I have a list of user names given to me, that I need to query Active directory to see the following:
- Account is a valid account in domain x, y or z
- Account has the property altsecurityidenties (pki certs mapped)
- Account has the property userPrincipalName (user logon)
Now I have this script to check for onesy and twosy accounts. But I need to be able to modify this to go through a list of 100 user names or more.
$user = "username"
$rootdomain = [adsi] "LDAP://domainCN"
$searcher = New-Object DirectoryServices.DirectorySearcher $rootdomain
$searcher.Filter = "(samaccountname=$user)"
$result = $searcher.findOne().getdirectoryentry()
$result.altsecurityidenties (if the user had pki certificates it will display. if not then it wont)
$result.userPrincipalName
--------------------------------------------------------
Any help will be much appreciated
pfcjt@hotmail.com