PowerShell for Windows Admins:

Active Directory


January 27, 2016  9:37 AM

Which filter

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

Get-ADUser has 2 filter parameters. The –Filter takes a PowerShell syntax filter e.g. Get-ADUser -Filter {Name -eq 'Richard'} The –LDAPfilter takes an LDAP search filter e.g. Get-ADUser -LDAPFilter "(Name=Richard)" Mixing them up will ensure you don’t get the results you...

January 18, 2016  1:44 PM

Setting external time source in AD

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

The PDC emaulator in the root domain of your AD forest should point to an external time source. For some odd reason the PDC emulator in my lab wasn’t doing that. Easily remedied: ## ## set external time source ## set server type to NTP Set-ItemProperty -Path...


December 17, 2015  1:31 PM

Outputting AD data to CSV

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

Back in this post 0 Comments     RSS Feed     Email a friend


August 30, 2015  10:50 AM

Manning Deal of the Day–31 August 2015

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

Deal of the Day August 31: Half off my book Learn Active Directory Management in a Month of Lunches. Use code dotd083115au at


July 22, 2015  8:04 AM

Using parameters instead of read-host when getting AD replication data

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

I’ve seen a lot of scripts recently that use Read-Host to get input data.  This is generally not best practice – I tend to only use Read-Host if I want to get a password and obscure the text on screen. A better practice is to use parameters – either in a function or a script. As an...


July 17, 2015  12:37 PM

get-computerDN–dealing with non-existant computers

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

If you look at the working part of the code to discover the distinguished name of a computer: £> $computer = 'w12r2sus' £> $filter = “(&(objectCategory=computer)(objectClass=computer)(cn=$computer))” £>...


July 16, 2015  12:47 PM

get-computerDN function

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

Last time I showed a bare bones function for using [adsisearcher] to retrieve the distinguished name of a domain computer. This is a somewhat expanded version of that function which adds in the sorts of features you’d want for a production ready function. function get-computerDN...


July 15, 2015  1:54 PM

ADSIsearcher returns

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

I’ve been using the Microsoft AD cmdlets (and before that the Quest cmdlets) for so long that I’d sort of forgotten about [adsisearcher]. It was introduced in PowerShell 2.0 and is a shortcut for System.DirectoryServices.DirectorySearcher A question in the forum about using this remotely...


July 2, 2015  1:20 PM

Processing NULL AD values

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

Back in this post 0 Comments     RSS Feed     Email a friend


July 1, 2015  8:13 AM

Domain Admins password last set

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

A recent question on the forums asked about getting the date a password was last set and the password never expires status for the domain admins group This is one way of doing it Get-ADGroupMember -Identity 'Domain Admins' | foreach { Get-ADUser -Identity $psitem.samAccountName -Properties...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: