Using parameters instead of read-host when getting AD replication data

I’ve seen a lot of scripts recently that use Read-Host to get input data.  This is generally not best practice – I tend to only use Read-Host if I want to get a password and obscure the text on screen.

A better practice is to use parameters – either in a function or a script. As an example consider this function that gets AD replication metadata

function get-ADReplmetadata {
param (

[string]$server = ‘server02’

Get-ADObject -LDAPFilter “($ldapfilter)”  -Properties $attribute |
Get-ADReplicationAttributeMetadata -Server $server -Attribute $attribute


Get-ADReplicationAttributeMetadata  is awkward to use because it only accepts a distinguished name or a GUID for identifying the object you want to access. Remembering distinguished names or GUIDs  is a pain so I use get-AdObject with an LDAP filter and pipe it to Get-ADReplicationAttributeMetadata .

The $server parameter defaults to server02 but can be overridden if you want to use another domain controller

I make the ldapfilter and attributes mandatory so I get prompted if I forget

This example pulls back meta data for just the Name

get-ADReplmetadata -ldapfilter ‘samAccountName=Richard’ -attribute Name

This example pulls back all metadata

get-ADReplmetadata -ldapfilter ‘samAccountName=Richard’ -attribute *

This entry was posted in PowerShell and Active Directory, Powershell Basics. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s