src/Private/Get-AdRootDsePath.ps1
|
function Get-AdRootDsePath { <# .SYNOPSIS Builds the ADSI binding path for the RootDSE of the current (or a named) server. .DESCRIPTION RootDSE is a special phantom object - the only object that carries the constructed `defaultNamingContext` attribute. It is reachable ONLY via the literal path 'LDAP://RootDSE' (serverless) or 'LDAP://<server>/RootDSE' (explicit server). Binding 'LDAP://<server>' on its own resolves to the default naming-context head (the domain object), which does NOT expose `defaultNamingContext` - so the '/RootDSE' suffix is required whenever a server is named, e.g. in forest mode where each domain is bound by its DNS name. Pure string construction, factored out so the binding path can be unit-tested without a live directory. .OUTPUTS [string] the ADSI RootDSE path, e.g. 'LDAP://RootDSE' or 'LDAP://na.contoso.com/RootDSE'. #> [CmdletBinding()] param( [string] $Server ) if ($Server) { return "LDAP://$Server/RootDSE" } return 'LDAP://RootDSE' } |