Powershell for total beginners lesson 10 Active Directory

Active Directory, PowerShell Beginner Leassons 25/08/2014 Leave a comment

As I showed before there is a module for Active Directory, we can install it though the RSAT or add feature, initialize it using 

Import-Module ActiveDirectory

Now let’s start playing around with it, and see other alternatives in case we don’t have the module or a domain controller that runs the Active Directory Web Services service.

Using Set-Aduser cmd-let we can set user properties for example:

Set-ADUser user1 -Description "Test description"

Now let’s do the same using [ADSI] first let’s connect to the object:

$user = [ADSI]"LDAP://CN=User1,OU=OUName,DC=Domain,DC=Domain"

Now let’s change the description attribute and save it:

$user.description = "ADSI description"
$user.SetInfo()

So couple more lines and we can achieve the same goal without the module and without the server running the Active Directory Web Services service using ADSI.

For local users, or in case we don’t want to write the distinguishedName of the user we can use WinNT:// like the following:

$user = [ADSI]"WinNT://pre-Win200 domain name OR computer name/user1,user"
$user.description = "WinNT description"
$user.SetInfo()

The same goes for groups and computer objects using:

Set-ADGroup/Get-ADGroup
Set-ADComputer/Get-ADComputer

 

You already know how to user the Get-Help and Get-Member.

Get-ADDomain can provide us information about our domain.

Get-ADDomainController will provide us information about the domain controllers in our domain.

I don’ t think there is a reason to show examples of each command here, first there are lot’s of examples over the Internet second use Get-Help with -examples switch and the most important thing is I want to teach you the basics so you will be able to get what you want on your own using Get-Command, Get-Member and Get-Help.

The most important thing to take from this lesson is that you can do everything using the ADSI instead of the ActiveDirectory module in case you cannot install the module or your domain controllers don’t have or run the Active Directory Web Services service.

Tagged: , ,

Leave a comment