I hesitated for a long time. It’s done, it’s not done… should I add more menus… But at some point it’s over. It has to be published. The following article describes the use of a set of advanced functions. This function presents a menu with a lot of scripts in it. It’s like sconfig, but in relation it’s much more powerful when it comes to Active Directory administration.
*** Update ***
For the last version see Active Directory Domain Services Section (Version 1.1)
The function has grown and grown over time and it’s not a perfect script, but I’m sure it will help many of you out there. If you look inside the script, don’t be afraid of lot’s of Write-Host. Write-Host is not as evil as many say.
Active Directory Domain Services Section
What can we do with it? This is the question for this part. I wanna give you a foretaste. Here’s the menu:
And here are the sub menus:
1 – List all Domain Controllers
2 – Domain Configuration
3 – Forest Configuration
4 – List Windows Clients
5 – List all Windows Server
6 – List all Computer
7 – Systeminfo on Remote Computer
You are able to select a scope …
8 – The Domain Admins
Please note that nested groups are not shown.
9 – Show Optional Features (Recycle Bin …)
10 – List all active (linked) GPOs by Name
11 – Show Default Domain Policy Settings
12 – Show all Active Directory Sites in Detail
13 – Show Users Last Logon
14 – Get a list of all enabled users
15 – List User Details
16 – List Active Directory Groups
17 – List Group Memberships
18 – Send Messages to user’s desktop
Cool, ha? One of my favorites …
19 – Get Logged on User per Workstation
Another cool stuff … Second favorite … 😉
First, provide administrator credentials …
Then enter the computer to query … Petra has logged on to client01.
Ok, that’s it for now.
PowerShell Web Access
You are also able to run this in PowerShell Web Access:
If you haven’t installed PowerShell Web Access yet, here’s a walk through: Windows Server 2012/2016: Installing and Configuring PowerShell Web Access (PSWA)
I have decided not to present the entire code here. Too many lines of code. You can download the script here, it’s a psm1 file, a PowerShell script module file:
Prerequisites and Notes:
- Tested in an Active Directory environment with Windows Server 2012/2016 Domain Controllers and Windows 7/8/10 clients
- All operating systems should be installed in English (because of the compatibility with section 19)
- WinRm must be enabled on all Client computers (WinRm is enabled on Windows Server 2012/2016 by default) manually (winrm qc) or by GPO https://www.pcwdld.com/winrm-quickconfig-remotely-configure-and-enable
- Run the tool on a Domain Controller (You may run into troubles with RSAT)
- 0 and Enter (instead of Enter only) to go back to the main menu is due to the possible integration of PowerShell Web Access where pressing Enter only will not work
After downloading create a folder “AD” in C:\Program Files\Windows PowerShell\Modules and save the AD.psm1 file there.
It should be then available every time you start PowerShell and run the command ad.
Or as mentioned in PowerShell Web Access.
Have fun with it! I am very grateful for ideas for further functions.