Sunday, December 7, 2014

Review a MVA course (Using PowerShell for Active Directory) Module 3

As previous post, Review a MVA course (Using PowerShell for Active Directory) Module 1 and 2, I made some notes for Module 1 and 2 of Using PowerShell for Active Directory when I was watching this MVA course. I'm going to watch and make some notes for Module 3.

Module 3
In this module, Jason and Ashley started to talk about query information from Active Directory. Basically, we can use 3 types of filter of Get-ADUser which are filter, Identity and Ldapfilter to query Ad user. The interesting thing is we can combine commands and PowerShell cmdlets to get the output like "Get-ADUser -Identity (whoami /user /fo csv | ConvertFrom-Csv | Select-Object -ExpandProperty SID)" to get the SID information of the current user.

Then, they talked about the scope for Active Directory query. "Get-ADRootDSE", "Get-ADDomain" and "Get-ADForest" are the method to limit the scope because we can use a property of these results to let us query Active Directory easily.

After that, they did demonstrations to Active Directory information by performing "Get-ADRootDSE", "Get-ADDomain" and "Get-ADForest".

Finally, they did a demonstration to find a nested member of a group by performing Get-AD User -Filter "memberof  -RecursiveMatch '$((Get-ADGroup "Domain Admins").DistinguishedName)'" -SearchBase $((Get-ADUser Guest).DistinguishedName).

Remark: All PowerShell scripts were written by Ashley McGlone. You can download the scripts from the following web site.

Microsoft Virtual Academy: Using PowerShell fort Active Directory

For more information:
Using PowerShell for Active Directory

Goatee PFE
This posting is provided “AS IS” with no warranties, and confers no rights!

No comments:

Post a Comment