Category Archives: PowerShell

Why I don’t like the Quest Active Directory PowerShell Cmdlets

Many Active Directory admins use and like the Quest Active Directory PowerShell Cmdlets, that are part of the free ActiveRoles Management Shell for Active Directory. They have been freely available since 2007 and have been the long trusted scripting companion for many. I am not one of them. It’s nothing personal. Let me explain.   […]

9  

Active Directory in Hyper-V environments, Part 9

This entry is part 9 of 10 in the series Active Directory in Hyper-V environments

I have written a lot about Active Directory Domain Controllers and Hyper-V in this series. So far you’ve seen recommendations on host configuration, guest configuration, security and converting physical Active Directory Domain Controllers to virtual ones. Today, I’m covering anti-affinity.

0  

Five Things you should know about using DirSync with Password Sync

In version 1.0.6385.12 of the Windows Azure Directory Synchronization tool (or DirSync for short) Microsoft introduced the ability for administrators to synchronize password(hashe)s to Azure Active Directory. I’ve blogged about the DirSync tool in the past, when the 32bit tool was deprecated, and today, with the Password Sync functionality, I feel I have good reason […]

0  

Active Directory Services and PowerShell manageability

As you might be aware, every Microsoft server product has the requirement to be manageable through PowerShell and System Center. The PowerShell requirement is formulated as part of the Common Engineering Criteria (CEC). With PowerShell available as a version 3 product (and part of Windows Server 2012) it’s time to see how the teams, responsible […]

2  

PowerShell, LDIFDE, CSVDE and Protection from Accidental Deletion

When you build test environments regularly, at some point you’ll want to fill your Active Directory quickly. If, for instance, you have a data set with Organizational Units (OUs), user accounts and groups, you’ll want to quickly import this data. If, on the other hand, in your business you’re allowed to use the user information […]

0  

KnowledgeBase: ADDSDeployment module with the -Whatif argument shows incorrect DNS results

Microsoft released a KnowledgeBase article titled “ADDSDeployment module with the -Whatif argument shows incorrect DNS results” This KnowledgeBase article describes unexpected behavior in the PowerShell Cmdlets within the ADDSDeployment PowerShell module when you use the -WhatIf argument without specifying the -installdns argument.

0  

KnowledgeBase: "Access is denied" error message when you create a child domain remotely by using Install-ADDSDomain

Microsoft has issued a new KnowledgeBase article that addresses an issue when you use the Install-ADDSDomain PowerShell Cmdlet from the ADDSDeployment PowerShell module remotely to create a child domain. This issue is related to PowerShell remoting and the fact that the Install-ADDSDomain PowerShell Cmdlet doesn’t perform a pre-check on the password to create the DNS […]

0  

Options that are only available when you promote Windows Server 2012 to a Domain Controller with PowerShell

The new Domain Controller Promotion process in Windows Server 2012 with the Active Directory Domain Services Configuration Wizard, is a nice new way to promote Windows Server 2012-based hosts to Domain Controllers, since it enables: Remote promotion of Windows Server 2012-based hosts to Domain Controllers Promotion of a group of Windows Server 2012-based hosts to […]

0  

Reusing a Role Installation XML file in Windows Server 2012 to install the Active Directory Domain Services Role

Ranging from multi-server management to over 2400 PowerShell Cmdlets, Windows Server 2012 delivers on the promise of standards-based management and automation capabilities. Part of the new Domain Controller Promotion process is installing the Active Directory Domain Services role onto a stand-alone or member server. This activity needs to be completed before the new Active Directory […]

1  

New features in Active Directory Domain Services in Windows Server 2012, Part 8: Group MSAs (gMSAs)

This entry is part 8 of 21 in the series New features in AD DS in Windows Server 2012

Back in Windows Server 2008 R2, Managed Service Accounts (MSAs) solved the problem of unsecure service accounts. Managing them was a nightmare, even if you knew what you were doing. Now, In Windows Server 2012, Microsoft addresses a couple of these challenges This blogposts shows how.

3