I'm trying to do some kind of AD sync using USNChanged and retrieve all of the objects using the USNChanged property, but the entire process sounds a bit cryptic to me.
I have a PowerShell code that basically does what I need, but I was wondering you if anyone can help me convert it into a C# code. I would appreciate the help.
PS Code:
$highestCommittedUSN = (Get-ADRootDSE -server $preferredDC -properties * | select-object -property highestCommittedUSN).highestCommittedUSN
$lowUSN = 0
$highUSN = 0
for ($i=1000; $i -le $highestCommittedUSN ; $i=$i+10000 ) {
[system.gc]::Collect()
$error.clear()
$highUSN=$i
write-host "(&(usnChanged>=$lowUSN)(usnChanged<$highUSN))"
$adObjects = (Get-ADObject -LDAPFilter "(&(usnChanged>=$lowUSN)(usnChanged<=$highUSN))" -Server $preferredDC -Properties * -IncludeDeletedObjects)
($adObjects).count
if ($error.count -lt 0) {
for ($j=$lowUSN; $j -le 490767138; $j=$j+1 ) {
">>> " + $j
$adObjects = Get-ADObject -LDAPFilter "(usnChanged=$j)" -Server "DCName" -Properties * -IncludeDeletedObjects
$adObjects | ConvertTo-Json | Out-File -FilePath ff.json -Append
if ($error.count -ge 1) {
"There is problem with this USN " + $j + " on " + $preferredDC | Out-File -FilePath badUSN.txt -Append
$adObjects.distinguishedName
}
$adObjects.distinguishedName
}
}
$lowUSN=$highUSN
$adObjects.distinguishedName
$adObjects = $null
$error.clear()
}
I did found a similar question here : How to read "uSNChanged" property using C# , but I'm not sure if I can use that answer.
