Querying Active Directory in PowerShell from a Windows host that is not a member of the domain

Posted by jshin47 on Server Fault See other posts from Server Fault or by jshin47
Published on 2012-06-16T23:51:53Z Indexed on 2012/06/17 3:19 UTC
Read the original article Hit count: 822

How can I use PowerShell [adsisearcher] to query a domain that I am not a member of? Usually I will do something like this:

$myAdsi = [adsisearcher]""
$myAdsi.SearchRoot = [adsi]"LDAP://dc=corp,dc=mycompany,dc=com"
$myAdsi.Filter = "objectCategory=computer"

$res = $myAdsi.FindAll()

If I run this snippet on a host in my domain, I get the expected result. However, if I run this from a computer that has network access to the domain (through a L2L VPN) I get the error:

Exception calling "FindAll" with "0" argument(s): "The specified domain either does not exist or could not be contacted.
"
At line:11 char:33
+ $adComputers = $searcher.FindAll <<<< ()
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : DotNetMethodException

This is somewhat expected as I have not provided any sort of credentials to [adsisearcher] that would tell it how to authenticate. My question is: how do I let [adsisearcher] know that I want to authenticate against a domain in which I am not a member?

© Server Fault or respective owner

Related posts about windows-server-2008

Related posts about active-directory