How can I update LDAP attributes on the "ds_computer" class through WMI using PowerShell

Question

How can I update LDAP attributes on the "ds_computer" class through WMI using PowerShell

I am unable to update an instance of the ds_computer WMI class within the root\directory\ldap namespace using PowerShell.

However I am able to update the same instance using C#. Here is my working C# code:

        string computerName = Environment.GetEnvironmentVariable("ComputerName");

        var connectionOptions = new ConnectionOptions();
        connectionOptions.Impersonation = ImpersonationLevel.Impersonate;
        connectionOptions.Authentication = AuthenticationLevel.PacketPrivacy;
        connectionOptions.EnablePrivileges = true;
        connectionOptions.Timeout = new TimeSpan(0, 0, 0, 5, 0);

        var managementScope = new ManagementScope();
        managementScope.Path.Server = computerName;
        managementScope.Path.NamespacePath = @"\ROOT\directory\LDAP";
        managementScope.Options = connectionOptions;
        managementScope.Options.Context.Add("__ProviderArchitecture", 64);
        managementScope.Connect();

        var context = new ManagementNamedValueCollection();
        context.Add("__PUT_EXT_PROPERTIES", new string[] {"DS_displayName"});
        context.Add("__PUT_EXTENSIONS", true);
        context.Add("__PUT_EXT_CLIENT_REQUEST", true);

        var putOptions = new PutOptions();
        putOptions.Context = context;
        putOptions.UseAmendedQualifiers = false;
        putOptions.Type = PutType.UpdateOnly;

        string commandText = string.Format("SELECT * FROM ds_computer WHERE DS_name='{0}'", computerName);
        var managementObjectSearcher = new ManagementObjectSearcher(managementScope, new ObjectQuery(commandText));
        var managementObjectCollection = managementObjectSearcher.Get();
        var managementObject = managementObjectCollection.Cast<ManagementObject>().FirstOrDefault();
        managementObject.SetPropertyValue("DS_displayName", "cs-test");

        managementObject.Put(putOptions);

Translating this code to PowerShell yields the following result:

PS > $computerName = $env:COMPUTERNAME

PS > $connectionOptions = [System.Management.ConnectionOptions]::New()
PS > $connectionOptions.Impersonation = [System.Management.ImpersonationLevel]::Impersonate
PS > $connectionOptions.Authentication = [System.Management.AuthenticationLevel]::PacketPrivacy
PS > $connectionOptions.EnablePrivileges = $true
PS > $connectionOptions.Timeout = [System.TimeSpan]::New(0, 0, 0, 5, 0)

PS > $managementScope = [System.Management.ManagementScope]::New()
PS > $managementScope.Path.Server = $computerName
PS > $managementScope.Path.NamespacePath = "\ROOT\directory\LDAP"
PS > $managementScope.Options = $connectionOptions
PS > $managementScope.Options.Context.Add("__ProviderArchitecture", 64)
PS > $managementScope.Connect()

PS > $context = [System.Management.ManagementNamedValueCollection]::New()
PS > $context.Add("__PUT_EXT_PROPERTIES", @("DS_displayName"))
PS > $context.Add("__PUT_EXTENSIONS", $true)
PS > $context.Add("__PUT_EXT_CLIENT_REQUEST", $true)

PS > $putOptions = [System.Management.PutOptions]::New()
PS > $putOptions.Context = $context
PS > $putOptions.UseAmendedQualifiers = $false
PS > $putOptions.Type = [System.Management.PutType]::UpdateOnly

PS > $commandText = "SELECT * FROM ds_computer WHERE DS_name='$computerName'"
PS > $managementObjectSearcher = [System.Management.ManagementObjectSearcher]::New($managementScope, [System.Management.ObjectQuery]::New($commandText))
PS > $managementObjectCollection = $managementObjectSearcher.Get()
PS > $managementObject = [Linq.Enumerable]::FirstOrDefault([System.Management.ManagementObject[]]$managementObjectCollection)
PS > $managementObject.SetPropertyValue("DS_displayName", "ps-test")

PS > $managementObject.Put($putOptions)
Exception calling "Put" with "1" argument(s): "Value cannot be null.
Parameter name: pUnk"
At line:1 char:1
+ $managementObject.Put($putOptions)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : DotNetMethodException

Of course I would rather be able to simply use the provided cmdlets Get-WmiObject/Set-WmiInstance, but unfortunately this also fails with the following result:

PS > $managementObject = Get-WmiObject -Namespace "root\directory\ldap" -Class "ds_computer" -Authentication PacketPrivacy -Impersonation Impersonate -EnableAllPrivileges -Filter "DS_name='$env:COMPUTERNAME'"
PS > Set-WmiInstance -InputObject $managementObject -PutType UpdateOnly -Arguments @{DS_displayName="cmdlet1-test"}
Set-WmiInstance : Generic failure
At line:1 char:1
+ Set-WmiInstance -InputObject $x -PutType UpdateOnly
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [Set-WmiInstance], ManagementException
    + FullyQualifiedErrorId : SetWMIManagementException,Microsoft.PowerShell.Commands.SetWmiInstance

I also tried using the Get-CimInstance/Set-CimInstance cmdlets and got the same incredibly helpful "Generic Failure" message:

PS > $cimInstance = Get-CimInstance -Namespace "ROOT\directory\LDAP" -ClassName "ds_computer" -Filter "DS_name='$env:COMPUTERNAME'"
PS > Set-CimInstance -InputObject $cimInstance -Property @{DS_displayName="cmdlet2-test"}
Set-CimInstance : Generic failure
At line:1 char:1
+ Set-CimInstance -InputObject $x -Property @{DS_displayName="cmdlet2-test"} -P ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (ds_computer (AD...tyDomainPCG...):CimInstance) [Set-CimInstance], CimException
    + FullyQualifiedErrorId : HRESULT 0x80041001,Microsoft.Management.Infrastructure.CimCmdlets.SetCimInstanceCommand

c#

.net

powershell

ldap

wmi

asked on Stack Overflow Jan 3, 2019 by

jmjohnson85 • edited Jan 3, 2019 by

jmjohnson85

1 Answer

I figured it out. The problem was with the array syntax that I was storing in $context["__PUT_EXT_PROPERTIES"]

This doesn't work:

$context.Add("__PUT_EXT_PROPERTIES", @("DS_displayName"))

While this works:

$context.Add("__PUT_EXT_PROPERTIES", [string[]]("DS_displayName"))

So, here is a fully working example for anyone else who may be struggling with this:

$context = [System.Management.ManagementNamedValueCollection]::New()
$context.Add("__PUT_EXT_PROPERTIES", [string[]]("DS_displayName"))
$context.Add("__PUT_EXTENSIONS", $true)
$context.Add("__PUT_EXT_CLIENT_REQUEST", $true)

$putOptions = [System.Management.PutOptions]::New()
$putOptions.Context = $context
$putOptions.UseAmendedQualifiers = $false
$putOptions.Type = [System.Management.PutType]::UpdateOnly

$managementObject = Get-WmiObject -Namespace "root\directory\ldap" -Class "ds_computer" -Filter "DS_name='$env:COMPUTERNAME'"
$managementObject.DS_displayName = "cmdlet-test"
$managementObject.Put($putOptions)

answered on Stack Overflow Jan 3, 2019 by

jmjohnson85

User contributions licensed under CC BY-SA 3.0