Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
38 Cards in this Set
- Front
- Back
Windows PowerShell providers
|
With Windows PowerShell providers, you can access data stores,
such as the registry and Active Directory, as easily as you access the file system |
|
You can add functionality to Power Shell by importing what
|
by importing modules/snapins
|
|
You can open the Active Directory Module For Windows PowerShell from the Administrative Tools program group, or you can import the module into
a PowerShell session by typing the following command |
Import-Module ActiveDirectory
|
|
Are cmdlets in power shell case-sensitive
|
no
|
|
What naming convetion cmdlets use
|
Verb-Noun aka Action-Object format
Noun is always singular Get-Service |
|
Active Directory nouns begin with AD what cmdlet you can use to list them
|
Get-Command -Noun AD* | More
|
|
to list all of the commands in the Active Directory for Windows PowerShell. To list the commands in the module, type the following command:
|
Get-Command -Module ActiveDirectory
|
|
‑Identity parameter
|
-Identity parameter is used by most Active Directory cmdlets to reference a specific object
Get-ADGroupMember -Identity "cn=Sales,ou=Groups,dc=contoso,dc=com" Get-ADGroupMember -Identity Sales |
|
Get-Help cmdlet
|
When you find a cmdlet that appears to support a task you want to perform, you can expose
the documentation for the cmdlet using the Get-Help cmdlet Get-Help Get-ADGroupMember |
|
optional parameters of Get-Help
|
-Examples Shows usage examples of the cmdlet
-Detailed Shows detailed information about the cmdlet and each of its parameters, as well as examples -Full Shows all documentation of the cmdlet |
|
get help, including examples, about the New-ADGroupMember cmdlet
|
Get-Help Get-ADGroupMember -detailed
|
|
The following command returns
an object representing the user with the sAMAccountName mike.fitz: |
Get-ADUser -Identity mike.fitz
|
|
In Windows PowerShell, variable names are preceded by a
|
In Windows PowerShell, variable names are preceded by a dollar sign ($).
The variable name itself is not case sensitive. To assign a variable—that is, to create and define a variable—simply use the following syntax: $variable = value |
|
Windows PowerShell has built-in variables, including the following:
|
$true Boolean true
$false Boolean false $error Contains the error object of the most recent error |
|
Windows PowerShell features a pipeline:
|
a channel through which the output of
a cmdlet can be passed to the following cmdlet on the same command line. The pipeline is represented by the pipe character (|). For example, type the following to disable the account for Mike Fitzmaurice: Get-ADUser mike.fitz | Set-ADUser -Enabled $false |
|
Get-ADGroupMember cmdlet returns a collection of objects representing group members. To disable the accounts of all users in the Sales group, type the following command
|
Get-ADGroupMember -Identity Sales | Set-ADUser -Enabled $false
|
|
Often, the pipeline is extended to more than one line to improve readability. There are several ways to enter one line of a pipeline and then continue the pipeline on a subsequent line:
|
The tick mark (`)
Get-ADGroupMember -Identity Sales | ` Set-ADUser -Enabled $false The pipe symbol (|) Get-ADGroupMember -Identity Sales | Set-ADUser -Enabled $false Curly braces ({}) |
|
gsv is an alias
|
gsv is an alias for Get-Service, a cmdlet that returns a collection of
services on a system. |
|
list all aliases
|
Get-Alias lists all aliases in the current PS session
|
|
PSDrives
|
Windows PowerShell automatically creates a PSDrive for each drive letter already defined by Windows
PS also creates PSDrives for commonly required resources |
|
HKCU
HKLM |
to PSDrives create autmatically by PS for
HKEY_CURRENT_USER nad HKEY_LOCAL_MACHINE |
|
To list the PSDrives that have been created
|
type Get-PSDrive.
|
|
Active Directory PowerShell Provider
|
Windows Server 2008 R2 adds a provider for AD, so you can navigate AD as folders on a disk volume. To use the Active Directory
provider, type the following command: cd AD: The prompt changes to PS AD:\> |
|
PS cmd that uses AD PSDrives to navigate to the domain partition for the contoso.com domain type
|
cd "dc=contoso,dc=com"
|
|
PS cmd that uses AD PSDrives to navigate to the User Accounts OU, type
the following command: To create a new OU for Contractors in the User Accounts OU, type the following command |
cd "ou=User Accounts"
md "ou=Contractors |
|
To create a user account for Mary North, type the following command
For example, to create a user account for Mary North in the User Accounts OU, type the following command |
New-ADUser -Name "Mary North"
New-ADUser -Path "ou=User Accounts,dc=contoso,dc=com" -Name "Mary North" -SAMAccountName "mary.north" |
|
In order to create an user account using a template
1st you need to create a reference to the template account 2nd create the account based on the template |
1)$user = Get-ADUser "CN=_Sales Template,OU=User Accounts,DC=contoso,DC=com"
-Properties MemberOf,Title,Department,Company,PhysicalDeliveryOfficeName 2)New-ADUser -path "ou=User Accounts,dc=contoso,dc=com" -Instance $user -Name "Mary North" -SAMAccountName "mary.north" |
|
Set-ADUser cmdlet
|
provides parameters for the most commonly used attributes. For less commonly used attributes, the –Add, -Replace, -Clear, and -Remove parameters provide direct access to all attributes
|
|
you can use the -Identity parameter of the cmdlet to change Mary North email
|
Set-ADUser -Identity mary.north -EmailAddress "mary.north@contoso.com"
OR Get-ADUser -Identity mary.north | Set-ADUser -EmailAddress "mary.north@contoso.com" |
|
dot notation
|
A dot (.) separates the object from the LDAP name of the property
|
|
cmdlet to change or reset a password
and switch to reset |
Set-ADAccountPassword cmdlet
-Reset Set-ADAccountPassword -Identity "mary.north" -Reset |
|
Windows PowerShell does not allow a cmdlet to receive a secret, such as a password,
in a plain text parameter. It must be passed securely. Therefore, if you want to include the password in the command line, it must be converted to a secure string before it can be used as a password parameter |
Set-ADAccountPassword -Identity "mary.north" -Reset
-NewPassword (ConvertTo-SecureString -AsPlainText "Pa$$w0rd" -Force) |
|
Import a csv file with PS
Newusers.csv name,sAMAccountName,GivenName,Surname John Woods,john.woods,Johnathan,Woods Kim Akers,kim.akers,Kimberly,Akers |
import-csv "C:\Users\Administrator\Desktop\newusers.csv" | New-ADUser
You can even add parameters, as in the following example: import-csv "C:\Users\Administrator\Desktop\newusers.csv" | New-ADUser -organization Contoso |
|
create a new OU called Employees in the User Accounts OU.
|
New-ADOrganizationalUnit -Name Employees
-Path "ou=User Accounts,dc=contoso,dc=com" -ProtectedFromAccidentalDeletion $true |
|
Which cmdlet deletes a user?
|
Remove-ADUser.
|
|
cmd to query all users with the word Miami in the description field of their account
cmd to modify the office for all users with the word Miami on the description field |
dsquery user -desc "*Miami*"
dsquery user -desc "*Miami*" | dsmod user -office "Sydney" |
|
get all users with description containing "Sidney" and display their samid
|
dsquery user -desc "*Sydney*" | dsget user -samid -upn
|
|
Using Get-ADUser and -Filter find all users with office Sidney
change their account to enabled |
Get-ADUser -Filter {office -eq "Sydney"}
Get-ADUser -Filter {office -eq "Sydney"} | Set-ADUser -enabled $true |