22.1 Find-DRAObjects

Synopsis

Searches for DRA objects on the specified DRA Server.

Syntax

Find-DRAObjects [-ComputerAndFilter <Hashtable>] [-ComputerOrFilter <Hashtable>] [-ContactAndFilter <Hashtable>] [-ContactOrFilter <Hashtable>] [-DomainAndFilter <Hashtable>] [-DomainOrFilter <Hashtable>] [-DynamicDistributionGroupAndFilter <Hashtable>] [-DynamicDistributionGroupOrFilter <Hashtable>] [-EquipmentMailboxOrFilter <Hashtable>] [-GroupAndFilter <Hashtable>] [-GroupOrFilter <Hashtable>] [-OUAndFilter <Hashtable>] [-OUOrFilter <Hashtable>] [-RoomMailboxOrFilter <Hashtable>] [GroupManagedServiceAccountAndFilter <Hashtable>] [-GroupManagedServiceAccountOrFilter <Hashtable>][-UserAndFilter <Hashtable>] [-UserOrFilter <Hashtable>] [-ContainerAndFilter <Hashtable>] [-ContainerOrFilter <Hashtable>] [-BuiltinContainerAndFilter <Hashtable>] [-BuiltinContainerOrFilter <Hashtable>] [-SharedMailboxOrFilter  <Hashtable>] [-ManagedContainersOnly <SwitchParameter>] [-ContainerDN <String>] [-EnforceServerLimit <SwitchParameter>] [-IncludeChildContainers <SwitchParameter>] [-ObjectsPerResponse <Int32>] [-ResumeString <String>] [-Attributes <String[]>] [-DRARestServer <String>] [-DRARestPort <Int32>] [-IgnoreCertificateErrors <SwitchParameter>] [-Force <SwitchParameter>] [-Timeout <Int32>] [<CommonParameters>]

Description

Find-DRAObjects asks the specified DRA Server to search for objects that match the specified filters. The server will return objects for which the requesting user has specific object properties viewing powers. You can specify criteria to search for computers, contacts, domains, dynamic distribution groups, equipment resource mailboxes, groups, OUs, room resource mailboxes, users and group managed service accounts. You can use Or filters to search for multiple object types. All of the object filters use the same format: a Hashtable of property values to match.

For example, the following filter will find users whose Name begins with "Sm" or whose

Location is "Houston":

-UserOrFilter @{Name="Sm*";Location="Houston"}

Wildcard options for filter values are: * Matches an unlimited number of characters ? Matches one non-numeric character # Matches one alphabetic characterMultiple match strings can be specified for an attribute by separating them with the | character. For example, the following will match users whose City attribute begins with H or P:

-UserOrFilter @{ City="H*|P*" }

To search for the literal | character you need to escape it with a backslash. For example, the following filter will find all users that have a | in their Description:

-UserOrFilter @{ Description="*\|*" }

You can specify the ContainerDN parameter to control where DRA searches. Specify that the search should include objects in child containers by specifying the IncludeChildContainers parameter. See parameter explanations in detailed help for more information.

You can also specify parameters that control the content in the response, such as the number of items to return and where to resume the search results if multiple requests are needed to retrieve all of the search results. See the examples in the help for more information..

Parameters

Attribute / Description	Parameters / Values
Attribute / Description	Required	Position	Default Value	Accept Pipeline input?	Accept wildcard characters?
ComputerAndFilter [<Hashtable>] .The computer properties to use for searching computer objects. The properties will be combined for the search. Computers matching all listed properties will be returned.	false	named		true (ByPropertyName)	false
ComputerOrFilter [<Hashtable>] The computer properties to use for searching computer objects. Computers matching any of the listed properties will be returned.	false	named		true (ByPropertyName)	false
ContactAndFilter [<Hashtable>] The contact properties to use for searching contact objects. The properties will be combined for the search. Contacts matching all listed properties will be returned.	false	named		true (ByPropertyName)	false
ContactOrFilter [<Hashtable>] The contact properties to use for searching contact objects. Contacts matching any of the listed properties will be returned.	false	named		true (ByPropertyName)	false
DomainAndFilter [<Hashtable>] The domain properties to use for searching domain objects. The properties will be combined for the search. Domains matching all listed properties will be returned.	false	named		true (ByPropertyName)	false
DomainOrFilter [<Hashtable>] The domain properties to use for searching domain objects. Domains matching any of the listed properties will be returned.	false	named		true (ByPropertyName)	false
DynamicDistributionGroupAndFilter [<Hashtable>] The dynamic distribution group properties to use when searching for dynamic distribution groups. The properties will be combined for the search. Dynamic distribution groups matching all listed properties will be returned.	true	named		true (ByPropertyName)	false
DynamicDistributionGroupOrFilter [<Hashtable>] The dynamic distribution group properties to use when searching for dynamic distribution groups. Dynamic distribution groups matching any of the listed properties will be returned.	false	named		true (ByPropertyName)	false
EquipmentMailboxOrFilter [<Hashtable>] The equipment resource mailbox properties to use when searching. Resource mailboxes matching any of the listed properties will be returned.	false	named		true (ByPropertyName)	false
GroupAndFilter [<Hashtable>] The group properties to use when searching for group objects. The properties will be combined for the search. Groups matching all listed properties will be returned.	false	named		true (ByPropertyName)	false
GroupOrFilter [<Hashtable>] The group properties to use when searching for group objects. Groups matching any of the listed properties will be returned.	false	named		true (ByPropertyName)	false
OUAndFilter [<Hashtable>] The OU properties to use when searching for OUs. The properties will be combined for the search. OUs matching all listed properties will be returned.	false	named		true (ByPropertyName)	false
OUOrFilter [<Hashtable>] The OU properties to use when searching for OUs. OUs matching any of the listed properties will be returned.	false	named		true (ByPropertyName)	false
RoomMailboxOrFilter [<Hashtable>] The room resource mailbox properties to use when searching for resource mailboxes. Resource mailboxes matching any of the listed properties will be returned.	false	named		true (ByPropertyName)	false
UserAndFilter [<Hashtable>] The user properties to use when searching for user objects. The properties will be combined for the search. Users matching all listed properties will be returned.	false	named		true (ByPropertyName)	false
UserOrFilter [<Hashtable>] The user properties to use when searching for user objects. Users matching any of the listed properties will be returned.	false	named		true (ByPropertyName)	false
ContainerAndFilter [<Hashtable>] The match strings to use when for searching for container objects. Containers matching all of the listed properties will be returned.	false	named		true (ByPropertyName)	false
BuiltinContainerAndFilter [<Hashtable>] The match strings to use when searching for builtin container objects. The properties will be combined for the search. Only builtin containers matching all listed properties will be returned.	false	named		true (ByPropertyName)	false
BuiltinContainerOrFilter [<Hashtable>] The match strings to use when for searching for builtin containers. Builtin containers matching any of the listed properties will be returned.	false	named		true (ByPropertyName)	false
GroupManagedServiceAccountAndFilter [<Hashtable>] The group managed service account properties to use when searching for group managed service accounts. The properties will be combined for the search. Group managed service accounts matching all listed properties will be returned.	false	named		true (ByPropertyName)	false
GroupManagedServiceAccountOrFilter [<Hashtable>] The group managed service account properties to use when searching for group managed service accounts. The group managed service accounts matching any of the listed properties will be returned.	false	named		true (ByPropertyName)	false
ManagedContainersOnly [<SwitchParameter>] A switch parameter to limit the search to containers managed by DRA. The default is to search all containers specified by the ContainerDN parameter. If all containers in the path are managed by DRA, then this parameter will have no effect.	false	named		false	false
ContainerDN [<String>] The full path to the container to search in distinguished name format. For example: -ContainerDN "OU=Accounting,DC=MyDomain,DC=corp".	false	named		false	false
EnforceServerLimit [<SwitchParameter>] A switch parameter to indicate that the search results should be limited by the search result limit on the DRA Server. The typical server limit is 1000 items. The default is true.	false	named		false	false
IncludeChildContainers [<SwitchParameter>] A switch parameter to request that the search include child containers. The default is false: only the container named in the ContainerDN parameter is searched.	false	named		false	false
ObjectsPerResponse [<Nullable`1>] The number of objects to return in a response. The default is 250.	false	named		false	false
ResumeString [<String>] When multiple responses are needed to return all of the search results to the client, this parameter indicates the last item returned from the server. The value of this parameter would be set using the ResumeString property from the previous set of results. The ResumeString may look like this: "CN=MYUser160,CN=Users,DC=MyDomain,DC=corp". The EnforceServerLimit, ObjectsPerResponse, and ResumeString parameters are applicable only when the Identifier parameter is not specified.	false	named		false	false
Attributes [<String[]>] An array of attributes to retrieve values for. If this parameter is missing, a default list of properties is returned.	false	named		true (ByPropertyName)	false
Domain <String> The domain of the object in fqdn format. For example: mydomain.corp	true	named		true (ByPropertyName)	false
DRARestServer [<String>] The name of the computer running the DRA Rest Service. The requested DRA operation will execute on this server. If the parameter is not specified, the value defaults to 'localhost'.	false	named		true (ByPropertyName)	false
DRARestPort [<Int32>] The port where the DRA REST Service listens for requests. If the parameter is not specified, the value defaults to 8755.	false	named	8755	true (ByPropertyName)	false
IgnoreCertificateErrors [<SwitchParameter>] Allows the request to bypass any SSL certificate errors, such as the InvalidOperation error that occurs when the REST Service is bound to a self-signed certificate.	false	named		false	false
Force [<SwitchParameter>] Suppresses any request for user input and supplies a 'yes' response. For example: -Force with a delete request will perform the delete without presenting the confirmation request to the user.	false	named		false	false
Timeout [<Int32>] The number of seconds to wait before the request to the DRA REST server times out. To specify an infinite timeout, you can set this parameter to -1.	false	named	100 seconds	true (ByPropertyName)	false
<CommonParameters> Verbose, Debug, ErrorAction, ErrorVariable, WarningAction, WarningVariable, OutBuffer, PipelineVariable, and OutVariable. For more information, see About CommonParameters.

NOTE:For more information, type "Get-Help Find-DRAObjects -detailed". For technical information, type "Get-Help Find-DRAObjects -full".

Example 22-1 1

PS C:\>Find-DRAObjects  -ContactOrFilter @{Location="HOU*"}  -GroupOrFilter @{Location="HOU*"} -OUOrFilter @{Location="HOU*"}  -UserOrFilter @{Location="HOU*"}
-ContainerDn "OU=Sales,DC=MyDomain,DC=corp" -IncludeChildContainers -ObjectsPerResponse 50

In this example, DRA will search in the Sales OU and all child containers of that OU for Contacts, Groups, OUs, and Users having a Location attribute beginning with "HOU". The server should return a maximum of 50 items in the response.

Example 22-2 2

PS C:\>Find-DRAObjects  -ComputerAndFilter @{Location="Houston-9###";IsDisabled=$true;Department="Sales*"} -IncludeChildContainers

Example 22-3 3

PS C:\>Find-DRAObjects  -UserAndFilter @{Location="Houston";IsDisabled=$true} -ObjectsPerResponse 500 -IncludeChildContainers -ResumeString "CN=Accounting-DG,OU=Accounting,OU=Brasilia,OU=Parent Company,DC=MyDomain,DC=corp"

This example searches for disabled user accounts whose Location attribute equals 'Houston'. DRA will search in all managed containers since the ContainerDN parameter is not specified and IncludeChildContainers is present. The server will return 500 items in the result, and it will begin the results with the next item after the one listed in the ResumeString parameter. ResumeString is used when there are multiple pages of results to be returned. When more data is available, the results will contain the ResumeString property that can be used to request the next page of results. The response also contains a boolean value IsSearchFinished that indicates if there are more results available on the server.

Example 22-4 4

PS C:\>Find-DRAObjects  -GroupOrFilter @{Location="Houston-9###";Department="Sales*"}-ContainerDn "OU=Sales,DC=MyDomain,DC=corp" -Attributes "DistinguishedName","DisplayName","Department"

In this example, DRA will search for groups having either Location beginning with 'Houston-9' and ending with 3 numeric digits, OR Department beginning with 'Sales'. DRA will search only in the Sales OU since the ContainerDN is specified and IncludeChildContainers is not. For each group matching the filter criteria, the server will return three attributes. The response will return a maximum of 250 items since the ObjectsPerResponse parameter is not specified.