NetCmdlets 2016
NetCmdlets 2016
Questions / Feedback?

Get-LDAP Cmdlet

Parameters   Output Objects   Configuration Settings  

The Get-LDAP cmdlet is used to search LDAP Directory Servers using the LDAP (Lightweight Directory Access) Protocol.

Syntax

Get-LDAP [parameters]

Remarks

This cmdlet implements a standard LDAP client as specified in RFC 1777, 2251, and other LDAP RFCs. Support for both LDAP v2 and v3 is provided, and SSL support is optional.

To search a Directory Server, set the server in the Server parameter. If authentication is required, set either the Credential parameter or the BindDN and Password parameters (this is necessary when authenticating with a Distinguished Name). Set DN to the DN where the search operation will be done and Search to the search filter.

The results of a search are returned in one or more LDAPSearchResult objects.

This cmdlet handles searching the Directory Server. To manage DNs and attributes, please see the SET-LDAP cmdlet.

The cmdlets support pipeline input for some of their parameters. Prebuilding an object and piping it to the cmdlet is very useful, but should be used with caution to prevent security conflicts. Steps have been taken to decrease the risk of a possibly accidental pipe to the cmdlet, for instance, the Credential parameter cannot be piped to the cmdlet and must be specified manually.


# search without authenticating
get-ldap -server LDAPServer -dn "ou=Employees,dc=LDAPServer" -search "cn=JohnDoe"
# search with authentication
get-ldap -server LDAPServer -credential $cred -dn "ou=Employees,dc=LDAPServer" -search "cn=JaneDoe"
# authenticate with a DN 
get-ldap -server LDAPServer -binddn "cn=psuser,ou=Employees,dc=LDAPServer" -password "password" -dn "ou=Employees,dc=LDAPServer" -search "cn=JackDoe"

Connection Handling

This cmdlet supports persistent connections through the Connection parameter. To establish a new LDAP connection, use the Connect-LDAP cmdlet. To close the connection, use the Disconnect-LDAP cmdlet.

Parameter List


The following is the full list of the parameters of the cmdlet with short descriptions. Click on the links for further details.

ConnectionAn already established connection.
LogFileThe location of a file to which debug information is written.
AttributeIndicates whether a search operation will return the attribute types and values for the attributes specified for the DN.
BindDNThe Distinguished Name used as the base for the LDAP bind.
CertPasswordThe password to the certificate store.
CertStoreThe name of the certificate store for the client certificate.
CertStoreTypeThe type of certificate store for the client certificate.
CertSubjectThe subject of the certificate used for client authentication.
ConfigSpecifies one or more configuration settings.
CredentialThe PSCredential object to use for user/password authentication.
DNThe DN on which to operate.
FirewallHostName or IP address of firewall.
FirewallPasswordA password if authentication is to be used when connecting through the firewall.
FirewallPortThe port of the firewall to which to connect.
FirewallTypeDetermines the type of firewall to connect through.
FirewallUserA user name if authentication is to be used connecting through a firewall.
ForceForces the cmdlet to accept the default behavior instead of querying the user.
LocalIPThe IP address of the local interface to use.
LogFileThe location of a file to which debug information is written.
PageThe page from the LDAP Search to take the results from.
PageSizeThe maximum number of results per page for the Search .
PasswordThe password to use for authentication.
PortThe TCP port in the remote host to which to connect.
SearchSearch the directory server.
SearchScopeControls the scope of LDAP search operations.
ServerThe address of the Server.
SSLDetermines how the cmdlet starts SSL negotiation.
SSLAcceptThe encoded public key of the certificate which is to be trusted explicitly.
TimeoutThe maximum time allowed for the operation.
VersionThe version of LDAP used.

Output Objects


The following is the full list of the output objects returned by the cmdlet with short descriptions. Click on the links for further details.

LDAPSearchResultObject returned in response to the LDAP search operation. Fields are also added with the names and values of attributes being searched.

Configuration Settings


The following is a list of configuration settings for the cmdlet with short descriptions. Click on the links for further details.

OutputBinaryControls whether the cmdlet returns raw binary data as a byte array or not.
FriendlyGUIDWhether to return GUID attribute values in a human readable format.
FriendlySIDWhether to return SID attribute values in a human readable format.
RequestControlsControls to include in the request.
ResponseControlsControls present in the response.
UseDefaultDCWhether to connect to the default Domain Controller when calling Bind.
DomainControllerReturns the name of the domain controller.
ConnectionTimeoutSets a separate timeout value for establishing a connection.
FirewallAutoDetectTells the cmdlet whether or not to automatically detect and use firewall system settings, if available.
FirewallHostName or IP address of firewall (optional).
FirewallPasswordPassword to be used if authentication is to be used when connecting through the firewall.
FirewallPortThe TCP port for the FirewallHost;.
FirewallTypeDetermines the type of firewall to connect through.
FirewallUserA user name if authentication is to be used connecting through a firewall.
KeepAliveTimeThe inactivity time in milliseconds before a TCP keep-alive packet is sent.
KeepAliveIntervalThe retry interval, in milliseconds, to be used when a TCP keep-alive packet is sent and no response is received.
LingerWhen set to True, connections are terminated gracefully.
LingerTimeTime in seconds to have the connection linger.
LocalHostThe name of the local host through which connections are initiated or accepted.
LocalPortThe port in the local host where the cmdlet binds.
MaxLineLengthThe maximum amount of data to accumulate when no EOL is found.
MaxTransferRateThe transfer rate limit in bytes per second.
ProxyExceptionsListA semicolon separated list of hosts and IPs to bypass when using a proxy.
TCPKeepAliveDetermines whether or not the keep alive socket option is enabled.
UseIPv6Whether to use IPv6.
TcpNoDelayWhether or not to delay when sending packets.
AbsoluteTimeoutDetermines whether timeouts are inactivity timeouts or absolute timeouts.
FirewallDataUsed to send extra data to the firewall.
InBufferSizeThe size in bytes of the incoming queue of the socket.
OutBufferSizeThe size in bytes of the outgoing queue of the socket.
UseBackgroundThreadWhether threads created by the cmdlet are background threads.
UseInternalSecurityAPITells the cmdlet whether or not to use the system security libraries or an internal implementation.

 
 
Copyright (c) 2019 /n software inc. - All rights reserved.
NetCmdlets 2016 - Version 16.0 [Build 7240]