Demonstrates AD group enumeration with LDAP in PowerShell Core. Uses the Novell.Directory.LDAP.VQ DotNet Standard 2.0 library

AD group enumeration with LDAP in PowerShell Core.ps1

#Demonstrates listing an Active Directory group membership with PowerShell Core

using namespace Novell.Directory.LDAP.VQ

#region environment-specific config
$DCname = 'DomainControllerName'

# Don't store user credentials in your powerShell scripts!!
# This is just here to demonstrate POC.
$ldapUser = 'CN=powershell-ldap,CN=Users,DC=Corporate,DC=Contoso,DC=com'
$ldapPW = ''

$searchbase = 'DC=Corporate,DC=Contoso,DC=com'
$searchScope = 2
$filter = '(memberOf=CN=GroupName,OU=Servers,DC=Corporate,DC=Contoso,DC=com)'

#endregion

#region install LDAP nuget package and add assembly
$LDAPpackageName = "Novell.Directory.LDAP.VQ"
Install-Package $LDAPpackageName
$source = Get-Package -Name $LDAPpackageName | Select-Object -ExpandProperty Source
$directory = Get-Item $source | Select-Object Directory
$lib = Get-ChildItem $directory.Directory -Recurse -Filter "*.dll"
Add-Type -Path $lib.FullName
#endregion

#region connect and make query
$LDAPConnection = New-Object -TypeName LdapConnection
$LDAPConnection.Connect($DCname,389)
$LDAPconnection.Bind($ldapUser,$ldapPW)
$members = $LDAPconnection.Search($searchbase,$searchScope,$filter,$null,$false)
#endregion

#region display group members
while ($members.hasMore()){
    try{
        $nextEntry = $members.next()
    }catch{
        continue
    }
    Write-Output $nextEntry.DN
}
#endregion

$LDAPconnection.Disconnect()