Posts RSS Comments RSS 253 Posts and 411 Comments till now

Build Lab w/ Quest AD CMDLets

Earlier I wrote a post about a script that I used to build my AD Lab Build Lab (v1 w/out Quest Tools) and I mentioned I
would post a Quest version. I had some time run it (took about 6hrs.) So without further ado:

Whats it do Again?
# Creates A TestOU OU
# Creates A TestComputers OU
# Creates A TestUsers OU
# Creates A TestGroups OU
# Creates 10K OU’s Under TestOU
## Each of the 10k OUs will have 4 Child OUs
### Each OU should have 5 users Accounts and 5 Machines Accounts
# Create 500 Group Policies.
# Link 100 policies on the 10k Base OUs
# Create 2000 Users in the TestUser OU
# Create 2000 Computers in the TestComputer OU
# Create 2K Groups

Note: Added Write-Progress for OU/User Creation

# Adding Required Snapins
Add-PSSnapin SDMSoftware.PowerShell.GPMC -ea 0
Add-PSSnapin Quest.ActiveRoles.ADManagement -ea 0

$DomainDN = (([ADSI]"").distinguishedName[0])
$DomainDNS = (([ADSI]"").distinguishedName[0]) -replace "DC=","" -replace ",","."
$users = @()

# A TestOU OU
$BaseOU = New-QADObject -Type OrganizationalUnit -ParentContainer $DomainDN  -Name TestOU

# A TestComputers OU
$TestComps = New-QADObject -Type OrganizationalUnit -ParentContainer $DomainDN -Name TestComputers

# A TestUsers OU
$TestUsers = New-QADObject -Type OrganizationalUnit -ParentContainer $DomainDN -Name TestUsers

# A TestGroups OU
$TestGrps = New-QADObject -Type OrganizationalUnit -ParentContainer $DomainDN -Name TestGroups

# 10K OUs Under TestOU
foreach($i in 1..10000)
{
    $lvl1Child = New-QADObject -Type OrganizationalUnit -ParentContainer $BaseOU.dn -Name "LvL1ChildOU$i"
    Write-Progress "Creating OUs LvL1ChildOU$i" -status "Updating" -perc ($i/10000*100)
    ## Each of the 10k OUs will have 4 Child OUs
    foreach($x in 1..4)
    {
        $lvl2Child = New-QADObject -Type OrganizationalUnit -ParentContainer $lvl1Child.dn -Name "LvL2Child${i}${x}"
        Write-Progress "Creating Child OUs LvL2Child${i}${x}" -status "Updating" -perc ($x/4*100) -id 1  
        foreach($y in 1..5)
        {
            ## Each OU should have 5 users Accounts and 5 Machines Accounts
            Write-Progress "Creating Child Users/Computers" -status "Updating" -perc ($y/5*100) -id 2
            New-QADUser -ParentContainer $lvl2Child.dn -Name "usr${i}${x}${y}" -SamAccountName "usr${i}${x}${y}" -UserPrincipalName "usr${i}${x}${y}@$DomainDNS" -UserPass "!P@ssw0rd22!" | Out-Null
            New-QADObject -ParentContainer $lvl2Child.dn -name "srv${i}${x}${y}" -objectAttributes @{"sAMAccountName"="srv${i}${x}${y}`$"} -type "Computer" | out-Null
        }
    }
}

# Create 500 Group Policies.
1..500 | %{New-SDMgpo "TestGPO$_"}

# Link 100 policies on the 10k Base OUs
1..100 | %{Add-SDMgpLink -name "TestGPO$_" -scope "OU=LvL1ChildOU$i,$($BaseOU.DN)"}

# Create 2000 Users in the TestUser OU
1..2000 | %{New-QADUser -ParentContainer $TestUsers.dn -Name "Testusr$_" -SamAccountName "Testusr$_" -UserPrincipalName "Testusr$($_)@$DomainDNS" -UserPass "!P@ssw0rd22!"}

# Create 2000 Computers in the TestComputer OU
1..2000 | %{New-QADObject -ParentContainer $TestComps.dn -name "TestComp$($_)" -objectAttributes @{"sAMAccountName"="TestComp$($_)`$"}}

# Create 2K Groups
1..2000 | %{New-QADGroup -ParentContainer $TestGrps.dn -name "TestGrp$_" -sAMAccountName "TestGrp$_"}

5 Responses to “Build Lab w/ Quest AD CMDLets”

  1. on 23 May 2008 at 7:16 amWanderer

    Great work! Thanks!

  2. on 09 Sep 2009 at 9:59 amRick Sheikh

    I would just like to point out that in order to create the GPOs you will need to install the SDM GP Cmdlets (http://www.sdmsoftware.com/freeware). Interestingly, like QAD and even with ADWS there is no native cmdlet to create a GPO yet there is a similar cmdlet to create the AD Fine Grained Password Policy.

  3. on 09 Sep 2009 at 10:48 amtshell

    2008 R2 ships with GP cmdlets.

  4. on 09 Sep 2009 at 1:58 pmRick Sheikh

    What are some of those cmdlets ?

  5. on 22 Sep 2009 at 7:33 amtshell

    Will blog a list

Trackback this post | Feed on Comments to this post

Leave a Reply

You must be logged in to post a comment.