Recursive search active directory

I was searching for a method of how I can extract all the groups a user has despite the fact that those groups are nested.

Using Get-ADGroupMember and –recursive parameter you can see how many users are members of that group but how about the other way? There is no –recursive parameter when using Get-AdUser –filter WhatEverFilterYouWant.

The option I’ve found can be found below:

$useraccount = ‘Username’

$dn =( (Get-ADUser $useraccount).DistinguishedName)

Get-ADGroup -LDAPFilter (“(member:1.2.840.113556.1.4.1941:={0})” -f $dn) | select -expand Name | sort Name

You can simplify all in just one line, but it will be hard to read for someone that now is learning PowerShell.

Restores

In case you accidently deleted an object in Active directory, starting with Windows 2008 R2 Microsoft added the Recycle bin as an option for Active directory.

You can easily find out all the accounts that were deleted recently by running the below command in PowerShell:

get-adobject -Filter {Deleted -eq $true -and ObjectClass -eq “user” -and ObjectClass -ne “computer”} -IncludeDeletedObjects | Select-Object Name | FL

The above command will return a list with all the user accounts that were deleted.

If you want to restore a deleted account you can easily run the below command:

Get-ADObject -Filter ‘samaccountname -eq “dummy_test”‘ -IncludeDeletedObjects | Restore-ADObject

If the user also had an e-mail account you can import the Exchange powershell snapin and execute the below command to find if the mailbox is still there

Get-MailboxDatabase | Get-MailboxStatistics | where { $_.DisconnectDate -ne $null }

System Administrator

This days if don’t know PowerShell it will be hard to be an admin. It’s much easier to hire an admin that knows scripting than hiring 5 engineers to do manual work.

Most vendors released modules for PowerShell. A good administrator will need to know a little bit (or more) about everything. He will need to know virtualization (VMware, Citrix), messaging (Exchange), servers (Windows Servers), Active Directory, SQL and also some storage as all of them are on the storage level.

In order to find what’s already there you will need to use two commands:

  • Get-Module –listavailable (1st picture)
  • Get-PSSnapin –Registered (2nd picture)

On the computer I’ve issued this two command I have the most  usual modules:

  • NetApp module (DataONTAP), Active directory, Citrix, Exchange and VMware.

Screenshot

Screenshot

About WMI (Windows Management Instrumentation)

You reached this site as you may be looking after what‘s the purpose of the WMI? Mr. Google does have all the answers for you, but what happens if you don’t have Internet access?

The simple way to find details about WMI is to query the system help file. An easy way to do it is by using PowerShell and just type ”help about_WMI_Cmdlets”

Screenshot

 

Read it carefully as if you are an administrator you will be querying WMI very often to find useful information.