Forum Discussion
AD Attribute lookup using LDAP issue
Hi All
I am looking at querying two domain and identifying if the custom attributes exists from domain 1 into domain 2. Using Get-ADUser is an option but I am working with over 100k AD Objects and it takes days to complete the work and need to streamline it more.
ADSISearcher (LDAP Lookup) looks like the best option but having a couple of issues. 1. Is the code lined up correctly to achieve the required outcome 2. error Exception calling 'FindAll' with "0" argument(s): Unknown Error (0x80005000) against the following variable $AllObjects1 = $sub2Searcher1.FindAll()
$sub1LDAPFilter = '(objectclass=user)'
$PageSize = 1000
$sub1DN = 'DC=sub1,DC=domain,DC=com'
$sub1SB = 'DC=sub1,DC=domain,DC=com'
$sub1Searcher = [ADSISearcher]('{0}' -f $LDAPFilter)
$sub1Searcher.SearchRoot = [ADSI]('GC://{0}' -f $ClientSB)
$sub1Searcher.SearchRoot = [ADSI]('GC://{0}' -f $clientDN)
$sub1Objects = $ClientSearcher.FindAll()
$sub2SB = 'DC=sub2,DC=domain,DC=com'
$sub2DN = 'DC=sub2,DC=domain,DC=com'
Foreach($Object in $AllObjects){
$sub2ca105 = $Object.Properties.'customattribute10'
$sub2LDAPFilter = "(objectclass=user,customattribute=$sub1ca10)"
$sub2Searcher1 = [ADSISearcher]("{0}" -f $sub2LDAPFilter)
$sub2Searcher1.SearchRoot = [ADSI]("GC://{0}" -f $SearchBase1)
$sub2Searcher1.SearchRoot = [ADSI]("GC://{0}" -f $collabDomainName1)
$AllObjects1 = $sub2Searcher1.FindAll()
if ($Object.Properties.'customattribute10' -eq $allobjects1.Properties.'customattribute10')
{
Write-Host 'Match in Sub1 vs Sub2' $Object.Properties.samaccountname -ForegroundColor Green
}
else
{
Write-Host 'No Match in Sub1 vs Sub2' $Object.Properties.samaccountname -BackgroundColor Red
}
}
Darrickthank you for your reply, managed to work out my issue and created a script located on my blog
http://www.blogabout.cloud/2019/03/553/
- DarrickBrass Contributor
- DarrickBrass Contributor
Try changing the following:
From:
$sub1Searcher.SearchRoot = [ADSI]('GC://{0}' -f $ClientSB)
$sub1Searcher.SearchRoot = [ADSI]('GC://{0}' -f $clientDN)To:
$sub1Searcher.SearchRoot = [ADSI]('GC://{0}' -f $sub1SB)
$sub1Searcher.SearchRoot = [ADSI]('GC://{0}' -f $sub1DN)- Andrew PriceCopper Contributor
Darrickthank you for your reply, managed to work out my issue and created a script located on my blog
http://www.blogabout.cloud/2019/03/553/