Until now I have always used ADSI and LDAP to query Active Directory for object stored information.
I have been following Dimitry’s examples with the Quest AD PowerShell CmdLets and I thought it was about time I started to embrace them into my PowerShell scripts.
You can download the “ActiveRoles Management Shell for AD” Here.
Before running the Quest ActiveRoles Management Shell snapins I would recommend reading the “Requirements on Active Directory” section (p21) in the administration guide.
After you have installed the Quest ActiveRoles Management Shell you will have to register the PowerShell snapin at the PowerShell prompt.
Enter the command:
Once you are ready to go and the Quest ActiveRoles Management Shell snapins are installed and registered you can get started with some basic commands.
Getting the .displayName of your Active Directory account.
$User = Get-QADUser -Name "YourAccountName"
Getting the Sam Account Name of your Active Directory account.
(Get-QADUSer -Name "YourAccountName").SamAccountName
Checking if a user account is disabled.
(Get-QADUSer -Name "UserAccount").AccountIsDisabled
Using the Get-QADUser with no previously specified connection details allows the Cmdlet to connect to any available domain controller with the credentials of the locally logged on user.
Next time I will start to go through mail enabled groups, their memberships and properties.
Hope this helps.
All information is provided on an AS-IS basis, with no warranties and confers no rights.