Wednesday, March 4, 2009

Active Directory Powershell Overview


Active Directory Powershell Overview

Although it is pretty easy to get the list of AD cmdlets using Powershell, many of you might be looking for a high level view of cmdlets classified by AD administrative scenarios and tasks. So here it goes…

The current set of AD Powershell cmdlets can be classified into four broad categories:

  1. Account Management
  2. Topology management
  3. Directory object management
  4. Provider cmdlets

In the account management set we have cmdlets that –

  • Create, delete, write and read users, groups, computers, managed service accounts and Organizational units (OUs).
  • Manage account settings such as: expiration date, password etc.
  • Manage group membership, get account token groups.
  • Manage fine grained password policy and default domain password policy.

In the topology management set we have cmdlets that –

  • Discover DCs, manage FSMOs, move DCs across site and get DC info.
  • Manage password replication policy of RODCs.
  • Manage domain and forest, set forest and domain functional level.
  • Manage optional features.

In the directory object management set we have cmdlets that –

  • Create, delete, write and read all types of AD object.
  • Move, rename and restore AD objects.

In the Provider cmdlets set we have cmdlets that enables file-system like browsing capabilities in Active Directory PSDrive.

Click below for a table that shows various cmdlets available in each set. It should also serve as a quick reference card on your office desk :)

Active Directory Powershell Quick Reference Card


Swaminathan Pattabiraman [MSFT]
Developer – Active Directory Powershell Team

Pipelining AD – one object at a time : Active Directory Powershell Overview

1 comment:

Nick said...

For everybody, who is not as strong with cmdlets there is a nice active directory management gui solution called active administrator.

We've been using it in our company for years and I can assume that it can really simplify day-to-day active directory administrator tasks like active directory auditing, backup and security management.

Blog Archive