实际上,我只是想发布一个解决方案: 如果您有Windows服务器entergroup.domain.com 这是Powershell脚本:
$root = [ADSI]"LDAP://DC=entgroup,DC=domain,DC=com"
$search = [adsisearcher]$root
$Search.Filter = "(|(&(sAMAccountType=805306368)(|(givenName=exampl*)(sn=surname*))(!(userAccountControl:numbers:=2)))(&(objectCategory=CN)(mail=*)(cn=exampl*)(ou=Users)(ou=entgroup)))"
$Search.PropertiesToLoad.Add("msDS-PrincipalName")
$attributeId='1.2.840.113556.1.2.256'
$colResults = $Search.FindAll()
foreach ($i in $colResults)
{
[string]$i.Properties.Item('cn'),[string]$i.Properties.Item('distinguishedName'),[string]$i.Properties.Item('msDS-PrincipalName')
foreach ($p in $i. Properties)
{
$p
}
}