magritton
12/22/2015 - 2:53 PM

This lists all of the SPN in active directory for a specific computer. Change the search criteria for a different computer or even user name

This lists all of the SPN in active directory for a specific computer. Change the search criteria for a different computer or even user name to get all of the SPNsassigned to that computer or user.

####To filter for OU

add ?{ $_.path -like '*OU=whatever,DC=whatever,DC=whatever*' }

cls

$search = New-Object DirectoryServices.DirectorySearcher([ADSI]“”)

$search.filter = “(servicePrincipalName=*)”

$results = $search.Findall() | ?{ $_.path -like '*OU=whatever,DC=whatever,DC=whatever*' }

$results

#list results

foreach($result in $results)

{

      $userEntry = $result.GetDirectoryEntry()

      Write-host "Object Name = " $userEntry.name -backgroundcolor "yellow" -foregroundcolor "black"

      Write-host "DN      =      "  $userEntry.distinguishedName

      Write-host "Object Cat. = "  $userEntry.objectCategory

      Write-host "servicePrincipalNames"

      $i=1

      foreach($SPN in $userEntry.servicePrincipalName)

      {

          Write-host "SPN(" $i ")   =      " $SPN       $i+=1

      }

      Write-host ""

}
#Set Search
cls
$search = New-Object DirectoryServices.DirectorySearcher([ADSI]“”)
$search.filter = "(&(servicePrincipalName=*)(Name=OPWSQL03))"
$results = $search.Findall()

 

#list results
foreach($result in $results)
{
       $userEntry = $result.GetDirectoryEntry()
       Write-host "Object Name = " $userEntry.name -backgroundcolor "yellow" -foregroundcolor "black"
       Write-host "DN      =      "  $userEntry.distinguishedName
       Write-host "Object Cat. = "  $userEntry.objectCategory
       Write-host "servicePrincipalNames"
       $i=1
       foreach($SPN in $userEntry.servicePrincipalName)
       {
           Write-host "SPN(" $i ")   =      " $SPN       $i+=1
       }
       Write-host ""

}