Hello all. I have a fun little idea where I'd like to search through the domain and return the group with the earliest creation date. I'm guessing a DirectorySearcher would be in order here, except I haven't worked with Date/Time objects in LDAP queries before, and my Google searches haven't turned up much. To my mind there's 2 ways to go about this. First, I could grab all group objects in the domain and then sort by created date (which I don't know how to do and seems like would take forever). Second, I could use an LDAP filter to only grab groups that are older than a certain date (which I also don't know how to do but sounds better than option 1).
The only problem is, I'm at a loss on working with Date/Time objects in LDAP queries. The short script I have so far (which doesn't work) is:
cls
$earlydate = [string]1/1/2000
$GroupSearchFilter = "(&(objectcategory=group)(whencreated>=$earlydate)"
$GroupSearchDomain = New-Object system.DirectoryServices.DirectoryEntry("LDAP://dc=mydomain,dc=net")
$GroupSearcher = New-Object System.DirectoryServices.DirectorySearcher
$GroupSearcher.SearchRoot = $GroupSearchDomain
$GroupSearcher.PageSize = 1000
$GroupSearcher.Filter = $GroupSearchFilter
$GroupSearcher.SearchScope = "Subtree"
#SETTING THE PROPERTIES WE WANT RETURNED FOR EACH GROUP
$GroupPropertyList = "sAmAccountName","whencreated" > $null
foreach ($i in $GroupPropertyList){$GroupSearcher.PropertiesToLoad.Add($i)}
#FINDING ALL THE GROUPS THAT MEET THE $GroupSearchFilter CRITERIA
$GroupResults = $GroupSearcher.FindAll()
"Getting Domain Local Security Group search results... Please wait..."
$DisplayResults = Foreach($Result in $GroupResults){
$GroupName = $GroupResults.Properties.sanaccountname
$GroupCreateDate = $GroupResults.Properties.whencreated
}
$ResultsTable = @{n="Group Name";e={$GroupName}},`
@{n="Date Created";e={$GroupCreateDate}}
$DisplayResults | ft $ResultsTableAnd please critique away. I'm new to powershell so I take all the help I can get!
