Active Directory PowerShell Module Features

Posted on by

Active Directory PowerShell Module

Hello,

A quick follow up from an old post, there some bonus feature with the Active Directory module. This module is not as efficient as the ADSI objects shown in the post but hereunder some example of bonus features.

Active Directory PowerShell Module Prerequisites

This module has three requirements :

  1. Windows Server 2008R2 or higher as Domain Controller
  2. Windows Server 2008R2 or Windows 7 or higher as a PowerShell host
  3. Remote Server Administration Tools

You can also install Active Directory Management Gateway Services on older version of Windows Server that will provide the same features as Active Directory Web Services.

Active Directory PSDrive

When the module is imported, it will create you a PowerShell drive that will allow you to browse the domain just like you do with your logical drive or your local registry hives:

Get-PSDrive
Import-Module ActiveDirectory
Get-PSDrive
Set-Location ad:
Active Directory PowerShell Module - Load the PSDrive

Active Directory PowerShell Module – Load the PSDrive

Active Directory ACL

You can see the ACL with Get-Acl:

Get-Acl '.DC=D2K12R2,DC=local' | Select-Object -ExpandProperty Access | Out-GridView
Active Directory PowerShell Module - Get-ACL

Active Directory PowerShell Module – Get-ACL

List Users in a Organizational Unit

You can list the users in an OU with a standard Get-ChildItem:

Get-ChildItem -Path 'OU=Users,OU=Star Wars,OU=Production,DC=D2K12R2,DC=local'
Active Directory PowerShell Module - List Users in OU

Active Directory PowerShell Module – List Users in OU

Note: The users came from this post:

Active Directory Star Wars Users

List Sites

You can list sites with a Get-ChildItem like for users, you just need to change the path. Indeed, the Active Directory sites are stored in the partition configuration:

Get-ChildItem -Path 'CN=Sites,CN=Configuration,DC=D2K12R2,DC=local'
Active Directory PowerShell Module - List Sites

Active Directory PowerShell Module – List Sites

Move Users

You move move users from an organizational unit to another one with:

Move-Item -Path 'CN=Junk7,OU=Test,DC=D2K12R2,DC=local' -Destination 'OU=Trash,OU=Test,DC=D2K12R2,DC=local'
Active Directory PowerShell Module - Move Users

Active Directory PowerShell Module – Move Users

Note: This will work with computers and groups too.

Delete Users

You can delete a user just like a file on your disk:

Remove-Item -Path 'CN=Junk7,OU=Trash,OU=Test,DC=D2K12R2,DC=local'
Active Directory PowerShell Module - Delete Users

Active Directory PowerShell Module – Delete Users

This will work on other types of objects too.

Other cmdlets

There is a lot of cmdlets that you can use, actually, there is 147 cmdlets in this module in Windows Server 2012R2. Each new version of Windows Server brings some new cmdlets, hereunder a list of them from a Windows Server 2012R2 server:

Active Directory PowerShell Module - Cmdlets

Active Directory PowerShell Module – Cmdlets

 

2 thoughts on “Active Directory PowerShell Module Features

  1. Pingback: Active Directory Password not Required - It for DummiesIt for Dummies

  2. Pingback: Renew Active Directory User Password Without Knowing It - It for DummiesIt for Dummies

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.