Learn more
 

Ready to get started?

Download a free trial of the LDAP Data Provider to get started:

 Download Now

Learn more:

LDAP Icon LDAP ADO.NET Provider

Rapidly create and deploy powerful .NET applications that integrate with LDAP directory services!

In this article

Related articles

Automate LDAP Integration Tasks from PowerShell


Are you in search of a quick and easy way to access LDAP objects from PowerShell? This article demonstrates how to utilize the LDAP Cmdlets for tasks like connecting to LDAP objects, automating operations, downloading data, and more.

The CData Cmdlets for LDAP are standard PowerShell cmdlets that make it easy to accomplish data cleansing, normalization, backup, and other integration tasks by enabling real-time and bidirectional access to LDAP.

PowerShell Cmdlets or ADO.NET Provider?

The Cmdlets are not only a PowerShell interface to LDAP, but also an SQL interface; this tutorial shows how to use both to create, retrieve, update, and delete LDAP objects. We also show examples of the ADO.NET equivalent, which is possible with the CData ADO.NET Provider for LDAP. To access LDAP objects from other .NET applications, like LINQPad, use the CData ADO.NET Provider for LDAP.

Once you have acquired the necessary connection properties, accessing LDAP objects in PowerShell can be enabled in three steps.

To establish a connection, the following properties under the Authentication section must be provided:

  • Valid User and Password credentials (e.g., Domain\BobF or cn=Bob F,ou=Employees,dc=Domain).
  • Server information, including the IP or host name of the Server, as well as the Port.

  • BaseDN: This will limit the scope of LDAP searches to the height of the distinguished name provided.

    Note: Specifying a narrow BaseDN may greatly increase performance; for example, cn=users,dc=domain will only return results contained within cn=users and its children.

PowerShell

  1. Install the module:

    Install-Module LDAPCmdlets

  2. Connect:

    $ldap = Connect-LDAP -User "$User" -Password "$Password" -Server "$Server" -Port "$Port"

  3. Search for and retrieve data:

    $cn = "Administrator" $user = Select-LDAP -Connection $ldap -Table "User" -Where "CN = `'$CN`'" $user

    You can also use the Invoke-LDAP cmdlet to execute SQL commands:

    $user = Invoke-LDAP -Connection $ldap -Query 'SELECT * FROM User WHERE CN = @CN' -Params @{'@CN'='Administrator'}

ADO.NET

  1. Load the provider's assembly:

    [Reflection.Assembly]::LoadFile("C:\Program Files\CData\CData ADO.NET Provider for LDAP\lib\System.Data.CData.LDAP.dll")

  2. Connect to LDAP:

    $conn= New-Object System.Data.CData.LDAP.LDAPConnection("User=Domain\BobF;Password=bob123456;Server=10.0.1.1;Port=389;") $conn.Open()

  3. Instantiate the LDAPDataAdapter, execute an SQL query, and output the results:

    $sql="SELECT Id, LogonCount from User" $da= New-Object System.Data.CData.LDAP.LDAPDataAdapter($sql, $conn) $dt= New-Object System.Data.DataTable $da.Fill($dt) $dt.Rows | foreach { Write-Host $_.id $_.logoncount }

Update LDAP Objects

PowerShell

Update-LDAP -Connection $LDAP -Columns @('Id','LogonCount') -Values @('MyId', 'MyLogonCount') -Table User -Id "MyId"

ADO.NET

$cmd = New-Object System.Data.CData.LDAP.LDAPCommand("UPDATE User SET CN='Administrator' WHERE Id = @myId", $conn) $cmd.Parameters.Add((New-Object System.Data.CData.LDAP.LDAPParameter("@myId","10456255-0015501366"))) $cmd.ExecuteNonQuery()

Insert LDAP Objects

PowerShell

Add-LDAP -Connection $LDAP -Table User -Columns @("Id", "LogonCount") -Values @("MyId", "MyLogonCount")

ADO.NET

$cmd = New-Object System.Data.CData.LDAP.LDAPCommand("INSERT INTO User (CN) VALUES (@myCN)", $conn) $cmd.Parameters.Add((New-Object System.Data.CData.LDAP.LDAPParameter("@myCN","Administrator"))) $cmd.ExecuteNonQuery()

Delete LDAP Objects

PowerShell

Remove-LDAP -Connection $LDAP -Table "User" -Id "MyId"

ADO.NET

$cmd = New-Object System.Data.CData.LDAP.LDAPCommand("DELETE FROM User WHERE Id=@myId", $conn) $cmd.Parameters.Add((New-Object System.Data.CData.LDAP.LDAPParameter("@myId","001d000000YBRseAAH"))) $cmd.ExecuteNonQuery()