of 24
7/23/2019 20410c04-150526160954-lva1-app6892.pptx
1/24
MicrosoftOcialCourse
Module 4
Automating Active Directory
Domain ServicesAdministration
7/23/2019 20410c04-150526160954-lva1-app6892.pptx
2/24
Module Overview
Using Command-line Tools for AD DS
Administration
Using indows !owerS"ell for AD DSAdministration
!erforming #ul$ O%erations wit" indows!owerS"ell
7/23/2019 20410c04-150526160954-lva1-app6892.pptx
3/24
&esson '( Using Command-line Tools forAD DS Administration
#ene)ts of Using Command-&ine Tools for AD
DS Administration
"at *s Csvde+
"at *s &difde+
"at Are DS Commands+
7/23/2019 20410c04-150526160954-lva1-app6892.pptx
4/24
#ene)ts of Using Command-&ine Tools forAD DS Administration
Command-line tools allow you to automate
AD DS administration
#ene)ts of using command-line tools(
,aster im%lementation of ul$ o%erations Customi.ed %rocesses for AD DSadministration
AD DS administration on server core
7/23/2019 20410c04-150526160954-lva1-app6892.pptx
5/24
"at *s Csvde+
csvde i f filename k
Use csvde to e/%ort o0ects to a 1csv )le( -f )lename -d 3ootD -% Searc"Sco%e -r ,ilter -l &istOfAtrriutes
Use csvde to create o0ects from a 1csv )le(
AD DSImport
Export
csvde.exe
flename.csv
7/23/2019 20410c04-150526160954-lva1-app6892.pptx
6/24
"at *s &difde+
Use ldifde to e/%ort o0ects to a &D*, )le( -f )lename -d 3ootD -r ,ilter -% Searc"Sco%e
-l &istOfAttriutes -o &istOfAttriutes
Use ldifde to create5 modify5 or delete o0ects(
ldifde i f filename k
Export
ldide.exe
flename.ldi Import AD DS
7/23/2019 20410c04-150526160954-lva1-app6892.pptx
7/24
"at Are DS Commands+
indows Server 67'6 includes command-line toolst"at are suitale for use in scri%ts
8/am%lesTo modify t"e de%artment of a user account5 ty%e(
To dis%lay t"e email of a user account5 ty%e(
To delete a user account5 ty%e(
To create a new user account5 ty%e(
Dsmod user "cn=Joe Healy,ou=Managers,dc=adatum,dc=com" dept IT
Dsget user "cn=Joe Healy,ou=Managers,dc=adatum,dc=com" email
Dsrm "cn=Joe Healy,ou=Managers,dc=adatum,dc=com"
Dsadd user "cn=Joe Healy,ou=Managers,dc=adatum,dc=com"
7/23/2019 20410c04-150526160954-lva1-app6892.pptx
8/24
&esson 6( Using indows !owerS"ell forAD DS Administration
Using indows !owerS"ell Cmdlets to
Manage User Accounts
Using indows !owerS"ell Cmdlets toManage 9rou%s
Using indows !owerS"ell Cmdlets toManage Com%uter Accounts
Using indows !owerS"ell Cmdlets to
Manage OUs
7/23/2019 20410c04-150526160954-lva1-app6892.pptx
9/24
Using indows !owerS"ell Cmdlets toManage User Accounts
Cmdlet Description
ew-ADUser Creates user accountsSet-ADUser Modi)es %ro%erties of user accounts3emove-ADUser Deletes user accountsSet-
ADAccount!assword
3esets t"e %assword of a user
account
Set-ADAccount8/%iration Modi)es t"e e/%iration date of auser accountUnloc$-ADAccount Unloc$s a user account after it "as
ecome loc$ed after too many
incorrect login attem%ts
8nale-ADAccount 8nales a user accountDisale-ADAccount Disales a user account
Ne!D#ser "$ten %aerc&" ccount'assord ()ead!Host
s$ecure$tring "*nter passord"+ Department IT
i i d " ll dl
7/23/2019 20410c04-150526160954-lva1-app6892.pptx
10/24
Using indows !owerS"ell Cmdlets toManage 9rou%s
Cmdlet Descri%tionew-AD9rou% Creates new grou%sSet-AD9rou% Modi)es %ro%erties of grou%s
9et-AD9rou% Dis%lays %ro%erties of grou%s3emove-AD9rou% Deletes grou%sAdd-AD9rou%Memer Adds memers to grou%s9et-AD9rou%Memer Dis%lays memers"i% of grou%s3emove-AD9rou%Memer 3emoves memers from grou%sAdd-AD!rinci%al9rou%Memers"i%
Adds grou% memers"i% to o0ects
9et-AD!rinci%al9rou%Memers"i%
Dis%lays grou% memers"i% ofo0ects
3emove-AD!rinci%al9rou%Memers"i%
3emoves grou% memers"i% from ano0ect
Ne!D-roup Name ".ustomerManagement" 'at&"ou=managers,dc=adatum,dc=com" -roup$cope -lo/al-roup.ategory $ecurity
dd!D-roupMem/er Name 0.ustomerManagement1Mem/ers "Joe"
i i d S" ll C dl
7/23/2019 20410c04-150526160954-lva1-app6892.pptx
11/24
Using indows !owerS"ell Cmdlets toManage Com%uter Accounts
Cmdlet Description
ew-ADCom%uter Creates new com%uter accounts
Set-ADCom%uter Modi)es %ro%erties of com%uter
accounts
9et-ADCom%uter Dis%lays %ro%erties of com%uter
accounts
3emove-ADCom%uter Deletes com%uter accountsTest-
Com%uterSecureC"annel
:eri)es or re%airs t"e trust
relations"i% etween a com%uter and
t"e domain
3eset
-
Com%uterMac"ine!assw
ord
3esets t"e %assword for a com%uter
accountNe!D.omputer Name 023N!$4)51 !'at&"ou=marketing,dc=adatum,dc=com" !*na/led 6true
Test!.omputer$ecure.&annel !)epair
U i i d ! S" ll C dl M
7/23/2019 20410c04-150526160954-lva1-app6892.pptx
12/24
Using indows !owerS"ell Cmdlets to ManageOUsCmdlet Description
ew-ADOrgani.ationalUnit Creates organi.ational units
;OUsuerying O0ects wit" indows!owerS"ell
!arameter Descri%tion
Searc"#ase De)nes t"e AD DS %at" to egin searc"ing1Searc"Sco%e De)nes at w"at level elow t"e Searc"#ase a
searc" s"ould e %erformed1
3esultSetSi.e De)nes "ow many o0ects to return in res%onseto a uery1
!ro%erties De)nes w"ic" o0ect %ro%erties to return anddis%lay1
,ilter De)nes a )lter y using !owerS"ell synta/
&DA!,ilter De)nes a )lter y using &DA! uery synta/
-e 8ual to -gt 9reater t"an
-ne ot eual to -ge 9reater t"an or eual to
-lt &ess t"an -li$e Uses wildcards for %atternmatc"ing-le &ess t"an or eual
to
Descri%tions of o%erators
> i O0 t it" i d
7/23/2019 20410c04-150526160954-lva1-app6892.pptx
17/24
>uerying O0ects wit" indows!owerS"ell
S"ow all t"e %ro%erties for a user account(
S"ow all t"e user accounts in t"e Mar$eting OU andall its sucontainers(
S"ow all of t"e user accounts wit" a last logon dateolder t"an a s%eci)c date(
S"ow all of t"e user accounts in t"e Mar$etingde%artment t"at "ave a last logon date older t"an as%eci)c date(
-et!D#ser Name 0dministrator1 !'roperties 8
-et!D#ser %ilter 8 !$earc&9ase
"ou=Marketing,dc=adatum,dc=com" !$earc&$cope su/tree
-et!D#ser !%ilter :lastlogondate !lt "January ;,
7/23/2019 20410c04-150526160954-lva1-app6892.pptx
18/24
Modifying O0ects wit" indows!owerS"ell
Use t"e %i%e c"aracter ; B < to %ass a list of o0ects
to a cmdlet for furt"er %rocessing
-etD#ser %ilter :company notlike "8"> @$etD#ser .ompany "A Datum"
-etD#ser %ilter :lastlogondate lt "January ;,
7/23/2019 20410c04-150526160954-lva1-app6892.pptx
19/24
Demonstration( !erforming #ul$
7/23/2019 20410c04-150526160954-lva1-app6892.pptx
20/24
Demonstration( !erforming #ul$O%erations wit" indows !owerS"ell
*n t"is demonstration5 you will see "ow to(
Con)gure a de%artment for users Create an OU
3un a scri%t to create new user accounts
:erify t"at new user accounts were created
7/23/2019 20410c04-150526160954-lva1-app6892.pptx
21/24
7/23/2019 20410c04-150526160954-lva1-app6892.pptx
22/24
&a Scenario
@ou "ave een wor$ing for A1 Datum for
several years as a des$to% su%%orts%ecialist1 *n t"is role5 you visited des$to%com%uters to troules"oot a%% and networ$%rolems1 @ou "ave recently acce%ted a%romotion to t"e server su%%ort team1 Oneof your )rst assignments is con)guring t"einfrastructure service for a new ranc"
oce1As %art of con)guring a new ranc" oce5you need to create user and grou%accounts1 Creating multi%le users wit"
gra%"ical tools is inecient5 so5 you will use
7/23/2019 20410c04-150526160954-lva1-app6892.pptx
23/24
&a 3eview
#y default5 are new user accounts enaled or
disaled w"en you create t"em y using t"eewADUser cmdlet+
"at )le e/tension do indows !owerS"ell
scri%ts use+
7/23/2019 20410c04-150526160954-lva1-app6892.pptx
24/24
Module 3eview and Ta$eaways
3eview >uestions
Tools
