Local powershell script to pull AdObject without installing RSAT

Dashrender

@dustinb3403 said in Local powershell script to pull AdObject without installing RSAT:

@stess tell your manager to understand the technical limitations of an old ass operating system. And without either making changes to what is installed on the system or replacing the system entirely that this isn't possible.

There's nothing saying the same limitation doesn't exist for Windows 10. You're trying to use a feature of the AD module, the official way to get the module is via RSAT.

I already shows you how to extract the module and install it manually on a machine if you want to skip the whole RSAT install.

stess

So... after checking out Dafyre's ADSI suggestion... ADSI managed to pull the properties attribute.
I still need to decipher what these codes mean. But thought I should share.

Here's the script I found:
$searcher = [adsisearcher]'(&(objectCategory=User)(objectclass=person))'
$searcher.SearchRoot = [adsi]'LDAP://OU=Users,OU=Production,DC=Domain,DC=Local'
$searcher.SearchScope = 'OneLevel'
$searcher.FindAll() |
ForEach-Object{
[pscustomobject]@{
Name =$.properties['name'][0]
EmployeeID = $.properties['ipphone'][0]
}
}

@dustinb3403 said in Local powershell script to pull AdObject without installing RSAT:

@stess tell your manager to understand the technical limitations of an old ass operating system. And without either making changes to what is installed on the system or replacing the system entirely that this isn't possible.

I agree. But I also understand it's no my ass that's on the line when IT screwed up... it's his ass. So, I don't feel like going against him much. I want him to run the department to his heart content. If anything happens my hands are clean. At least this is what I have in my mind.

DustinB3403

@stess said in Local powershell script to pull AdObject without installing RSAT:

I agree. But I also understand it's no my ass that's on the line when IT screwed up... it's his ass. So, I don't feel like going against him much. I want him to run the department to his heart content. If anything happens my hands are clean. At least this is what I have in my mind.

Shit always rolls down hill.

stess

@dustinb3403 said in Local powershell script to pull AdObject without installing RSAT:

@stess said in Local powershell script to pull AdObject without installing RSAT:

I agree. But I also understand it's no my ass that's on the line when IT screwed up... it's his ass. So, I don't feel like going against him much. I want him to run the department to his heart content. If anything happens my hands are clean. At least this is what I have in my mind.

Shit always rolls down hill.

LOL!! That's very true. I guess at least my conscience is clean.

Dashrender

@stess said in Local powershell script to pull AdObject without installing RSAT:

So... after checking out Dafyre's ADSI suggestion... ADSI managed to pull the properties attribute.
I still need to decipher what these codes mean. But thought I should share.

Here's the script I found:
$searcher = [adsisearcher]'(&(objectCategory=User)(objectclass=person))'
$searcher.SearchRoot = [adsi]'LDAP://OU=Users,OU=Production,DC=Domain,DC=Local'
$searcher.SearchScope = 'OneLevel'
$searcher.FindAll() |
ForEach-Object{
[pscustomobject]@{
Name =$.properties['name'][0]
EmployeeID = $.properties['ipphone'][0]
}
}

@dustinb3403 said in Local powershell script to pull AdObject without installing RSAT:

@stess tell your manager to understand the technical limitations of an old ass operating system. And without either making changes to what is installed on the system or replacing the system entirely that this isn't possible.

I agree. But I also understand it's no my ass that's on the line when IT screwed up... it's his ass. So, I don't feel like going against him much. I want him to run the department to his heart content. If anything happens my hands are clean. At least this is what I have in my mind.

sure, this totally makes sense. But you can't give him something that isn't possible by the same token...

stess

@dashrender said in Local powershell script to pull AdObject without installing RSAT:

@stess said in Local powershell script to pull AdObject without installing RSAT:

So... after checking out Dafyre's ADSI suggestion... ADSI managed to pull the properties attribute.
I still need to decipher what these codes mean. But thought I should share.

Here's the script I found:
$searcher = [adsisearcher]'(&(objectCategory=User)(objectclass=person))'
$searcher.SearchRoot = [adsi]'LDAP://OU=Users,OU=Production,DC=Domain,DC=Local'
$searcher.SearchScope = 'OneLevel'
$searcher.FindAll() |
ForEach-Object{
[pscustomobject]@{
Name =$.properties['name'][0]
EmployeeID = $.properties['ipphone'][0]
}
}

@dustinb3403 said in Local powershell script to pull AdObject without installing RSAT:

@stess tell your manager to understand the technical limitations of an old ass operating system. And without either making changes to what is installed on the system or replacing the system entirely that this isn't possible.

I agree. But I also understand it's no my ass that's on the line when IT screwed up... it's his ass. So, I don't feel like going against him much. I want him to run the department to his heart content. If anything happens my hands are clean. At least this is what I have in my mind.

sure, this totally makes sense. But you can't give him something that isn't possible by the same token...

Same token?

jmoore

@stess My users wouldn't notice if half their menu changed

DustinB3403

You could try using psexec to call powershell to do this. .

Just a thought

Dashrender

@stess said in Local powershell script to pull AdObject without installing RSAT:

@dashrender said in Local powershell script to pull AdObject without installing RSAT:

@stess said in Local powershell script to pull AdObject without installing RSAT:

So... after checking out Dafyre's ADSI suggestion... ADSI managed to pull the properties attribute.
I still need to decipher what these codes mean. But thought I should share.

Here's the script I found:
$searcher = [adsisearcher]'(&(objectCategory=User)(objectclass=person))'
$searcher.SearchRoot = [adsi]'LDAP://OU=Users,OU=Production,DC=Domain,DC=Local'
$searcher.SearchScope = 'OneLevel'
$searcher.FindAll() |
ForEach-Object{
[pscustomobject]@{
Name =$.properties['name'][0]
EmployeeID = $.properties['ipphone'][0]
}
}

@dustinb3403 said in Local powershell script to pull AdObject without installing RSAT:

@stess tell your manager to understand the technical limitations of an old ass operating system. And without either making changes to what is installed on the system or replacing the system entirely that this isn't possible.

I agree. But I also understand it's no my ass that's on the line when IT screwed up... it's his ass. So, I don't feel like going against him much. I want him to run the department to his heart content. If anything happens my hands are clean. At least this is what I have in my mind.

sure, this totally makes sense. But you can't give him something that isn't possible by the same token...

Same token?

It's an American euphemism - a token has two sides - one side is you doing what he says, so he takes all blame, other side of token is that what he wants might be impossible, so you can't give him what he wants.

Dashrender

@dustinb3403 said in Local powershell script to pull AdObject without installing RSAT:

You could try using psexec to call powershell to do this. .

Just a thought

where would you be calling it to? Wherever you call - you have to have the correct permissions, and the AD commandlets have to be there.