Adaxes

Get all groups with specific ExtensionAttribute1 using ADSI

0 votes

Hi Guys,
Short question. In our organisation we have a buch of the security group that have a specific "class". The class is simple number stored in the ExtensionAttribute1. I'd like to ask is it possible to create scheduled task that get list of the groups in the specific class? Let's say we have class "001" this class have only two groups: legal_department and security_department, result of scheduler should be a text file with a list of the two groups. I can do it using powershell, but I got stuck when I tried to do the something like that with ADSI :cry:
Could you please help me?

by (510 points)

1 Answer

0 votes
by (216k points)
selected by
Best answer

Hello,

Here's a PowerShell script that generates a list of all groups whose ExtensionAttribute1 equals 001 and sends it by e-mail to a certain recipient. In the script:

  • $class - specifies the group 'class'
  • $to - specifies the recipient of the report
  • $subject - specifies the subject of the e-mail notification with the report
  • $reportHeader - specifies the report header
  • $reportFooter - specifies the report footer

Modify the above as necessary.

The script: 

$class = "001" # TODO: modify me
$to = "recipient@domain.com" # TODO: modify me
$subject = "Groups with class '$class'" # TODO: modify me
$reportHeader = "<h2><b>Groups with class '$class'</b></h2>" # TODO: modify me
$reportFooter = "<hr /><p><i>Please do not reply to this e-mail, it has been sent to you for notification purposes only.</i></p>" # TODO: modify me

$reportHeader += "<ol>"

# Get the default Web Interface address
$webInterfaceAddress = "%adm-WebInterfaceUrl%"
if ([System.String]::IsNullOrEmpty($webInterfaceAddress))
{
    $Context.LogMessage("Default web interface address not set for Adaxes service. For details, see http://www.adaxes.com/help/?HowDoI.ManageService.RegisterWebInterface.html", "Warning")
}

# Find all groups with the specified class

# Set search parameters
$searcher = $Context.BindToObject("Adaxes://rootDSE")
$searcher.SearchFilter = "(&(objectCategory=group)(extensionAttribute1=$class))"
$searcher.SearchScope = "ADS_SCOPE_SUBTREE"
$searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
$searcher.PageSize = 500
$searcher.SetPropertiesToLoad(@("objectGuid"))
$searcher.VirtualRoot = $True

# Build group list
try
{
    $searchResult = $searcher.ExecuteSearch()
    foreach ($groupId in $searchResult.FetchAll())
    {
        $displayName = $Context.GetDisplayNameFromAdsPath($groupId.AdsPath)
        $guid = [Guid]$groupId.Properties["objectGuid"].Value

        $reportHeader += "<li><a href='$webInterfaceAddress`ViewObject.aspx?guid=$guid'>$displayName</a></li>"
    }
}
finally
{
    $searchResult.Dispose()
}
$reportHeader += "</ol>"

# Build the report
$report = $reportHeader + $reportFooter

# Send mail
$Context.SendMail($to, $subject, $NULL, $report)

Related questions

0 votes
1 answer
Using Get-ADMGroup doesn't find all the groups in all the registered domains.

I'm learning how to use the Adaxes powershell commands. I've tried searching for a group and that fails to find anything but the local domain. ... one domain. Get-AdmGroup -AdaxesService ADAXES01.domain.com -Credential $myCredentials -Identity Administrators

asked Jul 29, 2020 by ComputerHabit (790 points)
0 votes
1 answer
Using ADSI to update specific ActionCondition Sets?

I'm working on trying to update a script for updating office addresses on-demand. I'd like to leverage ADSI for this and I see that you can clear all condition sets ... seeing a documentation gap here or I'm running past the method needed for this. Thanks!

asked Jan 30, 2023 by AbbyR (40 points)
0 votes
1 answer
Get Description of a User using ADSI

I'm not able to retrieve the Description of a user using ADSI. I'm trying user.Get("description").ToString() on IADsUser I get the error, The 'description' property cannot be found in the cache. Is there a different method I need to use to get Description?

asked Feb 6, 2017 by sdavidson (730 points)
0 votes
1 answer
Get user surname using ADSI

Hi Guys, I' d like to get user surname. It's easy using PS but if I want to do it using such ADSI script [Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") # ... ' property cannot be found in the cache." Do you have any idea, why? Best regards.

asked Dec 10, 2014 by axmaster (510 points)
0 votes
1 answer
Running commands with parameters using ADSI only returns "No operations executed"

Code is below. But the subject says it all. When I run the command targeted in this function via the Adaxes GUI or the web interface, it runs without issue. When run using this ... = $null } } end { $admNS = $admService = $credUser = $credPwd = $null } }

asked Apr 3 by jrtolle (20 points)
3,347 questions
3,048 answers
7,788 comments
545,041 users