Active Directory Useful PowerShell Commands and Scripts

For daily use and automation, here are some essential PowerShell commands and scripts for managing Active Directory:

1. Get-ADUser: Retrieves one or more Active Directory users.

   Get-ADUser -Filter {Name -like "John*"} -Properties DisplayName, EmailAddress
   

2. Get-ADGroup: Retrieves one or more Active Directory groups.

   Get-ADGroup -Filter {Name -like "Admin*"}
   

3. New-ADUser: Creates a new Active Directory user.

New-ADUser -Name "Jane Doe" -GivenName "Jane" -Surname "Doe" -SamAccountName "jdoe" -UserPrincipalName "[email protected]" -AccountPassword (ConvertTo-SecureString "P@ssw0rd" -AsPlainText -Force) -Enabled $true

1. Add-ADGroupMember: Adds a user to an Active Directory group.

   Add-ADGroupMember -Identity "Administrators" -Members "jdoe"
   

5. Remove-ADUser: Deletes an Active Directory user.

Remove-ADUser -Identity "jdoe" -Confirm:$false

1. Set-ADUser: Modifies properties of an Active Directory user.

   Set-ADUser -Identity "jdoe" -EmailAddress "[email protected]"
   

2. Get-ADComputer: Retrieves one or more Active Directory computers.

   Get-ADComputer -Filter {Name -like "WS*"} -Properties OperatingSystem
   

3. Search-ADAccount: Searches for Active Directory accounts based on criteria.

   Search-ADAccount -AccountDisabled -UsersOnly
   

9. Unlock-ADAccount: Unlocks a locked Active Directory account.

Unlock-ADAccount -Identity "jdoe"

1. Get-ADDomainController: Retrieves the domain controllers in the domain.

   Get-ADDomainController -Filter *
   

What Undercode Say

Active Directory (AD) is a critical component in managing network resources, and PowerShell provides a powerful way to automate and streamline AD management tasks. The commands listed above are just the tip of the iceberg when it comes to what you can achieve with PowerShell in an AD environment. For instance, you can automate user provisioning, group management, and even complex tasks like auditing and reporting.

In addition to the commands provided, here are some more advanced PowerShell scripts and commands that can be useful:

• Export-ADUsers: Exports all AD users to a CSV file.

  Get-ADUser -Filter * -Properties * | Export-Csv -Path "C:\ADUsers.csv" -NoTypeInformation
  

• Import-ADUsers: Imports users from a CSV file into AD.

  Import-Csv -Path "C:\NewUsers.csv" | ForEach-Object { New-ADUser -Name $<em>.Name -GivenName $</em>.GivenName -Surname $<em>.Surname -SamAccountName $</em>.SamAccountName -UserPrincipalName $<em>.UserPrincipalName -AccountPassword (ConvertTo-SecureString $</em>.Password -AsPlainText -Force) -Enabled $true }
  

• Get-ADGroupMember: Retrieves members of an AD group.

  Get-ADGroupMember -Identity "Administrators"
  

• Set-ADAccountPassword: Resets a user’s password.

  Set-ADAccountPassword -Identity "jdoe" -NewPassword (ConvertTo-SecureString "NewP@ssw0rd" -AsPlainText -Force) -Reset
  

• Get-ADObject: Retrieves any AD object.

  Get-ADObject -Filter {ObjectClass -eq "user"} -Properties *
  

• Move-ADObject: Moves an AD object to a different Organizational Unit (OU).

  Move-ADObject -Identity "CN=jdoe,OU=Users,DC=domain,DC=com" -TargetPath "OU=DisabledUsers,DC=domain,DC=com"
  

• Get-ADReplicationFailure: Retrieves replication failures in AD.

  Get-ADReplicationFailure -Target "DC1"
  

• Test-ComputerSecureChannel: Tests the secure channel between a computer and the domain.

  Test-ComputerSecureChannel -Repair
  

• Get-ADForest: Retrieves information about the AD forest.

  Get-ADForest
  

• Get-ADDomain: Retrieves information about the AD domain.

  Get-ADDomain
  

These commands and scripts can significantly enhance your ability to manage and automate tasks in an Active Directory environment. By leveraging PowerShell, you can reduce manual effort, minimize errors, and ensure consistency across your network.

For more advanced scripting and automation, consider exploring the Active Directory module for PowerShell, which provides a comprehensive set of cmdlets for managing AD. Additionally, Microsoft’s official documentation and community forums are valuable resources for learning and troubleshooting.

Useful URLs:

• Microsoft Active Directory Documentation
• PowerShell Documentation
• Active Directory PowerShell Module

By mastering these commands and scripts, you can become more efficient in managing your Active Directory environment, ensuring that your network remains secure, organized, and well-maintained.

References:

Hackers Feeds, Undercode AI