I should have posted this a long, long time ago…but forgot. Until I got a comment from dvdor about it.
In Active Directory, we set the “Managed By” field on all of the servers we manage to our primary, non-admin account. This makes it easy for people to find out who manages what servers. It also makes it easy to do batch upgrades/file copies/whatever to your own servers.
This script, get-servernames.ps1, has a single parameter. -username. It just returns a text list of your servers…no objects or anything. I didn’t see the need, since all I wanted was the names.
Syntax: .\get-servernames.ps1 -username tmoser
Summary: Will take in your username (samaccountname) and first search AD for it. If found, it will search AD for all computer objects that have your account in the “Managed By” field. Those are returned in a list.
Uses: Things like: .\get-servernames.ps1 -username tmoser | foreach { copy-item C:\temp\somefile.txt \\$_\c$\temp\somefile.txt }
You can use it for error log checking, copying files, running remote psexec commands…anything, really.
[source language='c#']
param($username)
$root = new-object DirectoryServices.DirectoryEntry ‘LDAP://dc=yourdomain,dc=com’
$searcher = new-object DirectoryServices.DirectorySearcher
$searcher.SearchRoot = $root
$searcher.Filter = “(samaccountname=$username)”
$results = $searcher.findOne()
if ($results -eq $null) {
write-host -fore ‘blue’ -back ‘white’ “`”$($username)`” not found”
exit(1)
}
else {
$dn = $results.GetDirectoryEntry().distinguishedname
$searcher.Filter = “(&(samaccounttype=805306369)(managedby=$($dn)))”
$servers = $searcher.FindAll()
if ($($servers.count) -gt 0) {
foreach ($server in $servers) { write-output “$($server.GetDirectoryEntry().cn)” }
}
}
[/source]
Nice, got to love Powershell.