Quick Checklist: Logon at a Domain Controller Install
Active Directory Module for Windows PowerShell Get the ISE (Optional)
Set-ExecutionPolicy (Optional)
Fine Detail Instructions Naturally, you need an Active Directory domain
to use these AD cmdlets; furthermore, I prefer to
logon at a domain controller, at least for my first attempt to master the
syntax of Get-AdUser.
The act of creating a domain should install the Active Directory Module for
Windows PowerShell, and this is what supplies the AD family of cmdlets that
are not found on Windows 7 machines. If there is a problem, check that
your DC has the Active Directory Web Services as this is what triggers the
requisite PowerShell module installation.
# PowerShell Check for Active Directory Services Get-Service ad*
Get-Module
Note: It is also possible to get Remote Server
Administration Tools (RSAT) feature on Windows 7 or later; then install via the
'Turn Windows features on' wizard.
You can get ISE for Windows Server 2008 or later by using the 'Add
feature' wizard. To launch PowerShell just search for 'Power' and
choose the ISE (or plain) version. Alternatively you could add the ISE
GUI by using PowerShell itself.
# Install PowerShell ISE Import-Module ServerManager;
Add-WindowsFeature PowerShell-ISE
Add the Active Directory Module to Windows PowerShell ISE
The trick to getting the AD cmdlets to work in the ISE is to employ the
Import-Module cmdlet. That said, I remember that when I play chess if
I find a good move, I try to look for a better one, in this instance add
this command to your PowerShell profile.
# Install PowerShell ISE Import-Module activedirectory
These instructions will help you edit your profile and append: Import-Module activedirectory
# PowerShell command to edit profile Clear-Host If ((Test-Path $Profile) -eq "True") {Notepad
$Profile}
Else {Write-Host "Still no profile file"}
Import users from a spreadsheet. Just provide a list of the
users with their fields in the top row, and save as .csv file.
Then launch this FREE utility and match your fields with AD's
attributes, click and import the users.
Note: Get-AdUser needs a parameter.
In this case we call for -filter, rather than -identity, -searchbase or the
-LDAPFilter
parameter. The speech marks are crucial for this command; therefore let us look
at the single and double quotes in isolation, 'name -Like' with the value,
"Admin*", then sequence them as in the script above.
With -filter you can use other operators such as -eq and -NotLike. For certain LDAP
properties -lt or -gt make sense. It is also possible to create a more
complex query through the use of these two classic joiners: -And, -or.
Windows Management Instrumentation (WMI) is one of the hidden
treasures of Microsoft's operating systems. Fortunately, SolarWinds
have created a
Free WMI Monitor so that you can discover these gems of performance
information, and thus improve your scripts.
Take the guess work out of which WMI counters to use when scripting the
operating system, Active Directory or Exchange Server. Give this WMI monitor a
try - it's free.
Firstly make sure that you are using Active Directory Module for Windows
PowerShell. Check with Get-Module.
Secondly, to research Get-AdUser call for Get-Help and examine syntax and
study the examples.
# PowerShell Active Directory Syntax Clear-Host Get-Help Get-AdUser
-full
»
Summary of PowerShell Get-AdUser Cmdlet
This page is designed to help you get started with PowerShell's active
directory cmdlets. There are two aspects to master, making the
activedirectory module available, and then mastering the syntax of the
-filter parameter.
If you like this page then please share it with your friends
Please email me if you have a better example script. Also please report any factual mistakes, grammatical errors or broken links, I will be happy to correct the fault.
Windows Management Instrumentation (WMI) is
most useful for PowerShell scripting.
SolarWinds
have produced this
Free WMI Monitor to take the guess work out of which
WMI counters to use for applications like Microsoft Active Directory,
SQL or Exchange Server.
