You can translate Active Directory user names from one format to another with PowerShell using the ADSI NameTranslate utility interface. There are many name formats in active directory including distinguishedName, canonicalName, NT4 style and more. ADSI provides a utility interface called IADSNameTranslate. To use it, you create a NameTranslate object, give it a user name in some format, and then request the name in another format. For the Perl version of this script, see Translating Active Directory Names using Perl.
The following script shows the list of initialization types (which tell how the object should connect to Active Directory), and the list of name types that you can use. The script takes one argument, a user name (such as domainname\username), then returns various name formats.
The script also highlights the problem with PowerShell using some COM interfaces where PowerShell doesn't know the type of object you're using. Since PowerShell doesn't know about the properties and methods of a NameTranslate object, you have to use special invokeMethod syntax to call the Init, Get and Set methods of the object.
#Name Translator Initialization Types $ADS_NAME_INITTYPE_DOMAIN = 1 $ADS_NAME_INITTYPE_SERVER = 2 $ADS_NAME_INITTYPE_GC = 3
#Name Transator Name Types $DISTINGUISHEDNAME = 1 $CANONICALNAME = 2 $NT4NAME = 3 $DISPLAYNAME = 4 $DOMAINSIMPLE = 5 $ENTERPRISESIMPLE = 6 $GUID = 7 $UNKNOWN = 8 $USERPRINCIPALNAME = 9 $CANONICALEX = 10 $SERVICEPRINCIPALNAME = 11 $SIDORSIDHISTORY = 12
if($args.count -ne 1){ "`nUsage: ./nametranslate.ps1 <userName>`n"; Exit; }
$ns=New-Object -ComObject NameTranslate [System.__ComObject].InvokeMember(“init”,”InvokeMethod”,$null,$ns,($ADS_NAME_INITTYPE_GC,$null)) [System.__ComObject].InvokeMember(“Set”,”InvokeMethod”,$null,$ns,($UNKNOWN,$args[0]))
$dn = [System.__ComObject].InvokeMember(“Get”,”InvokeMethod”,$null,$ns,$DISTINGUISHEDNAME) $canon = [System.__ComObject].InvokeMember(“Get”,”InvokeMethod”,$null,$ns,$CANONICALNAME) $display = [System.__ComObject].InvokeMember(“Get”,”InvokeMethod”,$null,$ns,$DISPLAYNAME) $nt4name = [System.__ComObject].InvokeMember(“Get”,”InvokeMethod”,$null,$ns,$NT4NAME)
"Distinguished Name:`t$dn" " Canonical Name:`t$canon" " Display Name:`t$display" " NT4 Name:`t$nt4name"
Related Posts:
- Backup DFS Namespaces Using PowerShell
- Translate Active Directory Name Formats Using PowerShell
- List Linux Users in Active Directory Using PowerShell
- Enable Trust for Delegation in Active Directory Using PowerShell
- TCP/IP Subnet Math with PowerShell - What AD Site is that Server in?
- List Sites and Subnets in Active Directory with PowerShell
- Find Disabled Users in Active Directory with PowerShell
- List Forest-wide Group Memberships with PowerShell
- Find Old Computer Accounts in AD with PowerShell
- List SPNs in Active Directory with PowerShell
- List Domain Controllers in Active Directory
0 comments:
Post a Comment