ActiveDs COM not visible in PowerShell

Question

I hear that COM type libraries are supposed to be automatically accessible in PowerShell with no explicit load. So why doesn't ActiveDs work?

PS > new-object -com ActiveDs.LargeInteger
New-Object : Cannot load COM type ActiveDs.LargeInteger.
At line:1 char:11
+ new-object <<<<  -com ActiveDs.LargeInteger
    + CategoryInfo          : InvalidType: (:) [New-Object], PSArgumentException
    + FullyQualifiedErrorId : CannotLoadComObjectType,Microsoft.PowerShell.Commands.NewObjectCommand

This is a follow-up to Use PowerShell to wrap an existing COM object which asks a related but different question.

Answer 1

Can't you explore using the DirectoryEntry as there is virtually nothing that can be accomplished via ActiveDS that cannot be accomplished using DirectoryEntry.

Object creation

#$dn = [adsi] "LDAP://192.168.30.200:389/dc=dom,dc=fr"
$dn = New-Object System.DirectoryServices.DirectoryEntry ("LDAP://192.168.234.200:389/dc=dom,dc=fr","administrateur@dom.fr","admin")

# OU creation
$Monou = $dn.create("OrganizationalUnit", "ou=Monou")
$Monou.put("Description", "Une description")
$Res = $Monou.Setinfo()

# User creation
$objUtilisateur = $Monou.create("inetOrgPerson", "cn=Marc Assin")
$objUtilisateur.setinfo()

Object search

#$dn = [adsi] "LDAP://192.168.30.200:389/dc=dom,dc=fr"
$dn = New-Object System.DirectoryServices.DirectoryEntry ("LDAP://192.168.234.200:389/dc=dom,dc=fr","administrateur@dom.fr","admin")

# Recherche d'un utilisateur
$Rech = new-object System.DirectoryServices.DirectorySearcher($dn)
$Rech.filter = "((userPrincipalName=phocquet@dom.fr))"
$Rech.SearchScope = "subtree"
$Rech.PropertiesToLoad.Add("distinguishedName");
$Rech.PropertiesToLoad.Add("sAMAccountName");  
$Rech.PropertiesToLoad.Add("lastLogon");  
$Rech.PropertiesToLoad.Add("telephoneNumber");
$Rech.PropertiesToLoad.Add("memberOf");
$Rech.PropertiesToLoad.Add("distinguishedname");
$Rech.PropertiesToLoad.Add("otherHomePhone"); # téléphone domicile autre

$liste = $Rech.FindOne()
#$liste = $Rech.findall()

---

Edited :

The datas ('lockoutDuration', 'forceLogoff', 'lockOutObservationWindow', 'maxPwdAge', 'minPwdAge) you are looking for are in fact attributes of the domain object itself.

# Here is the way to retreive the domain object
$dn = New-Object System.DirectoryServices.DirectoryEntry ("LDAP://DomainDnsNameOrIP:389/DC=SILOGIX,DC=fr","toto@SILOGIX.FR","totoPwd")

Now if you look at the result of $dn | fl * most of the attributes can be retreived writting $dn.Properties.PROPERTYNAMEHERE[0] -> $dn.Properties.minPwdLength[0]. But some of then will give you the result : System.__ComObject. For these last ones the method I use the following :

$dsLookFor = new-object System.DirectoryServices.DirectorySearcher($dn)
$dsLookFor.SearchScope = "base"; 
$n = $dsLookFor.PropertiesToLoad.Add("modifiedcount");
$n = $dsLookFor.PropertiesToLoad.Add("lockOutObservationWindow");
$n = $dsLookFor.PropertiesToLoad.Add("maxPwdAge");
$n = $dsLookFor.PropertiesToLoad.Add("minPwdAge");
$res = $dsLookFor.FindOne()
$res.Properties.lockoutobservationwindow[0]
# An attribute may be multivalued so $res.Properties.lockoutobservationwindow should be a collection
$a = $res.Properties.lockoutobservationwindow[0]
# Retrive the duration (you'll use datetime structure for dates)
[timespan]([math]::Abs($a))