Enjoy a fast, responsive and cost effective Remote IT Support service to solve your IT issues quickly and with the minimum of fuss.Focused on building innovative solutions that create value for businesses and consumers. Our solutions are built around the following three founding principles - Unique Technology; Distinctive Information / Content; and Innovative Services. Our solutions combine these three, leverage our global services delivery capabilities and ensure that we are able to provide unmatched, superior resolution to specific customer problems.


Techmantra

Wednesday, 23 August 2017

ACTIVE DIRECTORY: MANAGING USERS AND GROUPS WITH POWERSHELL


Automate Active Directory PowerShell scripts


"To use the Microsoft cmdlets, you must have a Windows Server 2008 R2 domain controller (DC), or you can download and install the Active Directory Management Gateway Service on legacy DCs."


Download Remote Server Administration Tools on client machine

Open Programs in Control Panel and select Turn Windows Features On or Off. Scroll down to Remote Server Administration Tools and expand Role Administration Tools D DS and AD LDS Tools > Active Directory Module for Windows PowerShell. Enable Active Directory Module.


Open the PowerShell console and type the following command to see which commands are in the module:

PS> Get-Command -Module ActiveDirectory


"User name Taken for the below commands -Tmantra"

 

·       Find Users


PS> Get-AdUser -Identity 'Tmantra'

·       Create Users

$NewUserParameters = @{
    'GivenName' = 'Tech'
    'Surname' = 'Mantra'
    'Name' = 'Tmantra'
    'AccountPassword' = (ConvertTo-SecureString 'p@$$w0rd10' -AsPlainText -Force)
    'ChangePasswordAtLogon' = $true
}

New-AdUser @NewUserParameters

·       Add users to Groups


Add-AdGroupMember -Identity 'Manager' -Members 'Tmantra'

·       Delete a User

Remove-ADUser Tmantra -whatif

·       Reset a User Password


PS C:\> $newpwd = Read-Host "Enter the new password" -AsSecureString


 Enter the new password:


PS C:\> Set-ADAccountPassword Tmantra -NewPassword $newpwd –Reset


·       Disable and Enable User account


PS C:\> Disable-ADAccount Tmantra

PS C:\> Enable-ADAccount Tmantra

·       Unlock User Account


PS C:\> Unlock-ADAccount Tmantra

Automate Creation of Users

We can combine these commands when the human resources department provides a CSV file that lists new users to create in Active Directory. The CSV file might look like this:

"FirstName","LastName","UserName"
"Adam","Bertram","abertram"
"Joe","Jones","jjones"

To create these users, write a script that invokes the New-AdUser command for each user in the CSV file. Use the built-in Import-Csv command and a foreach loop in PowerShell to go through the file and give users the same password.

Import-Csv -Path C:\Employees.csv | foreach {
    $NewUserParameters = @{
        'GivenName' = $_.FirstName
        'Surname' = $_.LastName
        'Name' = $_.UserName
        'AccountPassword' = (ConvertTo-SecureString 'p@$$w0rd10' -AsPlainText -Force)
    }

    New-AdUser @NewUserParameters
}


at

No comments:

Post a Comment

Note: only a member of this blog may post a comment.

Popular Posts

0x00000709 How to Fix “Operation could not be completed error” Error When Installing Shared Printer? Windows 11 22h2

  0x00000709 How to Fix “Operation could not be completed error” Error When Using Shared Printer? Windows 11 22h2 1. Via Group Policy Press ...

Popular Posts

Search This Blog

About

Enjoy a fast, responsive and cost effective Remote IT Support service to solve your IT issues quickly and with the minimum of fuss.Focused on building innovative solutions that create value for businesses and consumers. Our solutions are built around the following three founding principles - Unique Technology; Distinctive Information / Content; and Innovative Services. Our solutions combine these three, leverage our global services delivery capabilities and ensure that we are able to provide unmatched, superior resolution to specific customer problems.