获取具有OperatingSystem属性的所有AD对象

时间:2017-11-02 01:20:20

标签: powershell c#-4.0 active-directory

我需要检索活动目录中的所有计算机系统。我写了以下代码:

public void ADData()
{
    DataTable ADdt = new DataTable();

    ADdt.Columns.Add("CN");
    ADdt.Columns.Add("DistinguishedName");
    ADdt.Columns.Add("OperatingSystem");
    ADdt.Columns.Add("lastLogonTimestamp");
    ADdt.Columns.Add("PasswordLastSet");

    string lsResult = "";
    DirectoryEntry loDE;

    try
    {
        loDE = new DirectoryEntry(("LDAP://" + ADDomain.Trim()), (ADDomain.Trim() + ("\\" + ADUserName.Trim())), ADPassword.Trim());
        Logger.log("Connected to AD");

        if (!string.IsNullOrEmpty(loDE.Name))
        {
            lsResult = loDE.Name;

            DirectorySearcher loDES = new DirectorySearcher(loDE);
            //loDES.Filter = ("&(objectClass=computer)"); 
            loDES.Filter = ("(objectClass=*)");
            loDES.SearchScope = SearchScope.Subtree;

            loDES.PropertiesToLoad.Add("name");
            loDES.PropertiesToLoad.Add("CN");
            loDES.PropertiesToLoad.Add("distinguishedName");
            loDES.PropertiesToLoad.Add("operatingSystem");
            loDES.PropertiesToLoad.Add("lastLogonTimestamp");
            loDES.PropertiesToLoad.Add("pwdLastSet");

            foreach (SearchResult item in loDES.FindAll())
            {
                try
                {
                    tbl_ActiveDirectory tad = new tbl_ActiveDirectory
                    {
                        CN = Convert.ToString(item.Properties["cn"][0].ToString()) ,
                        DistinguishedName = Convert.ToString(item.Properties["distinguishedName"][0]),
                        OperatingSystem = Convert.ToString(item.Properties["operatingSystem"][0]),
                        lastLogonTimestamp = DateTime.FromFileTime(Convert.ToInt64(item.Properties["lastLogonTimestamp"][0])).
                        PasswordLastSet = DateTime.FromFileTime(Convert.ToInt64(item.Properties["pwdLastSet"][0])) 
                    };

                    ADdt.Rows.Add(new string[] { tad.CN, tad.DistinguishedName, tad.OperatingSystem, tad.lastLogonTimestamp.ToString(), tad.PasswordLastSet.ToString() });
                }
                catch (Exception ex)
                {
                    Logger.log("Exception getting properties : " + ex.Message);
                }
            }
        }
    }
    catch (Exception ex)
    {
        Logger.log("Exception : " + ex.Message);
    }
    finally
    {
        loDE = null;
    }
}

问题是,它没有返回它应该返回的所有计算机对象。

followig PowerShell命令返回所有必需的计算机对象。

Get-ADComputer -Filter * -Properties Displayname, CN, DNSHostName, DistinguishedName, lastLogon, Created, IPv4Address, lastLogonTimestamp, OperatingSystem, OperatingSystemServicePack, OperatingSystemVersion, whenCreated, whenChanged, Enabled, PasswordLastSet, CanonicalName |
    select Displayname, CN, DNSHostName, DistinguishedName, lastLogon, Created, @{N='lastLogonTimestamp'; E={[DateTime]::FromFileTime($_.lastLogonTimestamp)}}, OperatingSystem ,PasswordLastSet, CanonicalName

我尝试使用("(objectClass=computer)")("(!objectClass=user)")作为过滤器,但仍然没有运气。

基本上我想获得所有以operatingSystem为属性的AD对象。

此外,我还需要从特定的OU中排除对象。如何为此编写过滤器?

1 个答案:

答案 0 :(得分:1)

要回答实际问题" 问题是,它不会返回它应该返回的所有计算机对象"而不是解决方法:

loDES.Filter = ("&(objectCategory=computer)");

引用Filter on objectCategory and objectClass

  

如果您可以选择使用objectCategory和objectClass,建议您使用objectCategory。这是因为objectCategory既是单值又是索引的,而objectClass是多值而没有索引

相关问题
最新问题