22.3 Find-DRALDAPObjects

Synopsis

Performs an LDAP search for DRA objects in the specified container.

Syntax

Find-DRALDAPObjects -LDAPQuery <String> [-StartRow <Int32>] [-ContainerDN <String>] [-EnforceServerLimit <SwitchParameter>] [-IncludeChildContainers <SwitchParameter>] [-ObjectsPerResponse <Int32>] [-ResumeString <String>] [-Attributes <String[]>] [-DRARestServer <String>] [-DRARestPort <Int32>] [-IgnoreCertificateErrors <SwitchParameter>] [-Force <SwitchParameter>] [-Timeout <Int32>] [<CommonParameters>]s

Description

Find-DRALDAPObjects asks the specified DRA Server to perform the LDAP query specified in the LDAPQuery parameter. The server will return objects on which the requesting user has view object properties powers. Specify the ContainerDN parameter to control where the LDAP query searches. Specify that the search should include objects in child containers by specifying the IncludeChildContainers parameter. See parameter explanations in detailed help for more information.You can also specify parameters that control the content in the response, such as the number of items to return and where to resume the search results if multiple requests are needed to retrieve all of the search results. See the examples in the help for more information.

Parameters

Attribute / Description	Parameters / Values
Attribute / Description	Required	Position	Default Value	Accept Pipeline input?	Accept wildcard characters?
LDAPQuery <String> The complete LDAP query string. You can specify any valid LDAP query string.	true	named		false	false
StartRow [<Int32>] When iterating multiple response pages from an LDAP command, the row number where the next set of response data should begin. The default is 0.	false	named		false	false
ContainerDN [<String>] The full path to the container to search in distinguished name format. For example: -ContainerDN "OU=Accounting,DC=MyDomain,DC=corp".	false	named		false	false
EnforceServerLimit [<SwitchParameter>] A switch parameter to indicate that the search results should be limited by the search result limit on the DRA Server. The typical server limit is 1000 items. The default is true.	false	named		false	false
IncludeChildContainers [<SwitchParameter>] A switch parameter to request that the search include child containers. The default is false. Only the container named in the ContainerDN parameter is searched.	false	named		false	false
ObjectsPerResponse [<Nullable`1>] The number of objects to return in a response. The default is 250.	false	named		false	false
ResumeString [<String>] When multiple responses are needed to return all of the search results to the client, this parameter indicates the last item returned from the server. The value of this parameter would be set using the ResumeString property from the previous set of results. The ResumeString may look like this: "CN=MYUser160,CN=Users,DC=MyDomain,DC=corp". The EnforceServerLimit, ObjectsPerResponse, and ResumeString parameters are applicable only when the Identifier parameter is not specified.	false	named		false	false
Attributes [<String[]>] An array of attributes to retrieve values for. If this parameter is missing, a default list of properties is returned.	false	named		true (ByPropertyName)	false
DRARestServer [<String>] The name of the computer running the DRA Rest Service. The requested DRA operation will execute on this server. If the parameter is not specified, the value defaults to 'localhost'.	false	named		true (ByPropertyName)	false
DRARestPort [<Int32>] The port where the DRA REST Service listens for requests. If the parameter is not specified, the value defaults to 8755.	false	named	8755	true (ByPropertyName)	false
IgnoreCertificateErrors [<SwitchParameter>] Allows the request to bypass any SSL certificate errors, such as the InvalidOperation error that occurs when the REST Service is bound to a self-signed certificate.	false	named		false	false
Force [<SwitchParameter>] Suppresses any request for user input and supplies a 'yes' response. For example: -Force with a delete request will perform the delete without presenting the confirmation request to the user.	false	named		false	false
Timeout [<Int32>] The number of seconds to wait before the request to the DRA REST server times out. To specify an infinite timeout, you can set this parameter to -1.	false	named	100 seconds	true (ByPropertyName)	false
<CommonParameters> Verbose, Debug, ErrorAction, ErrorVariable, WarningAction, WarningVariable, OutBuffer, PipelineVariable, and OutVariable. For more information, see About CommonParameters.

NOTE:For more information, type "Get-Help Find-DRALDAPObjects -detailed". For technical information, type "Get-Help Find-DRALDAPObjects -full".

Example 22-9 1

PS C:\>Find-DRALDAPObjects  -ContainerDn "OU=Sales,DC=MyDomain,DC=corp" -IncludeChildContainers -ObjectsPerResponse 50 -LDAPQuery "(&(objectClass=User)(!(email=*)))"

In this example, DRA will search in the Sales OU and all child containers of that OU. The LDAP query filters on Users not having an email attribute set. The server should return a maximum of 50 items in the response.

Example 22-10 2

PS C:\>Find-DRALDAPObjects  -ContainerDn "OU=Sales,DC=MyDomain,DC=corp" -IncludeChildContainers -ObjectsPerResponse 50 -LDAPQuery "(&(objectClass=User)(!(email=*)))" -ResumeString "89b8c1c1-678f-11e4-8d77-0050568e0b4a" -StartRow 51

In this example, DRA will search in the Sales OU and all child containers of that OU. The LDAP query filters on Users not having an email attribute set. The server will return a maximum of 50 items in the response, and it will begin the results with row 51. ResumeString is used when there are multiple pages of results to be returned. When more data is available, the ResumeString property in the response will contain the string that can be used to request the next page of results. The client must track how many rows have been returned and set the StartRow parameter. The response also contains a boolean value IsSearchFinished that indicates if there are more results available on the server.