Need some help

Hi All, I need help on this as I am not very familiar with powershell. I need to extract lists of information based on the terms below.

  • A list of Groups with 0 members which are NOT under this dn: OU=MARKEDFORDELETION,DC=TEST-Service, DC=local
  • A list of users which are disabled and located under this dn: OU=Test,DC=TEST-Service ,DC=local
  • A list of users that are enabled and ONLY members of Domain Users. List their dn please.

Appreciate if someone could help. Thanks!

Parents
No Data
Reply
  • As for this ...

    I need help on this as I am not very familiar with powershell.

    ... before taking off on a new thing take a couple of days and get up to speed on it for the basic understanding of what is and is not PowerShell specific and how things needs to be approached.

    See this resource to get you started. Remember, YouTube and MSDN Channel9 are your friend and full of videos showing how to use PowerShell in general and use it with Active Directory. Just go there and search for them.

    'Learning PowerShell'
    https://www.youtube.com/results?search_query=learn+powershell
    https://channel9.msdn.com/Search?term=powershell%20jumpstart&lang-en=true
    https://channel9.msdn.com/Search?term=learn%20powershell&lang-en=true


    'powershell active directory'
    https://www.youtube.com/results?search_query=powershell+active+directory

    'powershell active directory group membership'
    https://www.youtube.com/results?search_query=powershell+active+directory+group+membership
    https://channel9.msdn.com/Search?term=powershell%20ad%20groups&lang-en=true


    What you are asking for is very basic PowerShell 101 stuff that you can learn in a couple of hours. Microsoft provide tools that will write the baseline code for you that you can save off an tweak as needed.

    You are literally asking folks to write this code for you, with you not showing any effort to work through it. Many will not respond to you or respond to you negatively, with statemtne like, 'this is not a free code writing service. Show us what you've tried, show us what you've searched for.'

    Literally, all of what you are asking for is in the PowerShell help file examples as well, in most cases almost 100 %. There are defined cmdlets to access user information in ADDS, but you need to be on the DC to use them, use an implicit or explicit PowerShell Remoting session, or have the Microsoft RSAT (Remote Server Administration Tools) installed and enabled on your workstation. On Windows 10, Windows Server, these tools just need to be enabled.

    https://community.idera.com/database-tools/powershell/powertips/b/tips/posts/rsat-tools-built-in?CommentId=37edd1fa-198d-4a51-a48f-659b976c30cf


    On Windows 8 and below, you need to download the version for your OS.


    https://support.microsoft.com/en-us/help/2693643/remote-server-administration-tools-rsat-for-windows-operating-systems
    https://www.microsoft.com/en-us/download/details.aspx?id=39296

    For what you are after, you use the *Account*, *User*, *Group*, *Member* cmdlets. Again, see the help file and the help file examples for each of them.


     Get-Command -Name '*AD*User*' | Format-Table -AutoSize

    CommandType Name                                      Version  Source
    ----------- ----                                      -------  ------
    ...
    Cmdlet      Get-ADUser                                1.0.1.0  ActiveDirectory
    ...
    Cmdlet      New-ADUser                                1.0.1.0  ActiveDirectory
    ...
    Cmdlet      Remove-ADUser                             1.0.1.0  ActiveDirectory
    ...
    Cmdlet      Set-ADUser                                1.0.1.0  ActiveDirectory
    ...


     Get-Command -Name '*Account*' | Format-Table -AutoSize

    CommandType Name                                              Version      Source
    ----------- ----                                              -------      ------
    ...
    Cmdlet      Search-ADAccount                                  1.0.1.0      ActiveDirectory
    ...


     Get-Command -Name '*ADGroup*' | Format-Table -AutoSize

    CommandType Name                                             Version  Source
    ----------- ----                                             -------  ------
    Cmdlet      Add-ADGroupMember                                1.0.1.0  ActiveDirectory
    ...
    Cmdlet      Get-ADGroup                                      1.0.1.0  ActiveDirectory
    Cmdlet      Get-ADGroupMember                                1.0.1.0  ActiveDirectory
    ...
    Cmdlet      New-ADGroup                                      1.0.1.0  ActiveDirectory
    ...
    Cmdlet      Set-ADGroup                                      1.0.1.0  ActiveDirectory
    ...


     Get-Command -Name '*Member*' | Format-Table -AutoSize

    CommandType Name                                             Version   Source
    ----------- ----                                             -------   ------
    ...
    Cmdlet      Add-ADGroupMember                                1.0.1.0   ActiveDirectory
    Cmdlet      Add-ADPrincipalGroupMembership                   1.0.1.0   ActiveDirectory
    ...
    Cmdlet      Get-ADGroupMember                                1.0.1.0   ActiveDirectory
    Cmdlet      Get-ADPrincipalGroupMembership                   1.0.1.0   ActiveDirectory
    ...


    Book references, normally the ones you'll see most recommend:

    Beginning ---

    Learn Windows PowerShell in a Month of Lunches 3rd Edition
    Donald W. Jones   (Author),‎    Jeffrey Hicks (Author)
    ISBN-13:  978-1617294167
    ISBN-10:  1617294160


    Internediate ---

    Windows PowerShell Cookbook: The Complete Guide to Scripting Microsoft's Command Shell 3rd Edition
    Lee Holmes   (Author)
    ISBN-13:  978-1449320683
    ISBN-10:  1449320686


    Advanced ---

    Windows PowerShell in Action 3rd Edition
    by Bruce Payette (Author),‎    Richard Siddaway (Author)
    ISBN-13:  978-1633430297
    ISBN-10:  1633430294


    From Microsoft

    Windows PowerShell Survival Guide

    Purpose of this Document
    The purpose of this document is to help you to learn more about PowerShell and to be successful in applying it. This document seeks to point to the best content on the web to enable you to reach that goal.


    Scope of this Document
    This page contains links to help you learn more about Microsoft Windows PowerShell. This includes PowerShell fundamentals as well as how PowerShell is used in Windows applications and services. As long as it's PowerShell related, we'll try to point to it!  The document is also version agnostic, and contains information about current and future versions of PowerShell.

    'social.technet.microsoft.com/wiki/contents/articles/183.windows-powershell-survival-guide.aspx'


    See also posts here for other resource suggestions here:

    Learning this stuff.
    https://www.reddit.com/r/PowerShell/comments/bserj9/learn_powershell/eooduq9/?context=3
    https://www.reddit.com/r/PowerShell/comments/bserj9/learn_powershell/eoodxzu/?context=3

    Best Practices
    https://www.reddit.com/user/get-postanote

    Practice with PSKoans

    PSKoans : 0.50.0
    A module designed to provide a crash-course introduction to PowerShell with programming koans.
    https://www.powershellgallery.com/packages/PSKoans/0.50.0

    *** Very Important ***
    Lastly, never ever, run any code from any one from anywhere, that you do not fully understand and what it is / will do.

    If you do, you could seriously damage your host and or your enterprise. Learn to master the -WhatIf, -Confirm, and leveraging the Set-StrictMode are part of your development, put that in your profile.

    Learn about profiles, and how to use them.

    Learn about execution policies, what they are and how / when to use them. Fully leverage auditing, monitoring and logging of PowerShell use by all users and processes. Especially as part of your corporate risk management effort.

Children
No Data