-
Notifications
You must be signed in to change notification settings - Fork 3
/
Test-UpnExist.ps1
52 lines (43 loc) · 1.61 KB
/
Test-UpnExist.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
function Test-UPNExist
{
<#
.SYNOPSIS
Cmdlet will check if a given UPN exists in the forest.
.DESCRIPTION
Cmdlet is a diagnostic tool to check if a given UPN is already assigned to a user in the forest.
.PARAMETER UPN
A string representing the UPN to check for uniqueness.
.PARAMETER AdServer
A string representing the name of the domain controller to be used for the check, if parameter
is not specified the closest Global Catalog is used.
.EXAMPLE
PS C:\> Test-UPNExist -UPN '[email protected]'
#>
[CmdletBinding()]
param
(
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[string]$UPN,
[ValidateNotNullOrEmpty()]
[string]$AdServer
)
if ([string]::IsNullOrEmpty($AdServer) -eq $true)
{
$adForest = [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()
[string]$ldapPath = '{0}{1}' -f 'GC://', $($adForest.FindGlobalCatalog().Name)
}
else
{
[string]$ldapPath = '{0}{1}' -f 'LDAP://', $AdServer
}
# Instantiate required objects and run query
$adDomain = New-Object System.DirectoryServices.DirectoryEntry($ldapPath)
$adSearcher = New-Object System.DirectoryServices.DirectorySearcher($adDomain)
$adSearcher.SearchScope = 'Subtree'
$adSearcher.PageSize = 1000
$adSearcher.Filter = "(&(objectCategory=person)(userPrincipalName=$UPN))"
[void]($adSearcher.PropertiesToLoad.Add("userPrincipalName"))
[array]$searchResult = $adSearcher.FindOne()
return $null -ne $searchResult
}