Monthly Archive

Categories

get-computerDN–dealing with non-existant computers

If you look at the working part of the code to discover the distinguished name of a computer:

 

£> $computer = 'w12r2sus'
£> $filter = “(&(objectCategory=computer)(objectClass=computer)(cn=$computer))”
£> ([adsisearcher]$filter).FindOne().Properties.distinguishedname
CN=W12R2SUS,OU=Servers,DC=Manticore,DC=org

 

What happens if the computername you chose doesn’t exist?

 

£> $computer = 'w12r2nope'
£> $filter = “(&(objectCategory=computer)(objectClass=computer)(cn=$computer))”
£> ([adsisearcher]$filter).FindOne().Properties.distinguishedname
£>

 

You don’t get anything returned

 

The filter is formed correctly

£> $filter
(&(objectCategory=computer)(objectClass=computer)(cn=w12r2nope))

 

The FindOne() method doesn’t return anything

 

£> ([adsisearcher]$filter).FindOne()
£>

 

If you’re just working with a single computer then not getting a result is a fair indication of a problem but if you’ve passed a number of  computer names to the function you need to know easily which ones aren’t present – especially if you save the results in a collection and want to do something else with them.

 

In this case I’d use write-warning to output a message that the machine wasn’t found:

 

£> $computer = 'w12r2nope'
£> $filter = “(&(objectCategory=computer)(objectClass=computer)(cn=$computer))”
£> $result = ([adsisearcher]$filter).FindOne()
£>
£> if ($result) {
>> $result.Properties.distinguishedname
>> }
>> else {
>>  Write-Warning -Message "Computer not found: $computer"
>> }
>>
WARNING: Computer not found: w12r2nope
£>

 

Putting that code into yesterday’s function gives us:

 

function get-computerDN {
[CmdletBinding(SupportsShouldProcess=$true, ConfirmImpact="Low")]

param (
[parameter(Position=0,
   Mandatory=$true,
   ValueFromPipeline=$true,
   ValueFromPipelineByPropertyName=$true,
   HelpMessage="Supply computer name" )]
   [Alias("CN", "Computer")] 
   [ValidateNotNullOrEmpty()]
   [string[]]$computername
)
BEGIN{}#begin
PROCESS{

foreach ($computer in $computername) {
if ($psCmdlet.ShouldProcess("$computer", "Retreiving distinguished name")) {
    $filter = “(&(objectCategory=computer)(objectClass=computer)(cn=$computer))”
    $result = ([adsisearcher]$filter).FindOne()

    if ($result) {
       $result.Properties.distinguishedname
    }
    else {
       Write-Warning -Message "Computer not found: $computer"
    }

} # end if ($psCmdlet.ShouldProcess("$computer", "Retreiving distinguished name"))
} # end foreach ($computer in $computername) {

}#process
END{}#end

<#
.SYNOPSIS
Returns distinguished name of a computer

.DESCRIPTION
Returns distinguished name of one or more computers in the domain.
Assumes connectivity to domain controller. Domain independent.

.PARAMETER  computername
Name of computer for which distinguished name will be returned

.EXAMPLE
get-computerDN -computername server02

Returns the distinguished name for server02.

Results are of the form:
CN=SERVER02,OU=Domain Controllers,DC=Manticore,DC=org

.NOTES
[adsisearcher] is a shortcut for System.DirectoryServices.DirectorySearcher

.LINK

#>

}

 

Which is used like this

£> 'server02', 'w12r2sus', 'w12r2nope' | get-computerDN
CN=SERVER02,OU=Domain Controllers,DC=Manticore,DC=org
CN=W12R2SUS,OU=Servers,DC=Manticore,DC=org
WARNING: Computer not found: w12r2nope

 

One thing you need to keep in mind when estimating the time you’ll take to write a script – you’ll be writing at least half as much again validation, error handling and help/comments compared to the actual working code

Comments are closed.