1#How to check Powershell Version?
$host.Version.Major
OR
$psversiontable
OR
:::::::::Microsoft Powershell:::::::
Get-Host | Select-Object Version
2#How to find Users from an OU using ADSI?
$test =
[adsi] "LDAP://localhost:389/ou=test,dc=contoso,dc=COM"
$searcher = [adsisearcher] $test
$searcher.Filter = '(objectClass=User)'
$searcher.FindAll()
3#All AD Users All attrs.
Get-ADUser -F * -PR * | Export-Csv Usersreports.csv -NoTypeInformation
4#How to find Locked out accounts?
search-adaccount -u -l | ft name,lastlogondate -auto
4A#To unlock an account
Unlock-ADAccount -Identity Shanky
5#Finding the Lockout Events
#Windows 2008
Get-EventLog -log Security | ? EventID -EQ 4740
#Windows 2003
Get-EventLog -log Security | ? EventID -EQ 644
6#Find some specific attributes for an OU users
get-aduser -f * -Searchbase "ou=powershell,dc=contoso,dc=com" -pr SamAccountName,PasswordExpired,whenChanged,UserPrincipalName
7#Find some specific attributes using input file
get-content c:\users.txt | get-aduser -pr SamAccountName,PasswordExpired,whenChanged,UserPrincipalName
8#How to reset the passwords for some specific users
get-content c:\users.txt | get-aduser | Set-ADAccountPassword -NewPassword (ConvertTo-SecureString -AsPlainText monster@me123 -Force)
9#How to update the manager field for bulk users?
get-content c:\users.txt | get-aduser | Set-ADUser -Manager "shanky"
10#How to update "ProfilePath","homeDrive" & "HomeDirectory" based on a input file?
Get-Content users.txt | ForEach-Object {
Set-ADUser -Identity $_ -ProfilePath "\\WIN-85IOGS94Q68\profile\$_" -homedrive "Y:" -homedirectory "\\WIN-85IOGS94Q68\netshare\$_"
}
11#Find Users exist in AD or Not?
$users = get-content c:\users.txt
foreach ($user in $users) {
$User = Get-ADUser -Filter {(samaccountname -eq $user)}
If ($user -eq $Null) {"User does not exist in AD ($user)" }
Else {"User found in AD ($user)"}
}
12#Find users are enabled and have E-Mail and Homedirectory and PasswordExpired -eq false)}
PS C:\> Get-ADUser -Filter {(enabled -eq $true) -and (EmailAddress -like "*") -and (Homedirectory -like "*") -and (PasswordExpired -eq $false)}
13#Also finding the Groupmembership.
PS C:\> Get-ADUser -Filter {(enabled -eq $true) -and (EmailAddress -like "*") -and (Homedirectory -like "*") -and
(PasswordExpired -eq $false) -and (MemberOf -eq "CN=rock2,OU=win7,DC=Jaihanuman,DC=net")}
14#ProtectedFromAccidentalDeletion for all the users
Get-ADObject -filter {(ObjectClass -eq "user")} | Set-ADObject -ProtectedFromAccidentalDeletion:$true
15# How to find the users property using ADSI.
$users1=[ADSI]"LDAP://cn=copy,cn=users,dc=contoso,dc=com"
$users1 | select *
16#search-adaccount (Accounts Disable,inactive)
search-adaccount (Accounts Disable,inactive)
search-adaccount -u -accountd -searchb "ou=test,dc=contoso,dc=com"
search-adaccount -u -accountd
search-adaccount -u -accounti -t "90"
search-adaccount -u -accounti -da "28 feb 2013"
17# Enable Bulk AD user accounts based on a input file
Cat c:\users.txt | get-aduser | Enable-ADAccount
18# Disabled Bulk AD user accounts based on a input file
Cat c:\users.txt | get-aduser | Disable-ADAccount
::::::::Quest Powershell:::::::::
1#Find the Disabled members from multiple GROUPS.
Get-Content c:\groups.txt | ForEach-Object {
Get-QADGroupMember $_ -Disabled
}
2#Find the E-MAILs of Users form an particular OU
get-QADuser -SearchRoot 'contoso.com/test' | select samaccountname,mail
Reference - Miscrosoft Technet
$host.Version.Major
OR
$psversiontable
OR
:::::::::Microsoft Powershell:::::::
Get-Host | Select-Object Version
2#How to find Users from an OU using ADSI?
$test =
[adsi] "LDAP://localhost:389/ou=test,dc=contoso,dc=COM"
$searcher = [adsisearcher] $test
$searcher.Filter = '(objectClass=User)'
$searcher.FindAll()
3#All AD Users All attrs.
Get-ADUser -F * -PR * | Export-Csv Usersreports.csv -NoTypeInformation
4#How to find Locked out accounts?
search-adaccount -u -l | ft name,lastlogondate -auto
4A#To unlock an account
Unlock-ADAccount -Identity Shanky
5#Finding the Lockout Events
#Windows 2008
Get-EventLog -log Security | ? EventID -EQ 4740
#Windows 2003
Get-EventLog -log Security | ? EventID -EQ 644
6#Find some specific attributes for an OU users
get-aduser -f * -Searchbase "ou=powershell,dc=contoso,dc=com" -pr SamAccountName,PasswordExpired,whenChanged,UserPrincipalName
7#Find some specific attributes using input file
get-content c:\users.txt | get-aduser -pr SamAccountName,PasswordExpired,whenChanged,UserPrincipalName
8#How to reset the passwords for some specific users
get-content c:\users.txt | get-aduser | Set-ADAccountPassword -NewPassword (ConvertTo-SecureString -AsPlainText monster@me123 -Force)
9#How to update the manager field for bulk users?
get-content c:\users.txt | get-aduser | Set-ADUser -Manager "shanky"
10#How to update "ProfilePath","homeDrive" & "HomeDirectory" based on a input file?
Get-Content users.txt | ForEach-Object {
Set-ADUser -Identity $_ -ProfilePath "\\WIN-85IOGS94Q68\profile\$_" -homedrive "Y:" -homedirectory "\\WIN-85IOGS94Q68\netshare\$_"
}
11#Find Users exist in AD or Not?
$users = get-content c:\users.txt
foreach ($user in $users) {
$User = Get-ADUser -Filter {(samaccountname -eq $user)}
If ($user -eq $Null) {"User does not exist in AD ($user)" }
Else {"User found in AD ($user)"}
}
12#Find users are enabled and have E-Mail and Homedirectory and PasswordExpired -eq false)}
PS C:\> Get-ADUser -Filter {(enabled -eq $true) -and (EmailAddress -like "*") -and (Homedirectory -like "*") -and (PasswordExpired -eq $false)}
13#Also finding the Groupmembership.
PS C:\> Get-ADUser -Filter {(enabled -eq $true) -and (EmailAddress -like "*") -and (Homedirectory -like "*") -and
(PasswordExpired -eq $false) -and (MemberOf -eq "CN=rock2,OU=win7,DC=Jaihanuman,DC=net")}
14#ProtectedFromAccidentalDeletion for all the users
Get-ADObject -filter {(ObjectClass -eq "user")} | Set-ADObject -ProtectedFromAccidentalDeletion:$true
15# How to find the users property using ADSI.
$users1=[ADSI]"LDAP://cn=copy,cn=users,dc=contoso,dc=com"
$users1 | select *
16#search-adaccount (Accounts Disable,inactive)
search-adaccount (Accounts Disable,inactive)
search-adaccount -u -accountd -searchb "ou=test,dc=contoso,dc=com"
search-adaccount -u -accountd
search-adaccount -u -accounti -t "90"
search-adaccount -u -accounti -da "28 feb 2013"
17# Enable Bulk AD user accounts based on a input file
Cat c:\users.txt | get-aduser | Enable-ADAccount
18# Disabled Bulk AD user accounts based on a input file
Cat c:\users.txt | get-aduser | Disable-ADAccount
::::::::Quest Powershell:::::::::
1#Find the Disabled members from multiple GROUPS.
Get-Content c:\groups.txt | ForEach-Object {
Get-QADGroupMember $_ -Disabled
}
2#Find the E-MAILs of Users form an particular OU
get-QADuser -SearchRoot 'contoso.com/test' | select samaccountname,mail
Reference - Miscrosoft Technet
No comments:
Post a Comment