Home > Uncategorized > An “introduction” to Powershell

An “introduction” to Powershell

If, like me, you are used to command completion, intellisense, and hacking your way through things, it might be wise to learn some powershell ninja-moves as your first step.

In this example, I will be performing some simple local user object administration; SCRUDing a local user in a local user group.

Create an object that contains an instance we need:
I looked up how to interface to a local system, not AD, for user administration, and sure enough, ADSI is the way.

Here we’ll create $lhost_group which contains some ADSI object parameter, and bind it to the ADSI path specified:

[ADSI]$lhost_group="WinNT://" + $env:computername + "/Administrators,group"

$lhost_group is cast as an ADSI object, and [ADSI] is what the PowerShell dudes/dudettes call a “type accelerator” (basically a shorter version of a type declaration for a .NET framework class).

What methods, properties, and other fun things are available for the object?

There are a few things you can do to obtain the full list of stuff revealed by an object:
1) use get-member:

$lhost_group | get-member

   TypeName: System.DirectoryServices.DirectoryEntry

Name                        MemberType Definition
----                        ---------- ----------
ConvertDNWithBinaryToString CodeMethod static string ConvertDNWithBinaryToString(psobject deInstance, psobject dnWit...
ConvertLargeIntegerToInt64  CodeMethod static long ConvertLargeIntegerToInt64(psobject deInstance, psobject largeInt...
Description                 Property   System.DirectoryServices.PropertyValueCollection Description {get;set;}
groupType                   Property   System.DirectoryServices.PropertyValueCollection groupType {get;set;}
Name                        Property   System.DirectoryServices.PropertyValueCollection Name {get;set;}
objectSid                   Property   System.DirectoryServices.PropertyValueCollection objectSid {get;set;}

This will also reveal the typename, which is System.DirectoryServices.DirectoryEntry.
I’d like to reference online documentation, etc, to understand specifics about methods and properties, so learning the type of object that’s been declared is valuable.

2) use select-object:

$lhost_group | select-object *

groupType          : {4}
Name               : {Administrators}
Description        : {Administrators have complete and unrestricted access to the computer/domain}
objectSid          : {1 2 0 0 0 0 0 5 32 0 0 0 32 2 0 0}
AuthenticationType : Secure
Children           : {}
Guid               : {D9C1AAD0-1E71-11CF-B1F3-02608C9E7553}
ObjectSecurity     :
NativeGuid         : {D9C1AAD0-1E71-11CF-B1F3-02608C9E7553}
NativeObject       : System.__ComObject
Parent             : WinNT://DCM/.
Password           :
Path               : WinNT://" + $env:computername + "/Administrators,group
Properties         : {groupType, Name, Description, objectSid}
SchemaClassName    : Group
SchemaEntry        : System.DirectoryServices.DirectoryEntry
UsePropertyCache   : True
Username           :
Options            :
Site               :
Container          :

3) But wait… there’s more! Utilize .psbase for additional lists:

$lhost_group.psbase | get-member

   TypeName: System.Management.Automation.PSMemberSet

Name                      MemberType Definition
----                      ---------- ----------
Disposed                  Event      System.EventHandler Disposed(System.Object, System.EventArgs)
Close                     Method     System.Void Close()
CommitChanges             Method     System.Void CommitChanges()
CopyTo                    Method     adsi CopyTo(adsi newParent), adsi CopyTo(adsi newParent, string newName)
CreateObjRef              Method     System.Runtime.Remoting.ObjRef CreateObjRef(type requestedType)
DeleteTree                Method     System.Void DeleteTree()
Dispose                   Method     System.Void Dispose()
Equals                    Method     bool Equals(System.Object obj)
GetHashCode               Method     int GetHashCode()
GetLifetimeService        Method     System.Object GetLifetimeService()
GetType                   Method     type GetType()
InitializeLifetimeService Method     System.Object InitializeLifetimeService()
Invoke                    Method     System.Object Invoke(string methodName, Params System.Object[] args)
InvokeGet                 Method     System.Object InvokeGet(string propertyName)
InvokeSet                 Method     System.Void InvokeSet(string propertyName, Params System.Object[] args)
MoveTo                    Method     System.Void MoveTo(adsi newParent), System.Void MoveTo(adsi newParent, string n...
RefreshCache              Method     System.Void RefreshCache(), System.Void RefreshCache(string[] propertyNames)
Rename                    Method     System.Void Rename(string newName)
ToString                  Method     string ToString()
AuthenticationType        Property   System.DirectoryServices.AuthenticationTypes AuthenticationType {get;set;}
Children                  Property   System.DirectoryServices.DirectoryEntries Children {get;}
Container                 Property   System.ComponentModel.IContainer Container {get;}
Guid                      Property   System.Guid Guid {get;}
Name                      Property   System.String Name {get;}
NativeGuid                Property   System.String NativeGuid {get;}
NativeObject              Property   System.Object NativeObject {get;}
ObjectSecurity            Property   System.DirectoryServices.ActiveDirectorySecurity ObjectSecurity {get;set;}
Options                   Property   System.DirectoryServices.DirectoryEntryConfiguration Options {get;}
Parent                    Property   System.DirectoryServices.DirectoryEntry Parent {get;}
Password                  Property   System.String Password {set;}
Path                      Property   System.String Path {get;set;}
Properties                Property   System.DirectoryServices.PropertyCollection Properties {get;}
SchemaClassName           Property   System.String SchemaClassName {get;}
SchemaEntry               Property   System.DirectoryServices.DirectoryEntry SchemaEntry {get;}
Site                      Property   System.ComponentModel.ISite Site {get;set;}
UsePropertyCache          Property   System.Boolean UsePropertyCache {get;set;}
Username                  Property   System.String Username {get;set;}

$lhost_group.psbase | select-object *

AuthenticationType : Secure
Children           : {}
Guid               : d9c1aad0-1e71-11cf-b1f3-02608c9e7553
ObjectSecurity     :
Name               : Administrators
NativeGuid         : {D9C1AAD0-1E71-11CF-B1F3-02608C9E7553}
NativeObject       : System.__ComObject
Parent             : System.DirectoryServices.DirectoryEntry
Password           :
Path               : WinNT://" + $env:computername + "/Administrators,group
Properties         : {groupType, Name, Description, objectSid}
SchemaClassName    : Group
SchemaEntry        : System.DirectoryServices.DirectoryEntry
UsePropertyCache   : True
Username           :
Options            :
Site               :
Container          :

As defined: “PSBase lets you get at the ‘raw’ object behind the object PowerShell exposes by default; in other words, PSBase lets you get at all the properties and methods of the object.”

Invoke()… hmmm…

In case you missed it above, there is an $lhost_group.psbase.Invoke() method available (it is also revealed directly in the $lhost_group namespace, as are all other $lhost_group.pbase namespace members).

Referring to the above, we now know that Invoke is defined as: System.Object Invoke(string methodName, Params System.Object[] args)

But, this doesn’t tell us which methods are available for us to Invoke!

So, how does one do this? Mike Pfeiffer is telling us that we can not use any commands to obtain the list of available methods from an ADSI object.

For instance, from researching my goal “query a list of all users in a local group” I came across the method:

@($lhost_group.psbase.Invoke("Members")) | foreach-object {$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)}

which works, and reveals Members() as a invocable method of a System.DirectoryServices.DirectoryEntry, but not really…
Members() isn’t listed on the Methods page of System.DirectoryServices.DirectoryEntry.

After some research, I was able to locate the ADSI interface documentation, and was able to find the Members method of the IADsGroup interface. It appears to be the only method not requiring input.

There are a few more available.

What is ADSI and WinNT:// anyway?
ADSI is the Active Directory Services Interface. It has several service providers for which WinNT is one, LDAP another (and used for interfacing with Active Directory).

So, what about the other methods to Invoke()?
I tried a variety of fu, and found no way to enumerate methods revealed within an ADSI interface. This doesn’t mean it can’t be done, but I’ll sleep on it and see if I can figure it out tomorrow.


  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: