Business and Information Technology Tangents

PowerShell Script: Retrieving Distinguished name (DN) from A Fully Qualified Domain Name (FQDN)

Posted on February 22, 2010. Filed under: Powershell Tangents |

By: Brenton Blawat

While there are many posts that describe the code to do this function, there aren’t many posts that provide variables with meaning or actually describe the syntax. This post describes the method by which you can retrieve a Distinguished Name from a Fully Qualified Domain Name.

Quick Reference:

Fully Qualified Domain Name (FQDN): division.domain.root

Distinguished Name (DC): DC=division,DC=Domain,DC=root

Canonical Name(CN): division.domain.root/OrganizationalUnit/

If you are looking for a quick way to obtain a Distinguished Name or Fully Qualified Domain Name See this article.

Mr. Weaver’s Code

Mark A. Weaver’s post Powershell – Recursive Group Membership, he describes the methods by which you can convert to and from multiple variables. Here is how Mr. Weaver performs the conversion operation:

   1: function Convert-DNStoDN ($DNSName)

   2: {

   3:    #  Create an array of each item in the string separated by "."

   4:    $DNSArray = $DNSName.Split(".")

   5:   # Let's go through our new array and do something with each item

   6:    for ($x = 0; $x -lt $DNSArray.Length ; $x++)

   7:       {

   8:         #I don't want a comma after my last item, so check to see if I am on my last one and set

   9:         # $Separator equal to nothing.

  10:         # Remember that we need to go to Length-1 because arrays are "0 based indexes"

  11:          if ($x -eq ($DNSArray.Length - 1)){$Separator = ""}else{$Separator =","}

  12:          [string]$DN += "DC=" + $DNSArray[$x] + $Separator

  13:       }

  14:    return $DN

  15: }

My Code – Explained

While my code is almost identical to Mr. Weaver’s Code, my only criticism is not providing useful variables and describing the functions. I can state, however, Mr. Weaver’s code provided a platform for a function that I use in a large production environment. I took the liberty to optimize the code (slightly) to meet my needs (Thank you sir!).

My Function looks like: Download PS1 Here

   1: function Get-Domain {

   2:     

   3:     #Retrieve the Fully Qualified Domain Name if one is not supplied

   4:     # division.domain.root

   5:  

   6:     if ($FQDN -eq "") {

   7:         [String]$fqdn = [System.DirectoryServices.ActiveDirectory.Domain]::getcurrentdomain()

   8:     }

   9:  

  10:     # Create a New Array 'Item' for each item in between the '.' characters

  11:     # Arrayitem1 division

  12:     # Arrayitem2 domain

  13:     # Arrayitem3 root

  14:     $FQDNArray = $FQDN.split(".")

  15:     

  16:     # Add A Separator of ','

  17:     $Separator = ","

  18:  

  19:     # For Each Item in the Array

  20:     # for (CreateVar; Condition; RepeatAction)

  21:     # for ($x is now equal to 0; while $x is less than total array length; add 1 to X

  22:     for ($x = 0; $x -lt $FQDNArray.Length ; $x++)

  23:         { 

  24:  

  25:         #If it's the last item in the array don't append a ','

  26:         if ($x -eq ($FQDNArray.Length - 1)) { $Separator = "" }

  27:         

  28:         # Append to $DN DC= plus the array item with a separator after

  29:         [string]$DN += "DC=" + $FQDNArray[$x] + $Separator

  30:         

  31:         # continue to next item in the array

  32:         }

  33:     

  34:     #return the Distinguished Name

  35:     return $DN

  36: }

To use the Function to get the Distinguished Name of the Domain:

   1: # Store the distinguished name in a variable named $objCrntDN.

   2: $objCrntDN = Get-Domain

To use the function to get the Distinguished Name From a Fully Qualified Domain Name:

   1: # Store the distinguished name in a variable named $objCrntDN

   2: # Pass the Fully Qualified Domain Name with call

   3: $objCrntDN = Get-Domain division.domain.root 

Note: This function also works if you place the division.domain.root in parentheses with quotations:

Get-Domain(“division.domain.root”)

What’s Different??

While the output is basically the same, I’ve made a few changes in the code:

1. “DNSname” is technically inaccurate, while I understand what he is meaning. He is referring to is the FQDN – a point of confusion for the readers.
2. I made the passing of a FQDN (optional) – as sometimes we don’t need to determine the FQDN (outside the function) before we get the Distinguished Name.
3. I named my function ‘Get-Domain’ . DNS-DN is a very specific function. Your will see that Marc has to call three different functions to convert between each of these. I chose to make a single function, and establish what the ultimate output will be. Name the function what you are getting or creating with the function. Get-Domain –> You already know what the output will be — the Domain.
4. I removed the Else { $separator } out of the loop. In batch processing such as PowerShell, the interpreter will replace the $separator variable each time it passes through the loop for the items in the array. To make the code more efficient, I set the variable outside the loop as it only gets changed for the last array evaluation.

Make a Comment

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Not published)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

Notify me of follow-up comments via email.

3 Responses to “PowerShell Script: Retrieving Distinguished name (DN) from A Fully Qualified Domain Name (FQDN)”

Comments RSS Feed

I would agree, I should revisit my variables for this function.

During the development process, I shifted mid-stream and didn’t go back to rename them.

I didn’t write “optimized” code since the number of iterations needed to go through an FQDN is relatively small. The added overhead of assigning the $Separator variable inside the for loop is minimal, at best. You are correct, though, that moving it outside of the loop is more efficient.

I also tend to explicitly define the input variables (parameters) to my functions.

In short, a very good post and I appreciate the feedback. I will probably take your suggestion regarding the inaccurate variable names.

Thanks!
— Mark

Mark A. Weaver
February 23, 2010

Reply

Mark,
I would like to state — your post provided me a stepping stone for a xml parsing solution (article to come) which I required in my production environment. I appreciate your blog as it has a wealth of information for PowerShell scripting. I often quickly write snippets of code and don’t really pay attention to the optimization of the code. That’s why we have communities, I guess.

Also to note, My final points in the “differences section” were more picky than anything. You are absolutely correct that the processing power required for the loop would be minimal.

One last item, the Fully Qualified Domain Name of the current domain can be returned quickly by using:
[String]$FQDN = [System.DirectoryServices.ActiveDirectory.Domain]::getCurrentDomain()

As with the Distinguished Name of the current domain with:
$root = [ADSI]”
$CurrentDN = $root.DistinguishedName

When I found these out — my beautiful FQDN to DN converter was useless and I wanted to cry.

Thanks for taking the time to review and comment!!

- Brent

brentblawat
February 23, 2010

Reply

This weblog is fantastic. There is generally all of the ideal information in the tips of my fingers. Many thanks and keep up the beneficial work!

Marketta Castellano
September 11, 2011

Reply

Where's The Comment Form?