In the last couple of posts we have taken a look at working with providers and using the registry provider. In this post we are going to use a provider near and dear to networks everywhere, the Active Directory provider. Working with the Active Directory provider is just one way to work with Active Directory in PowerShell. However, in PowerShell 2.0 you can use a dedicated set of cmdlets specifically designed to manage AD in PowerShell, which we will take a look at in future post.. I wanted to just give a quick primer on how the AD provider works. The AD provider is a nice tool to navigate through the directory and as you see as easy as working with other Providers. To use the Active Directory provider or cmdlets you need to load the Active Directory module, with the Import-Module cmdlet (which we covered in part 3). To begin working with AD, run the following command:
After you have imported the module you then can begin working with the provider and just like other providers it starts with a cd.
When you run dir at the root you can see your domain, and various other AD objects like the configuration container, schema, domain and forest dns zones. Do you can begin navigating the domain. To do so you need to be able to speak a little LDAP and use the proper distinguished names to move through the domain. If your domain is contoso.com you would use the following command to move into the domain, and you need the quotes:
If you wanted to switch into an organizational unit (ou)you would precede the name of the ou=, if you wanted to move into a built in container like users, you would need to proceed the name of the container with cn=. This is basic LDAP syntax. The following two examples will move you into the sales OU and Users container respectively (presuming you were in the domain):
After you have moved into a directory you may want to look at a user or the properties of the user. If you wanted to see the information about the Administrator you would run the following command. Get-ADUser is one of the new built-in cmdlets you can use to work with PowerShell:
If you wanted to see all the properties for an user you would run the following command:
Get-ADUser administrator -properties *
I hope you enjoyed this quick tour through the AD provider. While the provider allows you to work directly with AD it is good for navigation, and as one way you work with AD in PowerShell. As you will see in a future post the AD cmdlets are designed to work with AD. They really do a much better job at working directly with and modifying AD. Look to Sarah’s blog tomorrow where she will take you on a tour of the IIS provider, very cool tech!
Thanks for reading and if you missed any of the previous posts you can find a master list of series postings located here: PowerShell Not Your Father's Command Line: 31 Days of PowerShell or on Sarah’s blog here: PowerShell Not Your Father's Command Line: 31 Days of PowerShell. Lastly Sarah and I want to hear from you email either of us with your comments or suggestions for future postings let us know, we look forward to hearing from you. Have a great day!