-
Notifications
You must be signed in to change notification settings - Fork 10
/
Copy pathGet-CanonicalName.ps1
144 lines (106 loc) · 5.14 KB
/
Get-CanonicalName.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
<#
.SYNOPSIS
This function returns the canonicalName associated with a distinguished name.
.DESCRIPTION
This function returns the canonicalName associated with a distinguished name.
.PARAMETER GlobalCatalog
The global catalog to make the query against.
.PARAMETER DN
The DN of the object to pass to normalize.
.OUTPUTS
The canonical name of a given object.
.EXAMPLE
get-canonicalName -globalCatalog GC -DN DN -adCredential $cred
#>
Function get-canonicalName
{
[cmdletbinding()]
Param
(
[Parameter(Mandatory = $true)]
[string]$globalCatalogServer,
[Parameter(Mandatory = $true)]
[string]$DN,
[Parameter(Mandatory = $false)]
[ValidateSet("Basic","Negotiate")]
$activeDirectoryAuthenticationMethod="Negotiate",
[Parameter(Mandatory = $true)]
$adCredential
)
#Output all parameters bound or unbound and their associated values.
write-functionParameters -keyArray $MyInvocation.MyCommand.Parameters.Keys -parameterArray $PSBoundParameters -variableArray (Get-Variable -Scope Local -ErrorAction Ignore)
#Declare function variables.
$functionTest=$NULL #Holds the return information for the group query.
$functionObject=$NULL #This is used to hold the object that will be returned.
$functionDomain=$NULL
#Start function processing.
Out-LogFile -string "********************************************************************************"
Out-LogFile -string "BEGIN GET-CanoicalName"
Out-LogFile -string "********************************************************************************"
#Get the specific user using ad providers.
$stopLoop = $FALSE
[int]$loopCounter = 0
do {
try
{
Out-LogFile -string "Gathering the AD object based on distinguished name."
$functionTest = get-adobject -filter {distinguishedname -eq $dn} -properties canonicalName -credential $adCredential -authType $activeDirectoryAuthenticationMethod -server $globalCatalogServer -errorAction STOP
if ($functionTest.canonicalName -ne $NULL)
{
out-logfile -string "The object was successfully located and has a canonical name."
out-logfile -string $functionTest.canonicalName
$stopLoop = $TRUE
}
else
{
out-logfile -string "Object not located by ad referral - attempting call with no GC information."
$functionTest = get-adobject -filter {distinguishedname -eq $dn} -properties canonicalName -credential $adCredential -authType $activeDirectoryAuthenticationMethod -errorAction STOP
if ($functionTest.caonicalName -eq $NULL)
{
out-logfile -string "Object was still not located by ad referral - error."
out-logfile -string "Error locating object for canonical name discovery." -isError:$TRUE
}
else
{
out-logfile -string "The object was successfully located and has a canonical name."
out-logfile -string $functionTest.canonicalName
$stopLoop = $TRUE
}
}
}
catch
{
if ($loopCounter -gt 4)
{
out-logfile -string $_ -isError:$TRUE
}
else
{
out-logfile -string "Error getting AD object - sleep and retry."
$loopCounter = $loopCounter +1
start-sleepProgress -sleepString "Error with get-adobject -> sleep and try again." -sleepSeconds 5
}
}
} until ($stopLoop -eq $TRUE)
try
{
#Now that we have the canonicalName - record it and build just the domain name portion of it for reference.
#Split the string at / -> results in the domain name being in position 0.
$functionDomain=$functiontest.canonicalName.split("/")
$functionObject = New-Object PSObject -Property @{
canonicalName = $functionTest.canonicalName
canonicalDomainName = $functionDomain[0]
distinguishedName = $functiontest.distinguishedName
}
}
catch
{
Out-LogFile -string $_ -isError:$true
}
Out-LogFile -string "END GET-CanonicalName"
Out-LogFile -string "********************************************************************************"
#This function is designed to open local and remote powershell sessions.
#If the session requires import - for example exchange - return the session for later work.
#If not no return is required.
return $functionObject
}