PowerShell for Windows Admins:

Active Directory


November 18, 2016  5:14 AM

Changing the samAccountName

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

I was recently asked how the samAccountName – also referred to as the login id – could be changed. First lets look at an account: PS C:\Scripts> Get-ADUser -Identity 'FredFox' DistinguishedName : CN=FOX...

November 17, 2016  8:18 AM

Creating test accounts in Active Directory

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

There’s often a need to create test accounts in AD. You may want to create a a set of test accounts or if you have a demo/test lab you may need accounts in that. Creating the names for the accounts is a pain unless you go down the test1, test2 etc route. One way to real looking names is I use...


November 5, 2016  10:59 AM

Creating a new AD forest

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell, Windows Server 2016

As I’ve completely rebuilt my demo/lab machine I need to re-create the Active Directory This is now so simple even on a server core machine First install the roles and features needed Add-WindowsFeature -Name AD-Domain-Services, RSAT-AD-PowerShell, DNS, RSAT-DNS-Server, DHCP,...


July 18, 2016  4:49 AM

Manning Deal of the Day 19 July 2016

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Books

Deal of the Day July 19: Half off my book Learn Active Directory Management in a Month of Lunches. Use code dotd071916au at http://bit.ly/2a8jroO For more information on Manning’s Deal of the Day see -  


February 24, 2016  1:14 PM

Get-ADUser quirk

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

Came across an interesting quirk of the way Get-ADUser works. If you use the –Identity parameter and tell it to find a specific user PS> Get-ADUser -Identity dontexist Get-ADUser : Cannot find an object with identity: 'dontexist' under: 'DC=Manticore,DC=org'. At line:1 char:1 +...


February 6, 2016  6:11 AM

Not the comma!

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

There is a habit among some AD administrators to create their users so that the name is surname, firstname - Note the comma between the two names. As an example the name would be Brown, Bill instaead of Bill Brown If you’re just using the GUI tools it doesn’t matter too much and has...


February 4, 2016  7:47 AM

Some thoughts on finding a users OU

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

Back in this post http://itknowledgeexchange.techtarget.com/powershell/discovering-a-users-ou/ I showed how to get the...


February 2, 2016  8:15 AM

AD Management MoL Deal – – 3 February 2016

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Books, Powershell

My Learn Active Directory Management in a Month of Lunches will be part of Manning’s Deal of the Day on 3 February 2016. Half off my book Learn Active Directory Management in a Month of Lunches. Use code dotd020316au at


January 27, 2016  9:37 AM

Which filter

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

Get-ADUser has 2 filter parameters. The –Filter takes a PowerShell syntax filter e.g. Get-ADUser -Filter {Name -eq 'Richard'} The –LDAPfilter takes an LDAP search filter e.g. Get-ADUser -LDAPFilter "(Name=Richard)" Mixing them up will ensure you don’t get the results you...


January 18, 2016  1:44 PM

Setting external time source in AD

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

The PDC emaulator in the root domain of your AD forest should point to an external time source. For some odd reason the PDC emulator in my lab wasn’t doing that. Easily remedied: ## ## set external time source ## set server type to NTP Set-ItemProperty -Path...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: