Active Directory mit der Powershell
# query all members of an active directory group
# with powershell
# all groups
Get-ADGroup -Filter * | Select-Object name
# only one group
Get-ADGroupMember -Identity Domänen-Admins | Select-Object name
# move active directory users
$benutzer=Get-ADuser -Identity $benutzername
Move-ADObject -Identity $benutzer -TargetPath "OU=Benutzer,OU=Firma,DC=lidemo,DC=local"
# list empty active directoryy groups
Get-ADGroup -Filter * -Properties Members | where { -not $_.Members} | select Name, GroupCategory, GroupScope
# list all computers in an active directory
# confusing
Get-ADComputer -Filter * -Properties *
# better
Get-ADComputer -Filter * -Properties * | Sort-Object name | Format-Table name
# with last date
Get-ADComputer -Filter * -Properties * | Sort-Object Name, LastlogonDate | Format-Table Name, LastLogonDate
# last time an active directory user was logged in
#
Get-Command -Module ActiveDirectory
#
Get-ADUser -Filter * -Properties * | Sort LastlogonDate | Format-Table Name, LastLogonDate