Powershell ADSI Unwrapper

The following script will retrieve all of the properties of the Active Directory objects returned by a query. These properties are stored in custom objects, and each object is added to an array.

This script can be used to retrieve Computer and/or User objects. You can limit the seach scope in the AD structure, and you can specify a subset of properties to load to improve performance. It is useful when you cannot use the Activedirectory module, or other third-party tools to query Active Directory.

PowerShell

Edit|Remove

# Modify the filter in the [adsisearcher] constructor to suit.
# See the following reference for use of the filter syntax:
# http://social.technet.microsoft.com/wiki/contents/articles/5392.aspx
# To return all objects, use an empty constructor: [adsisearcher]''
$adsiSearcher = [adsisearcher]'(ObjectCategory=Computer)'

# Modify the SearchRoot path to suit:
$adsiSearcher.searchroot = 'LDAP://CN=Computers,DC=Contoso,DC=Internal'

# To limit the properties to load, include lines similar to the following:
#$adsiSearcher.PropertiesToLoad.Add("name") | Out-Null
#$adsiSearcher.PropertiesToLoad.Add("operatingSystem") | Out-Null
# Note: Omitting the ProperitesToLoad.Add method altogether will cause all properties to be returned.

$adsiSearcher.PageSize = 200
$ADResults = @()
$searcherResults = $adsiSearcher.findall()
foreach ($searcherResult in $searcherResults) {
    $tempObj = New-Object psObject
    $adProperties = $searcherResult.properties
    foreach ($pname in $adProperties.propertyNames) {
       if (@($adProperties.item($pname)).count -gt 1) {
            $tempObj | Add-Member -MemberType noteproperty -Name $pname -Value $adProperties.item($pname)}
       else {$tempObj | Add-Member -MemberType noteproperty -Name $pname -Value ($adProperties.item($pname) | Out-String).trim()}
       } # end foreach $pname
    $ADResults += $tempObj
    } # end foreach $searcherResult
    
# Example usage:
$ADResults | select name, location, operatingsystem

# Modify the filter in the [adsisearcher] constructor to suit. 
# See the following reference for use of the filter syntax: 
# http://social.technet.microsoft.com/wiki/contents/articles/5392.aspx 
# To return all objects, use an empty constructor: [adsisearcher]'' 
$adsiSearcher = [adsisearcher]'(ObjectCategory=Computer)' 
 
# Modify the SearchRoot path to suit: 
$adsiSearcher.searchroot = 'LDAP://CN=Computers,DC=Contoso,DC=Internal' 
 
# To limit the properties to load, include lines similar to the following: 
#$adsiSearcher.PropertiesToLoad.Add("name") | Out-Null 
#$adsiSearcher.PropertiesToLoad.Add("operatingSystem") | Out-Null 
# Note: Omitting the ProperitesToLoad.Add method altogether will cause all properties to be returned. 
 
$adsiSearcher.PageSize = 200 
$ADResults = @() 
$searcherResults = $adsiSearcher.findall() 
foreach ($searcherResult in $searcherResults) { 
    $tempObj = New-Object psObject 
    $adProperties = $searcherResult.properties 
    foreach ($pname in $adProperties.propertyNames) { 
       if (@($adProperties.item($pname)).count -gt 1) { 
            $tempObj | Add-Member -MemberType noteproperty -Name $pname -Value $adProperties.item($pname)} 
       else {$tempObj | Add-Member -MemberType noteproperty -Name $pname -Value ($adProperties.item($pname) | Out-String).trim()} 
       } # end foreach $pname 
    $ADResults += $tempObj 
    } # end foreach $searcherResult 
     
# Example usage: 
$ADResults | select name, location, operatingsystem