PowerShell for Windows Admins:

Active Directory


March 22, 2019  5:11 AM

Putting user information into computer description

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

I was recently asked how to add user information – specifically first and last name – into  computer description in Active Directory.   First get your user $user = Get-ADUser -Identity FredBrown   Then add the information to the computer’s...

November 22, 2018  7:19 AM

Moving FSMO roles in PowerShell v6.1.1

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

With the Windows Server 2019 media now being available again it’s time to move my test lab over to the new version. I’d built a Windows Server 2019 VM and installed PowerShell v6.1.1. I discovered that in Server 2019 and the Windows 10 October 2018 update that the AD module worked in PowerShell...


November 16, 2018  9:40 AM

Active Directory cmdlets in PowerShell v6.1.1

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

Just discovered that you can run the Active Directory cmdlets in PowerShell v6.1.1 BUT there is a huge caveat.   The Windows 10 October 2018 (Windows 10 1809) update includes the RSAT tools (including the AD tools) as optional features. This means that you can easily install the AD...


January 4, 2018  8:45 AM

Windows Compatibility Pack

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

As reported last month the Windows Compatibility Pack for .NET core is available. This adds back some of the functionality missing from .NET core. This functionality is ONLY of relevance on Windows machines. A PowerShell module based on the Compatibility Pack is in the works – this will add...


November 27, 2017  12:10 PM

Get an AD user’s manager

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

Interesting question on the forum about finding the manager for a given user in AD – assuming the Manager field is populated of course. If you’ve not worked with the AD cmdlets this is a good introduction to some of their quirks. This is how you get an AD user’s manager. You need the...


August 30, 2017  8:59 AM

Comparing AD group membership on EmployeeId

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

Back in this post - https://itknowledgeexchange.techtarget.com/powershell/comparing-group-membership/ I showed how to compare the membership of two groups using Compare-Object. The comparison was based on the samAccountName. A question raised the issue of comparing AD group membership on...


August 9, 2017  4:59 AM

Get-ADUser filtering

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

Saw a question on the forums that revolved around Get-ADUser filtering. Initial code was like this Import-Csv .\users.txt | foreach { Get-ADUser -Filter {Name -like $_.Name} } which on the face of it seems reasonable. However, you get errors like this Get-ADUser : Property: 'Name' not found in...


May 9, 2017  3:23 AM

Are your domain controllers real?

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, CIM, Powershell

A question on the forum asked about discovering if domain controllers are physical or virtual machines. In other words Are your domain controllers real? This will do the job:

foreach ($domain in (Get-ADForest).domains) {
 Get-ADDomainController -filter * -server $domain |
 sort hostname...


March 29, 2017  1:29 PM

Name mismatch

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, CIM, Powershell

Ever wondered why you can’t do this:

Get-ADComputer -Filter * -SearchBase 'OU=Servers,DC=Manticore,DC=org' |
Get-CimInstance -ClassName Win32_OperatingSystem
The –ComputerName parameter on get-CimInstance accepts pipeline input BUT its by property name.
PS> Get-Help...


March 4, 2017  5:59 AM

Modifying AD users in bulk

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Active Directory, Powershell

Modifying AD users in bulk involves either setting one or more properties to the same value for a set of users or reading in the values you need from a data source of some kind. We prepared some test data in the last post so lets see how we use it.

$users = Import-Csv -Path...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: