'PowerShell' Tag

PowerShell : Exporting multi-valued attribute via Export-Csv cmdlet

The attributes that are multi-valued are hard to export to a CSV via the Export-Csv cmdlet as the exported value just shows the string type in Excel/Notepad. For instance, take a look below when I try to export the proxyAddresses attribute values in PowerShell console and to a CSV later. I found out that you [...]

Share/Bookmark

posted in PowerShell by Rick

    • Running PowerShell under “run-as” or elevated privileges

    There are times when I am in a PowerShell session and pass another set of credentials when I use connect-qadservice cmdlet to connect to another domain with the –credential parameter, however often times I would launch the PowerShell under “run-as” with the elevated credentials and launch a native session and I would have multiple session [...]

    Share/Bookmark

    posted in PowerShell by Rick

    • PowerShell : How do I create Trust ?

    A question was raised on ActiveDir regarding the ability to create Trust via a command line utility. It was discussed how netdom is no longer a supported command line utility to create Trusts. I referenced a snip from AD Cook Book using PowerShell to create Trust via the .Net AD namespace method alternatively.(System.DirectoryServices.ActiveDirectory). You can [...]

    Share/Bookmark

    posted in Active Directory, PowerShell by Rick

    • PowerShell : How do I clear sIDhistory attribute ?

    What is sIDhistory attribute ? The sIDhistory attribute is the key attribute that holds the previous SID(s) of Users and Groups objects that facilitate the Active Directory migrations. It contains previous SIDs used for the object if the object was moved from another domain. Whenever an object is moved from one domain to another, a [...]

    Share/Bookmark

    posted in Active Directory, PowerShell by Rick

    • PowerShell : How do I set the delegation sensitive flag on users and computers ?

    Kerberos Delegation, constrained and unconstrained is a complex topic, and one that often comes up when Security implications of External/Forests Trusts are discussed. Few days ago, on ActiveDir a similar topic was shed light upon. In brief Brian Arkills sums it up below, The other security implication that most folks seem oblivious to is the [...]

    Share/Bookmark

    posted in Active Directory, PowerShell by Rick

    • PowerShell : How to lookup Schema version of your forest ?

    The schema version is revealed via the objectversion attribute off of the schema object from your configuration head of the forest i.e “cn=schema,cn=configuration,dc=yourdomain,dc=int”. So using Quest Cmdlets, you can run this query : Get-QADObject “cn=schema,cn=configuration,dc=yourdomain,dc=int” -ip objectversion | select objectversion The –ip is the alias for includedproperties. And, when using the native AD Cmdlets of [...]

    Share/Bookmark

    posted in Active Directory, PowerShell, Windows Server 2008 R2 by Rick

  • Reviewing few very useful adds in Quest AD Cmdlets v1.4

    Whereas most of newly added cmdlets focus on  PKI and Email Address Management in v1.4, there are a few cmdlets and handful of new parameters that ought to come in very handy with your AD tasks. Below I review a few that I think are some great adds : When you are enumerating a large [...]

    Share/Bookmark

    posted in Active Directory, PowerShell by Rick

  • Quest AD Cmdlets a.k.a Active Roles Management Shell version 1.4 gets released

    From version 1.2 with 49 cmdlets, to version 1.3 with 63 cmdlets and now on to version 1.4 that has 32 new cmdlets making it total of 95. Here are the new cmdlets in v1.4 : • Get-QADLocalCertificateStore • New-QADLocalCertificateStore • Remove-QADLocalCertificateStore • Get-QADCertificate • Where-QADCertificate • Add-QADCertificate • Import-QADCertificate • Show-QADCertificate • Edit-QADCertificate • [...]

    Share/Bookmark

    posted in Active Directory, PowerShell by Rick

  • Create Active Directory Delegations Report with PowerGUI

    Often times you need to analyze your existing permissions (delegations) on your AD Objects within your domain/forest, perhaps you have just taken over an administrative role over AD and would like to quickly surface information regarding what group and user accounts have certain rights across the board in a pertinent domain. With PowerGUI and Kirk [...]

    Share/Bookmark

    posted in Active Directory, PowerShell by Rick

  • PowerShell : How to rename Groups in bulk ?

    Often times there is a need to standardized Groups’ naming convention such as with migrations, when you don’t have a rich migration tool that can conform the names or when you don’t have a AD proxy management tool such as ARS in your normal provisioning process. Using Quest Cmdlets with PowerShell to rename groups is [...]

    Share/Bookmark

    posted in Active Directory, PowerShell by Rick

  • PowerShell : What’s my PowerShell version ?

    There are two types of PowerShell versions out there. PowerShell v1 that dates back to 2006 and the PowerShell v2 that is bundled with Windows 7 and Windows Server 2008 R2, and also mysteriously released for down level clients such as Windows Vista and XP (under vaguely named Windows Management Framework (Windows PowerShell 2.0, WinRM [...]

    Share/Bookmark

    posted in PowerShell by Rick

  • PowerShell : How do I fix displayName attribute for all users in Active Directory ?

    For small shops that do not leverage automated provisioning tools, they face challenge in keeping the attributes for Users and other objects in AD standardized. For similar situation, recently I was asked from Access Control team if there is an easy way to fix the displayName attribute for all users or to fill in the [...]

    Share/Bookmark

    posted in Active Directory, PowerShell by Rick

  • PowerShell : How do I check Active Directory Tombstone Lifetime ?

    What is Active Directory Tombstone Lifetime (TSL) ? The tombstone lifetime in an Active Directory forest determines how long a deleted object (called a “tombstone”) is retained in Active Directory Domain Services (AD DS). The tombstone lifetime is determined by the value of the tombstoneLifetime attribute on the Directory Service object in the configuration directory [...]

    Share/Bookmark

    posted in Active Directory, PowerShell, Windows Server 2008 R2 by Rick

  • PowerShell : How many users were created in an office since x number of days ?

    A request came in from the Access Control team requesting that they be provided with the users that have been created in a particular office since last 90 days. As usual, PowerShell (with QAD cmdlets) has very simple one liners you can retrieve this information with. You may also use this to export this data [...]

    Share/Bookmark

    posted in Active Directory, PowerShell, Windows by Rick

  • PowerShell : Add-Computer cmdlet works in Windows 7 RTM but Rename-Computer is gone

    I had earlier posted about the Add-Computer cmdlet bug in Windows 7 RC builds which didn’t allow the computer to be added to the domain via PowerShell. With Windows 7 RTM, it is fixed and turns out to be pretty handy should you need to script the domain joins for your new builds. The command [...]

    Share/Bookmark

    posted in Active Directory, PowerShell, Windows Server 2008 R2 by Rick

    •  
    (c) 2008 - 2012 Shariq Sheikh. All Rights Reserved.