Unable to query [adsisearcher] for trusted domains

2019-07-29 09:18发布

问题:

I wanted to query [adsisearcher] to get me the OU info for a few servers for servers in trusted & non trusted domains.

$session = New-PSSession -ComputerName icvmm02

Invoke-Command -Session $session -ScriptBlock {
$compname= (Get-WmiObject "Win32_Computersystem" -namespace "root\CIMV2" -computername $comp).name
$searcher = [adsisearcher]"(&(ObjectCategory=computer)(Name=$compname))"
$ou= $searcher.FindOne() | Select-Object path
$serverou = $ou.path
}
$adou= (Invoke-Command -Session $session  -ScriptBlock { $serverou })
Get-PSSession | Remove-PSSession

for servers in trusted domains im passing a $cred = get credentials while creating a pssession, but when i run

$compname= (Get-WmiObject "Win32_Computersystem" -namespace "root\CIMV2" -computername $comp).name
$searcher = [adsisearcher]"(&(ObjectCategory=computer)(Name=$compname))"
$ou= $searcher.FindOne() | Select-Object path

it gives me an error as

Exception calling "FindOne" with "0" argument(s): "An operations error occurred.
"
At line:1 char:27
+     $ou= $searcher.FindOne <<<< () | Select-Object path
+ CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : DotNetMethodException
$serverou = $ou.path

Could some one please help me in sorting this out.

回答1:

I don't the cause but the ADSI interface just doesn't work in remote sessions. I can't even get the DN of the domain of a computer in my domain. I can get this to run locally but not remotely:

icm { ([adsi]"").distinguishedName }  #works

icm -Session $s -ScriptBlock { ([adsi]"").distinguishedName } #doesn't work


回答2:

Looks like there's a problem with the FindOne method call - you can find out more about the $searcher object with this;

$searcher | gm

the findOne method should be there with a list of the parameters it takes.

Though, I've just tried it on the type:

[adsisearcher] | gm | sort name

and there's no FindOne method - are you sure it's a method of adsisearcher?