Searching user accounts

The following code sample finds users whose job title starts with Sales and adds the users to a group.

ADSI
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$containerDN = "CN=Users,DC=domain,DC=com"
$groupDN = "CN=SalesGroup,CN=Groups,DC=domain,DC=com"

# Connect to the Adaxes service
$ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$service = $ns.GetServiceDirectly("localhost")

$searcher = $service.OpenObject("Adaxes://$containerDN", $null, $null, 0)

$searcher.Criteria = New-AdmCriteria "user" {title -startsWith "Sales"}
$searcher.SearchScope = "ADS_SCOPE_SUBTREE"
try
{
    # Execute search
    $searchResultIterator = $searcher.ExecuteSearch()

    # Add users to a group
    $group = $service.OpenObject("Adaxes://$groupDN", $null, $null, 0)

    foreach ($searchResult in $searchResultIterator.FetchAll())
    {
        $group.Add($searchResult.ADsPath)
    }
}
finally
{
    # Release resources
    $searchResultIterator.Dispose()
}
PowerShell
Import-Module Adaxes

$containerDN = "CN=Users,DC=domain,DC=com"

$identityGroup = "SalesGroup" # sAMAccountName
# $identityGroup = "CN=SalesGroup,CN=Groups,DC=domain,DC=com"  # DN
# $identityGroup = "{EB5FEB21-E648-42AD-B86C-89D3C6807953}" # GUID
# $identityGroup = "S-1-5-21-573937-2149998-410785" # SID

Get-AdmUser -Filter {title -like "Sales*"} -SearchBase $containerDN `
    -Server "domain.com" -AdaxesService localhost -SearchScope Subtree | `
    Add-AdmPrincipalGroupMembership -MemberOf $identityGroup

The following code sample finds disabled user accounts and outputs their names.

ADSI
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$containerDN = "CN=Users,DC=domain,DC=com"

# Connect to the Adaxes service
$ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$service = $ns.GetServiceDirectly("localhost")

$searcher = $service.OpenObject("Adaxes://$containerDN", $null, $null, 0)

$searcher.Criteria = New-AdmCriteria "user" {accountDisabled -eq $true}
$searcher.SearchScope = "ADS_SCOPE_SUBTREE"
try
{
    # Execute search
    $searchResultIterator = $searcher.ExecuteSearch()

    foreach ($searchResult in $searchResultIterator.FetchAll())
    {
        $userPath = $searchResult.AdsPath
        $user = $service.OpenObject($userPath, $null, $null, 0)
        Write-Host $user.Name
    }
}
finally
{
    # Release resources
    $searchResultIterator.Dispose()
}
PowerShell
Import-Module Adaxes

$containerDN = "CN=Users,DC=domain,DC=com"

$users =  Search-AdmAccount -AccountDisabled -UsersOnly `
    -SearchBase $containerDN -SearchScope Subtree `
    -Server "domain.com" -AdaxesService localhost

foreach ($user in $users)
{
    Write-Host $user.Name
}

The following code sample finds expired user accounts and outputs their names.

ADSI
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$containerDN = "CN=Users,DC=domain,DC=com"

# Connect to the Adaxes service
$ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$service = $ns.GetServiceDirectly("localhost")

$searcher = $service.OpenObject("Adaxes://$containerDN", $null, $null, 0)

$searcher.Criteria = New-AdmCriteria "user" {accountExpires -expired $true}
$searcher.SearchScope = "ADS_SCOPE_SUBTREE"
try
{
    # Execute search
    $searchResultIterator = $searcher.ExecuteSearch()

    foreach ($searchResult in $searchResultIterator.FetchAll())
    {
        $userPath = $searchResult.AdsPath
        $user = $service.OpenObject($userPath, $null, $null, 0)
        Write-Host $user.Name
    }
}
finally
{
    # Release resources
    $searchResultIterator.Dispose()
}
PowerShell
Import-Module Adaxes

$containerDN = "CN=Users,DC=domain,DC=com"

$users = Search-AdmAccount -AccountExpired -UsersOnly `
    -SearchBase $containerDN -SearchScope Subtree `
    -Server "domain.com" -AdaxesService localhost

foreach ($user in $users)
{
    Write-Host $user.Name
}

See also