Home » Security » Useful Powershell Active Directory Commands

Useful Powershell Active Directory Commands

Below are the command that can come handy in day to day Active Directory Admin works

Before running in any AD related commands – always run the “Import-Module ActiveDirectory” command

How to Search for AD Locked Accounts

Search-ADAccount -LockedOut –

Adding/removing members from AD Groups

Add-ADGroupMember -Identity “group_name” -Member username
remove-ADGroupMember -Identity “group_name” -Member username

Adding Multiple Users to Groups 

Import-module ActiveDirectory 
Import-CSV "C:\members.csv" | % { 
Add-ADGroupMember -Identity group1 -Member $_.UserName
}
How to get names from AD groups

Get-ADGroupMember -identity "name of the group" -Recursive | select name,objectclass,displayname

How to update CNAMES in DNS using a powershell script

$cnames = Import-Csv c:\cnames.csv
ForEach($cname in $cnames){
 Write-Host -ForegroundColor Yellow "Creating CNAME: "$cname.alias
 Add-DnsServerResourceRecordCName -Name $cname.name -HostNameAlias $cname.alias
 } 

Hot to get AD groups that start with certain words

Get-ADGroup -FILTER {name -like “*test*”} -Properties Description | Select name, description

How to get the list of all the domain controllers in the forest

$getDC = (Get-ADForest).Domains | %{ Get-ADDomainController -Filter * -Server $_ }

Leave a Reply

Your email address will not be published. Required fields are marked *

*
*