PowerShell Reference

A growing library of PowerShell tools and patterns I've put together as a sysadmin. Public and open-source for anyone who wants to learn, copy, or contribute.

View on GitHub

Querying Active Directory from Manjaro (Non-Domain-Joined)

Install Required Tools

sudo pacman -S --needed openldap krb5 ca-certificates ca-certificates-mozilla

Set Your Values

DC_HOST="dc01.domain.local"
BASE_DN="DC=domain,DC=local"
BIND_USER="user@domain.local"      # or full DN like CN=User,OU=...,DC=domain,DC=local

Find a User by Name

-> Match any name containing "john"

ldapsearch -LLL -x -H "ldaps://${DC_HOST}:636" -D "${BIND_USER}" -W   -b "${BASE_DN}" '(cn=*john*)' sAMAccountName displayName

-> Match names starting with "john"

ldapsearch -LLL -x -H "ldaps://${DC_HOST}:636" -D "${BIND_USER}" -W   -b "${BASE_DN}" '(cn=john*)' sAMAccountName displayName

-> Match names ending with "john"

ldapsearch -LLL -x -H "ldaps://${DC_HOST}:636" -D "${BIND_USER}" -W   -b "${BASE_DN}" '(cn=*john)' sAMAccountName displayName

-> Match exactly "John"

ldapsearch -LLL -x -H "ldaps://${DC_HOST}:636" -D "${BIND_USER}" -W   -b "${BASE_DN}" '(cn=John)' sAMAccountName displayName

-> Return specific attributes (faster than “everything”)

ldapsearch -LLL -x -H "ldaps://${DC_HOST}:636" -D "${BIND_USER}" -W   -b "${BASE_DN}" '(cn=*john*)' sAMAccountName displayName mail

List Disabled Accounts (AD Bitwise Filter)

ldapsearch -LLL -x -H "ldaps://${DC_HOST}:636" -D "${BIND_USER}" -W   -b "${BASE_DN}" '(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2))'   sAMAccountName displayName userAccountControl

Users Not Logged In for 90 Days (Using lastLogonTimestamp)

# Windows FileTime cutoff for "now - 90 days"
CUTOFF=$(python3 - <<'PY'
import time
print(int((time.time()-90*86400+11644473600)*10_000_000))
PY
)

ldapsearch -LLL -x -H "ldaps://${DC_HOST}:636" -D "${BIND_USER}" -W   -b "${BASE_DN}" "(lastLogonTimestamp<=$CUTOFF)"   sAMAccountName displayName lastLogonTimestamp

Notes