Get List of Computers from Active Directory
Get-ADComputerList.ps1 is pretty simple. It gets a list of all the computers in the domain you specify. Reported are the DNS Name, IP v4 Address, Active Directory Path and OS. A comma delimited log...
View ArticleAuditing Active Directory Permissions with Powershell
Active Directory permissions aren’t easy to audit. It is a lot easier to delegate permissions to a user or a group than it is to figure out later who has what rights on what containers and...
View ArticleTest Whether Organizational Unit or Account Exists
Here are two quick functions which I have recently found useful. The first tests whether a user account exists. It takes the Domain and Identity as arguments. Using the “Stop” error action with...
View ArticleGet the Parent OU for an AD Object
I have mentioned before that the Charlotte PowerShell User group was frequented by Scripting Guy Ed Wilson, and his wife Teresa. I’m sad to say that they have moved away, but am happy that Brian...
View ArticlePasswords for Password Resets
I discovered that my script to generate passwords, RandomPW.vbs, isn’t popular with users because the passwords are random. I have an even more complicated but unposted PowerShell version with the...
View ArticleFast PowerShell Treeview OU Selection Form
A large number of my scripts involve picking an Active Directory Organizational Unit (OU). I have been using Out-Gridview for OU navigation. This is because I was unable to find a form based GUI OU...
View ArticleCopy Distinguished Name of OU to Clipboard (OUADSPath2Clip Updated)
OUADSPathToClip.ps1 is an updated version of OUADSPath2Clip.ps1 and is an example implementation of the new Select-OU.ps1 script. Fast navigation of OU structure to copy the OU’s DistinguishedName...
View ArticleQuickly Check Domain Controller Health
How can you tell whether an Active Directory domain controller is functioning properly? How do you know whether some over-zealous VLAN ACL is blocking necessary ports? Testing ICMP, is easy, just...
View ArticleTest Replication – A PowerShell Wrapper for RepAdmin
Repadmin is a standard tool in an AD admin’s toolbox, and “showrepl” displays the status of replication in your domain. The results of this command are quite verbose, and can make your eyes glaze over...
View ArticleAdding Terminal Services Information to User Reports
Add-ADTSInfo.ps1 adds TerminalServicesHomeDrive, TerminalServicesHomeDirectory, TerminalServicesProfilePath and AllowLogon as additional members returned by a query of Active Directory user objects....
View ArticleCreate an AD Drive for Specified Domain
When you load the Active Directory Module, you get, by default, an Active Directory PSDrive for the current domain. You can avoid the drive from loading by setting [crayon-5a2cbda5babf9276861619-i/]....
View ArticleOU of Current PC from anywhere in the Forest
There are a lot of ways to get the OU of the current computer, but most don’t work if you are outside your home domain. This code does, without requiring AD cmdlets: [crayon-5a2cbda5ba858906909528/]...
View ArticlePowershell Date LDAP filters
This snippet can be used for easier date formatting when using an LDAP date filter with PowerShell. This demonstrates how to get users created within the previous 30 days using LDAP:...
View ArticleUndelete-ADObject
Undelete-ADObject.ps1 is a GUI form based script for undeleting user, computer, group, print queue, and contacts from Active Directory. You can display all of the objects of the selected type, or...
View ArticleGetting GPO GUID, Name from Active Directory
You don’t have to rely on the Group Policy Module to resolve the display name of a GPO from the GUID, or the GUID from the display name. Here are two short functions that will get that information...
View ArticleUsing Workflows to Multithread AD Queries
I am frequently called on for Active Directory reports for all domains in the forest. This code shows you how to use a workflow to easily do this, adding the domain data into the results:...
View ArticleReset User Account ACLs
The security for user account objects in an OU may drift over time. User accounts moved within the domain will retain delegations previously made, and user accounts created after schema extensions...
View ArticleCreate a Hash Table with AD Domain DNS Root and NetBIOS Names
I frequently get requests to modify or lookup a list of user names in a CSV file where the username is NTDomain\SamAccountName. Get-ADUser will let you use the NT domain as a server name, but in my...
View ArticleGet User Lockout Status with PowerShell
Get-UserLockoutStatus.ps1 is an interactive script to get the lockout status of a selected user or all users in a specified domain. It queries each domain controller for non-replicated attributes...
View ArticleGet AD Schema Attribute Names
One of our admins was running my export and import permissions script, and I thought he had made an error when I looked at an ExtensionAttribute name. Nope. The difference was between the attribute...
View Article
