Private/TestLDAP.ps1
|
Function TestLDAP { [CmdletBinding()] param ( [Parameter(Mandatory=$True)] [string]$ADServerHostNameOrIP ) # Make sure you CAN resolve $ADServerHostNameOrIP AND that we can get FQDN try { $ADServerNetworkInfo = [System.Net.Dns]::GetHostEntry($ADServerHostNameOrIP) if ($ADServerNetworkInfo.HostName -notmatch "\.") { $IP = $ADServerNetworkInfo.AddressList[0].IPAddressToString $ADServerNetworkInfo = [System.Net.Dns]::GetHostEntry($IP) if ($ADServerNetworkInfo.HostName -notmatch "\.") { throw "Can't resolve $ADServerHostNameOrIP FQDN! Halting!" } } } catch { Write-Error $_ $global:FunctionResult = "1" return } $ADServerFQDN = $ADServerNetworkInfo.HostName $LDAPPrep = "LDAP://" + $ADServerFQDN # Try Global Catalog First - It's faster and you can execute from a different domain and # potentially still get results try { $LDAP = $LDAPPrep + ":3269" # This does NOT throw an error because it doen't actually try to reach out to make the connection yet $Connection = [System.DirectoryServices.DirectoryEntry]($LDAP) # This WILL throw an error $Connection.Close() $GlobalCatalogConfiguredForSSL = $True } catch { if ($_.Exception.ToString() -match "The server is not operational") { Write-Warning "Either can't find LDAP Server or SSL on Global Catalog (3269) is not operational!" } elseif ($_.Exception.ToString() -match "The user name or password is incorrect") { Write-Warning "The current user $(whoami) does not have access!" } else { Write-Error $_ } } try { $LDAP = $LDAPPrep + ":3268" $Connection = [System.DirectoryServices.DirectoryEntry]($LDAP) $Connection.Close() $GlobalCatalogConfigured = $True } catch { if ($_.Exception.ToString() -match "The server is not operational") { Write-Warning "Either can't find LDAP Server or Global Catalog (3268) is not operational!" } elseif ($_.Exception.ToString() -match "The user name or password is incorrect") { Write-Warning "The current user $(whoami) does not have access!" } else { Write-Error $_ } } # Try the normal ports try { $LDAP = $LDAPPrep + ":636" # This does NOT throw an error because it doen't actually try to reach out to make the connection yet $Connection = [System.DirectoryServices.DirectoryEntry]($LDAP) # This WILL throw an error $Connection.Close() $ConfiguredForSSL = $True } catch { if ($_.Exception.ToString() -match "The server is not operational") { Write-Warning "Can't find LDAP Server or SSL (636) is NOT configured! Check the value provided to the -ADServerHostNameOrIP parameter!" } elseif ($_.Exception.ToString() -match "The user name or password is incorrect") { Write-Warning "The current user $(whoami) does not have access! Halting!" } else { Write-Error $_ } } try { $LDAP = $LDAPPrep + ":389" $Connection = [System.DirectoryServices.DirectoryEntry]($LDAP) $Connection.Close() $Configured = $True } catch { if ($_.Exception.ToString() -match "The server is not operational") { Write-Warning "Can't find LDAP Server (389)! Check the value provided to the -ADServerHostNameOrIP parameter!" } elseif ($_.Exception.ToString() -match "The user name or password is incorrect") { Write-Warning "The current user $(whoami) does not have access!" } else { Write-Error $_ } } if (!$GlobalCatalogConfiguredForSSL -and !$GlobalCatalogConfigured -and !$ConfiguredForSSL -and !$Configured) { Write-Error "Unable to connect to $LDAPPrep! Halting!" $global:FunctionResult = "1" return } [System.Collections.ArrayList]$PortsThatWork = @() if ($GlobalCatalogConfigured) {$null = $PortsThatWork.Add("3268")} if ($GlobalCatalogConfiguredForSSL) {$null = $PortsThatWork.Add("3269")} if ($Configured) {$null = $PortsThatWork.Add("389")} if ($ConfiguredForSSL) {$null = $PortsThatWork.Add("636")} [pscustomobject]@{ DirectoryEntryInfo = $Connection LDAPBaseUri = $LDAPPrep GlobalCatalogConfigured3268 = if ($GlobalCatalogConfigured) {$True} else {$False} GlobalCatalogConfiguredForSSL3269 = if ($GlobalCatalogConfiguredForSSL) {$True} else {$False} Configured389 = if ($Configured) {$True} else {$False} ConfiguredForSSL636 = if ($ConfiguredForSSL) {$True} else {$False} PortsThatWork = $PortsThatWork } } # SIG # Begin signature block # MIIMiAYJKoZIhvcNAQcCoIIMeTCCDHUCAQExCzAJBgUrDgMCGgUAMGkGCisGAQQB # gjcCAQSgWzBZMDQGCisGAQQBgjcCAR4wJgIDAQAABBAfzDtgWUsITrck0sYpfvNR # AgEAAgEAAgEAAgEAAgEAMCEwCQYFKw4DAhoFAAQUV45yOhs4pOAXDuSw/H/v3nCC # 8Qygggn9MIIEJjCCAw6gAwIBAgITawAAAB/Nnq77QGja+wAAAAAAHzANBgkqhkiG # 9w0BAQsFADAwMQwwCgYDVQQGEwNMQUIxDTALBgNVBAoTBFpFUk8xETAPBgNVBAMT # CFplcm9EQzAxMB4XDTE3MDkyMDIxMDM1OFoXDTE5MDkyMDIxMTM1OFowPTETMBEG # CgmSJomT8ixkARkWA0xBQjEUMBIGCgmSJomT8ixkARkWBFpFUk8xEDAOBgNVBAMT # B1plcm9TQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCwqv+ROc1 # bpJmKx+8rPUUfT3kPSUYeDxY8GXU2RrWcL5TSZ6AVJsvNpj+7d94OEmPZate7h4d # gJnhCSyh2/3v0BHBdgPzLcveLpxPiSWpTnqSWlLUW2NMFRRojZRscdA+e+9QotOB # aZmnLDrlePQe5W7S1CxbVu+W0H5/ukte5h6gsKa0ktNJ6X9nOPiGBMn1LcZV/Ksl # lUyuTc7KKYydYjbSSv2rQ4qmZCQHqxyNWVub1IiEP7ClqCYqeCdsTtfw4Y3WKxDI # JaPmWzlHNs0nkEjvnAJhsRdLFbvY5C2KJIenxR0gA79U8Xd6+cZanrBUNbUC8GCN # wYkYp4A4Jx+9AgMBAAGjggEqMIIBJjASBgkrBgEEAYI3FQEEBQIDAQABMCMGCSsG # AQQBgjcVAgQWBBQ/0jsn2LS8aZiDw0omqt9+KWpj3DAdBgNVHQ4EFgQUicLX4r2C # Kn0Zf5NYut8n7bkyhf4wGQYJKwYBBAGCNxQCBAweCgBTAHUAYgBDAEEwDgYDVR0P # AQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUdpW6phL2RQNF # 7AZBgQV4tgr7OE0wMQYDVR0fBCowKDAmoCSgIoYgaHR0cDovL3BraS9jZXJ0ZGF0 # YS9aZXJvREMwMS5jcmwwPAYIKwYBBQUHAQEEMDAuMCwGCCsGAQUFBzAChiBodHRw # Oi8vcGtpL2NlcnRkYXRhL1plcm9EQzAxLmNydDANBgkqhkiG9w0BAQsFAAOCAQEA # tyX7aHk8vUM2WTQKINtrHKJJi29HaxhPaHrNZ0c32H70YZoFFaryM0GMowEaDbj0 # a3ShBuQWfW7bD7Z4DmNc5Q6cp7JeDKSZHwe5JWFGrl7DlSFSab/+a0GQgtG05dXW # YVQsrwgfTDRXkmpLQxvSxAbxKiGrnuS+kaYmzRVDYWSZHwHFNgxeZ/La9/8FdCir # MXdJEAGzG+9TwO9JvJSyoGTzu7n93IQp6QteRlaYVemd5/fYqBhtskk1zDiv9edk # mHHpRWf9Xo94ZPEy7BqmDuixm4LdmmzIcFWqGGMo51hvzz0EaE8K5HuNvNaUB/hq # MTOIB5145K8bFOoKHO4LkTCCBc8wggS3oAMCAQICE1gAAAH5oOvjAv3166MAAQAA # AfkwDQYJKoZIhvcNAQELBQAwPTETMBEGCgmSJomT8ixkARkWA0xBQjEUMBIGCgmS # JomT8ixkARkWBFpFUk8xEDAOBgNVBAMTB1plcm9TQ0EwHhcNMTcwOTIwMjE0MTIy # WhcNMTkwOTIwMjExMzU4WjBpMQswCQYDVQQGEwJVUzELMAkGA1UECBMCUEExFTAT # BgNVBAcTDFBoaWxhZGVscGhpYTEVMBMGA1UEChMMRGlNYWdnaW8gSW5jMQswCQYD # VQQLEwJJVDESMBAGA1UEAxMJWmVyb0NvZGUyMIIBIjANBgkqhkiG9w0BAQEFAAOC # AQ8AMIIBCgKCAQEAxX0+4yas6xfiaNVVVZJB2aRK+gS3iEMLx8wMF3kLJYLJyR+l # rcGF/x3gMxcvkKJQouLuChjh2+i7Ra1aO37ch3X3KDMZIoWrSzbbvqdBlwax7Gsm # BdLH9HZimSMCVgux0IfkClvnOlrc7Wpv1jqgvseRku5YKnNm1JD+91JDp/hBWRxR # 3Qg2OR667FJd1Q/5FWwAdrzoQbFUuvAyeVl7TNW0n1XUHRgq9+ZYawb+fxl1ruTj # 3MoktaLVzFKWqeHPKvgUTTnXvEbLh9RzX1eApZfTJmnUjBcl1tCQbSzLYkfJlJO6 # eRUHZwojUK+TkidfklU2SpgvyJm2DhCtssFWiQIDAQABo4ICmjCCApYwDgYDVR0P # AQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMDMB0GA1UdDgQWBBS5d2bhatXq # eUDFo9KltQWHthbPKzAfBgNVHSMEGDAWgBSJwtfivYIqfRl/k1i63yftuTKF/jCB # 6QYDVR0fBIHhMIHeMIHboIHYoIHVhoGubGRhcDovLy9DTj1aZXJvU0NBKDEpLENO # PVplcm9TQ0EsQ049Q0RQLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNl # cnZpY2VzLENOPUNvbmZpZ3VyYXRpb24sREM9emVybyxEQz1sYWI/Y2VydGlmaWNh # dGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlv # blBvaW50hiJodHRwOi8vcGtpL2NlcnRkYXRhL1plcm9TQ0EoMSkuY3JsMIHmBggr # BgEFBQcBAQSB2TCB1jCBowYIKwYBBQUHMAKGgZZsZGFwOi8vL0NOPVplcm9TQ0Es # Q049QUlBLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENO # PUNvbmZpZ3VyYXRpb24sREM9emVybyxEQz1sYWI/Y0FDZXJ0aWZpY2F0ZT9iYXNl # P29iamVjdENsYXNzPWNlcnRpZmljYXRpb25BdXRob3JpdHkwLgYIKwYBBQUHMAKG # Imh0dHA6Ly9wa2kvY2VydGRhdGEvWmVyb1NDQSgxKS5jcnQwPQYJKwYBBAGCNxUH # BDAwLgYmKwYBBAGCNxUIg7j0P4Sb8nmD8Y84g7C3MobRzXiBJ6HzzB+P2VUCAWQC # AQUwGwYJKwYBBAGCNxUKBA4wDDAKBggrBgEFBQcDAzANBgkqhkiG9w0BAQsFAAOC # AQEAszRRF+YTPhd9UbkJZy/pZQIqTjpXLpbhxWzs1ECTwtIbJPiI4dhAVAjrzkGj # DyXYWmpnNsyk19qE82AX75G9FLESfHbtesUXnrhbnsov4/D/qmXk/1KD9CE0lQHF # Lu2DvOsdf2mp2pjdeBgKMRuy4cZ0VCc/myO7uy7dq0CvVdXRsQC6Fqtr7yob9NbE # OdUYDBAGrt5ZAkw5YeL8H9E3JLGXtE7ir3ksT6Ki1mont2epJfHkO5JkmOI6XVtg # anuOGbo62885BOiXLu5+H2Fg+8ueTP40zFhfLh3e3Kj6Lm/NdovqqTBAsk04tFW9 # Hp4gWfVc0gTDwok3rHOrfIY35TGCAfUwggHxAgEBMFQwPTETMBEGCgmSJomT8ixk # ARkWA0xBQjEUMBIGCgmSJomT8ixkARkWBFpFUk8xEDAOBgNVBAMTB1plcm9TQ0EC # E1gAAAH5oOvjAv3166MAAQAAAfkwCQYFKw4DAhoFAKB4MBgGCisGAQQBgjcCAQwx # CjAIoAKAAKECgAAwGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQwHAYKKwYBBAGC # NwIBCzEOMAwGCisGAQQBgjcCARUwIwYJKoZIhvcNAQkEMRYEFHvK90Zq6x/rM63S # prN3xGNbip86MA0GCSqGSIb3DQEBAQUABIIBAB+naAh/5X9rWU/ovxU+X+f+GTLK # ZxrYHif3E5GEwIg6jQE+fM1JKNjf1s8byTZYIfDvP0OVGxF2Dxpq3Wy2UK5QR+Oc # EPiM5iojfRdN3N5v23o+x6TiKm8Ryq4fgpr7sE56EJUscT4XrTsCArZxfPufykaY # g1V4oRcWBPyQ7ctkGacuKYRvZsLVTxKRlKfHXe9Sn17YDV23pzqYmPsu2SvcACje # lFlna5SvcTh2TbidVlI40qAfG7TmdkGGz8SNgNSHiqRLgLWls8+2Dp4H+U76Q94S # /iIWFQP2iq3DgmfRivo5pAyILwozT0O1xZHiRVKNpM0+NaSpgBNMKd+VRRo= # SIG # End signature block |