Z@RAYS

Always A-HEAD, By being ahead you are always master of time

Hits

BOOKS

Labels

Showing posts with label Active Directory. Show all posts
Showing posts with label Active Directory. Show all posts

Sunday, February 04, 2007

[DSQuery]-With PowerShell

[DSQuery]-With PowerShell

Below post talks about querying AD. However before you go through this post I strongly recommend you go through below link from

MOW : - http://mow001.blogspot.com/2006/09/powershell-rc2-and-active-directory.html

Let me admit it that below post are original ideas and concept by MOM, here at the most I using better formatting and pulling out corollary out of it.


Connect to AD

[adsi]''
$root=[adsi]'' or $root=new-object directoryservices.directoryentry


List properties of AD Objects

$root fl *


List methods of AD Objects

$root.psbase gm -membertype method # Get all methods

Walk to the Domain structure to wanted OU

$root.psbase.Children

distinguishedName
-----------------
{CN=Builtin,DC=Zarays,DC=com}
{CN=Computers,DC=Zarays,DC=com}
{OU=Domain Controllers,DC=Zarays,DC=com}
{CN=ForeignSecurityPrincipals,DC=Zarays,DC=com}
{OU=France,DC=Zarays,DC=com}
{OU=India,DC=Zarays,DC=com}
{CN=Infrastructure,DC=Zarays,DC=com}
{CN=LostAndFound,DC=Zarays,DC=com}
{CN=NTDS Quotas,DC=Zarays,DC=com}
{CN=Program Data,DC=Zarays,DC=com}
{OU=Singapore,DC=Zarays,DC=com}
{CN=System,DC=Zarays,DC=com}
{OU=UK,DC=Zarays,DC=com}
{CN=Users,DC=Zarays,DC=com}

$users=$root.psbase.children.find('CN=Users') or $users=new-object directoryservices.directoryentry("LDAP://CN=Users,DC=Zarays,DC=com")

-To get properties of user containers

$users fl *

-To find user in a container

$users.psbase.Children.Find('cn=Preetam')

$users.psbase.Children.Find('cn=Preetam') fl *

Corollary 01

Lets use this feature.

$preetam=$users.psbase.Children.Find('cn=Preetam')

$shilpa=$users.psbase.Children.Find('cn=shilpa')

Compare-Object $preetam.memberOf $shilpa.memberOf

Output is

InputObject SideIndicator
----------- -------------
CN=Domain Admins,CN=Users,DC=Zarays,DC=com <=
CN=Enterprise Admins,CN=Users,DC=Zarays,DC=com <=
CN=Schema Admins,CN=Users,DC=Zarays,DC=com <=

Which means Shilpa is not member of above group

Corollary 02

$OU=new-object directoryservices.directoryentry("LDAP://ou=Singapore,dc=zarays,dc=com")

$b=$ou.psbase.children
foreach($c in $b) {
$c.mail
}

output is Email address of all users inside OU singapore. And these address are generally required when you need to communicate back with your colleagues when you leave you current job cool

Posted by PReetamZ at 1:37 PM 0 comments

Labels: ,

Friday, February 02, 2007

ACTIVE DIRECTORY AND POWERSHELL

I want to devote this and may be next month on Active directory and powershell.Just a simple search on google will lead you to very good posts by MOW.

I checked the datestamps and they where way back mid 2006.It is the best thing to start. Also Arul writes a lot on Ad mgmt. But lots of things changed with RC2. I'm looking forward to put same stuff in better format. And these are not only reference but there are lots articles on AD. However I'm looking forward to use powershell's power get proper format, in short MOre with less.

Broadly speaking there are always two things you do with Active directoy, Querying AD and committing changes to AD.

Both of these are very very interesting and I'm loving it with powershell by your side.

Within System.DirectoryServices there are two main classess

  • DirectoryEntry for creating objects [Committing changes]
  • DirectorySearcher for searching objects [Querying]

Let first create OU's

Out of it I got little things done by myself. I have created multiple OU's in one go.

$objUser = [ADSI]"LDAP://localhost:389/Ou=India,dc=zarays,dc=com" # Connection established with LDAP port
$readfile=get-content "E:PowerShellActiveDirectoryOUList.txt" # Reading file

foreach($readf in $readfile) {
$ou=$objUser.create("organizationalunit", "ou=$readf") #Creating OU
$ou.setinfo() # Committing changes
}

Following OU's are created assuming India ou is already there

  • Bangalore
  • Chennai
  • NewDelhi
  • Mumbai

Let's edit properties of OU here

$readfile=get-content "E:PowerShellActiveDirectoryOUList.txt"
foreach($ou in $readfile) {
$u=$ou + " Operations"
$OUC=new-object directoryservices.directoryentry("LDAP://OU=$ou,OU=India,Dc=zarays,dc=com") #connect to OU
$ouc
$oUc.Put("description", $u) #Description but there is one more way to do this.
$oUc.SetInfo() # very important line, this where you says please commit what has been said above.
}

Descriptions changes to

  • Bangalore Operations
  • Chennai Operations
  • NewDelhi Operations
  • Mumbai Operations


Contents of oulist.txt

  • Bangalore
  • Chennai
  • NewDelhi
  • Mumbai

REF:

MOW

http://mow001.blogspot.com/2006/06/powershel-and-active-directory-part-1.html

ARULK

http://blogs.msdn.com/arulk/

Posted by PReetamZ at 9:53 PM 0 comments

Labels: ,

Subscribe to: Posts (Atom)