Note: These commands were made for Powershell V4, to check your version , type $PSVersionTable.PSVersion in your console.
Run Powershell as administrator.
The first cmdlet is used to verify if the the Active Directory module for Powershell is installed. The command bellow can be used
Get-Module -name ‘*active*‘ -ListAvailable
If it is available it should return the print-screen below.
Then a few commands can be used to get information about Active Directory objects.
Let´s imagine that you need to report all locked accounts every morning to check for any signs brute force login attempts.
Search-ADAccount -LockedOut
This command will show all the AD accounts currently locked out
Unlock-ADAccount “Username”
Replace Username with the SAMAccountName and the user will be unlocked
If a granular report regarding a group’s members then the command below is useful
Get-ADGroupMember -Identity “GroupName”| select Name,Samaccountname
Replace GroupName with the desired name and it will return the name and username
To know all the groups or access right for a user this command is used.
Get-ADPrincipalGroupMembership “SAMAccountName” | select name,samaccountname
Replace SAMAccountName with the username
To quickly enable or disable user, computers,etc..
Enable-ADAccount -Identity “SAMAccountName”
or
Disable-ADAccount -Identity “SAMAccountName”
Replace SAMAccountName with the username
If we need to find groups or users it also possible to have broader search results.
Get-ADUser -Filter {name -like “*Name*“}
Get-ADGroup -Filter {name -like “*Name*“}
Get-ADComputer -Filter {name -like “*Name*“}
Replace name with the string/name you are looking for
Get-ADUser -Filter {name -like “*Name*“}|select name
Get-ADGroup -Filter {name -like “*Name*“} |select name
Get-ADComputer -Filter {name -like “*Name*“} |select name
Replace name with the string/name you are looking for ( This will only display a list of names)
