function Get-DSUserByProperty{<#.SYNOPSISSearch for users in the directory.

1. function Get-DSUserByProperty
2. {
3. <#
4. .SYNOPSIS
5. Search for users in the directory.
6.  
7. .DESCRIPTION
8. Using native System.DirectoryServices, searches the directory (default is to use
9. the global catalog) for entries that match
10.  
11. .PARAMETER TargetDomain
12. Specifies the domain to run the search against.
13.  
14. .PARAMETER UserName
15. Specifies one or more items identifying users by a single property. Examples could
16. include a list of users by display name, sam account name, mail, or user principal name.
17.  
18. .PARAMETER Property
19. Specifies the property to search against, from a common set of properties.
20.  
21. .PARAMETER PropertyUserDefined
22. Specifies the property to search against, defined at time of invocation. Property
23. value will be checked against the schema of the TargetDomain. Using this parameter
24. may introduce a delay at the beginning of invocation, while the list of indexed
25. user properties is collected.
26.  
27. .PARAMETER UseLDAP
28. Switch parameter, directs the search to target only the (local) directory, not
29. the global catalog.
30.  
31. .EXAMPLE
32. PS > Get-DSUserByProperty -UserName jdoe@Contoso.com -Property mail
33.  
34. alias : jdoe
35. displayname : John Doe (Product Dev)
36. mail : jdoe@contoso.com
37. title : Product Development Researcher
38. userprincipalname : jdoe@contoso.com
39. manager : alicesm
40. managerMail : alice.smith@contoso.com
41. department : Widget Research
42.  
43. Description
44. -----------
45. Searching for users that have 'jdoe@contoso.com' as the mail attribute.
46.  
47. .EXAMPLE
48. PS > $listOfUsers = @( "jdoe", "alicesm", "charlesf", "ericalewis")
49. PS > Get-DSUserByProperty -UserName $listOfUsers -Property samaccountname
50.  
51. WARNING: Could not find ericalewis
52.  
53. alias : jdoe
54. displayname : John Doe (Product Dev)
55. mail : jdoe@contoso.com
56. title : Product Development Researcher
57. userprincipalname : jdoe@contoso.com
58. manager : alicesm
59. managerMail : alice.smith@contoso.com
60. department : Widget Research
61.  
62. alias : alicesm
63. displayname : Alice Smith (Widget Manager)
64. mail : alice.smith@contoso.com
65. title : Widget Manager
66. userprincipalname : alicesm@contoso.com
67. manager : erical
68. managerMail : ericalewis@contoso.com
69. department : Adminstration
70.  
71. alias : charlesf
72. displayname : Charles Fox (Internet Janitor)
73. mail : charlesfox@contoso.com
74. title : Internet Janitor
75. userprincipalname : charlesf@contoso.com
76. manager : alicesm
77. managerMail : alice.smith@contoso.com
78. department : Cloud Sanitation
79.  
80. Description
81. -----------
82. Given an array of values, searches for each entry using the specified property. In
83. this example, the entry 'ericalewis' did not match the samaccountname of any user, as
84. indicated by the warning.
85.  
86. .INPUTS
87. System.String
88.  
89. .OUTPUTS
90. PSCustomObject
91.  
92. .LINK
93. about_comment_based_help
94.  
95. .NOTES
96.  
97. #### Name: Get-DSUserByProperty
98. #### Author: J Schell
99. #### Version: 0.1.1
100. #### License: MIT License
101.  
102. ### Change Log
103.  
104. ##### 2017-02-10::0.1.1
105. -logic fix for results that have more than one object returned.
106.  
107. ##### 2017-02-10::0.1.0
108. -initial creation
109. -fork/ consolidation of multiple versions of lookup by 'x' property on users
110.  
111. #>
112.  
113.  
114. [CmdletBinding(DefaultParameterSetName = "CommonProperty")]
115. [OutputType([PSCustomObject])]
116. Param
117. (
118. [Parameter(Mandatory = $False,
119. ParameterSetName = "__AllParameterSets")]
120. [String]
121. $TargetDomain = $env:USERDNSDOMAIN,
122.  
123. [Parameter(Mandatory = $True,
124. ParameterSetName = "__AllParameterSets")]
125. [String[]]
126. $UserName,
127.  
128. [Parameter(Mandatory = $True,
129. ParameterSetName = "CommonProperty")]
130. [ValidateSet("samaccountname","displayname","mail","userprincipalname")]
131. [String]
132. $Property,
133.  
134. [Parameter(Mandatory = $True,
135. ParameterSetName = "UserDefinedProperty")]
136. [String]
137. $PropertyUserDefined,
138.  
139. [Parameter(Mandatory = $False)]
140. [Switch]
141. $UseLDAP
142. )
143.  
144. Begin
145. {
146. $DomainContext = [System.DirectoryServices.ActiveDirectory.DirectoryContext]::New("Domain", $TargetDomain)
147. Try
148. {
149. $DomainEntry = [System.DirectoryServices.ActiveDirectory.Domain]::GetDomain($DomainContext)
150. }
151. Catch
152. {
153. Write-Error $_
154. Break
155. }
156.  
157. if( $PropertyUserDefined )
158. {
159. $ForestContext = [System.DirectoryServices.ActiveDirectory.DirectoryContext]::New("Forest", $($DomainEntry.Forest.Name) )
160.  
161. $Schema = [System.DirectoryServices.ActiveDirectory.ActiveDirectorySchema]::GetSchema($ForestContext)
162. $userMandatoryProperties = @( $Schema.FindClass("User").MandatoryProperties |
163. Where-Object {$_.isIndexed -eq $True} |
164. Select-Object -ExpandProperty Name )
165. $userOptionalProperties = @( $Schema.FindClass("User").OptionalProperties |
166. Where-Object {$_.isIndexed -eq $True} |
167. Select-Object -ExpandProperty Name )
168.  
169. $Schema.Dispose()
170.  
171. $userProperties = @( $userMandatoryProperties )
172. $userProperties += @( $userOptionalProperties )
173.  
174. $msgUserPropertiesIndexedFoundInSchema = "Properties found: $($userProperties.count)"
175. Write-Verbose $msgUserPropertiesIndexedFoundInSchema
176.  
177. if( $userProperties -contains $PropertyUserDefined)
178. {
179.  
180. $PropertyToSearch = $PropertyUserDefined
181. }
182. else
183. {
184. $msgPropertyUserDefinedNotInSchema = "The property `'$($PropertyUserDefined)`'' " +
185. "was not found as a property for the user class in the schema."
186. Write-Error $msgPropertyUserDefinedNotInSchema
187. Break
188. }
189. }
190. else
191. {
192. $PropertyToSearch = $Property
193. }
194. Write-Output "Search on: $($PropertyToSearch)"
195.  
196. if($UseLDAP)
197. {
198. $TargetSearch = "LDAP://$($DomainEntry.Name):389"
199. }
200. else
201. {
202. $Target = "GC://$($DomainEntry.Name):3268"
203. }
204. $DomainEntry.Dispose()
205.  
206. $propertiesOfInterest = @(
207. "alias"
208. "displayname"
209. "mail"
210. "title"
211. "department"
212. "userprincipalname"
213. "manager"
214. "managerMail"
215. )
216. }
217. Process
218. {
219. $UsersFound = @()
220. $MissingUsers = @()
221.  
222. foreach($User in $UserName)
223. {
224. $adsiTarget = [adsi]$Target
225. $Searcher = [adsisearcher]($adsiTarget)
226. $ldapFilter = "(&(objectClass=user)($PropertyToSearch=$User))"
227. $Searcher.Filter = $ldapFilter
228. $SearchResult = $Searcher.FindAll()
229.  
230. if( $($SearchResult.Count) -ge 1)
231. {
232. foreach($Result in $SearchResult)
233. {
234. if( $($Result.Properties.manager) )
235. {
236. $UserManagerPath = [ADSI]"LDAP://$($Result.Properties.manager)"
237. $UserManagerAlias = $($UserManagerPath.Properties.samaccountname)
238. $UserManagerMail = $($UserManagerPath.Properties.mail)
239. }
240. else
241. {
242. $UserManagerAlias = "UnDef"
243. $UserManagerMail = ""
244. }
245. $UserFound = New-Object -TypeName PsObject -Property ([ordered]@{
246. samaccountname = $($Result.Properties.samaccountname)
247. displayname = $($Result.Properties.displayname)
248. mail = $($Result.Properties.mail)
249. title = $($Result.Properties.title)
250. department = $($Result.Properties.department)
251. userprincipalname = $($Result.Properties.userprincipalname)
252. manager = $UserManagerAlias
253. managerMail = $UserManagerMail
254. })
255. $UsersFound += @( $UserFound )
256. }
257. }
258. else
259. {
260. $MissingUsers += @( $User )
261. Write-Warning "Could not find $($User)"
262. }
263. $Searcher.Dispose()
264. }
265. }
266. End
267. {
268. $UsersFound
269. }
270. }