Book Image

Active Directory with PowerShell

By : Pamarthi Venkata Sitaram, YELLAPRAGADA U PADMAVATHI
5 (1)
Book Image

Active Directory with PowerShell

5 (1)
By: Pamarthi Venkata Sitaram, YELLAPRAGADA U PADMAVATHI

Overview of this book

Table of Contents (16 chapters)
Active Directory with PowerShell
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
Index

Index

A

  • Active Directory
    • managing ways, using PowerShell / Ways to automate Active Directory operations
    • user accounts, managing / Managing user accounts
    • computer accounts, managing / Managing computer accounts
    • domains, managing / Managing domains
    • Organizational Units (OUs), managing / Managing Organizational Units
    • sites, managing / Managing sites and subnets
    • subnets, managing / Managing sites and subnets
    • replication status, obtaining / Obtaining an Active Directory replication status
  • Active Directory, managing with PowerShell
    • Microsoft Active Directory module / The Microsoft Active Directory module
    • Quest Active Directory PowerShell cmdlets / Quest Active Directory PowerShell cmdlets
    • native method approach / Using the Native method of PowerShell
  • Active Directory Domain Services (AD DS) / The Microsoft Active Directory module
  • Active Directory installation
    • about / Installing Active Directory
    • Remote Server Administration Tool kit, installing / Installing the Remote Server Administration Tool kit
    • Active Directory module, installing / Installing the Active Directory module
  • Active Directory Lightweight Directory Services (AD LDS) / The Microsoft Active Directory module
  • Active Directory operations
    • automating / Ways to automate Active Directory operations
  • Active Directory resources
    • about / Active Directory resources
  • Active Directory Service Interface (ADSI) adapter
    • about / Searching for OUs
  • Active Directory Web Services (ADWS) / The Microsoft Active Directory module
  • ADAC
    • about / Creating user accounts
  • Add-ADGroupMember cmdlet / Adding members to a group
    • about / Adding user accounts to groups
  • Add-DnsServerConditionalForwarderZone cmdlet / Conditional forwarders
  • Add-DnsServerForwarder cmdlet / Working with root hints and forwarders
  • Add-DnsServerResourceRecord cmdlet / Managing A records and PTR records
  • Add-DnsServerRoothint cmdlet / Working with root hints and forwarders
  • Add-WindowsFeature cmdlet / Installing a DNS server
  • additional domain controllers
    • adding / Adding additional domain controllers
  • ADDSDeployment module / Installing a new domain
  • AD group member's details
    • exporting, to CSV / Exporting an AD group member's details to CSV, Usage
  • AD groups' membership
    • comparing / Comparing AD groups' membership, Usage
  • ADUC
    • about / Creating user accounts, Creating OUs
  • A records
    • about / Creating, modifying, and deleting DNS records
    • managing / Managing A records and PTR records

C

  • Client Side Extensions (CSE) / Remotely triggering Group Policy update
  • cmdlets
    • about / Testing the functionality
    • URL / Testing the functionality
  • cmdlets, Group Policy module
    • New-GPO / Installing the Group Policy module
    • New-GPLink / Installing the Group Policy module
    • Remove-GPO / Installing the Group Policy module
    • Remove-GPLink / Installing the Group Policy module
    • Invoke-GPUpdate / Installing the Group Policy module
    • Get-GPO / Installing the Group Policy module
    • Get-GPOReport / Installing the Group Policy module
    • Get-GPPermission(s) / Installing the Group Policy module
    • Set-GPLink / Installing the Group Policy module
  • CNAME records
    • about / Creating, modifying, and deleting DNS records
    • managing / Managing CNAME records
  • computer accounts
    • managing / Managing computer accounts
    • creating / Creating computer accounts
    • modifying / Modifying computer accounts
    • description, setting / Setting the description for a computer account
    • moving, to another OU / Moving computer accounts to a different OU
    • enabling / Enabling or disabling computer accounts
    • disabling / Enabling or disabling computer accounts
    • deleting / Deleting computer accounts
    • adding, to security groups / Adding computer accounts to groups
  • computer existence
    • checking / Checking whether a user, group, computer, or an OU exists
  • Computer Integrated Manufacturing (CIM) classes / Querying DFS namespaces
  • computer membership
    • getting / Getting membership of a user, computer, and group
  • conditional forwarders
    • configuring, in DNS / Conditional forwarders
  • Configuration Naming Context (CNC) / Querying sites and subnets

D

  • deleted objects
    • restoring / Restoring deleted objects
  • DFS-N
    • installing / Installing the DFS-N role
    • managing / Managing DFS-N
    • namespaces, querying / Querying DFS namespaces
    • folders and targets, querying / Querying DFS-N folders and targets
    • root and folders, creating / Creating the DFS-N root and folders
    • folder targets, adding / Adding and removing folder targets
    • folder targets, removing / Adding and removing folder targets
  • DFS-R
    • installing / Installing the DFS-R role
    • about / Managing DFS-R
    • managing / Managing DFS-R
    • groups and settings, querying / Querying DFS-R groups and settings
    • group, creating / Creating a DFS-R group
    • group, deleting / Deleting a DFS-R group
  • DFS-R group
    • member servers / Managing DFS-R
    • connections / Managing DFS-R
    • replicated folders / Managing DFS-R
  • DFS roles
    • installing / Installing DFS roles
    • DFS-N role, installing / Installing the DFS-N role
    • DFS-R role, installing / Installing the DFS-R role
  • Directory Service Recovery Mode (DSRM)
    • about / Installing a new domain
  • Directory Services Restore Mode (DSRM)
    • about / Restoring deleted objects
  • Disable-ADAccount cmdlet
    • about / Enabling or disabling user accounts
  • disabled user accounts
    • finding / Finding all the disabled user accounts
  • Distinguished Name (DN)
    • about / Searching for OUs
  • DNS Clients
    • managing / Managing DNS Clients
  • DNS records
    • creating / Creating, modifying, and deleting DNS records
    • modifying / Creating, modifying, and deleting DNS records
    • deleting / Creating, modifying, and deleting DNS records
    • A record / Creating, modifying, and deleting DNS records
    • CNAME record / Creating, modifying, and deleting DNS records
    • NS record / Creating, modifying, and deleting DNS records
    • PTR record / Creating, modifying, and deleting DNS records
    • SOA record / Creating, modifying, and deleting DNS records
    • MX record / Creating, modifying, and deleting DNS records
    • SRV record / Creating, modifying, and deleting DNS records
  • DNS server
    • installing / Installing and configuring a DNS server, Installing a DNS server
    • configuring / Installing and configuring a DNS server, Configuring the DNS server
  • DNS server configuration
    • about / Configuring the DNS server
    • listening IP address, changing / Changing the listening IP address
    • recursion, enabling / Enabling or disabling recursion
    • recursion, disabling / Enabling or disabling recursion
  • DNS zones
    • managing / Managing DNS zones
    • primary zone / Managing DNS zones
    • secondary zone / Managing DNS zones
    • stub zone / Managing DNS zones
    • URL / Managing DNS zones
  • domain controllers
    • demoting / Demoting domain controllers and removing domains
  • Domain Controllers (DCs)
    • about / Querying domain controller details
    • getting / Getting all domain controllers and their site names in the forest, Usage
  • domains
    • managing / Managing domains
    • forest and domain details, querying / Querying forest and domain details
    • domain controller details, querying / Querying domain controller details
    • flexible single master operation role owners, querying / Querying flexible single-master operation role owners
    • removing / Demoting domain controllers and removing domains

E

  • empty groups
    • finding / Finding empty groups in Active Directory, Usage
  • Enable-ADAccount cmdlet
    • about / Enabling or disabling user accounts
  • Enable-ADOptionalFeature cmdlet / Restoring deleted objects

F

  • Fine-Grained Password Policies (FGPP)
    • about / Managing Fine-Grained Password Policies
    • managing / Managing Fine-Grained Password Policies
  • forwarders
    • about / Working with root hints and forwarders
  • FSMO roles
    • transferring / Transferring FSMO roles

G

  • Get-ADComputer cmdlet
    • about / Moving computer accounts to a different OU
  • Get-ADComputer command
    • about / Setting the description for a computer account
  • Get-ADDomain cmdlet
    • about / Querying Group Policies, Querying forest and domain details
  • Get-ADDomainController cmdlet
    • about / Querying domain controller details
  • Get-ADForest command
    • about / Querying forest and domain details
  • Get-ADGroupMember cmdlet / Adding members to a group
    • about / Listing members of a security group in Active Directory
  • Get-ADObject cmdlet
    • about / Querying sites and subnets
    / Restoring deleted objects
  • Get-ADOrganizationalUnit cmdlet
    • about / Searching for OUs
  • Get-ADReplicationAttributeMetadata cmdlet / Obtaining an Active Directory replication status
  • Get-ADReplicationFailure cmdlet / Obtaining an Active Directory replication status
  • Get-ADReplicationPartnerMetadata cmdlet / Obtaining an Active Directory replication status
  • Get-ADReplicationQueueOperation cmdlet / Obtaining an Active Directory replication status
  • Get-ADUser cmdlet / Restoring deleted objects
  • Get-Command -Module DFSR cmdlet / Managing DFS-R
  • Get-Command cmdlet / Installing Quest
  • Get-Content cmdlet
    • about / Enabling or disabling user accounts
  • Get-DfsnFolder cmdlet / Querying DFS-N folders and targets
  • Get-DFSNFolderTarget cmdlet / Querying DFS-N folders and targets
  • Get-DFSNRoot cmdlet / Querying DFS namespaces
  • Get-DfsrConnection cmdlet / Querying DFS-R groups and settings
  • Get-DfsReplicationGroup cmdlet / Querying DFS-R groups and settings
  • Get-DFSReplicationGroup cmdlet / Querying DFS-R groups and settings
  • Get-DnsServer cmdlet / Changing the listening IP address
  • Get-DnsServerForwarder cmdlet / Working with root hints and forwarders
  • Get-DnsServerRecursion cmdlet
    • about / Enabling or disabling recursion
  • Get-DnsServerResourceRecord cmdlet / Managing A records and PTR records
  • Get-DnsServerRootHint cmdlet / Working with root hints and forwarders
  • Get-DnsServerSetting cmdlet / Changing the listening IP address
  • Get-DnsServerZone cmdlet / Managing DNS zones
  • Get-FSMORoles command
    • about / Querying flexible single-master operation role owners
  • Get-GPOLinkStatus command / Working with links, enforcements, and order of GPOs
  • Get-GPPermission cmdlet
    • about / Working with Group Policy permissions
  • Get-GPResultantSetOfPolicy cmdlet / Collecting RSOP data remotely
  • Get-Help cmdlet
    • about / Creating user accounts
  • Get-QADRootDSE cmdlet / Testing the functionality
  • Get-WindowsFeature cmdlet
    • about / Installing the Group Policy module
    / Installing DFS roles
  • Global Address List/Book (GAL)
    • about / Deleting user accounts
  • Globally Unique Identifier (GUID)
    • about / Querying sites and subnets
  • Global Unique Identifier (GUID) / Querying Group Policies
  • GPMC console
    • installing / Installing the Group Policy module
  • GPO permissions
    • querying / Querying GPO permissions
    • modifying / Modifying GPO permissions
  • GPOs
    • Link Enable status / Working with links, enforcements, and order of GPOs
    • enforcement status / Working with links, enforcements, and order of GPOs
    • link order / Working with links, enforcements, and order of GPOs
  • Graphical User Interface (GUI) tools
    • Active Directory Users and Computers (ADUC) / Creating user accounts
    • Active Directory Administrative Center (ADAC) / Creating user accounts
  • group existence
    • checking / Checking whether a user, group, computer, or an OU exists
  • group membership
    • getting / Getting membership of a user, computer, and group
  • group object information
    • searching / Searching and modifying group object information
    • modifying / Searching and modifying group object information
  • Group Policies
    • querying / Querying Group Policies
    • creating / Creating and linking Group Policies
    • linking / Creating and linking Group Policies
    • updating / Updating Group Policy and generating Resultant Set of Policy
    • links, removing / Removing Group Policy links and objects
    • objects, removing / Removing Group Policy links and objects
  • Group Policy module
    • installing / Installing the Group Policy module
    • cmdlets / Installing the Group Policy module
  • Group Policy permissions
    • working with / Working with Group Policy permissions
    • GPO permissions, querying / Querying GPO permissions
    • GPO permissions, modifying / Modifying GPO permissions
  • Group Policy update
    • triggering remotely / Remotely triggering Group Policy update
    • RSOP data, collecting remotely / Collecting RSOP data remotely
  • groups
    • creating in bulk / Creating groups in bulk, Usage

I

  • Import-DnsServerRootHint cmdlet / Working with root hints and forwarders
  • inactive computers
    • finding / Finding inactive computers in Active Directory, Usage
  • Install-ADDSDomain cmdlet / Adding additional domain controllers
  • Install-ADDSDomainController cmdlet / Adding additional domain controllers
  • Install-ADForest cmdlet / Installing a new domain, Adding additional domain controllers
  • Install-WindowsFeature cmdlet / Installing a new domain, Installing DFS roles
  • Inter-Site Topology Generator (ISTG)
    • about / Creating and modifying sites
  • Internet Assigned Numbers Authority (IANA)
    • about / Working with root hints and forwarders
    • URL / Working with root hints and forwarders
  • Invoke-GPUpdate cmdlet / Remotely triggering Group Policy update

L

  • LastDomainControllerInDomain parameter / Demoting domain controllers and removing domains
  • LocalAdministratorPassword parameter / Demoting domain controllers and removing domains

M

  • Measure-Object cmdlet
    • about / Listing members of a security group in Active Directory
  • members, security groups
    • listing / Listing members of a security group in Active Directory
    • removing / Removing members from an AD group
  • Microsoft Active Directory module
    • about / The Microsoft Active Directory module
    • Active Directory, installing / Installing Active Directory
    • functionality, testing / Testing the functionality
  • MIcrosoft Management Console (MMC)
    • about / Creating OUs
  • Move-ADObject cmdlet
    • about / Moving user accounts to another OU, Moving computer accounts to a different OU, Renaming, moving, and deleting OUs
    • Identity parameter / Moving user accounts to another OU
    • TargetPath parameter / Moving user accounts to another OU
  • MX records
    • about / Creating, modifying, and deleting DNS records

N

  • native method approach, PowerShell
    • using / Using the Native method of PowerShell
  • New-ADComputer cmdlet
    • about / Creating computer accounts
  • New-ADOrganizationalUnit cmdlet
    • about / Creating OUs
  • New-ADReplicationSite cmdlet
    • about / Creating and modifying sites
  • New-ADReplicationSubnet cmdlet
    • about / Creating and modifying subnets
  • New-DFSNFolder cmdlet / Creating the DFS-N root and folders
  • New-DfsnFolderTarget cmdlet / Adding and removing folder targets
  • New-DFSNRoot cmdlet / Creating the DFS-N root and folders
  • New-DfsReplicationGroup cmdlet / Creating a DFS-R group
  • New-GPLink cmdlet / Creating and linking Group Policies
  • New-GPO cmdlet / Creating and linking Group Policies
  • new domain
    • installing / Installing a new domain
    • domain FQDN and NetBIOS name / Installing a new domain
    • domain mode and forest mode / Installing a new domain
    • database path / Installing a new domain
    • logs path / Installing a new domain
    • SYSVOL path / Installing a new domain
    • Safe mode Admin Password / Installing a new domain
  • NS records
    • about / Creating, modifying, and deleting DNS records

O

  • objects
    • moving, from one OU to another / Moving objects from one OU to another, Usage
  • Organizational Units (OUs)
    • managing / Managing Organizational Units
    • searching for / Searching for OUs
    • creating / Creating OUs
    • modifying / Modifying OUs
    • renaming / Renaming, moving, and deleting OUs
    • moving / Renaming, moving, and deleting OUs
    • deleting / Renaming, moving, and deleting OUs
  • OU existence
    • checking / Checking whether a user, group, computer, or an OU exists

P

  • password
    • resetting, for multiple user accounts / Resetting the password for multiple user accounts
  • Password Settings Objects (PSO)
    • about / Managing Fine-Grained Password Policies
  • Policy Settings Container (PSC)
    • about / Managing Fine-Grained Password Policies
  • PowerShell resources
    • about / PowerShell resources
  • Primary Domain Controller (PDC) emulator / Querying Group Policies
  • primary zone, DNS zones
    • about / Managing DNS zones
  • PTR records
    • about / Creating, modifying, and deleting DNS records
    • managing / Managing A records and PTR records

Q

  • Quest
    • about / Installing Quest
    • installing / Installing Quest
  • Quest Active Directory PowerShell cmdlets
    • about / Quest Active Directory PowerShell cmdlets
    • Quest, installing / Installing Quest
    • functionality, testing / Testing the functionality
  • Quest AD module
    • about / Quest Active Directory PowerShell cmdlets
  • Quest AD Snap-in / Installing Quest

R

  • Read-Only Domain Controller (RODC)
    • about / Querying domain controller details
  • recursion
    • about / Enabling or disabling recursion
    • enabling / Enabling or disabling recursion
    • disabling / Enabling or disabling recursion
  • Remote Server Administration Tools (RSAT) / The Microsoft Active Directory module
  • Remove-ADComputer cmdlet
    • about / Deleting computer accounts
  • Remove-ADGroup cmdlet / Deleting a security group
  • Remove-ADGroupMember cmdlet
    • about / Removing members from an AD group
  • Remove-ADOrganizationalUnit cmdlet
    • about / Renaming, moving, and deleting OUs
  • Remove-ADReplicationSite cmdlet
    • about / Removing sites and subnets
  • Remove-ADReplicationSubnet cmdlet
    • about / Removing sites and subnets
  • Remove-ADUser cmdlet
    • about / Deleting user accounts
  • Remove-DfsnFolderTarget cmdlet / Adding and removing folder targets
  • Remove-DfsReplicationGroup cmdlet / Deleting a DFS-R group
  • Remove-DnsServerForwarder cmdlet / Working with root hints and forwarders
  • Remove-DnsServerResourceRecord cmdlet / Managing A records and PTR records
  • Remove-GPLink cmdlet / Removing Group Policy links and objects
  • Remove-WindowsFeature cmdlet / Demoting domain controllers and removing domains
  • Rename-ADObject cmdlet
    • about / Renaming, moving, and deleting OUs
  • replication status, Active Directory
    • obtaining / Obtaining an Active Directory replication status
  • Resolve-Dnsname cmdlet / Managing DNS Clients
  • Resolve-DnsName cmdlet / Managing A records and PTR records, Managing CNAME records
  • resources
    • PowerShell resources / PowerShell resources
    • Active Directory resources / Active Directory resources
  • Restore-ADObject cmdlet / Restoring deleted objects
  • Resultant Set Of Policies (RSOP) data
    • collecting remotely / Collecting RSOP data remotely
  • root hints
    • about / Working with root hints and forwarders
    • configuring, in DNS / Working with root hints and forwarders
    • configuring / Working with root hints and forwarders
  • root hint servers
    • URL / Working with root hints and forwarders
  • RSAT
    • installing / Installing the Remote Server Administration Tool kit

S

  • Search-ADAccount cmdlet
    • about / Moving computer accounts to a different OU
  • secondary zone, DNS zones
    • about / Managing DNS zones
  • security groups
    • different types, creating / Creating different types of security groups
    • group object information, searching / Searching and modifying group object information
    • group object information, modifying / Searching and modifying group object information
    • members, adding / Adding members to a group
    • user accounts, adding / Adding user accounts to groups
    • computer accounts, adding / Adding computer accounts to groups
    • group, adding as member to other / Adding one group as a member to an other
    • members, listing / Listing members of a security group in Active Directory
    • members, removing / Removing members from an AD group
    • deleting / Deleting a security group
  • Set-ADComputer cmdlet
    • about / Setting the description for a computer account
  • Set-ADOrganizationalUnit cmdlet
    • about / Modifying OUs
  • Set-ADReplicationSite cmdlet
    • about / Creating and modifying sites
  • Set-ADReplicationSubnet cmdlet
    • about / Creating and modifying subnets
  • Set-DfsrMembership cmdlet / Creating a DFS-R group
  • Set-DnsServerPrimayZone cmdlet / Managing DNS zones
  • Set-DnsServerRecursion cmdlet
    • about / Enabling or disabling recursion
  • Set-DnsServerResourceRecord cmdlet / Managing A records and PTR records
  • Set-DnsServerResourceRecord cmdlet / Managing A records and PTR records
  • Set-DnsServerSetting cmdlet / Changing the listening IP address
  • Set-GPPermission cmdlet
    • about / Working with Group Policy permissions
  • single-domain environment / Managing domains
  • single-forest environment / Managing domains
  • sites
    • managing / Managing sites and subnets
    • querying / Querying sites and subnets
    • creating / Creating and modifying sites
    • modifying / Creating and modifying sites
    • removing / Removing sites and subnets
  • SOA records
    • about / Creating, modifying, and deleting DNS records
  • SRV records
    • about / Creating, modifying, and deleting DNS records
  • stub zone, DNS zones
    • about / Managing DNS zones
  • subnets
    • managing / Managing sites and subnets
    • querying / Querying sites and subnets
    • creating / Creating and modifying subnets
    • modifying / Creating and modifying subnets
    • removing / Removing sites and subnets
  • SYSVOL / Removing Group Policy links and objects

T

  • Test-ADDSDomainControllerUninstallation cmdlet / Demoting domain controllers and removing domains
  • Test-DnsServer cmdlet / Installing and configuring a DNS server
  • Test-DnsServer cmdlet / Installing a DNS server
  • TIBDC2 / Querying Group Policies

U

  • $UserObj variable
    • about / Updating the description of a user object
  • Uninstall-ADDSDomainController cmdlet / Demoting domain controllers and removing domains
  • user accounts
    • managing / Managing user accounts
    • creating / Creating user accounts
    • bulk user accounts, creating / Creating bulk user accounts
    • enabling / Enabling or disabling user accounts
    • disabling / Enabling or disabling user accounts
    • moving, to another OU / Moving user accounts to another OU
    • deleting / Deleting user accounts
    • adding, to security groups / Adding user accounts to groups
    • creating, in bulk / Bulk creation of user accounts, Usage
    • password expiry date, obtaining / Getting the password expiry date of user accounts, Usage
  • user existence
    • checking / Checking whether a user, group, computer, or an OU exists
  • user membership
    • getting / Getting membership of a user, computer, and group
    • verifying / Verifying whether a user is a member of the given group or not, Usage
  • user properties
    • modifying / Modifying user properties
    • user object description, updating / Updating the description of a user object
    • telephone numbers, updating / Updating the telephone numbers of multiple users

W

  • Windows Development Services (WDS)
    • about / Creating computer accounts