Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Automating ad with powershell

655 views

Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Automating ad with powershell

  1. 1. Automating AD Administration in Windows PowerShell Don Jones Senior Partner & Principal Technologist Concentrated Technology, LLC
  2. 2. This slide deck was used in one of our many conference presentations. We hope you enjoy it, and invite you to use it within your own organization however you like. For more information on our company, including information on private classes and upcoming conference appearances, please visit our Web site, www.ConcentratedTech.com . For links to newly-posted decks, follow us on Twitter: @concentrateddon or @concentratdgreg This work is copyright ©Concentrated Technology, LLC
  3. 3. CAUTION: DEMOS AHEAD <ul><li>This is a demonstration-intensive session (very few slides) </li></ul><ul><li>I will capture a shell transcript and save all of my scripts </li></ul><ul><li>You can download these (in a week or so) from ConcentratedTech.com (there ’s a “Conference Materials” link in the menu) </li></ul> • Don Jones • ConcentratedTech.com
  4. 4. Two Choices <ul><li>Microsoft ’s cmdlets </li></ul><ul><ul><li>Introduced in Win2008R2 </li></ul></ul><ul><ul><li>Usable against 2003+ (w/Gateway add-on) </li></ul></ul><ul><ul><li>Runs only on Win7/2008R2 </li></ul></ul><ul><ul><li>No access to custom/RDS attributes or ADLDS </li></ul></ul><ul><ul><li>Extensive pipeline input support </li></ul></ul><ul><li>Quest ’s cmdlets </li></ul><ul><ul><li>Third-party </li></ul></ul><ul><ul><li>Usable against 2003+ </li></ul></ul><ul><ul><li>Runs on XP+ </li></ul></ul><ul><ul><li>Access to all attributes and ADLDS </li></ul></ul><ul><ul><li>Lesser pipeline input support </li></ul></ul> • Don Jones • ConcentratedTech.com
  5. 5. Loading the Add-Ins <ul><li>Find Add-In Name </li></ul><ul><ul><li>Get-Module -list </li></ul></ul><ul><ul><li>Get-PSSnapin -reg </li></ul></ul><ul><li>Load Add-In </li></ul><ul><ul><li>Import-Module name </li></ul></ul><ul><ul><li>Add-PSSnapin name </li></ul></ul><ul><li>Check new commands </li></ul><ul><ul><li>Gcm –module name </li></ul></ul><ul><ul><li>Gcm –pssnapin name </li></ul></ul><ul><li>Ask for help </li></ul><ul><ul><li>Help command-name </li></ul></ul> • Don Jones • ConcentratedTech.com
  6. 6. Pipeline Parameter Binding <ul><li>Use Import-CSV to import a CSV file </li></ul><ul><li>Column headers become property names </li></ul><ul><li>If property names match pipeline-bound parameter names, you can feed the CSV directly to the next cmdlet </li></ul><ul><li>Demo – create new users with 2 commands on a single line! </li></ul><ul><li>How to look for pipeline parameter binding in cmdlets ’ help </li></ul> • Don Jones • ConcentratedTech.com
  7. 7. You Need This: DN Format <ul><li>Ou=Organizational unit </li></ul><ul><li>Cn=Canonical Name </li></ul><ul><li>Dc=Domain </li></ul><ul><li>Cn=JohnD,ou=Sales,dc=microsoft,dc=com </li></ul><ul><li>Ou=East,Ou=IT,dc=company,dc=pri </li></ul> • Don Jones • ConcentratedTech.com
  8. 8. Filtering Criteria <ul><li>-eq (Equals) </li></ul><ul><li>-like (* wildcard permitted) </li></ul><ul><li>-ne (Not Equal) </li></ul><ul><li>-gt / -lt (Greater/Less Than) </li></ul><ul><li>-ge / -le (Greater/Less Than or Equal) </li></ul><ul><li>-Filter is mandatory on MS cmdlets; used with major Get- cmdlets. –Filter * returns all. </li></ul><ul><li>Filter Left! </li></ul> • Don Jones • ConcentratedTech.com
  9. 9. Properties <ul><li>Subset of properties usually returned by default </li></ul><ul><li>Pipe to GM to see all </li></ul><ul><li>Use parameters to specify additional desired properties (differs between MS and Quest) – be aware of increased load to do so </li></ul> • Don Jones • ConcentratedTech.com
  10. 10. Common Tasks <ul><li>Bulk-set an attribute for a bunch of users </li></ul><ul><li>Get all computers based on password age </li></ul><ul><li>Setting an account password </li></ul><ul><li>Making a new OU </li></ul><ul><li>Moving a user account to a different OU </li></ul><ul><li>Remember: The cmdlet focus is on bulk and repetitive common tasks </li></ul><ul><li>Quest cmdlets have greater coverage than MS cmdlets v1 </li></ul> • Don Jones • ConcentratedTech.com
  11. 11. Security + Drives <ul><li>The MS module maps an AD: drive </li></ul><ul><li>You can map additional drives to other domains </li></ul><ul><li>The credentials used to map the drive will be used by any cmdlets run while you are “in” that drive </li></ul><ul><li>Nice way to avoid having to constantly use the –credential parameter with the cmdlets! </li></ul><ul><li>But the drive itself can be a bit tricky to use… </li></ul> • Don Jones • ConcentratedTech.com
  12. 12. -PassThru <ul><li>Forces a cmdlet that sets or creates an object to also output that same object to the pipeline </li></ul><ul><li>Enables longer command sequences </li></ul> • Don Jones • ConcentratedTech.com
  13. 13. -WhatIf, -Confirm <ul><li>Implemented by most cmdlets that modify something </li></ul><ul><li>(can) Prevent the module from doing whatever it normally does – also prevents it from outputting anything </li></ul><ul><li>Typically can only be used with the last cmdlet on the command line (since it prevents output from being created) </li></ul> • Don Jones • ConcentratedTech.com
  14. 14. Common Options (MS cmdlets) <ul><li>-SearchBase </li></ul><ul><li>-SearchScope </li></ul> • Don Jones • ConcentratedTech.com
  15. 15. GPO <ul><li>Let ’s also take a look at the GPO module in Win2008R2 </li></ul> • Don Jones • ConcentratedTech.com
  16. 16. Final Notes… <ul><li>Please be sure to submit a session evaluation form! </li></ul><ul><li>Download slides & materials from www.ConcentratedTech.com within one week! </li></ul><ul><li>Blog, URLs, and other information is also available at www.ConcentratedTech.com for your reference </li></ul><ul><li>More resources on www.ShellHub.com </li></ul><ul><li>Thank you very much! </li></ul> • Don Jones • ConcentratedTech.com
  17. 17. This slide deck was used in one of our many conference presentations. We hope you enjoy it, and invite you to use it within your own organization however you like. For more information on our company, including information on private classes and upcoming conference appearances, please visit our Web site, www.ConcentratedTech.com . For links to newly-posted decks, follow us on Twitter: @concentrateddon or @concentratdgreg This work is copyright ©Concentrated Technology, LLC

×