Posts RSS Comments RSS 253 Posts and 399 Comments till now

BSonPosh Module goes beta

I am releasing a beta of my BSonPosh module. This is a early release and may have some bugs that need to be tweaked. It may also be missing some functionality and help files. If you would like participate in the beta send me an email via my contact form and I will shoot you a copy.

I am looking for any feedback. Specifically if you think any thing is missing :)

Here is a list of the functions/cmdlets provided by the module:

—————————————-
ConvertTO-DistinguishedName
ConvertTo-DNSName
ConvertTo-Name
ConvertTo-NetbiosName
ConvertTo-Sid
ConvertTo-UACFLag
Format-XML
Get-ADACL
Get-ADSchema
Get-ADSchemaClass
Get-ADSchemaProperty
Get-Assemblies
Get-BSonPosh
Get-DC
Get-DCConnectionObject
Get-Forest
Get-RebootTime
Get-Routetable
Get-SiteLink
Get-SysInternals
Get-TraceFile
Get-Uptime
Get-WindowsUpdate
Import-BSonPosh
Invoke-uac
Invoke-WhoAmI
New-ADACE
Resolve-Host
Select-LargeFiles
Set-ADACL
Set-DCConnectionOption
Set-SiteLink
Start-TS
Test-ADReplication
Test-Host
Test-LdapFilter
Trace-LDAP
update-Gac

:: Oct.13.2009 :: All :: 4 Comments »

List of All Domain Controllers in Your Domain

The Scripting guys have a post over here: Hey, Scripting Guy! Can I Obtain a List of All Domain Controllers in My Domain?

That is one way but IMO this is easier and more DC specific data

[DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain().DomainControllers

On a side note: The AD Replication Module will have a cmdlet so you will be able to just do this:

Get-ADRDomainController -domain MyDomain

:: Oct.05.2009 :: All :: 1 Comment »

Serverless binding with ADSI

joe and I were discussing this yesturday and he blog about it here So I used Serverless Binding with ADSI (or .NET), now what DC am I talking to?

On a side note… I think this is bad form. IMO you should be very deliberate with your code even with discovery. I would use rootDSE to do the discovery then stick with that server.

:: Oct.02.2009 :: All :: No Comments »

Re-Awarded the Microsoft MVP for Powershell.

I was very happy to get the email today. We (MVPs) generally feel we do enough but we are always concerned that MS thinks so :)

I would also like to welcome “Mr. Antoine Habert” to the Powershell MVP ranks. I *think* he is the only new one and I don’t believe we lost any.

:: Oct.01.2009 :: All :: 2 Comments »

Need Powershell v2 feedback ASAP!

Jeffrey and party are trying their darnedest to get this thing out the door but they need your help.

Please download: XP and W2K3 Release Candidate Versions of PowerShell are Now Available for Download and provide feedback asap!

:: Sep.24.2009 :: All :: No Comments »

How to find extended rights that apply to a schema class object (remix)

The AD guys posted a really cool post about getting extended rights via the schema. That post can be found here:
How to find extended rights that apply to a schema class object

If you dont have Windows 7, 2008 R2, or the Active Directory Management Gateway then you can get similar results by using my functions from here: Getting AD Schema information from Powershell. This works on all versions of AD.

Using these functions you can just do this:

Get-ADSchemaClass group | %{$_.DefaultObjectSecurityDescriptor} | %{$_.access} | ?{$_.ActiveDirectoryRights -eq "ExtendedRight"}

						
				

                                              
					 :: Sep.23.2009 :: 
					Active Directory, All, Powershell, Scripting  :: 
					No Comments »

Heads up on an upcoming codeplex project.

Active Directory Replication Module

Purpose:
Provide administrators with simple task-based set of cmdlets to manage and trouble-shoot Active Directory Replication.

Overview:
This will provide several cmdlets for working with Active Directory focusing on Replication. As AD replication is build on domain/forest infrastructure we are also including a set of Domain and Forest management cmdlets.

Target:
Windows 2003 Domain and above (although most cmdlets will still work against 2000.)

Status:
Work as already begun on the project and I am hoping to release alpha code in the next month or so.

Example of cmdlets to be provided (not complete:)

  • Test-ADRReplication
  • Get-ADRDomain
  • Get-ADRDomainController
  • Get-ADRForest
  • Get-ADRGlobalCatalog
  • Get-ADRMetaData
  • Get/Set/Test-ADRProperty
  • Get/Set/New-ADRSite
  • Get/Set/New-ADRSiteLink
  • Get/Set/New-ADRSubNet

Please let us know if there is feature you would like to see or any general feedback.

:: Sep.22.2009 :: All :: 2 Comments »

blog: Heads up on an upcoming codeplex project.

Active Directory Replication Module

Purpose:
Provide administrators with simple task-based set of cmdlets to manage and trouble-shoot Active Directory Replication.

Overview:
This will provide several cmdlets for working with Active Directory focusing on Replication. As AD replication is build on domain/forest infrastructure we are also including a set of Domain and Forest management cmdlets.

Target:
Windows 2003 Domain and above (although most cmdlets will still work against 2000.)

Status:
Work as already begun on the project and I am hoping to release alpha code in the next month or so.

Example of cmdlets to be provided (not complete:)
  • Test-ADRReplication
  • Get-ADRDomain
  • Get-ADRDomainController
  • Get-ADRForest
  • Get-ADRGlobalCatalog
  • Get-ADRMetaData
  • Get/Set/Test-ADRProperty
  • Get/Set/New-ADRSite
  • Get/Set/New-ADRSiteLink
  • Get/Set/New-ADRSubNet

Please let us know if there is feature you would like to see or any general feedback.

:: Sep.22.2009 :: Active Directory, All :: No Comments »

List of 2008 R2 Group Policy cmdlets

Rick Sheikh asked me about the Windows 2008 R2 GP cmdlets on blog post Build Lab w/ Quest AD CMDLets.

Here is a list (you have to add it via features.) and how to find them

import-module GroupPolicy
Get-Command -Module GroupPolicy | %{$_.Name}

Backup-GPO
Copy-GPO
Get-GPInheritance
Get-GPO
Get-GPOReport
Get-GPPermissions
Get-GPPrefRegistryValue
Get-GPRegistryValue
Get-GPResultantSetOfPolicy
Get-GPStarterGPO
Import-GPO
New-GPLink
New-GPO
New-GPStarterGPO
Remove-GPLink
Remove-GPO
Remove-GPPrefRegistryValue
Remove-GPRegistryValue
Rename-GPO
Restore-GPO
Set-GPInheritance
Set-GPLink
Set-GPPermissions
Set-GPPrefRegistryValue
Set-GPRegistryValue

:: Sep.22.2009 :: All :: 1 Comment »

blog: Getting AD Schema information from Powershell

The other day a friend asked me how I would get Active Directory Schema information using Powershell. I knew of the schema property on the DirectoryServices.ActiveDirectory.Forest class and that is where I started.

Initially I just called the static method GetCurrentForest on the Forest class and then accessed the schema using the property like this. 
  1. $Forest = [DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()
  2. $Forest.Schema
This worked find and gave me the Schema object I was after but information I got back was minimal. It only returned Schema Role Owner and the Distinguished Name. I found that if you want to get real data like the classes and properties you needed to call methods on object (DirectoryServices.ActiveDirectory.ActiveDirectorySchema) returned from Schema property.

At this point it is not all that complicated but I thought it would be nice to have functions that would abstract all this.

Below is a couple of functions you may find useful. They work both V1 and V2 of Powershell.

Get-Forest : Gets the Forest Object
- DomainController [optional] - DNS Name of the Host to connect to
- Credential [optional] - Network credentials to use.

Get-ADSchema : Gets the Schema
- DomainController [optional] - DNS Name of the Host to connect to
- Credential [optional] - Network credentials to use.

Get-ADSchemaClass : Gets a specific Schema Class
- Class [optional] - Class Object to get (Default is all)
- DomainController [optional] - DNS Name of the Host to connect to
- Credential [optional] - Network credentials to use.

Get-ADSchemaProperty : Gets a specific Schema Property
- Property [optional] - Property to get (Default is all)
- DomainController [optional] - DNS Name of the Host to connect to
- Credential [optional] - Network credentials to use.

NOTE: These will be included in my "Soon to be available" BSONPOSH module (v2 only.) 
  1. function Get-Forest
  2. {
  3.     Param($DomainController,[Management.Automation.PSCredential]$Credential)
  4.  
  5.     if(!$DomainController)
  6.     {
  7.         [DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()
  8.         return
  9.     }
  10.  
  11.     if($Creds)
  12.     {
  13.         $Context = new-object DirectoryServices.ActiveDirectory.DirectoryContext("DirectoryServer",$DomainController,$Creds.UserName,$Creds.GetNetworkCredential().Password)
  14.     }
  15.     else
  16.     {
  17.         $Context = new-object DirectoryServices.ActiveDirectory.DirectoryContext("DirectoryServer",$DomainController)
  18.     }
  19.     [DirectoryServices.ActiveDirectory.Forest]::GetForest($Context)
  20. }
  1. function Get-ADSchema
  2. {
  3.     Param($DomainController,[Management.Automation.PSCredential]$Credential)
  4.     if($DomainController -and !$Credential)
  5.     {
  6.         $Forest = Get-Forest -DNSName $DomainController
  7.     }
  8.     elseif($DomainController -and $Credential)
  9.     {
  10.         $Forest = Get-Forest -DNSName $DomainController -Credential $Credential
  11.     }
  12.     else
  13.     {
  14.         $Forest = Get-Forest
  15.     }
  16.     $Forest.Schema
  17. }
  1. function Get-ADSchemaClass
  2. {
  3.     Param($Class = ".*",$DomainController,[Management.Automation.PSCredential]$Credential)
  4.  
  5.     if($DomainController -and !$Credential)
  6.     {
  7.         $Forest = Get-Forest -DNSName $DomainController
  8.     }
  9.     elseif($DomainController -and $Credential)
  10.     {
  11.         $Forest = Get-Forest -DNSName $DomainController -Credential $Credential
  12.     }
  13.     else
  14.     {
  15.         $Forest = Get-Forest
  16.     }
  17.  
  18.     $Forest.Schema.FindAllClasses() | ?{$_.Name -match "^$Class`$"}
  19. }
  1. function Get-ADSchemaProperty
  2. {
  3.     Param($Property = ".*",$DomainController,[Management.Automation.PSCredential]$Credential)
  4.  
  5.     if($DomainController -and !$Credential)
  6.     {
  7.         $Forest = Get-Forest -DNSName $DomainController
  8.     }
  9.     elseif($DomainController -and $Credential)
  10.     {
  11.         $Forest = Get-Forest -DNSName $DomainController -Credential $Credential
  12.     }
  13.     else
  14.     {
  15.         $Forest = Get-Forest
  16.     }
  17.  
  18.     $Forest.Schema.FindAllProperties() | ?{$_.Name -match "^$Property`$"}
  19.  
  20. }

:: Aug.25.2009 :: Active Directory, All :: No Comments »

« Previous PageNext Page »