Monthly Archive


Using parameters instead of read-host when getting AD replication data

I’ve seen a lot of scripts recently that use Read-Host to get input data.  This is generally not best practice – I tend to only use Read-Host if I want to get a password and obscure the text on screen.


A better practice is to use parameters – either in a function or a script. As an example consider this function that gets AD replication metadata

function get-ADReplmetadata {
param (

[string]$server = 'server02'

Get-ADObject -LDAPFilter "($ldapfilter)"  -Properties $attribute |
Get-ADReplicationAttributeMetadata -Server $server -Attribute $attribute



Get-ADReplicationAttributeMetadata  is awkward to use because it only accepts a distinguished name or a GUID for identifying the object you want to access. Remembering distinguished names or GUIDs  is a pain so I use get-AdObject with an LDAP filter and pipe it to Get-ADReplicationAttributeMetadata .


The $server parameter defaults to server02 but can be overridden if you want to use another domain controller

I make the ldapfilter and attributes mandatory so I get prompted if I forget


This example pulls back meta data for just the Name

get-ADReplmetadata -ldapfilter 'samAccountName=Richard' -attribute Name


This example pulls back all metadata

get-ADReplmetadata -ldapfilter 'samAccountName=Richard' -attribute *

Comments are closed.