Getting security roles assigned to a user

The following code sample retrieves a list of security roles assigned to a user.

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

# Connect to the Adaxes service
$ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$service = $ns.GetServiceDirectly("localhost")

# Bind to the user
$userDN = "CN=John Smith,CN=Users,DC=domain,DC=com"
$user = $service.OpenObject("Adaxes://$userDN", $null, $null, 0)

# Get DNs of the role assigmnents for the user
$roleAssignmentDNs = $user.Get("adm-AssignedRoleAssignments")

foreach($roleAssignmentDN in $roleAssignmentDNs)
{
    # Bind to the assignment object
    $assignment = $service.OpenObject("Adaxes://$roleAssignmentDN", $null, $null, 0)

    # Get the DN of the security role
    $roleDN = $assignment.Get("adm-AssignmentRole")

    # Bind to the security role
    $role = $service.OpenObject("Adaxes://$roleDN", $null, $null, 0)

    Write-Host $role.Name
}

See also