get-computerDN–dealing with non-existant computers

If you look at the working part of the code to discover the distinguished name of a computer:

£> $computer = ‘w12r2sus’
£> $filter = “(&(objectCategory=computer)(objectClass=computer)(cn=$computer))”
£> ([adsisearcher]$filter).FindOne().Properties.distinguishedname

What happens if the computername you chose doesn’t exist?

£> $computer = ‘w12r2nope’
£> $filter = “(&(objectCategory=computer)(objectClass=computer)(cn=$computer))”
£> ([adsisearcher]$filter).FindOne().Properties.distinguishedname

You don’t get anything returned

The filter is formed correctly

£> $filter


The FindOne() method doesn’t return anything

£> ([adsisearcher]$filter).FindOne()

If you’re just working with a single computer then not getting a result is a fair indication of a problem but if you’ve passed a number of  computer names to the function you need to know easily which ones aren’t present – especially if you save the results in a collection and want to do something else with them.

In this case I’d use write-warning to output a message that the machine wasn’t found:

£> $computer = ‘w12r2nope’
£> $filter = “(&(objectCategory=computer)(objectClass=computer)(cn=$computer))”
£> $result = ([adsisearcher]$filter).FindOne()
£> if ($result) {
>> $result.Properties.distinguishedname
>> }
>> else {
>>  Write-Warning -Message “Computer not found: $computer”
>> }
WARNING: Computer not found: w12r2nope


Putting that code into yesterday’s function gives us:

function get-computerDN {
[CmdletBinding(SupportsShouldProcess=$true, ConfirmImpact=”Low”)]

param (
   HelpMessage=”Supply computer name” )]
   [Alias(“CN”, “Computer”)] 

foreach ($computer in $computername) {
if ($psCmdlet.ShouldProcess(“$computer”, “Retreiving distinguished name”)) {
    $filter = “(&(objectCategory=computer)(objectClass=computer)(cn=$computer))”
    $result = ([adsisearcher]$filter).FindOne()

    if ($result) {
    else {
       Write-Warning -Message “Computer not found: $computer”

} # end if ($psCmdlet.ShouldProcess(“$computer”, “Retreiving distinguished name”))
} # end foreach ($computer in $computername) {


Returns distinguished name of a computer

Returns distinguished name of one or more computers in the domain.
Assumes connectivity to domain controller. Domain independent.

.PARAMETER  computername
Name of computer for which distinguished name will be returned

get-computerDN -computername server02

Returns the distinguished name for server02.

Results are of the form:
CN=SERVER02,OU=Domain Controllers,DC=Manticore,DC=org

[adsisearcher] is a shortcut for System.DirectoryServices.DirectorySearcher





Which is used like this

£> ‘server02’, ‘w12r2sus’, ‘w12r2nope’ | get-computerDN
CN=SERVER02,OU=Domain Controllers,DC=Manticore,DC=org
WARNING: Computer not found: w12r2nope

One thing you need to keep in mind when estimating the time you’ll take to write a script – you’ll be writing at least half as much again validation, error handling and help/comments compared to the actual working code

This entry was posted in PowerShell and Active Directory. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s