Hello,
As jiambor mentioned, the LDAP name of the attribute is sn. In scripts, you need to use LDAP names for attributes, not the names under which attributes appear in Adaxes. Thus, a correct version of the script would be:
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")
# Connect to the Adaxes service
$admNS = New-Object("Softerra.Adaxes.Adsi.AdmNamespace")
$admService = $admNS.GetServiceDirectly("localhost")
# Bind to user
$userDN = "CN=John Smith,OU=Users,DC=contoso,DC=com"
$user = $admService.OpenObject("Adaxes://$userDN", $NULL, $NULL, 0)
try
{
$surname = $user.Get("sn")
}
catch
{
# What to do if the attribute is empty
}
If you are trying to run the script as a part of a Business Rule, Custom Command or Scheduled Task, the script can be simplified by removing unnecessary calls:
# Bind to user
$user = $Context.BindToObjectByDN("CN=John Smith,OU=Users,DC=contoso,DC=com")
try
{
$surname = $user.Get("sn")
}
catch
{
# What to do if the attribute is empty
}
If the user whose surname you are trying to get is the target object of the operation, this can be made even easier:
try
{
$surname = $Context.TargetObject.Get("sn")
}
catch
{
# What to do if the attribute is empty
}