Category Archives: powershell

May 08

Powershell – Check All Group Objects for Managed by Update Check Box

Posted on by

I am using the Quest AD tools but the qad commands could be changed to use the native AD commands. This was created to look for the checkbox in Active Directory Users and Computers named: Manager Can Update Membership List just under the managed by on the group object.

$file = “C:\Workspace\groupslist.txt”
$groups = Get-qADGroup * -sizelimit 0
foreach ($item in $groups)
{
write-host “Checking AD Group: “$item.name
if ($item.ManagedBy -ne $null) {
$check = Get-qadpermission $item -rights WriteProperty -account $item.ManagedBy -SchemaDefault
$fullline = ($item.name + “|” + $check.rights + “|” + $item.ManagedBy + “|” + $item.GroupType + “|” + $item.Description )
Add-Content $file $fullline
}
}

Apr 25

Powershell Check-Service

Posted on by

Syntax: Check-service computername

I use this function to check all services on a machines for start state and if they are running.   Get-service does not include startmode so I need to get -wmiobject of each service first.    If the state is set to auto and the service is not running the script will prompt to start the service.   I put this in my $profile so if is already ready to go.    Enjoy

Apr 03

Find disabled users with User folders still on network share

Posted on by

The purpose of this command is to find user folders on a network share that have most likely left the company.

This assumes the folder name = the users logon name

Apr 02

Powershell Get-Serverinfo

Posted on by

I often want to look up information on a Windows Server but do not want to run several commands. I have created a function and stored it in the profile.   I plan on adding more to this as I have time. You could get creative with something like this and check last 5 event failures from the event logs, service failures or last logged in user.

I load this in the profile check this post to see how.

Usage: get-serverinfo servername

Return to the PowerShell Handbook

Mar 01

PowerShell – Get Members of Active Directory Group

Posted on by

Requirement: Quest ActiveDirectory Tools

Simple get group with Quest Tools

The above method took about 2min 5  seconds on a smaller group.  I tend to use out-gridview so I can easily paste in Excel but you can remove that if you just want to see the results in console.   This method is overly complex and takes more time than it should.  See the below method for an optimized way to get the users. I need to give some credit a friend named Eduardo on this,  he was the one that got me running measure-command{} today looking to the quickest method to run this query.   My original thought was the above method only parsed members of the group and the lower method parsed all users.  Clearly that is incorrect and the lower method is just grabbing members of the group.

Simplified and Optimized – The following takes 7.15 seconds

Some of the common fields you can select

givenname whencreated whenchanged
mail email title
userPrincipalName PasswordLastSet AccoutisDisabled
AccoutIsLockedout dn MemberOf
ParentContainer ParentContainerDN Description

Return to the PowerShell Handbook