Get Exchange server via LDAP

Sometimes you want to get Exchange server objects from AD without having the need to install management tools. For those cases the option to get your objects with just a search using LDAP is your friend.

A simple filter will return all existing Exchange server:

objectCategory=msExchExchangeServer

But what when you want server with a specific role in a specific AD site?

Use LDAP to find a give AD site:

Function GetADSite {
param([string]$Name)
If (!($Name)) {
[string]$Name = ([System.DirectoryServices.ActiveDirectory.ActiveDirectorySite]::GetComputerSite()).GetDirectoryEntry().Name
}
$FilterADSite = “(&(objectclass=site)(Name=$Name))”
$RootADSite= ([ADSI]’LDAP://RootDse’).configurationNamingContext
$SearcherADSite = New-Object System.DirectoryServices.DirectorySearcher([ADSI]”LDAP://$RootADSite”)
$SearcherADSite.Filter = “$FilterADSite”
$SearcherADSite.pagesize = 1000
$ResultsADSite = $SearcherADSite.FindOne()
$ResultsADSite
}

If no name is provided it will enumerate the AD site where you are. Now use this function to build your filter:

$Filter = “(&(objectclass=msExchExchangeServer)(msExchServerSite=$((GetADSite -Name $ADSite).properties.distinguishedname)))”

This will return all Exchange server for a given AD site. As we want to find server with a specific role we need to add a criteria to the filter. The roles are stamped in the attribute

msexchcurrentserverroles

So the filter should look like this if we want to find Exchange 2010 server with only CAS role installed:

$Filter = “(&(objectclass=msExchExchangeServer)(msExchServerSite=$((GetADSite -Name $ADSite).properties.distinguishedname))(|(msexchcurrentserverroles=4)))”

Now you have to put everything into a function, which accepts the numbers of possible roles and a string for an AD site:

Function GetExchServer {
#http://technet.microsoft.com/en-us/library/bb123496(v=exchg.80).aspx on the bottom there is a list of values
param([array]$Roles,[string]$ADSite)
Process {
$valid = @(“2″,”4″,”16″,”20″,”32″,”36″,”38″,”54″,”64″,”16385″,”16439”)
ForEach ($Role in $Roles){
If (!($valid -contains $Role)) {
Write-Output -fore red “Please use the following numbers: MBX=2,CAS=4,UM=16,HT=32,Edge=64 multirole servers:CAS/HT=36,CAS/MBX/HT=38,CAS/UM=20,E2k13 MBX=54,E2K13 CAS=16385,E2k13 CAS/MBX=16439”
Break
}
}
Function GetADSite {
param([string]$Name)
If (!($Name)) {
[string]$Name = ([System.DirectoryServices.ActiveDirectory.ActiveDirectorySite]::GetComputerSite()).GetDirectoryEntry().Name
}
$FilterADSite = “(&(objectclass=site)(Name=$Name))”
$RootADSite= ([ADSI]’LDAP://RootDse’).configurationNamingContext
$SearcherADSite = New-Object System.DirectoryServices.DirectorySearcher([ADSI]”LDAP://$RootADSite”)
$SearcherADSite.Filter = “$FilterADSite”
$SearcherADSite.pagesize = 1000
$ResultsADSite = $SearcherADSite.FindOne()
$ResultsADSite
}
$Filter = “(&(objectclass=msExchExchangeServer)(msExchServerSite=$((GetADSite -Name $ADSite).properties.distinguishedname))(|”
ForEach ($Role in $Roles){
$Filter += “(msexchcurrentserverroles=$Role)”
}
$Filter += “))”
$Root= ([ADSI]’LDAP://RootDse’).configurationNamingContext
$Searcher = New-Object System.DirectoryServices.DirectorySearcher([ADSI]”LDAP://$Root”)
$Searcher.Filter = “$Filter”
$Searcher.pagesize = 1000
$Results = $Searcher.FindAll()
$Results
}
}

As I’m not limiting the search to a specific msExchVersion you can use this function to find Exchange 2007/2010/2013 server based on role and AD site.

Have fun searching!

Advertisements

5 thoughts on “Get Exchange server via LDAP

  1. Pingback: Troubleshooting Exchange with LogParser:IIS logs #1 | The clueless guy

  2. Pingback: Troubleshooting Exchange with LogParser:RCA logs | The clueless guy

  3. Pingback: Troubleshooting Exchange with LogParser: HttpProxy logs | The clueless guy

  4. Where to apply above code to find all Exchange server ip address with Filter “(&(objectClass=msExchExchangeServer))” ?. can you help me to find IP address.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s