# encoding: ascii
# api: powershell
# title: Get-User
# description: This is nice, but a bit over complicated for my liking… Here are a few others that may be of help to someone.
# version: 0.1
# type: script
# author: administrator
# license: CC0
# x-poshcode-id: 3039
# x-archived: 2016-03-25T09:38:47
# x-published: 2012-11-05T13:15:00
#
# The get-user and get-group functions are simply used like any function that returns a result… in this case they return an actual directoryentry… so… assigning a variable like $user = get-user(‘userid’) and then you can use .notation for any property or function for that object… $user.samaccountname, $user.dn… etc… the exists functions return true or false for the existance of that object…
#
$script:dse = 'LDAP://my.domain.com'
function script:User-Exists([string]$username)
{
$username = $($username).Trim()
$srch = New-Object DirectoryServices.DirectorySearcher $global:dse
$srch.Filter = "(&(objectClass=user)(sAMAccountName=$username))"
$srch.PageSize = 10000
$srch.SearchScope = "Subtree"
return ($srch.FindOne() -ne $null)
}
function script:Get-User([string]$username)
{
$username = $($username).Trim()
$srch = New-Object DirectoryServices.DirectorySearcher $global:dse
$srch.Filter = "(&(objectClass=user)(sAMAccountName=$username))"
$srch.PageSize = 10000
$srch.SearchScope = "Subtree"
return ( New-Object DirectoryServices.DirectoryEntry $srch.FindOne().Path, $adUsername, $adPassword )
}
function script:Group-Exists([string]$group)
{
$group = $($group).Trim()
$srch = New-Object DirectoryServices.DirectorySearcher $global:dse
$srch.Filter = "(&(objectClass=group)(samAccountName=$group))"
$srch.PageSize = 10000
$srch.SearchScope = "Subtree"
return ($srch.FindOne() -ne $null)
}
function script:Get-Group([string]$group)
{
$group = $($group).Trim()
$srch = New-Object DirectoryServices.DirectorySearcher $global:dse
$srch.Filter = "(&(objectClass=group)(samAccountName=$group))"
$srch.PageSize = 10000
$srch.SearchScope = "Subtree"
return ( New-Object DirectoryServices.DirectoryEntry $srch.FindOne().Path, $adUsername, $adPassword )
}
function script:AddTo-Group([System.DirectoryServices.DirectoryEntry]$object, [System.DirectoryServices.DirectoryEntry]$group)
{
if (-not (Object-IsMemberOf $object $group)) {
try {
$group.Add($object.adsPath)
$group.SetInfo()
$global:status += '<li style="color:green">The Object ' +$($object.Name)+ ' was successfully added to the Group ' +$($group.Name)+'</li>' }
catch {
$global:flagMail = $true
$global:status += '<li style="color:red">The Object ' + $($object.Name) + ' could NOT be added to the Group ' + $($group.Name)+'. Error: Security rights error!</li>' }
}
}
function Global:Object-IsMemberOf([DirectoryServices.DirectoryEntry]$object, [DirectoryServices.DirectoryEntry]$group)
{
$result = $false
foreach($dn in $object.Properties["memberOf"]) {
if ($group.distinguishedName -eq $dn) {
$result = $true }
}
return $result
}