posted
13/01/10
By Fredrik Wall
Todays onliner will show all Windows XP computers
in a whole Active Directory.
Get-QADComputer -SizeLimit 0 -Osname "*xp*" | Select-Object Name, description, path
This can be nice If you want to migrate to Windows 7.
And if you want to show all Windows Server 2008
or Windows Server 2003 machines you just change –OSName to 2008 or 2003.
You need to have Quest AD cmdlets installed and you need to Add it first.
Add-PSSnapin Quest.ActiveRoles.ADManagement
If you want to import all information to excel you can
export It to a csv file with
| Export-Csv c:\scripts\test.txt
posted
03/01/10
By Fredrik Wall
This is another function that I use in
Active Directory scripting.

I use it when I want to create computer names
with the syntax SitenameComputertypeNumbers.
The function can be found here.
posted
22/12/09
By Fredrik Wall
Hi,
I sat down thinking a little bit today.
And then It strikes me that the Lab AD was not finished
and that It was not done by best practice.
So I will do the structure from this document from Microsoft,
Best Practice Active Directory Design for Managing Windows Networks.
And then we need to:
- Create groups
- Computers
- OU Information
Then I think we are where we should be.
posted
22/12/09
By Fredrik Wall
The script is not 100% finished as It is posted now in pieces.
I will be adding some check for existing users etc.
BUT I did test it last night with 5000 accounts and It did well.
Okay, I got a few error and some accounts didn’t go from disabled
to enabled. But that was like 5 out of 5000 with almost no
error handling and no check for existing users

I came up with some new ideas as well last night.
So I will add 1 or 2 articles after the script is posted.
Articles on how to make GUI for this with Windows.Forms.
posted
21/12/09
By Fredrik Wall
How to create and set user information.
It’s time to create and set our user information.
The information we want for this setup is:
- First name
- Last name
- Display name
- Description
- Telephone number
- E-Mail
- Web page
- User principal name
- SAMAccount name
- Department
- Company
To create AD users with this information, we just do like this:
# Creating the User
$objOU = new-object DirectoryServices.DirectoryEntry("LDAP://OU=$myLabOUs,OU=$labOU," + $labDomain)
$objUser = $objOU.Create("user", "cn=$FirstName $LastName")
$objUser.Put("sAMAccountName", $userSAM)
$objUser.Put("userPrincipalName",$userPrincipalName)
$objUser.Put("displayName",$displayName)
$objUser.put("mail", $userEmail)
$objUser.put("department", $myLabOUs)
$objUser.put("company","Power Admin Corp")
$objUser.put("employeeNumber", $userNumber)
$objUser.put("telephoneNumber", $userTele)
$objUser.put("wWWHomePage", "http://www.poweradmin.se/blog")
$objUser.SetInfo()
Write-Host "Created - " $firstName $lastName "($userSAM) in" $mylabOUs
$objUser.Put("givenName", $firstName)
$objUser.Put("sn", $lastName)
$objUser.Put("description", $userDescription)
$objUser.SetInfo()
# Password
$objUser.psbase.invoke("setpassword", "myH@rdP@ssw0rd99!")
$objUser.SetInfo()
# Enable the account
$objUser.psbase.invokeset('accountdisabled', $false)
$objUser.SetInfo()
# Change password at next login
$objUser.PwdLastSet = 0
$objUser.Setinfo()
This was all for this article series.
Now we have a script to create lots of accounts.
Later on I will also post error handling and more.
I will post a whitepaper on this in a couple of days.
posted
21/12/09
By Fredrik Wall
I have been doing some changes to the last part.
All of my scripts are under constantly changes.
So before I post the next part of the script I
want to post this change.
I have been doing some changes to the $labDomain.
Now, by default you don’t need to do change anything.
It uses your users default domain and will use It all
the way.
# Name of the AD
# Default is the domain where your user are.
# Change $labDomain if you want to change this.
# $labDomain = "dc=poweradmin,dc=local"
$activeLabDomain = new-object DirectoryServices.DirectoryEntry
$labDomain = $activeLabDomain.distinguishedName
# Creating the "root" Lab OU
$search = [System.DirectoryServices.DirectorySearcher]"[ADSI]LDAP://$labDomain"
$search.Filter = "(&(name=$labOU)(objectCategory=organizationalunit))"
$result = $search.FindOne()
if ($result -eq $null) {
$labADSIDomain = [ADSI]"LDAP://$labDomain"
$objOU = $labADSIDomain.Create("OrganizationalUnit", "ou=" + $labOU)
$objOU.SetInfo()
Write-Host $labOU "created"
}
else
{
Write-Host $labOU "exists"
}
# Creating all OUs in the Lab OU
$labDomainOU = [ADSI]"LDAP://ou=$labOU,$labDomain"
foreach ($labUnit in $labOUs) {
$search = [System.DirectoryServices.DirectorySearcher]$labDomainOU
$search.Filter = "(&(name=$labUnit)(objectCategory=organizationalunit))"
$result = $search.FindOne()
if ($result -eq $null) {
$objOU = $labDomainOU.Create("OrganizationalUnit", "ou=" + $labUnit)
$objOU.SetInfo()
Write-Host $labUnit "created"
}
else
{
Write-Host $labUnit "exists"
}
}
posted
21/12/09
By Fredrik Wall
It’s time to take our information and create the AD.
First of all we need to setup the lab structure in our AD.
I use my lab active directory named poweradmin.local
# Name of the AD
$labDomain = [ADSI]"LDAP://dc=poweradmin,dc=local"
And then we need to decide what our Lab OU “root” should be called.
# LAB OU
$labOU = "Lab OU"
And then we put all of our OUs that we need.
# OUs to create
$labOUs = "Finance","IT","Marketing","Operations","Service","Customer Support"
Now It’s time to create the “root” lab OU.
First of all we check If it exists and It doesn’t we create it.
# Creating the "root" Lab OU
$search = [System.DirectoryServices.DirectorySearcher]$labDomain
$search.Filter= "(&(name=$labOU)(objectCategory=organizationalunit))"
$result = $search.FindOne()
if ($result -eq $null) {
$objOU = $labDomain.Create("OrganizationalUnit","ou=" + $labOU)
$objOU.SetInfo()
Write-Host $labOU "created"
}
else
{
Write-Host $labOU "exists"
}
When we have the “root” OU setup It’s time to create the rest.
# Creating all OUs in the Lab OU
$labDomainOU = [ADSI]"LDAP://ou=$labOU,dc=poweradmin,dc=local"
foreach ($labUnit in $labOUs) {
$search = [System.DirectoryServices.DirectorySearcher]$labDomainOU
$search.Filter= "(&(name=$labUnit)(objectCategory=organizationalunit))"
$result = $search.FindOne()
if ($result -eq $null) {
$objOU = $labDomainOU.Create("OrganizationalUnit","ou=" + $labUnit)
$objOU.SetInfo()
Write-Host $labUnit "created"
}
else
{
Write-Host $labUnit "exists"
}
}
It should look like this if you used the same OUs as I did.
In the next part we will create the users.
posted
17/12/09
By Fredrik Wall
We have:
- Real names
- User Names (samAccountNames) with employee numbers
- OU names
- Country Names
If you have missed them, look in my older posts about
Create Lab AD.
In this part we will do:
Mail addresses
Telephone numbers
User Description
We will start with the mail addresses.
$myUserCountry = $userCountry | Get-Random
switch ($myUserCountry)
{
'Sweden' {$userCoutryCode = "se"}
'Denmark' {$userCoutryCode = "dk"}
'Finland' {$userCoutryCode = "fi"}
'Norway' {$userCoutryCode = "no"}
default {$userCoutryCode = "local"}
}
$userEmail = $userFirstName + "." + $userLastName + "@poweradmin." + $userCoutryCode
This will give us mail addresses like:
fredrik.wall@poweradmin.se
fredrik.wall@poweradmin.local
The domain name of your AD can easily be put there automatically.
For the telephone numbers I will use this little code.
$userLastTele = Get-Random -Minimum 1000 -Maximum 9999
$userTele = "+468440 " + $userLastTele
It will give us numbers like +4684402022 and +4684409988
The last thing I need before It’s time to do the add to AD part is the User description.
$userDescription = $firstName + " " + $lastName + " at " + $mylabOUs + " in " + $myUserCountry
This will give us this output:
Hadar Möller at Marketing in Norway
Peter Klint at Operations in Finland
Ylva Sten at Service in Sweden
So now we can put this together with
$firstName + " " + $lastName + " - " + $userSAM + " - " + $userEmail + " - " + $mylabOUs +
" - " + $userTele + " - " + $myUserCountry + " - " + $userDescription
and get
Hadar Möller – hamo63343 – hadar.moller@poweradmin.no – Marketing – +468440 5244 -
Norway – Hadar Möller at Marketing in Norway
Peter Klint – pekl78132 – peter.klint@poweradmin.fi – Operations – +468440 1661 – Fi
nland – Peter Klint at Operations in Finland
Ylva Sten – ylst53520 – ylva.sten@poweradmin.se – Service – +468440 7002 – Sweden –
Ylva Sten at Service in Sweden
Next post will be a start on the way to add these users to the AD
posted
17/12/09
By Fredrik Wall
We have:
- Real names
- User Names (samAccountNames) with employee numbers
In this part we will do stuff for the Lab OUs and we will also pick Country
for the users.
We will not create anything until we have what we need in information.
$labOUs = "Finance","IT","Marketing","Operations","Service","Customer Support"
$mylabOUs = $labOUs | Get-Random
The output will be one of the OUs in the $labOUs.
Finance
IT
Marketing
Need more OU names, just add yours.
Now It’s time to do the same way to make some countries for the users.
$userCountry = "Sweden", "Norway", "Denmark", "Finland"
$myUserCountry = $userCountry | Get-Random
posted
16/12/09
By Fredrik Wall
In my last post I did show you how to take names
from the internet to make “real” names.
I know that these are Swedish names and I will post
2 similar functions with US names later on.
Now when we have the names we want to make
usernames (samAccountName) of them as well.
So, first of all we need to clean the names from special
characters and other letter that we don’t want to use.
(All of the –creplace should be on the same line)
$userFirstName = $firstName -creplace('å','a')
-creplace('ä','a') -creplace('ö','o')
-creplace('Å','A') -creplace('Ä','A')
-creplace('Ö','O') -creplace('ü','u')
-creplace('Ü','U') -creplace('é','e')
-creplace('É','E')
And then we want to only use lower letters.
$userFirstName = $userFirstName.ToLower()
And then we want to take the first 2 letters in the first name.
$userShortFirstName = $userFirstName.Substring(0,2)
For the last name we will do the same thing.
$userLastName = $lastName -creplace(‘å‘,‘a‘)
-creplace(‘ä‘,‘a‘) -creplace(‘ö‘,‘o‘)
-creplace(‘Å‘,‘A‘) -creplace(‘Ä‘,‘A‘)
-creplace(‘Ö‘,‘O‘) -creplace(‘ü‘,‘u‘)
-creplace(‘Ü‘,‘U‘) -creplace(‘é‘,‘e‘)
-creplace(‘É‘,‘E‘)
$userLastName = $userLastName.ToLower()
$userShortLastName = $userLastName.Substring(0,$lettersUNamelName)
And we like to be able to create lots of accounts so we need to add
numbers to our samAccountNames.
So we do like this
$userNumber = Get-Random -Minimum 10000 -Maximum 99999
And then we put It all together like this
$userSAM = $userShortFirstName + $userShortLastName + $userNumber
The output of this will be something like
frwa12997
asv34432
teol98231
If you want more possible users, then you can higher the
-Maximum number. And if you want less numbers you can lower
the –Minimum and –Maximum numbers.