Querying Active Directory in PowerShell from a Windows host that is not a member of the domain

Posted by jshin47 on Server Fault See other posts from Server Fault or by jshin47
Published on 2012-06-16T23:51:53Z Indexed on 2012/06/17 3:19 UTC
Read the original article Hit count: 767

Filed under:

windows-server-2008

|

active-directory

|

powershell

|

adsi

How can I use PowerShell [adsisearcher] to query a domain that I am not a member of? Usually I will do something like this:

$myAdsi = [adsisearcher]""
$myAdsi.SearchRoot = [adsi]"LDAP://dc=corp,dc=mycompany,dc=com"
$myAdsi.Filter = "objectCategory=computer"

$res = $myAdsi.FindAll()

If I run this snippet on a host in my domain, I get the expected result. However, if I run this from a computer that has network access to the domain (through a L2L VPN) I get the error:

Exception calling "FindAll" with "0" argument(s): "The specified domain either does not exist or could not be contacted.
"
At line:11 char:33
+ $adComputers = $searcher.FindAll <<<< ()
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : DotNetMethodException

This is somewhat expected as I have not provided any sort of credentials to [adsisearcher] that would tell it how to authenticate. My question is: how do I let [adsisearcher] know that I want to authenticate against a domain in which I am not a member?

© Server Fault or respective owner

Related posts about windows-server-2008

Password policy problem windows server 2008

as seen on Server Fault - Search for 'Server Fault'
Hi, I'm creating a domain and I need to make users that can have an empty password but administrators have to comply with password complexity how to I solve this problem? Thanks in advance >>> More
SAP DCOM Connector on Windows Server 2008

as seen on Stack Overflow - Search for 'Stack Overflow'
Does anybody know, if it is possible to use the "old" SAP DCOM Connector on a Windows Server 2008 ? I want to migrate a old ASP Web Solution with DCOM Connection to SAP from Windows 2000 Server to Windows 2008 Server. When I try to install the DCOM Connector I get the Error Message: "Setup could… >>> More
Windows Server 2008 R2: AD Module for Windows PowerShell

as seen on Internet.com - Search for 'Internet.com'
Windows Server 2008 R2 includes a new Active Directory module for Windows PowerShell, a consolidated group of 76 cmdlets that can perform a host of tasks against Active Directory's various services. >>> More
Windows Server 2008 Directory Services, Group Policy Preferences - More Control Panel Settings

as seen on Internet.com - Search for 'Internet.com'
In Windows Server 2008, Group Policy Preferences makes it possible to reap the chief benefits of an Active Directory environment by simplifying client management. Control Panel Settings nodes in the Group Policy Management Editor makes this possible. >>> More
Windows Server 2008 R2: Introducing the AD Administrative Center

as seen on Internet.com - Search for 'Internet.com'
The Active Directory Administrative Center in Windows Server 2008 R2 is a significant improvement over its predecessor. Although not without limitations, it offers beefed-up management of AD objects, new navigation capabilities, better task-based management options, and improvements to the properties… >>> More

Related posts about active-directory

Can't join OS X Mavericks to AD Domain

as seen on Server Fault - Search for 'Server Fault'
I'm attempting to join an OS X Mavericks (10.9) client to a Windows Server 2008 Active Directory domain, however the bind fails with this error in the OS X client's system.log: Oct 24 15:03:15 host.domain.com com.apple.preferences.users.remoteservice[5547]: -[ODCAddServerSheetController handleOtherActionError:… >>> More
Retrieve user details from Active Directory using SID

as seen on Server Fault - Search for 'Server Fault'
Hi, How can I find a user in my AD when I have his/her SID. I don't want to rely on other attributes, since I am trying to detect changes to these. Example: I get a message about a change to user record containing: Message: User Account Changed: Target Account Name: test12 Target… >>> More
Retrieve user details from Active Directory using GUID

as seen on Server Fault - Search for 'Server Fault'
Hi, How can I find a user in my AD when I have his/her GUID. I don't want to rely on other attributes, since I am trying to detect changes to these. >>> More
Retrieve user details from Active Directory using GUID [closed]

as seen on Super User - Search for 'Super User'
Hi, How can I find a user in my AD when I have his/her GUID. I don't want to rely on other attributes, since I am trying to detect changes to these. >>> More
Office365 DirSync Active Directory Integration

as seen on Server Fault - Search for 'Server Fault'
I am preparing to deploy Office365 for my organization. We have an on premise Active Directory Domain Controller (Windows Server 2012 R2). We would like to leverage our Active Directory for: automatic user provisioning in Office365, and password synchronization, using the DirSync tool. Our Active… >>> More