List all you OUs with Windows Powershell

Was asked how to do this today, and here you go ……


$search = [System.DirectoryServices.DirectorySearcher]([adsi]””)
$search.Filter = “(objectClass=organizationalUnit)”
$search.Findall() | ForEach{$_.properties.distinguishedname}


This will list all the DN’s of the OUs in your AD

Now if you want to get clever, the resulting data lists the path, and then a set of properties:

Name
—-
objectclass
usncreated
name
objectguid
whencreated
whenchanged
distinguishedname
ou
objectcategory
instancetype
usnchanged
adspath

So this was a tweak to my earlier script to find out if an OU had “Include inheritable permissions from this objects parent” checked. So it looks like this now:


Function Get-Ou ($xOU){
    Write-Host $xOU.properties.distinguishedname -Foregroundcolor Red -NoNewLine
    Write-Host ” : ” -NoNewLine
    $yOU = $xOU.Path
    $yOUPath = $yOU.ToString()
    $zOU = [ADSI]”$yOUPath”
    $zOU.psbase.ObjectSecurity.AreAccessRulesProtected
}

$search = [System.DirectoryServices.DirectorySearcher]([adsi]””)
$search.Filter = “(objectClass=organizationalUnit)”
$ALLOUs = $search.Findall()
ForEach($xOu in $ALLOUs){Get-OU $xOU}


Enjoy

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: