Set-LDAP Cmdlet
Parameters Output Objects Configuration Settings
The Set-LDAP cmdlet is used to communicate with LDAP Directory Servers (such as Active Directory) using the LDAP (Lightweight Directory Access) protocol.
Syntax
Set-LDAP [parameters]
Remarks
This cmdlet implements a standard LDAP client as specified in RFC 1777, 2251, and other LDAP RFCs. Support for both LDAP v2 and v3 is provided, and SSL support is optional.
The first step in using the cmdlet is specifying a Server a BindDN (Distinguished Name) to bind as, and a Password. The cmdlet may then be used modify an existing DN by adding, removing, or modifying attributes. For instance, to add an attribute set the AddAttribute flag and the DN you wish to add an attribute to, and the Attributes you wish to add. Similar operations can be performed using DeleteAttribute and ReplaceAttribute.
The result of an operation is returned in an LDAPSet object.
This cmdlet handles DN and attribute manipulation. To search the Directory Server, please see the GET-LDAP cmdlet.
The cmdlets support pipeline input for some of their parameters. Prebuilding an object and piping it to the cmdlet is very useful, but should be used with caution to prevent security conflicts. Steps have been taken to decrease the risk of a possibly accidental pipe to the cmdlet, for instance, the Credential parameter cannot be piped to the cmdlet and must be specified manually.
# change a user password using an SSL connectionset-ldap -server LDAPServer -credential $cred -dn "cn=BillyBob,ou=Employees,dc=Domain" -newpassword test -ssl implicitConnection Handling
This cmdlet supports persistent connections through the Connection parameter. To establish a new LDAP connection, use the Connect-LDAP cmdlet. To close the connection, use the Disconnect-LDAP cmdlet.
Parameter List
The following is the full list of the parameters of the cmdlet with short descriptions. Click on the links for further details.
| Connection | An already established connection. |
| LogFile | The location of a file to which debug information is written. |
| AddAttribute | Adds the attribute specified by Attributes to the DN. |
| Attributes | Attribute values for the current entry. |
| BindDN | The Distinguished Name used as the base for the LDAP bind. |
| CertPassword | The password to the certificate store. |
| CertStore | The name of the certificate store for the client certificate. |
| CertStoreType | The type of certificate store for the client certificate. |
| CertSubject | The subject of the certificate used for client authentication. |
| Config | Specifies one or more configuration settings. |
| Credential | The PSCredential object to use for user/password authentication. |
| DeleteAttribute | Delete the attribute by Attributes in DN . |
| DN | The DN on which to operate. |
| FirewallHost | Name or IP address of firewall. |
| FirewallPassword | A password if authentication is to be used when connecting through the firewall. |
| FirewallPort | The port of the firewall to which to connect. |
| FirewallType | Determines the type of firewall to connect through. |
| FirewallUser | A user name if authentication is to be used connecting through a firewall. |
| Force | Forces the cmdlet to accept the default behavior instead of querying the user. |
| LocalIP | The IP address of the local interface to use. |
| LogFile | The location of a file to which debug information is written. |
| NewPassword | The value of the new password. |
| Password | The password to use for authentication. |
| Port | The TCP port in the remote host to which to connect. |
| ReplaceAttribute | Replace the attribute specified by Attributes in DN . |
| Server | The address of the Server. |
| SSL | Determines how the cmdlet starts SSL negotiation. |
| SSLAccept | The encoded public key of the certificate which is to be trusted explicitly. |
| Timeout | The maximum time allowed for the operation. |
| Version | The version of LDAP used. |
Output Objects
The following is the full list of the output objects returned by the cmdlet with short descriptions. Click on the links for further details.
| LDAPSet | Object returned in response to the LDAP operation. |
Configuration Settings
The following is a list of configuration settings for the cmdlet with short descriptions. Click on the links for further details.
| OutputBinary | Controls whether the cmdlet returns raw binary data as a byte array or not. |
| FriendlyGUID | Whether to return GUID attribute values in a human readable format. |
| FriendlySID | Whether to return SID attribute values in a human readable format. |
| RequestControls | Controls to include in the request. |
| ResponseControls | Controls present in the response. |
| UseDefaultDC | Whether to connect to the default Domain Controller when calling Bind. |
| DomainController | Returns the name of the domain controller. |
| ConnectionTimeout | Sets a separate timeout value for establishing a connection. |
| FirewallAutoDetect | Tells the cmdlet whether or not to automatically detect and use firewall system settings, if available. |
| FirewallHost | Name or IP address of firewall (optional). |
| FirewallPassword | Password to be used if authentication is to be used when connecting through the firewall. |
| FirewallPort | The TCP port for the FirewallHost;. |
| FirewallType | Determines the type of firewall to connect through. |
| FirewallUser | A user name if authentication is to be used connecting through a firewall. |
| KeepAliveTime | The inactivity time in milliseconds before a TCP keep-alive packet is sent. |
| KeepAliveInterval | The retry interval, in milliseconds, to be used when a TCP keep-alive packet is sent and no response is received. |
| Linger | When set to True, connections are terminated gracefully. |
| LingerTime | Time in seconds to have the connection linger. |
| LocalHost | The name of the local host through which connections are initiated or accepted. |
| LocalPort | The port in the local host where the cmdlet binds. |
| MaxLineLength | The maximum amount of data to accumulate when no EOL is found. |
| MaxTransferRate | The transfer rate limit in bytes per second. |
| ProxyExceptionsList | A semicolon separated list of hosts and IPs to bypass when using a proxy. |
| TCPKeepAlive | Determines whether or not the keep alive socket option is enabled. |
| UseIPv6 | Whether to use IPv6. |
| TcpNoDelay | Whether or not to delay when sending packets. |
| AbsoluteTimeout | Determines whether timeouts are inactivity timeouts or absolute timeouts. |
| FirewallData | Used to send extra data to the firewall. |
| InBufferSize | The size in bytes of the incoming queue of the socket. |
| OutBufferSize | The size in bytes of the outgoing queue of the socket. |
| UseBackgroundThread | Whether threads created by the cmdlet are background threads. |
| UseInternalSecurityAPI | Tells the cmdlet whether or not to use the system security libraries or an internal implementation. |