In the last few weeks I have been covering a few core technologies In my Weekly Series like Docker Basics and Office 365 PowerShell and today I’m starting a new Weekly series about management Of Active Directory using PowerShell.
With the upcoming release of Windows Server 2016 Windows Active Directory PowerShell Module comes with 147 cmdlets.
The Active directory PowerShell module Is load by default when Installing a Domain Controller.
You could access the module directly from the Administrative Control Panel on your Domain Controller as seen below:
You Could also load the module from any PowerShell Session on the DC using:
To get started I’ll show you how to use the AD PowerShell to run built In queries using the AD PowerShell Module.
To search AD for locked AD accounts type:
Search-adaccount -accountdisabled | ft
To search for Account with Expired password type:
Search-adaccount -passwordExpired| ft
To search for user with Password Never Expired setting type:
Search-adaccount -passwordneverExpires| ft
To search for users that have not logged on to the network for the last 90 days type:
Search-ADAccount -AccountInactive -TimeSpan 90.00:00:00 | ft
To search locked accounts type:
You could also use search for computers only by using the -ComputersOnly switch
Search-adaccount -accountdisabled -computersOnly | ft