PowerShell module to interact with Active Directory using ADSI and the System.DirectoryServices namespace (.NET Framework)

The initial motivation for this module was to improve my knowledge on how to interact with Active Directory without the Microsoft Active Directory module or the Quest Active Directory Snapin. The other elements that I wanted to work on were being able to use alternative Credentials and to specify a different Domain.

Obviously I'm still learning and there is ton of space for improvements... Would love contributors, suggestions, feedback or any other help.

• Contributing
• Installation
• Download from PowerShell Gallery
• Download from GitHub repository
• Use Cases
• More Information
• Notes

Contributions are welcome via pull requests and issues. Please see our contributing guide for more details

Only from PowerShell version 5

Install-Module -name ADSIPS

1. Download the repository
2. Unblock the zip file
3. Extract the folder to a module path (e.g. $home\Documents\WindowsPowerShell\Modules)
4. Run build.ps1 (exists in project root).
   • NOTE: If you get an error after running build.ps1 - please use build.ps1 -InstallDependencies
5. build.ps1 creates a folder called ~\buildoutput\AdsiPs in the directory which AdsiPs was saved to
6. Inside of \buildoutput\AdsiPs there is a file called AdsiPs.psm1
7. Run Import-Module -Path "C:\Path\To\buildoutput\AdsiPs\AdsiPs.psm1" to import the AdsiPs module

1. Learning Active Directory: We can't see the code behind the Microsoft ActiveDirectory Module and Quest ActiveDirectory Snapin. This module is a great way to explore and learn on how Active Directory is working,
2. Delegation: Active Directory queries need to be performed by a tool (GUI for example) and you don't want it to load AD module. Additionally you don't know who will use the tool and if they have/can/know how to install the module,
3. Performance: ADSI is way faster,
4. Restricted environment: Sometime ActiveDirectory Module is not available/ or can't install it on a machine.

• MSDN is a great resource if you want to find more information on the NET classes to use. See System.DirectoryServices

• Thanks to our Contributors!!
  • @LazyWinAdmin
  • @MickyBalladelli
  • @christophekumor
  • @omiossec
  • @oze4
  • @andrewtchilds
  • @NicolasBn
  • @gerane

Interesting projects using different approaches to reach out to Active Directory in PowerShell/c#

• ADAudit by @darkoperator
• ADSI on powershell.com by @TobiasPSP by Tobias Weltner
• ADRecon from @sense-of-security
• PowerView from @PowerShellMafia team
• Invoke-Kerberoast from @EmpireProject team
• PSAD by @zloeber
• Test-ActiveDirectory by @markwragg
• AdEnumerator(LDAP) by @chango77747
• Grant-ADPermission by @edemilliere