The other day I was working on a powershell script to copy specific Active Directory attributes to a SQL database. I wanted to see if the destination SQL fields (which were varchar 100) would be able to contain the attributes, but I didn’t know the maximum lengths of the text in Active Directory. I hacked together a quick LDAP query to get all of the ‘rangeUpper’ values for each attribute. Here is that code:
[cc lang=”powershell”]
$myReport=@()
$Base = “
$Filter = “(&(objectCategory=attributeSchema)(rangeUpper=*))”
$Attributes = “distinguishedName”
$Scope = “subtree”
$Query = “$Base;$Filter;$Attributes;$Scope”
$Connection = New-Object -ComObject “ADODB.Connection”
$Command = New-Object -ComObject “ADODB.Command”
$Connection.Open(“Provider=ADsDSOObject;”)
$Command.ActiveConnection = $Connection
$Command.Properties.item(“Size Limit”).value = 90000
$Command.Properties.item(“Page Size”).value = 90000
$Command.CommandText = $Query
$Recordset = $Command.Execute()
Do {
$dn = $Recordset.Fields.item(“distinguishedName”)
$dn = $dn.value
$objSchema = Get-ADObject $dn
$myReport+= New-Object psobject -Property @{
LDAPAttribute = [string]$objSchema.lDAPDisplayName
MaxValue = [string]$objSchema.rangeUpper
}
if ($Recordset.eof -ne $true) {$Recordset.MoveNext()}
}
Until ($Recordset.eof)
$Connection.Close > $null
$myReport | Sort LDAPAttribute
[/cc]
Hope this can help you too!