Adaxes

Powershell -Partition parameter (Naming Context)

0 votes

We have four domains set up on our Adaxes service, and I can see them in the Administration Console with no problems. However, I have not been able to figure out how to access the three non-default domains when using Powershell scripts against the Adaxes service. Scripts that omit the -Partition parameter run fine against the default domain, but every variation I've tried on the -Partition parameter fails.
Is there a way in the Administration Console to determine the Naming Context for each of the configured AD domains? Or a powershell command that can query the service to determine the permissible partition values?

Thanks in advance!
Scott Kuntzelman
Electrolux North America

by (390 points)
0

Hello Scott,

To start with something, could you describe what you are trying to achieve and give a couple of examples that failed?

by (216k points)
0

In the Adaxes Administration Console, in the Console Tree, under "Active Directory", I have four domains listed.

When I use any of the cmdlets with the identity parameter set to the SAM account name, it always uses the default domain (the first in the list).

I can apparently get to the other domains by using the complete Distinguished Name, but that kind of defeats the purpose since I won't know in advance which OUs contain the object in the other three domains (if any).

I can use the Quest tools with "get-qaduser -service <domain.com> -identity <samaccountname>" and it works fine, but I have been unable to figure out how to get the same functionality within Adaxes when I'm working with one of the non-default domains. I'm assuming I need to use the -Partition parameter, but every entry I've tried for that parameter fails. It always returns "Can't find an object with identity '<samaccountname>' under '<partition DN>'.

-Partition
Specifies the distinguished name of an Active Directory partition. The distinguished name must be one of the
naming contexts on the current directory server. The cmdlet searches this partition to find the object defined
by the Identity parameter.

How can I find the correct distinguished name for each of the non-default domains on the server? I'm assuming that information has to be in the Management Console somewhere, but I've been unable to find it even after significant searching.

by (390 points)
0

And, I have found a workaround using the -Server parameter rather than the -Partition parameter.

I would still like to know how to use the -Partition parameter properly, though.

by (390 points)

1 Answer

0 votes
by (216k points)
selected by
Best answer

Scott,

Yes, if you want the cmdlet to look up in a different domain than the default domain, you need to use the -Server parameter, not -Partition. Also, you can use the -Server parameter to select a particular directory server.

As for the -Partition parameter, it allows you to select a particular Active Directory partition. For more information on partitions, have a look at the following article by Microsoft: https://technet.microsoft.com/en-us/lib ... 61591.aspx.

Related questions

0 votes
1 answer
Shared powershell context

This is a feature request. I would love to have somehwere in the service config the ability to declare PowerShell code that will be run before every custom command ... the same check during a object creation and modification that lead to code deduplication.

asked Feb 25, 2021 by Pierre (750 points)
0 votes
1 answer
Adding Custom Command Check-box-list Parameter Items using PowerShell

I need to add many check-box list items to a Custom Command, I think the best way to do this is via PowerShell rather than through the UI. What's ... Softerra.Adaxes.Interop.Adsi.Parameters.IAdmParameterCheck[]]$ItemsList # Also doesn't work $command.SetInfo()

asked Jan 4 by Viajaz (210 points)
0 votes
1 answer
Pass Multiple Values in Parameter to Custom Command through Powershell

Hello, I'm trying to execute a custom command through a Powershell script, but I'm struggling to pass multiple values to an AD Object Picker parameter. ... , $NULL, $NULL, 0) $obj.ExecuteCustomCommand($command.CommandID, $commandArguments) Thanks in advance!

asked Nov 24, 2021 by KelseaIT (320 points)
0 votes
1 answer
Business Rule is not being trigger by ADSI Context command to add group member.

We have a business rule that will update an AD attribute when a new member is added to a group. This business rule works when we use powershell commands or the admin console ... set to trigger "After adding a member to a group". Thank you for your support!

asked Mar 29, 2023 by mark.it.admin (2.3k points)
0 votes
1 answer
Mimic Context for Script Development

I'm trying to understand the best approach to use when developing scripts for Adaxes. In the Management console you can't see the details of an object while coding. ... possible there are additional attributes I don't see. Thanks in advance for your advice.

asked Aug 7, 2020 by ComputerHabit (790 points)
3,346 questions
3,047 answers
7,779 comments
544,979 users