Monthly Archive

Categories

Using parameters instead of read-host when getting AD replication data

I’ve seen a lot of scripts recently that use Read-Host to get input data.  This is generally not best practice – I tend to only use Read-Host if I want to get a password and obscure the text on screen.

 

A better practice is to use parameters – either in a function or a script. As an example consider this function that gets AD replication metadata

function get-ADReplmetadata {
param (
[Parameter(Mandatory=$true)]
[string]$ldapfilter,
 
[Parameter(Mandatory=$true)]
[string]$attribute,

[string]$server = 'server02'
)

Get-ADObject -LDAPFilter "($ldapfilter)"  -Properties $attribute |
Get-ADReplicationAttributeMetadata -Server $server -Attribute $attribute

}

 

Get-ADReplicationAttributeMetadata  is awkward to use because it only accepts a distinguished name or a GUID for identifying the object you want to access. Remembering distinguished names or GUIDs  is a pain so I use get-AdObject with an LDAP filter and pipe it to Get-ADReplicationAttributeMetadata .

 

The $server parameter defaults to server02 but can be overridden if you want to use another domain controller

I make the ldapfilter and attributes mandatory so I get prompted if I forget

 

This example pulls back meta data for just the Name

get-ADReplmetadata -ldapfilter 'samAccountName=Richard' -attribute Name

 

This example pulls back all metadata

get-ADReplmetadata -ldapfilter 'samAccountName=Richard' -attribute *

Comments are closed.