Powershell snippets - Active Directory
Some AD powershell commands used at some point. Some are used more often than others.
Exporting to CSV
Exporting can be interesting with PS. For consistency, I stick the following on the end of any powershell I want to export. Add the current date onto the filename for potential comparison.
The only issue I sometimes encounter is copying to/from RDP session. The first copy can be corrupt - the second copy/paste is usually fine - this is likely to down to the current settings at a client.
Get the current domain controllers and some OS information and export to CSV
Get-ADDomainController -Filter * | Select-Object Hostname, Site, OperatingSystem, OperatingSystemServicePack, OperatingSystemVersion, OperationMasterRoles, LdapPort, SslPort | export-csv -NoTypeInformation -Encoding Unicode -Path c:\temp\Domaincontrollers-$(get-date -f yyy-MM-dd).csv
Get interesting AD computer object information
$Identity="computername"
get-adcomputer $Identity -properties *| select name,samaccountname,OperatingSystem,OperatingSystemServicePack,OperatingSystemVersion,ipv4address,distinguishedname,enabled,description,BadLogonCount,badPwdCount,PasswordLastSet,LockedOut,whenCreated,whenChanged,LastLogonDate,LastBadPasswordAttempt | fl
Get the number of AD users that are enabled have an email address with "*domain.com" and no Lync/SfB address in an OU (including sub OUs):
Get-ADUser -searchbase "OU=Users,OU=Enterprise,DC=domain,DC=com" -Filter * -Properties * | Where-Object {$_.enabled -eq $true -and $_.mail -like '*domain.com' -and $_.'msRTCSIP-PrimaryUserAddress' -eq $null} | Measure-Object
Get the users in OU (and sub OUs), select some interesting properties and export to CSV
Get-ADUser -searchbase "OU=Users,OU=Enterprise,DC=domain,DC=com" -filter * -properties * | select-object samaccountname,Name,GivenName,
Surname,Title,Department,Office,Company,Description,DistinguishedName,Enabled,Mail,LastLogonDate,PasswordLastSet,PasswordExpired,PasswordNeverExpires,
PasswordNotRequired,WhenCreated,WhenChanged,ProxyAddresses,msExchUMRecipientDialPlanLink,msExchHomeServerName,msRTCSIP-DeploymentLocator,msRTCSIP-Line
,msRTCSIP-PrimaryUserAddress,msRTCSIP-UserEnabled | export-csv -NoTypeInformation -Encoding Unicode -Path C:\
Temp\ADUser-$(get-date -f yyy-MM-dd).csv
Get the AD Users with some interesting Sfb/Lync properties
Get-ADUser -Filter * -Properties * | Where-Object {$_.enabled -eq $true} | Select-Object samaccountname, enabled,description,departme
nt,office,msRTCSIP-Line, telephoneNumber,OfficePhone,ipPhone,msRTCSIP-PrimaryUserAddress, DisplayName, GivenName,Surname,EmailAddress,distinguishednam
e | Export-Csv -NoTypeInformation -Encoding Unicode -Path C:\Temp\AdUser-RTC-$(get-date -f yyy-MM-dd).csv
/Update to original post.
Exporting to CSV
Exporting can be interesting with PS. For consistency, I stick the following on the end of any powershell I want to export. Add the current date onto the filename for potential comparison.
export-csv -NoTypeInformation -Encoding Unicode -Path c:\temp\Domaincontrollers-$(get-date -f yyy-MM-dd).csv
The only issue I sometimes encounter is copying to/from RDP session. The first copy can be corrupt - the second copy/paste is usually fine - this is likely to down to the current settings at a client.
Get the current domain controllers and some OS information and export to CSV
Get-ADDomainController -Filter * | Select-Object Hostname, Site, OperatingSystem, OperatingSystemServicePack, OperatingSystemVersion, OperationMasterRoles, LdapPort, SslPort | export-csv -NoTypeInformation -Encoding Unicode -Path c:\temp\Domaincontrollers-$(get-date -f yyy-MM-dd).csv
Get interesting AD computer object information
$Identity="computername"
get-adcomputer $Identity -properties *| select name,samaccountname,OperatingSystem,OperatingSystemServicePack,OperatingSystemVersion,ipv4address,distinguishedname,enabled,description,BadLogonCount,badPwdCount,PasswordLastSet,LockedOut,whenCreated,whenChanged,LastLogonDate,LastBadPasswordAttempt | fl
Get the number of AD users that are enabled have an email address with "*domain.com" and no Lync/SfB address in an OU (including sub OUs):
Get-ADUser -searchbase "OU=Users,OU=Enterprise,DC=domain,DC=com" -Filter * -Properties * | Where-Object {$_.enabled -eq $true -and $_.mail -like '*domain.com' -and $_.'msRTCSIP-PrimaryUserAddress' -eq $null} | Measure-Object
Get the users in OU (and sub OUs), select some interesting properties and export to CSV
Get-ADUser -searchbase "OU=Users,OU=Enterprise,DC=domain,DC=com" -filter * -properties * | select-object samaccountname,Name,GivenName,
Surname,Title,Department,Office,Company,Description,DistinguishedName,Enabled,Mail,LastLogonDate,PasswordLastSet,PasswordExpired,PasswordNeverExpires,
PasswordNotRequired,WhenCreated,WhenChanged,ProxyAddresses,msExchUMRecipientDialPlanLink,msExchHomeServerName,msRTCSIP-DeploymentLocator,msRTCSIP-Line
,msRTCSIP-PrimaryUserAddress,msRTCSIP-UserEnabled | export-csv -NoTypeInformation -Encoding Unicode -Path C:\
Temp\ADUser-$(get-date -f yyy-MM-dd).csv
Get the AD Users with some interesting Sfb/Lync properties
Get-ADUser -Filter * -Properties * | Where-Object {$_.enabled -eq $true} | Select-Object samaccountname, enabled,description,departme
nt,office,msRTCSIP-Line, telephoneNumber,OfficePhone,ipPhone,msRTCSIP-PrimaryUserAddress, DisplayName, GivenName,Surname,EmailAddress,distinguishednam
e | Export-Csv -NoTypeInformation -Encoding Unicode -Path C:\Temp\AdUser-RTC-$(get-date -f yyy-MM-dd).csv
/Update to original post.
Comments
Post a Comment