Discover millions of ebooks, audiobooks, and so much more with a free trial

From $11.99/month after trial. Cancel anytime.

Active Directory with PowerShell
Active Directory with PowerShell
Active Directory with PowerShell
Ebook448 pages3 hours

Active Directory with PowerShell

Rating: 4 out of 5 stars

4/5

()

Read preview

About this ebook

About This Book
  • Create and manage domains, organization units, sites, and IP subnets using PowerShell.
  • Learn advanced operations in Active directory such as promoting, demoting active directory domain controllers, recovering AD objects, and working with replication using PowerShell.
  • A complete guide that will unleash the power of automation in Active Directory environment.
Who This Book Is For

If you are looking to automate repetitive tasks in Active Directory management using the PowerShell module, then this book is for you. Any experience in PowerShell would be an added advantage.

LanguageEnglish
Release dateJan 23, 2015
ISBN9781782176008
Active Directory with PowerShell

Related to Active Directory with PowerShell

Related ebooks

Programming For You

View More

Related articles

Reviews for Active Directory with PowerShell

Rating: 4 out of 5 stars
4/5

1 rating0 reviews

What did you think?

Tap to rate

Review must be at least 10 words

    Book preview

    Active Directory with PowerShell - Uma Yellapragada

    Table of Contents

    Active Directory with PowerShell

    Credits

    About the Author

    About the Reviewers

    www.PacktPub.com

    Support files, eBooks, discount offers, and more

    Why subscribe?

    Free access for Packt account holders

    Instant updates on new Packt books

    Preface

    What this book covers

    What you need for this book

    Who this book is for

    Conventions

    Reader feedback

    Customer support

    Downloading the example code

    Errata

    Piracy

    Questions

    1. Let's Get Started

    Ways to automate Active Directory operations

    The Microsoft Active Directory module

    Installing Active Directory

    Installing the Remote Server Administration Tool kit

    Installing the Active Directory module

    Testing the functionality

    Quest Active Directory PowerShell cmdlets

    Installing Quest

    Testing the functionality

    Using the Native method of PowerShell

    Summary

    2. Managing User and Computer Objects

    Managing user accounts

    Creating user accounts

    Creating bulk user accounts

    Modifying user properties

    Updating the description of a user object

    Updating the telephone numbers of multiple users

    Enabling or disabling user accounts

    Moving user accounts to another OU

    Deleting user accounts

    Managing computer accounts

    Creating computer accounts

    Modifying computer accounts

    Setting the description for a computer account

    Moving computer accounts to a different OU

    Enabling or disabling computer accounts

    Deleting computer accounts

    Summary

    3. Working with Active Directory Groups and Memberships

    Creating different types of security groups

    Searching and modifying group object information

    Adding members to a group

    Adding user accounts to groups

    Adding computer accounts to groups

    Adding one group as a member to an other

    Listing members of a security group in Active Directory

    Removing members from an AD group

    Deleting a security group

    Summary

    4. Configuring Group Policies

    Installing the Group Policy module

    Querying Group Policies

    Creating and linking Group Policies

    Working with links, enforcements, and order of GPOs

    Working with Group Policy permissions

    Querying GPO permissions

    Modifying GPO permissions

    Updating Group Policy and generating Resultant Set of Policy

    Remotely triggering Group Policy update

    Collecting RSOP data remotely

    Removing Group Policy links and objects

    Summary

    5. Managing Domains, Organizational Units, Sites, and Subnets

    Managing domains

    Querying forest and domain details

    Querying domain controller details

    Querying flexible single-master operation role owners

    Managing Organizational Units

    Searching for OUs

    Creating OUs

    Modifying OUs

    Renaming, moving, and deleting OUs

    Managing sites and subnets

    Querying sites and subnets

    Creating and modifying sites

    Creating and modifying subnets

    Removing sites and subnets

    Summary

    6. Advanced AD Operations Using PowerShell

    Installing a new domain

    Adding additional domain controllers

    Obtaining an Active Directory replication status

    Managing Fine-Grained Password Policies

    Transferring FSMO roles

    Restoring deleted objects

    Demoting domain controllers and removing domains

    Summary

    7. Managing DFS-N and DFS-R Using PowerShell

    Installing DFS roles

    Installing the DFS-N role

    Installing the DFS-R role

    Managing DFS-N

    Querying DFS namespaces

    Querying DFS-N folders and targets

    Creating the DFS-N root and folders

    Adding and removing folder targets

    Managing DFS-R

    Querying DFS-R groups and settings

    Creating a DFS-R group

    Deleting a DFS-R group

    Summary

    8. Managing Active Directory DNS Using PowerShell

    Installing and configuring a DNS server

    Installing a DNS server

    Configuring the DNS server

    Changing the listening IP address

    Enabling or disabling recursion

    Working with root hints and forwarders

    Conditional forwarders

    Managing DNS zones

    Creating, modifying, and deleting DNS records

    Managing A records and PTR records

    Managing CNAME records

    Managing DNS Clients

    Summary

    9. Miscellaneous Scripts and Resources for Further Learning

    Checking whether a user, group, computer, or an OU exists

    Usage

    Getting membership of a user, computer, and group

    Usage

    Resetting the password for multiple user accounts

    Usage

    Bulk creation of user accounts

    Usage

    Getting the password expiry date of user accounts

    Usage

    Finding all the disabled user accounts

    Output

    Getting all domain controllers and their site names in the forest

    Usage

    Moving objects from one OU to another

    Usage

    Finding inactive computers in Active Directory

    Usage

    Creating groups in bulk

    Usage

    Exporting an AD group member's details to CSV

    Usage

    Finding empty groups in Active Directory

    Usage

    Verifying whether a user is a member of the given group or not

    Usage

    Comparing AD groups' membership

    Usage

    Resources for further learning

    PowerShell resources

    Active Directory resources

    Index

    Active Directory with PowerShell


    Active Directory with PowerShell

    Copyright © 2015 Packt Publishing

    All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

    Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.

    Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

    First published: January 2015

    Production reference: 1200115

    Published by Packt Publishing Ltd.

    Livery Place

    35 Livery Street

    Birmingham B3 2PB, UK.

    ISBN 978-1-78217-599-5

    www.packtpub.com

    Credits

    Author

    Uma Yellapragada

    Reviewers

    David Green

    Ross Stone

    Nisarg Vora

    Commissioning Editor

    Taron Pereira

    Acquisition Editor

    Sonali Vernekar

    Content Development Editor

    Prachi Bisht

    Technical Editor

    Saurabh Malhotra

    Copy Editors

    Heeral Bhatt

    Pranjali Chury

    Gladson Monteiro

    Adithi Shetty

    Project Coordinator

    Sageer Parkar

    Proofreaders

    Simran Bhogal

    Stephen Copestake

    Martin Diver

    Ameesha Green

    Paul Hindle

    Indexer

    Hemangini Bari

    Production Coordinator

    Aparna Bhagat

    Cover Work

    Aparna Bhagat

    About the Author

    Uma Yellapragada has over 11 years of experience in the IT industry. Her core experience includes management of Active Directory, Microsoft Exchange, System Center Operations Manager (SCOM), Microsoft Office Communications Server (OCS/Lync), Microsoft Digital/Information Rights Management Services (DRMS/IRM), Hyper-V, VMware, PowerShell, and VBScript.

    She also has experience working with process technologies such as ITIL, Six Sigma, and PMP.

    She is the kind of person who challenges herself on a day-to-day basis and searches for areas of improvement as part of her work. As a result of this, she developed a passion for scripting with VBScript and PowerShell.

    She blogs her activities and research at http://techyyblog.com and writes occasionally at http://techibee.com.

    About the Reviewers

    David Green is an IT professional from the south of England with a wealth of experience from both the public and private sectors. Currently working in the private sector for a leading food manufacturing company, David is always looking to provide robust and scalable solutions that contribute to business objectives. He writes on his blog about little projects and solutions he finds, helps where he can, and generally tries to learn something useful every day. This is the first of hopefully many opportunities that David will have to contribute to a book.

    More information can be found on his website: http://www.tookitaway.co.uk/.

    As always, I'd like to thank my parents and family, who managed to make me the person I am today. I'd also like to thank my marvellous and splendid friends, who are always there for me when I need them. Not forgetting the best of the business world, Business Systems and Computer Services, the giants of the public sector. Work, learn, play, and have fun. It's your intentions, attitude, and what you do with your opportunities that set you apart.

    Ross Stone (MCITP, MCSA) is a Windows system administrator with many years of experience in deploying and managing Active Directory, Windows servers, and a wide range of Microsoft technologies.

    He is currently working at the Victoria and Albert Museum in London and is responsible for managing the Active Directory and Windows infrastructure estate.

    More information can be found on his website at http://rossstone.net.

    Nisarg Vora is currently a senior at Penn State University, specializing in software design and development with a minor in security and risk analysis. He also works for Pennsylvania Department of Human Services, where he is responsible for server and database management as well as application development to manage Windows Active Directory by developing and integrating PowerShell scripts in C# applications.

    Apart from his education and work, as a part of his current research project at Penn State University, he is developing a Google Glass application for first emergency responders to help them receive all necessary information with ease in emergency situations.

    In his free time, he loves playing his favorite games online with his friends, and due to his interest in gaming as well as development, he has started developing a Unity platform-based 2D games for iOS. He currently has an online portfolio at http://nisargvora.com and plans to add a blog in the near future.

    www.PacktPub.com

    Support files, eBooks, discount offers, and more

    For support files and downloads related to your book, please visit www.PacktPub.com.

    Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at for more details.

    At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.

    https://www2.packtpub.com/books/subscription/packtlib

    Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library. Here, you can search, access, and read Packt's entire library of books.

    Why subscribe?

    Fully searchable across every book published by Packt

    Copy and paste, print, and bookmark content

    On demand and accessible via a web browser

    Free access for Packt account holders

    If you have an account with Packt at www.PacktPub.com, you can use this to access PacktLib today and view 9 entirely free books. Simply use your login credentials for immediate access.

    Instant updates on new Packt books

    Get notified! Find out when new books are published by following @PacktEnterprise on Twitter or the Packt Enterprise Facebook page.

    Preface

    This book is for IT professionals who manage the Windows Active Directory infrastructure. Professionals supporting the Active Directory infrastructure, operations teams, and help desk members will find the content of this book useful. Any experience in PowerShell would be beneficial to help you easily grasp the content. Also, beginners can use this book to learn how to manage Active Directory environment using PowerShell.

    What this book covers

    Chapter 1, Let's Get Started, gives you an overview of the components, software, and modules required to manage Active Directory with PowerShell and gets you kick-started with routine tasks for automation. It also gives you the directions you need to use this book.

    Chapter 2, Managing User and Computer Objects, helps users to perform various user and computer account administration related activities using PowerShell. By the end of this chapter, you will have a good understanding of how to manage user and computer Active Directory accounts using PowerShell and perform some of the automations based on it.

    Chapter 3, Working with Active Directory Groups and Memberships, focuses on creating, modifying, and querying various kinds of security groups in Active Directory and their memberships. This chapter delivers the skills which are necessary for managing security groups in the Active Directory environment using PowerShell.

    Chapter 4, Configuring Group Policies, helps in creating, linking, and unlinking Group Policies at various scopes; also, it is an integral part of Active Directory. By the end of this chapter, you will learn how to create GPOs, link them, enforce them, and perform several other operations using PowerShell. You will also be able to determine what policies are applied to a user and computer, remotely.

    Chapter 5, Managing Domains, Organizational Units, Sites, and Subnets, tells you how to manage domains, Organizational Units, sites, and IP subnets using PowerShell. After completing this chapter, you will know how to manage OUs, sites, and IP subnets in your Active Directory environment.

    Chapter 6, Advanced AD Operations Using PowerShell, talks about performing some of the advanced operations in Active directory such as promoting and demoting Active Directory domain controllers, the recovery of AD objects, and working with replication using PowerShell. After completing this chapter, you will know how to perform advanced AD operations, which are essential for any Active Directory administrator in a large enterprise environment.

    Chapter 7, Managing DFS-N and DFS-R Using PowerShell, demonstrates how to create, configure, and query Distributed File System Namespace (DFS-N) and Distributed File System Replication (DFS-R) using PowerShell. By the end of this chapter, you will know how to administer DFS-N and DFS-R in a complex environment with the help of PowerShell.

    Chapter 8, Managing Active Directory DNS Using PowerShell, helps you to understand how to manage AD DNS servers using PowerShell. A variety of operations such as clearing cache, creating and modifying records, working with zones, and many similar operations are covered in this chapter. By the end of this chapter, you will be able manage Active Directory DNS servers using PowerShell to create, modify, and delete records, and perform some of the advanced DNS server operations.

    Chapter 9, Miscellaneous Scripts and Resources for Further Learning, gives the information which you need about managing Active Directory using PowerShell. This will also provide references and code samples for some of the frequently performed Active Directory operations. By the end of this chapter, you will know where to look for further help.

    What you need for this book

    This book is written to demonstrate the management of Active Directory in the Windows Server 2012 R2 environment. While all code samples provided here work in the Windows Server 2012 R2 environment, some will work in Windows Server 2008 R2 and Windows Server 2012 environments as well. The system and services that are required to work on are as follows:

    PowerShell v3 or later

    Windows Server 2012 R2 with the following roles installed:

    Active Directory

    Domain Naming System (DNS) server

    Distributed File System Namespace (DFS-N)

    Distributed File System Replication (DFS-R)

    Who this book is for

    If you are looking to automate the repetitive tasks in Active Directory management using the PowerShell module, then this book is for you. Any experience in PowerShell would be an added advantage.

    Conventions

    In this book, you will find a number of styles of text that distinguish between different kinds of information. Here are some examples of these styles, and an explanation of their meaning.

    Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: The Get-ADUser command can be used to query user information. We can apply filters to narrow down the results using the -Filter and -LDAPFilter parameters.

    A block of code is set as follows:

    function Get-ADObjectsCount {

    [CmdletBinding()]

    param(

    )

    $Users = Get-ADUser -Filter *

    $Groups = Get-ADGroup -Filter *

    $Computers = Get-ADComputer -Filter *

    $DomainName = (Get-ADDomain).Name

    {0} Users, {1} Computers and {2} Groups found in {3} Domain -f $Users.Count,$Computers.Count,$Groups.Count,$DomainName

    }

    Any command-line input or output is written as follows:

    PS C:\> Get-ADObjectsCount 110 Users, 13 Computers and 83 Groups found in techibee Domain

     

     

    PS C:\>

    New terms and important words are shown in bold. Words that you see on the screen, in menus or dialog boxes, for example, appear in the text like this: add the Group Policy Management option to install this feature.

    Note

    Warnings or important notes appear in a box like this.

    Tip

    Tips and tricks appear like this.

    Reader feedback

    Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or may have disliked. Reader feedback is important for us to develop titles that you really get the most out of.

    To send us general feedback, simply send an e-mail to <[email protected]>, and mention the book title via the subject of your message.

    If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide on www.packtpub.com/authors.

    Customer support

    Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.

    Downloading the example code

    You can download the example code files for all Packt books you have purchased from your account at http://www.packtpub.com. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support and register to have the files e-mailed directly to you.

    Errata

    Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you would report this

    Enjoying the preview?
    Page 1 of 1