Get-LdapUser
{
    <#
    .SYNOPSIS
        Search for User objects in an LDAP directory.
 
    .DESCRIPTION
        Uses the System.DirectoryServices Assembly to search for User objects in a Non-Microsoft LDAP directory.
 
    .PARAMETER Name
        SamAccount or Part of the CN Name to search for..
 
    .PARAMETER Server
        DNS name or IP address to connect to.
 
    .PARAMETER Credential
        PSCredential object to bind to LDAP with.
 
    .PARAMETER SecureSocketLayer
        Forces LDAPS connection
 
    .PARAMETER TimeOut
        LDAP timeout in seconds.
 
    .PARAMETER Passthru
        Outputs the connection parameters to the pipeline
 
    .EXAMPLE
        Get-LdapUser.ps1 -Name bukteng* -Server 10.1.1.1 -Credential (Get-Credential)
        LDAP bind to IP address 10.1.1.1 after prompting the operator for credentials and return all users matching bukteng*
     
    .OUTPUT
        Distinguished name and other attributes that have values
 
    .NOTES
        Author : Glen Buktenica
        Version : 1.0.0.0 20160704 Initial Build
    #>
 
    [CmdletBinding()]
    [OutputType([psobject])]
    Param
    (
        [Parameter(Position=0, 
            Mandatory=$true, 
            ValueFromPipeline=$true, 
            ValueFromPipelineByPropertyName=$true)] 
            [string[]] $Name,
        [Parameter(Position=1, 
            Mandatory=$true, 
            ValueFromPipeline=$true,
            ValueFromPipelineByPropertyName=$true)]
            [string] $SearchScope,
        [Parameter(Position=2, 
            Mandatory=$true, 
            ValueFromPipeline=$true,
            ValueFromPipelineByPropertyName=$true)] 
            [string] $Server,
        [Parameter(Mandatory=$true,
            ValueFromPipeline=$true, 
            ValueFromPipelineByPropertyName=$true)] 
            [System.Management.Automation.CredentialAttribute()]
            $Credential,
        [Parameter(Mandatory=$false, 
            ValueFromPipelineByPropertyName=$false)] 
            [switch] $SecureSocketLayer,
        [Parameter(Mandatory=$false, 
            ValueFromPipelineByPropertyName=$false)]
            [string] $TimeOut = "10000",
        [Parameter(Mandatory=$false, 
            ValueFromPipelineByPropertyName=$false)]
            [switch] $PassThru
    )
    BEGIN 
    {
        Write-Verbose 'Starting Get-LdapUser'
        Write-Verbose "Loading required assemblies"
        Add-Type -AssemblyName System.DirectoryServices.Protocols -ErrorAction Stop
        Add-Type -AssemblyName System.Net -ErrorAction Stop
        $Scope = [System.DirectoryServices.Protocols.SearchScope]::Subtree 
        $attrlist = ,"*"
        Connect-LdapServer -Server $Server -Credential $Credential -ErrorAction Stop
    }
    PROCESS 
    {
        Write-Verbose "Searching for $Name"
        $Filter = "(&(cn=$Name)(objectClass=user))"
        $ResponseUsers = New-Object System.DirectoryServices.Protocols.SearchRequest -ArgumentList $SearchScope,$Filter,$Scope,$attrlist
        $ResultUsers = ($global:LdapConnection.SendRequest($ResponseUsers)).Entries
        foreach ($ResultUser in $ResultUsers)
        {
            #$ResultUser.Attributes
            $Return = New-Object PSObject
            $Return | Add-Member Noteproperty DistinguishedName ($ResultUser.DistinguishedName)
            $Keys = $ResultUser.Attributes.keys
            foreach ($Key in $Keys)
            {
                If ($Key -ne "jpegphoto")
                {
                    $Return | Add-Member Noteproperty $Key ($ResultUser.Attributes.$Key |? {$_}| ForEach-Object {[System.Text.Encoding]::ASCII.GetString($_)})
                }
            }
        }
        If ($Return.length -eq 0)
        {
            Write-Error "$Name not found"
        }
        Else
        {
            $Return
        }
    }
    END 
    {
        if (-not $PassThru)
        {
            Connect-LdapServer -Disconnect
        }
        Write-Verbose 'End Get-LdapUser'
    }
}
Export-ModuleMember -function Get-LdapUser