As previous post, Review a MVA course (Using PowerShell for Active Directory) Module 1 and 2, I made some notes for Module 1 and 2 of Using PowerShell for Active Directory when I was watching this MVA course. I'm going to watch and make some notes for Module 3.
Module 3
In this module, Jason and Ashley started to talk about query information from Active Directory. Basically, we can use 3 types of filter of Get-ADUser which are filter, Identity and Ldapfilter to query Ad user. The interesting thing is we can combine commands and PowerShell cmdlets to get the output like "Get-ADUser -Identity (whoami /user /fo csv | ConvertFrom-Csv | Select-Object -ExpandProperty SID)" to get the SID information of the current user.
Then, they talked about the scope for Active Directory query. "Get-ADRootDSE", "Get-ADDomain" and "Get-ADForest" are the method to limit the scope because we can use a property of these results to let us query Active Directory easily.
After that, they did demonstrations to Active Directory information by performing "Get-ADRootDSE", "Get-ADDomain" and "Get-ADForest".
Finally, they did a demonstration to find a nested member of a group by performing Get-AD User -Filter "memberof -RecursiveMatch '$((Get-ADGroup "Domain Admins").DistinguishedName)'" -SearchBase $((Get-ADUser Guest).DistinguishedName).
Remark: All PowerShell scripts were written by Ashley McGlone. You can download the scripts from the following web site.
Microsoft Virtual Academy: Using PowerShell fort Active Directory
For more information:
Using PowerShell for Active Directory
Goatee PFE
Remark: All PowerShell scripts were written by Ashley McGlone. You can download the scripts from the following web site.
Microsoft Virtual Academy: Using PowerShell fort Active Directory
For more information:
Using PowerShell for Active Directory
Goatee PFE
Related posts:
This posting is provided “AS IS” with no warranties, and confers no rights!
No comments:
Post a Comment