some background, i have written an app that allows users to create exchange contacts and add them to DL’s, all going well except i didnt click 99% of users wont have the AD CMDLETs
for speed i used get-adgroup to return the objects, then determine which of those were DG’s by filtering on anything that contained the “@” within the mail attribute
$DLList = get-adgroup -Filter { name -like "Hs2*" } -Properties mail | select Name, Mail
$DLList = $DLList | where { $_.mail -like "*@*" } | select name -ExpandProperty name| Sort-Object
Update-ComboBox $combobox1 $DLList
some searching later and i cant find how to accomplish this without the AD module
as an extra i just want the Name of the group to come out rather than an ldap path
With JEA or New-PSSessionConfiguration, you can create a constrained end points and same can be used in your application. You will create an endpoint by giving permission to a DL or multiple users and the app can connect to the server using PowerShell remoting targeting the new custom PowerShell end point.
You do not need to install the ADDS cmdlets on any machine. You can proxy any cmdlet from any server role to a host using Implicit PSRemoting. The cmdlet are only active during the session and removed when the session is closed.
However, as noted by others, JEA allow you to limit only the cmdlets needed to do the job, vs all of them via implicit remoting. Well, that are use the ADSI option pointed to, though not as convenient as the native cmdlets, they still work.