Active Directory mit der Powershell

# query all members of an active directory group
# with powershell

# all groups
   Get-ADGroup -Filter * | Select-Object name

# only one group
   Get-ADGroupMember -Identity Domänen-Admins | Select-Object name

# move active directory users
   $benutzer=Get-ADuser -Identity $benutzername
   Move-ADObject -Identity $benutzer -TargetPath "OU=Benutzer,OU=Firma,DC=lidemo,DC=local"

# list empty active directoryy groups
   Get-ADGroup -Filter * -Properties Members | where { -not $_.Members} | select Name, GroupCategory, GroupScope

# list all computers in an active directory

# confusing
   Get-ADComputer -Filter * -Properties *

# better
   Get-ADComputer -Filter * -Properties * | Sort-Object name | Format-Table name

# with last date
   Get-ADComputer -Filter * -Properties * | Sort-Object Name, LastlogonDate | Format-Table Name, LastLogonDate

# last time an active directory user was logged in


#
   Get-Command -Module ActiveDirectory

#
   Get-ADUser -Filter * -Properties * | Sort LastlogonDate | Format-Table Name, LastLogonDate