- Notifications
You must be signed in to change notification settings - Fork6
mikeprivette/PowerShell
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Useful PowerShell one-liner (and some two-liner) commands.
Before running any Active Directory commands, you need to import the correct module.
Import Active Directory Module
Import-Module ActiveDirectoryGet All Active Directory Module Commands
get-command-module ActiveDirectory
Get All AD Information on a User in the Current Domain (the one you are running this from)
Get-ADUser-Identity<username>-properties*
Get All AD Information on a User in a Different Domain (assumes you have trust and permissions to access)
Get-ADUser-Identity<username>-server"domain"-properties*
Get All Members of a Group by name and ID
Get-ADGroupMember-Identity<group_name>-Recursive| select name,SamAccountName
Find All Groups a User is a Member of
Get-ADPrincipalGroupMembership<username>| select nameGet-ADPrincipalGroupMembership<username>-server"domain"| select name|Sort-Object-Property name
Add Member to an AD Group
Add-ADGroupMember-identity"<group_name>"-Member"<user_id>"
Remove Member from an AD Group
Remove-ADGroupMember-identity"<group_name>"-Member"<user_id>"
Find all users that are disabled
Search-ADAccount-AccountDisabled-UsersOnly|Format-Table Name,SamAccountName ObjectClass-A
Find the Date/Time for When an Account Expires
[datetime](Get-ADuser<userid>-Properties accountExpires).accountExpires
Find all Users with Locked Out Accounts
Search-ADAccount-LockedOut| select name, samAccountNameSearch-ADAccount-LockedOut|Where-Object {$_.DistinguishedName-like"*DC=domain,DC=com"}| Select Name, LockedOut, LastLogonDate, PasswordExpired|Format-Table-AutoSize
Get AD User Information for List of Users and Output to CSV
Get-Content C:\<path>\users.txt|% {Get-ADUser-Identity$_-properties*| select CN, samAccountName, EmployeeID, enabled, Description, Department, mlSubLobDescr, OfficePhone, Manager,StreetAddress, LastLogonDate, LastBadPasswordAttempt, PasswordExpired}|Export-Csv C:\<path>\user_lookup.csv
Get AD User Group Membership Information for List of Users and Output to CSV
Get-Content C:\<path>\users.txt|% {Get-ADPrincipalGroupMembership$_| select name}|Export-Csv C:\<path>\user_group_membership_lookup.csv
Get All Users of AD Groups for List of Groups and Output to CSV
$groups=Get-Content C:\<path>\groups.txtforeach ($groupin$groups) {Get-ADGroupMember-Identity$Group| select@{Expression={$Group};Label="Group Name"},Name,SamAccountName|Export-CSV C:\<path>\user_groups.csv-NoTypeInformation-append}
Get All Users of AD Groups Matching a Certain Name Format (i.e group name is like Local Admin)
$groups=Get-ADGroup-Filter {name-like"*Admin*"}foreach ($groupin$groups) {Get-ADGroupMember-Identity$Group-Server"domain"|Get-ADUser-Properties*| select@{Expression={$Group};Label="Common Name"},Name,enabled,LastLogonDate,GivenName,Surname,EmailAddress,title,department,mlSubLobDescr|Export-Csv C:\<path>\local_admin_group.csv-NoTypeInformation-Append }
Find user information by AD attribute (i.e. DisplayName)
Get-ADUser-Filter {DisplayName-like"*Bobby Administrator*"}-Properties*| Select name, DisplayName, EmailAddress, enabled, LastLogonDate, title, department, mlSubLobDescr|Format-Table-AutoSize
Find a Specific Service on a Computer using WMI
get-wmiobject-query"SELECT * FROM Win32_Process where Name = '<service_name.exe>'"|select-object Name,CommandLine|Sort-Object-Descending Name
Find Computers by Operating System Type
Get-ADComputer-Filter*-Properties OperatingSystem| Select OperatingSystem-unique| Sort OperatingSystem
List all Servers in a Domain
Get-ADComputer-Server"domain.com"-Filter {operatingsystem-like"*server*"}-Properties*| select enabled,name,operatingsystem,canonicalname,lastlogondate|Export-Csv C:\<path>\computer_list.csv-Append-NoClobber
List all Servers in a Domain, but only return Enabled Computer Objects, and only return those logged into within the last 60 days from the current date, and only show the top 10 rows
Get-ADComputer-Server"domain.com"-Filter {(operatingsystem-like"*server*")-and (enabled-eq"TRUE")}-Properties*|where {$_.LastLogonDate-ge (Get-Date).AddDays(-60)}| select enabled,name,operatingsystem,canonicalname,lastlogondate|Format-Table-AutoSize| select-First10
Find All Domain Controllers in a Specific Domain
Get-ADDomainController-Filter*-server<domain>|Select-Object name, domain
Find Out Information About a Specific Computer by Hostname
Get-ADComputer-Filter {Name-Like"<hostname>"}-Property*|Format-Table Name,ipv4address,OperatingSystem,OperatingSystemServicePack,LastLogonDate-Wrap-Auto
Find Host Information from TXT File of Hosts
Get-Content C:\<path>\file.txt|% {Get-ADComputer-Identity$_-server<domain>-properties*| select name, ipv4address, operatingsystem, distinguishedname}|Export-Csv C:\<path>\output.csv-Append-NoClobber
Get the CN and DN for each Organizational Unit in a Specific Domain
Get-ADOrganizationalUnit-server"domain.com"-Filter*-Properties CanonicalName|Select-Object-Property CanonicalName, DistinguishedName|Sort-Object CanonicalName, ascending
Get All Computer Objects in a Particular OU in a Particular Domain
Get-ADComputer-server"domain.com"-SearchBase'OU=NA,OU=USA,OU=HQ,DC=domain,DC=com'-Filter'*'-Properties*| Select name, ipv4address, operatingsystem, CanonicalName, distinguishedname|Format-Table-AutoSize
Get All Computer Objects from a TXT File of OUs
Get-Content C:\<path>\computer_ous.txt|% {Get-ADComputer-Server"domain.com"-SearchBase$_-Filter'*'-Properties*| Select name,ipv4address,operatingsystem,CanonicalName,distinguishedname,enabled}|Export-Csv C:\<path>\computers_in_ous.csv-Append-NoClobber
List the IP address of the current machine
$env:HostIP= (Get-NetIPConfiguration|Where-Object {$_.IPv4DefaultGateway-ne$null-and$_.NetAdapter.Status-ne"Disconnected"}).IPv4Address.IPAddress
Recursively Remove Files Older than a Certain Day in a Directory
Get-ChildItem-Path"C:\<path>\<dir>\"-Recurse|Where-Object CreationTime-gt (Get-Date).AddDays(-180)|Remove-Item-Recurse
Generate a SHA256 hash of a file
Get-FileHash"C:\<path>\<dir>\"-Algorithm SHA256|Select-Object-Property Hash
Create a new directory in the same directory as your script
New-Item-Path ($PSScriptRoot+"directoryname")-ItemType directory|Out-Null