
Slice of AD Powershell script
To extract, search, import about users, groupe, computer on active directory.
Can be re use for your script.
###################################### USER ######################################
Get-Aduser –identity « pdupont »
$User = Get-ADUser -Identity NAME-Properties *
$AdminUser = Get-ADUser -filter * -SearchBase « OU=Comptes d administration,OU=OUNAME,DC=DOMAINNAME,DC=ROOTNAME » -Properties Description|Select Name,Description,DistinguishedName > c:\temp\adminuser.txt
Get-Aduser –filter {givenname –eq « name »}
Get-ADUser -filter {enabled -eq $False}
Get-ADUser -filter {enabled -eq $False} -SearchBase OU= »Postes de travail »,DC=domaine,DC=root
Get-Aduser –identity « pdupont » –properties Name,Givenname,EmployeeID,Samaccountname
Get-ADuser –identity « pdupont » –properties Name,Givenname,EmployeeID,Samaccountname |select-object Name,Givenname,EmployeeID,Samaccountname
Get-ADuser –identity « pdupont » –properties Name,Givenname,EmployeeID,Samaccountname |select-object Name,Givenname,EmployeeID,Samaccountname | export-csv –path c:\temp\test.csv –delimiter ;
Get-ADUser -Filter * | select samaccountname, name, description | Export-CSV -Path c:\temp\users.csv -NoTypeInformation
$Users = get-aduser
$nbuser = $users.count
$Users = Get-ADUser -Filter « * » | select-object name,samaccountname
#################################### GROUP ####################################
List de membres de groupe
#get-localGroupMember.ps1
[cmdletBinding()]
param(
[Parameter(Mandatory=$false)]
[string]$computer=$env:COMPUTERNAME,
[Parameter(Mandatory=$true, HelpMessage=’Nom de groupe obligatoire !’)]
[string]$Group)
$connexion = [ADSI] »WinNT://$computer/$group,group »
$connexion.PSBase.Invoke(‘Members’)|foreach{$.getType().invokeMember(‘Name’,’GetProperty’, $null, $, $null)}
#Recherche liste groupes AD
$EAI = Get-ADGroup | ?{$_.name -match « xyz »}
$eai | fl name > c:\temp\xyzgroup.txt
####################################
Get-ADGroup -Filter {name -like « zzzz* »} -Properties Description|Select Name,Description
####################################
membre group
$group = Get-ADGroup -Filter{ name -like « ADMINS_PC* »}
$domains = (Get-ADForest).domains
$Group | Get-ADGroupMember | ft name > c:\temp\adminsPC.txt
$Group | Get-ADGroupMember | Select @{Name= »Domain »;Expression={$Domain} } , @{Name= »Group »;Expression={$Group.Name} }
$DisplayNames = $MembersOfSFDC_Groups.name
$DisplayNames |Out-file (Join-Path $ScriptPath ‘DisplayNames.txt’)
Get-content (Join-Path $ScriptPath ‘DisplayNames.txt’) |
$displaynames | ForEach-Object {
Get-ADUser -Server $LocalGC -Filter {Name -eq $_} |
Select-Object -Property userPrincipalName} |
Out-File (Join-Path $ScriptPath ‘upnOfSDFC_AD_GroupsMembers.txt’
#################################### COMPUTER ####################################
Recherche computer dans l’AD
Get-ADComputer | gm
$computers = Get-ADComputer -filter « * » -Properties Description | ?{$_.description -ne $null} |select-object name,description
$computers = get-adcomputer
$nbcomputers = $computers.count
$computers = Get-ADComputer -searchbase « OU=Postes de travail,DC=domain,DC=root » -Filter *
$computersName = $computers.name > c:\temp\computersOUpdt.txt
get-help get-adcomputer -detailed
$ADComputer = Get-ADComputer -Filter * -SearchBase « OU=Serveurs,DC=domain,DC=root » -Properties *|Select-Object name, operatingsystem | Out-GridView
Get-ADComputer -Filter *|select name, description, distinguishedName |Export-CSV -Path c:\temp\Allcomputers.txt -NoTypeInformations
####################################
$ADComputer2016 = $adcomputer |?{$_.operatingsystem -eq « Windows Server 2016 »}
$ADComputer2016 | export-csv c:\temp\thomas\ws2016.csv
$ADComputer2016.count
####################################
$computer = Get-ADComputer -Filter |?{$_.name -eq « WDM« }
$ADComputer = Get-ADComputer -Filter * -SearchBase « OU=Postes de travail,DC=domain,DC=root » -Properties *|Select-Object name, Description
$ADComputer|Select-Object -first 1
foreach($i in $computer){
$MyComputer=Get-ADcomputer -LDAPFilter « (&(cn=$i)) » -Properties *
#$MyComputer=
}
Liste des serveurs seul dans ou serveurs
Get-ADComputer -Filter * -SearchBase « OU=Serveurs,DC=domain,DC=root » |select name |Export-CSV -Path c:\temp\Allcomputers.txt
####################################
END{Write-Verbose -message « Script Completed »}
Password never Expire
Get-aduser -filter * -properties Name, PasswordNeverExpires | where { $.passwordNeverExpires -eq « true » } | where {$.enabled -eq « true »} | FT Name > C:\temp\passwordneverexpires.txt
####################################
Recupere le domain
$searchbase=Get-ADDomain|ForEach{$_.DistinguishedName}
#################################### MODULE AD ####################################
AD module availbility test
If((Get-Module ActiveDirectory) -eq $null){
try{Import-Module ActiveDirectory}
catch{Write-Host « The execution computer doesn’t have ActiveDirectory Powershell Module. The script can’t continue. » -ForegroundColor Red
return}}#if
AD module loading
Import-Module ActiveDirectory
#################################### Extract Subnet ###################################
$sites = [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest().Sites
$sitesubnets = @()
foreach ($site in $sites){
foreach ($subnet in $site.subnets){
$temp = New-Object PSCustomObject -Property @{
‘Site’ = $site.Name
‘Subnet’ = $subnet; }
$sitesubnets += $temp
}
}
$sitesubnets | Export-CSV subnet.csv