Active Directory with PowerShell
4/5
()
About this ebook
- Create and manage domains, organization units, sites, and IP subnets using PowerShell.
- Learn advanced operations in Active directory such as promoting, demoting active directory domain controllers, recovering AD objects, and working with replication using PowerShell.
- A complete guide that will unleash the power of automation in Active Directory environment.
If you are looking to automate repetitive tasks in Active Directory management using the PowerShell module, then this book is for you. Any experience in PowerShell would be an added advantage.
Related to Active Directory with PowerShell
Related ebooks
Getting Started with PowerShell Rating: 0 out of 5 stars0 ratingsMastering Windows PowerShell Scripting Rating: 4 out of 5 stars4/5Enterprise PowerShell Scripting Bootcamp Rating: 0 out of 5 stars0 ratingsMastering Active Directory Rating: 0 out of 5 stars0 ratingsImplementing Azure Solutions Rating: 0 out of 5 stars0 ratingsGetting Started with Windows Server Security Rating: 0 out of 5 stars0 ratingsMicrosoft Azure Security Rating: 0 out of 5 stars0 ratingsINSTANT Windows PowerShell Rating: 0 out of 5 stars0 ratingsMicrosoft Azure IaaS Essentials Rating: 4 out of 5 stars4/5PowerShell: A Comprehensive Guide to Windows PowerShell Rating: 4 out of 5 stars4/5PowerShell 7 for IT Professionals Rating: 1 out of 5 stars1/5Mastering Windows Server 2016 Hyper-V Rating: 5 out of 5 stars5/5Learn Active Directory Management in a Month of Lunches Rating: 0 out of 5 stars0 ratingsLearn Windows PowerShell in a Month of Lunches Rating: 0 out of 5 stars0 ratingsLearn PowerShell Scripting in a Month of Lunches Rating: 0 out of 5 stars0 ratingsLearn PowerShell in a Month of Lunches, Fourth Edition: Covers Windows, Linux, and macOS Rating: 5 out of 5 stars5/5PowerShell: A Beginner's Guide to Windows PowerShell Rating: 4 out of 5 stars4/5ConfigMgr - An Administrator's Guide to Deploying Applications using PowerShell Rating: 5 out of 5 stars5/5The Complete Powershell Training for Beginners Rating: 0 out of 5 stars0 ratingsPowerShell Troubleshooting Guide Rating: 0 out of 5 stars0 ratingsWindows Server 2019 & PowerShell All-in-One For Dummies Rating: 0 out of 5 stars0 ratingsGetting Started With Powershell for Office 365 Rating: 0 out of 5 stars0 ratingsLearn SQL Server Administration in a Month of Lunches Rating: 3 out of 5 stars3/5PowerShell in Depth Rating: 0 out of 5 stars0 ratingsMicrosoft System Center Configuration Manager High availability and performance tuning Rating: 0 out of 5 stars0 ratingsPowerShell in Practice Rating: 0 out of 5 stars0 ratings
Programming For You
Python Programming : How to Code Python Fast In Just 24 Hours With 7 Simple Steps Rating: 4 out of 5 stars4/5Coding All-in-One For Dummies Rating: 4 out of 5 stars4/5Learn to Code. Get a Job. The Ultimate Guide to Learning and Getting Hired as a Developer. Rating: 5 out of 5 stars5/5Excel 101: A Beginner's & Intermediate's Guide for Mastering the Quintessence of Microsoft Excel (2010-2019 & 365) in no time! Rating: 0 out of 5 stars0 ratingsSQL QuickStart Guide: The Simplified Beginner's Guide to Managing, Analyzing, and Manipulating Data With SQL Rating: 4 out of 5 stars4/5Excel : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Excel Programming: 1 Rating: 5 out of 5 stars5/5JavaScript All-in-One For Dummies Rating: 5 out of 5 stars5/5Grokking Algorithms: An illustrated guide for programmers and other curious people Rating: 4 out of 5 stars4/5Python: For Beginners A Crash Course Guide To Learn Python in 1 Week Rating: 4 out of 5 stars4/5SQL All-in-One For Dummies Rating: 3 out of 5 stars3/5HTML & CSS: Learn the Fundaments in 7 Days Rating: 4 out of 5 stars4/5PYTHON: Practical Python Programming For Beginners & Experts With Hands-on Project Rating: 5 out of 5 stars5/5HTML in 30 Pages Rating: 5 out of 5 stars5/5Linux: Learn in 24 Hours Rating: 5 out of 5 stars5/5Beginning Programming with C++ For Dummies Rating: 4 out of 5 stars4/5SQL: For Beginners: Your Guide To Easily Learn SQL Programming in 7 Days Rating: 5 out of 5 stars5/5Programming Arduino: Getting Started with Sketches Rating: 4 out of 5 stars4/5Python QuickStart Guide: The Simplified Beginner's Guide to Python Programming Using Hands-On Projects and Real-World Applications Rating: 0 out of 5 stars0 ratingsC Programming For Beginners: The Simple Guide to Learning C Programming Language Fast! Rating: 5 out of 5 stars5/5C# Programming from Zero to Proficiency (Beginner): C# from Zero to Proficiency, #2 Rating: 0 out of 5 stars0 ratingsCoding with JavaScript For Dummies Rating: 0 out of 5 stars0 ratings
Reviews for Active Directory with PowerShell
1 rating0 reviews
Book preview
Active Directory with PowerShell - Uma Yellapragada
Table of Contents
Active Directory with PowerShell
Credits
About the Author
About the Reviewers
www.PacktPub.com
Support files, eBooks, discount offers, and more
Why subscribe?
Free access for Packt account holders
Instant updates on new Packt books
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the example code
Errata
Piracy
Questions
1. Let's Get Started
Ways to automate Active Directory operations
The Microsoft Active Directory module
Installing Active Directory
Installing the Remote Server Administration Tool kit
Installing the Active Directory module
Testing the functionality
Quest Active Directory PowerShell cmdlets
Installing Quest
Testing the functionality
Using the Native method of PowerShell
Summary
2. Managing User and Computer Objects
Managing user accounts
Creating user accounts
Creating bulk user accounts
Modifying user properties
Updating the description of a user object
Updating the telephone numbers of multiple users
Enabling or disabling user accounts
Moving user accounts to another OU
Deleting user accounts
Managing computer accounts
Creating computer accounts
Modifying computer accounts
Setting the description for a computer account
Moving computer accounts to a different OU
Enabling or disabling computer accounts
Deleting computer accounts
Summary
3. Working with Active Directory Groups and Memberships
Creating different types of security groups
Searching and modifying group object information
Adding members to a group
Adding user accounts to groups
Adding computer accounts to groups
Adding one group as a member to an other
Listing members of a security group in Active Directory
Removing members from an AD group
Deleting a security group
Summary
4. Configuring Group Policies
Installing the Group Policy module
Querying Group Policies
Creating and linking Group Policies
Working with links, enforcements, and order of GPOs
Working with Group Policy permissions
Querying GPO permissions
Modifying GPO permissions
Updating Group Policy and generating Resultant Set of Policy
Remotely triggering Group Policy update
Collecting RSOP data remotely
Removing Group Policy links and objects
Summary
5. Managing Domains, Organizational Units, Sites, and Subnets
Managing domains
Querying forest and domain details
Querying domain controller details
Querying flexible single-master operation role owners
Managing Organizational Units
Searching for OUs
Creating OUs
Modifying OUs
Renaming, moving, and deleting OUs
Managing sites and subnets
Querying sites and subnets
Creating and modifying sites
Creating and modifying subnets
Removing sites and subnets
Summary
6. Advanced AD Operations Using PowerShell
Installing a new domain
Adding additional domain controllers
Obtaining an Active Directory replication status
Managing Fine-Grained Password Policies
Transferring FSMO roles
Restoring deleted objects
Demoting domain controllers and removing domains
Summary
7. Managing DFS-N and DFS-R Using PowerShell
Installing DFS roles
Installing the DFS-N role
Installing the DFS-R role
Managing DFS-N
Querying DFS namespaces
Querying DFS-N folders and targets
Creating the DFS-N root and folders
Adding and removing folder targets
Managing DFS-R
Querying DFS-R groups and settings
Creating a DFS-R group
Deleting a DFS-R group
Summary
8. Managing Active Directory DNS Using PowerShell
Installing and configuring a DNS server
Installing a DNS server
Configuring the DNS server
Changing the listening IP address
Enabling or disabling recursion
Working with root hints and forwarders
Conditional forwarders
Managing DNS zones
Creating, modifying, and deleting DNS records
Managing A records and PTR records
Managing CNAME records
Managing DNS Clients
Summary
9. Miscellaneous Scripts and Resources for Further Learning
Checking whether a user, group, computer, or an OU exists
Usage
Getting membership of a user, computer, and group
Usage
Resetting the password for multiple user accounts
Usage
Bulk creation of user accounts
Usage
Getting the password expiry date of user accounts
Usage
Finding all the disabled user accounts
Output
Getting all domain controllers and their site names in the forest
Usage
Moving objects from one OU to another
Usage
Finding inactive computers in Active Directory
Usage
Creating groups in bulk
Usage
Exporting an AD group member's details to CSV
Usage
Finding empty groups in Active Directory
Usage
Verifying whether a user is a member of the given group or not
Usage
Comparing AD groups' membership
Usage
Resources for further learning
PowerShell resources
Active Directory resources
Index
Active Directory with PowerShell
Active Directory with PowerShell
Copyright © 2015 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: January 2015
Production reference: 1200115
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham B3 2PB, UK.
ISBN 978-1-78217-599-5
www.packtpub.com
Credits
Author
Uma Yellapragada
Reviewers
David Green
Ross Stone
Nisarg Vora
Commissioning Editor
Taron Pereira
Acquisition Editor
Sonali Vernekar
Content Development Editor
Prachi Bisht
Technical Editor
Saurabh Malhotra
Copy Editors
Heeral Bhatt
Pranjali Chury
Gladson Monteiro
Adithi Shetty
Project Coordinator
Sageer Parkar
Proofreaders
Simran Bhogal
Stephen Copestake
Martin Diver
Ameesha Green
Paul Hindle
Indexer
Hemangini Bari
Production Coordinator
Aparna Bhagat
Cover Work
Aparna Bhagat
About the Author
Uma Yellapragada has over 11 years of experience in the IT industry. Her core experience includes management of Active Directory, Microsoft Exchange, System Center Operations Manager (SCOM), Microsoft Office Communications Server (OCS/Lync), Microsoft Digital/Information Rights Management Services (DRMS/IRM), Hyper-V, VMware, PowerShell, and VBScript.
She also has experience working with process technologies such as ITIL, Six Sigma, and PMP.
She is the kind of person who challenges herself on a day-to-day basis and searches for areas of improvement as part of her work. As a result of this, she developed a passion for scripting with VBScript and PowerShell.
She blogs her activities and research at http://techyyblog.com and writes occasionally at http://techibee.com.
About the Reviewers
David Green is an IT professional from the south of England with a wealth of experience from both the public and private sectors. Currently working in the private sector for a leading food manufacturing company, David is always looking to provide robust and scalable solutions that contribute to business objectives. He writes on his blog about little projects and solutions he finds, helps where he can, and generally tries to learn something useful every day. This is the first of hopefully many opportunities that David will have to contribute to a book.
More information can be found on his website: http://www.tookitaway.co.uk/.
As always, I'd like to thank my parents and family, who managed to make me the person I am today. I'd also like to thank my marvellous and splendid friends, who are always there for me when I need them. Not forgetting the best of the business world, Business Systems and Computer Services, the giants of the public sector. Work, learn, play, and have fun. It's your intentions, attitude, and what you do with your opportunities that set you apart.
Ross Stone (MCITP, MCSA) is a Windows system administrator with many years of experience in deploying and managing Active Directory, Windows servers, and a wide range of Microsoft technologies.
He is currently working at the Victoria and Albert Museum in London and is responsible for managing the Active Directory and Windows infrastructure estate.
More information can be found on his website at http://rossstone.net.
Nisarg Vora is currently a senior at Penn State University, specializing in software design and development with a minor in security and risk analysis. He also works for Pennsylvania Department of Human Services, where he is responsible for server and database management as well as application development to manage Windows Active Directory by developing and integrating PowerShell scripts in C# applications.
Apart from his education and work, as a part of his current research project at Penn State University, he is developing a Google Glass application for first emergency responders to help them receive all necessary information with ease in emergency situations.
In his free time, he loves playing his favorite games online with his friends, and due to his interest in gaming as well as development, he has started developing a Unity platform-based 2D games for iOS. He currently has an online portfolio at http://nisargvora.com and plans to add a blog in the near future.
www.PacktPub.com
Support files, eBooks, discount offers, and more
For support files and downloads related to your book, please visit www.PacktPub.com.
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at
At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.
https://www2.packtpub.com/books/subscription/packtlib
Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library. Here, you can search, access, and read Packt's entire library of books.
Why subscribe?
Fully searchable across every book published by Packt
Copy and paste, print, and bookmark content
On demand and accessible via a web browser
Free access for Packt account holders
If you have an account with Packt at www.PacktPub.com, you can use this to access PacktLib today and view 9 entirely free books. Simply use your login credentials for immediate access.
Instant updates on new Packt books
Get notified! Find out when new books are published by following @PacktEnterprise on Twitter or the Packt Enterprise Facebook page.
Preface
This book is for IT professionals who manage the Windows Active Directory infrastructure. Professionals supporting the Active Directory infrastructure, operations teams, and help desk members will find the content of this book useful. Any experience in PowerShell would be beneficial to help you easily grasp the content. Also, beginners can use this book to learn how to manage Active Directory environment using PowerShell.
What this book covers
Chapter 1, Let's Get Started, gives you an overview of the components, software, and modules required to manage Active Directory with PowerShell and gets you kick-started with routine tasks for automation. It also gives you the directions you need to use this book.
Chapter 2, Managing User and Computer Objects, helps users to perform various user and computer account administration related activities using PowerShell. By the end of this chapter, you will have a good understanding of how to manage user and computer Active Directory accounts using PowerShell and perform some of the automations based on it.
Chapter 3, Working with Active Directory Groups and Memberships, focuses on creating, modifying, and querying various kinds of security groups in Active Directory and their memberships. This chapter delivers the skills which are necessary for managing security groups in the Active Directory environment using PowerShell.
Chapter 4, Configuring Group Policies, helps in creating, linking, and unlinking Group Policies at various scopes; also, it is an integral part of Active Directory. By the end of this chapter, you will learn how to create GPOs, link them, enforce them, and perform several other operations using PowerShell. You will also be able to determine what policies are applied to a user and computer, remotely.
Chapter 5, Managing Domains, Organizational Units, Sites, and Subnets, tells you how to manage domains, Organizational Units, sites, and IP subnets using PowerShell. After completing this chapter, you will know how to manage OUs, sites, and IP subnets in your Active Directory environment.
Chapter 6, Advanced AD Operations Using PowerShell, talks about performing some of the advanced operations in Active directory such as promoting and demoting Active Directory domain controllers, the recovery of AD objects, and working with replication using PowerShell. After completing this chapter, you will know how to perform advanced AD operations, which are essential for any Active Directory administrator in a large enterprise environment.
Chapter 7, Managing DFS-N and DFS-R Using PowerShell, demonstrates how to create, configure, and query Distributed File System Namespace (DFS-N) and Distributed File System Replication (DFS-R) using PowerShell. By the end of this chapter, you will know how to administer DFS-N and DFS-R in a complex environment with the help of PowerShell.
Chapter 8, Managing Active Directory DNS Using PowerShell, helps you to understand how to manage AD DNS servers using PowerShell. A variety of operations such as clearing cache, creating and modifying records, working with zones, and many similar operations are covered in this chapter. By the end of this chapter, you will be able manage Active Directory DNS servers using PowerShell to create, modify, and delete records, and perform some of the advanced DNS server operations.
Chapter 9, Miscellaneous Scripts and Resources for Further Learning, gives the information which you need about managing Active Directory using PowerShell. This will also provide references and code samples for some of the frequently performed Active Directory operations. By the end of this chapter, you will know where to look for further help.
What you need for this book
This book is written to demonstrate the management of Active Directory in the Windows Server 2012 R2 environment. While all code samples provided here work in the Windows Server 2012 R2 environment, some will work in Windows Server 2008 R2 and Windows Server 2012 environments as well. The system and services that are required to work on are as follows:
PowerShell v3 or later
Windows Server 2012 R2 with the following roles installed:
Active Directory
Domain Naming System (DNS) server
Distributed File System Namespace (DFS-N)
Distributed File System Replication (DFS-R)
Who this book is for
If you are looking to automate the repetitive tasks in Active Directory management using the PowerShell module, then this book is for you. Any experience in PowerShell would be an added advantage.
Conventions
In this book, you will find a number of styles of text that distinguish between different kinds of information. Here are some examples of these styles, and an explanation of their meaning.
Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: The Get-ADUser command can be used to query user information. We can apply filters to narrow down the results using the -Filter and -LDAPFilter parameters
.
A block of code is set as follows:
function Get-ADObjectsCount {
[CmdletBinding()]
param(
)
$Users = Get-ADUser -Filter *
$Groups = Get-ADGroup -Filter *
$Computers = Get-ADComputer -Filter *
$DomainName = (Get-ADDomain).Name
{0} Users, {1} Computers and {2} Groups found in {3} Domain
-f $Users.Count,$Computers.Count,$Groups.Count,$DomainName
}
Any command-line input or output is written as follows:
PS C:\> Get-ADObjectsCount 110 Users, 13 Computers and 83 Groups found in techibee Domain
PS C:\>
New terms and important words are shown in bold. Words that you see on the screen, in menus or dialog boxes, for example, appear in the text like this: add the Group Policy Management option to install this feature
.
Note
Warnings or important notes appear in a box like this.
Tip
Tips and tricks appear like this.
Reader feedback
Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or may have disliked. Reader feedback is important for us to develop titles that you really get the most out of.
To send us general feedback, simply send an e-mail to <[email protected]>, and mention the book title via the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide on www.packtpub.com/authors.
Customer support
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
Downloading the example code
You can download the example code files for all Packt books you have purchased from your account at http://www.packtpub.com. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support and register to have the files e-mailed directly to you.
Errata
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you would report this