├── .gitignore ├── .vscode └── settings.json ├── Archives ├── Add-ADSIGroupMember.ps1 ├── AdsiPS │ ├── AdsiPS.psd1 │ ├── AdsiPS.psm1 │ └── Public │ │ ├── Add-ADSIGroupMember.ps1 │ │ ├── Compare-ADSITeamGroups.ps1 │ │ ├── Disable-ADSIComputer.ps1 │ │ ├── Disable-ADSIUser.ps1 │ │ ├── Enable-ADSIComputer.ps1 │ │ ├── Enable-ADSIDomainControllerGlobalCatalog.ps1 │ │ ├── Enable-ADSIUser.ps1 │ │ ├── Get-ADSIComputer.ps1 │ │ ├── Get-ADSIComputerSite.ps1 │ │ ├── Get-ADSIDefaultDomainAccountLockout.ps1 │ │ ├── Get-ADSIDefaultDomainPasswordPolicy.ps1 │ │ ├── Get-ADSIDomain.ps1 │ │ ├── Get-ADSIDomainController.ps1 │ │ ├── Get-ADSIDomainMode.ps1 │ │ ├── Get-ADSIDomainRoot.ps1 │ │ ├── Get-ADSIDomainTrustRelationship.ps1 │ │ ├── Get-ADSIFineGrainedPasswordPolicy.ps1 │ │ ├── Get-ADSIForest.ps1 │ │ ├── Get-ADSIForestDomain.ps1 │ │ ├── Get-ADSIForestMode.ps1 │ │ ├── Get-ADSIForestTrustRelationship.ps1 │ │ ├── Get-ADSIFsmo.ps1 │ │ ├── Get-ADSIGlobalCatalog.ps1 │ │ ├── Get-ADSIGroup.ps1 │ │ ├── Get-ADSIGroupManagedBy.ps1 │ │ ├── Get-ADSIGroupMember.ps1 │ │ ├── Get-ADSIGroupPolicyObject.ps1 │ │ ├── Get-ADSIObject.ps1 │ │ ├── Get-ADSIOrganizationalUnit.ps1 │ │ ├── Get-ADSIPrincipalGroupMembership.ps1 │ │ ├── Get-ADSIPrintQueue.ps1 │ │ ├── Get-ADSIReplicaCurrentTime.ps1 │ │ ├── Get-ADSIReplicaDomainInfo.ps1 │ │ ├── Get-ADSIReplicaForestInfo.ps1 │ │ ├── Get-ADSIReplicaGCInfo.ps1 │ │ ├── Get-ADSIReplicaInfo.ps1 │ │ ├── Get-ADSIRootDSE.ps1 │ │ ├── Get-ADSISchema.ps1 │ │ ├── Get-ADSISite.ps1 │ │ ├── Get-ADSISiteLink.ps1 │ │ ├── Get-ADSISiteServer.ps1 │ │ ├── Get-ADSISiteSubnet.ps1 │ │ ├── Get-ADSITokenGroup.ps1 │ │ ├── Get-ADSITombstoneLifetime.ps1 │ │ ├── Get-ADSIUser.ps1 │ │ ├── Move-ADSIComputer.ps1 │ │ ├── Move-ADSIDomainControllerRole.ps1 │ │ ├── Move-ADSIDomainControllerToSite.ps1 │ │ ├── Move-ADSIGroup.ps1 │ │ ├── Move-ADSIUser.ps1 │ │ ├── New-ADSIComputer.ps1 │ │ ├── New-ADSIDirectoryContext.ps1 │ │ ├── New-ADSIDirectoryEntry.ps1 │ │ ├── New-ADSIGroup.ps1 │ │ ├── New-ADSIPrincipalContext.ps1 │ │ ├── New-ADSISite.ps1 │ │ ├── New-ADSISiteSubnet.ps1 │ │ ├── New-ADSIUser.ps1 │ │ ├── Remove-ADSIComputer.ps1 │ │ ├── Remove-ADSIGroup.ps1 │ │ ├── Remove-ADSIGroupMember.ps1 │ │ ├── Remove-ADSISite.ps1 │ │ ├── Remove-ADSISiteSubnet.ps1 │ │ ├── Remove-ADSIUser.ps1 │ │ ├── Reset-ADSIUserPasswordAge.ps1 │ │ ├── Search-ADSIAccount.ps1 │ │ ├── Set-ADSIUser.ps1 │ │ ├── Set-ADSIUserPassword.ps1 │ │ ├── Start-ADSIReplicationConsistencyCheck.ps1 │ │ ├── Test-ADSICredential.ps1 │ │ ├── Test-ADSIUserIsGroupMember.ps1 │ │ ├── Test-ADSIUserIsLockedOut.ps1 │ │ └── Unlock-ADSIUser.ps1 ├── AdsiPs.psd1 ├── AdsiPs.psm1 ├── Build │ ├── build.ps1 │ ├── deploy.psdeploy.ps1 │ └── psake.ps1 ├── Get-ADSIComputer.ps1 ├── Get-ADSIComputerSite.ps1 ├── Get-ADSIComputerSite2.ps1 ├── Get-ADSIContact.ps1 ├── Get-ADSIDomainController.ps1 ├── Get-ADSIDomainDomainControllers.ps1 ├── Get-ADSIFsmo.ps1 ├── Get-ADSIGroup.ps1 ├── Get-ADSIGroupMembership.ps1 ├── Get-ADSIGroupMembership_.ps1 ├── Get-ADSISite.ps1 ├── Get-ADSISiteConnection.ps1 ├── Get-ADSISiteLink.ps1 ├── Get-ADSISiteServer.ps1 ├── Get-ADSISitesInfo.ps1 ├── Get-ADSITrustRelationShip.ps1 ├── Get-ADSIUser.ps1 ├── New-ADSIDirectoryContextDomain.ps1 ├── New-ADSIDirectoryContextForest.ps1 ├── Remove-ADSIGroupMember.ps1 ├── WorkInProgress │ ├── Get-ADSIObject2.ps1 │ ├── Get-ADSIObject2.ps1_ │ ├── Get-ADSIUserCurrent.ps1 │ ├── GetUnderlyingSearcher.ps1 │ ├── Search-ADSIUser.ps1 │ ├── Search-ADSIUserLogonTime.ps1 │ ├── Set-ADSIUserExpiration.ps1 │ └── Set-ADSIUserExpirationDate.ps1 └── install.ps1 ├── CHANGELOG ├── CONTRIBUTING.md ├── LICENSE.md ├── PITCHME.md ├── README.md ├── azure-pipelines.yml ├── build.ps1 ├── build ├── .psdeploy.ps1 ├── build.scriptanalyzersettings.psd1 ├── requirements.psd1 └── tasks.build.ps1 ├── docs ├── doc_functions.md └── doc_usecases.md ├── src ├── public │ ├── Add-ADSIGroupMember.ps1 │ ├── Compare-ADSITeamGroups.ps1 │ ├── Copy-ADSIGroupMembership.ps1 │ ├── Disable-ADSIComputer.ps1 │ ├── Disable-ADSIUser.ps1 │ ├── Enable-ADSIComputer.ps1 │ ├── Enable-ADSIDomainControllerGlobalCatalog.ps1 │ ├── Enable-ADSIUser.ps1 │ ├── Get-ADSIClass.ps1 │ ├── Get-ADSIComputer.ps1 │ ├── Get-ADSIComputerSite.ps1 │ ├── Get-ADSIDefaultDomainAccountLockout.ps1 │ ├── Get-ADSIDefaultDomainPasswordPolicy.ps1 │ ├── Get-ADSIDomain.ps1 │ ├── Get-ADSIDomainBackup.ps1 │ ├── Get-ADSIDomainController.ps1 │ ├── Get-ADSIDomainMode.ps1 │ ├── Get-ADSIDomainRoot.ps1 │ ├── Get-ADSIDomainTrustRelationship.ps1 │ ├── Get-ADSIFineGrainedPasswordPolicy.ps1 │ ├── Get-ADSIForest.ps1 │ ├── Get-ADSIForestDomain.ps1 │ ├── Get-ADSIForestMode.ps1 │ ├── Get-ADSIForestTrustRelationship.ps1 │ ├── Get-ADSIFsmo.ps1 │ ├── Get-ADSIGlobalCatalog.ps1 │ ├── Get-ADSIGroup.ps1 │ ├── Get-ADSIGroupManagedBy.ps1 │ ├── Get-ADSIGroupMember.ps1 │ ├── Get-ADSIGroupMembershipTreeView.ps1 │ ├── Get-ADSIGroupPolicyObject.ps1 │ ├── Get-ADSIObject.ps1 │ ├── Get-ADSIOrganizationalUnit.ps1 │ ├── Get-ADSIPrincipalGroupMembership.ps1 │ ├── Get-ADSIPrintQueue.ps1 │ ├── Get-ADSIRIDsPool.ps1 │ ├── Get-ADSIReplicaCurrentTime.ps1 │ ├── Get-ADSIReplicaDomainInfo.ps1 │ ├── Get-ADSIReplicaForestInfo.ps1 │ ├── Get-ADSIReplicaGCInfo.ps1 │ ├── Get-ADSIReplicaInfo.ps1 │ ├── Get-ADSIRootDSE.ps1 │ ├── Get-ADSISchema.ps1 │ ├── Get-ADSISite.ps1 │ ├── Get-ADSISiteLink.ps1 │ ├── Get-ADSISiteServer.ps1 │ ├── Get-ADSISiteSubnet.ps1 │ ├── Get-ADSITokenGroup.ps1 │ ├── Get-ADSITombstoneLifetime.ps1 │ ├── Get-ADSIUser.ps1 │ ├── Get-ADSIUserPrimaryGroup.ps1 │ ├── Move-ADSIComputer.ps1 │ ├── Move-ADSIDomainControllerRole.ps1 │ ├── Move-ADSIDomainControllerToSite.ps1 │ ├── Move-ADSIGroup.ps1 │ ├── Move-ADSIUser.ps1 │ ├── New-ADSIComputer.ps1 │ ├── New-ADSIDirectoryContext.ps1 │ ├── New-ADSIDirectoryEntry.ps1 │ ├── New-ADSIGroup.ps1 │ ├── New-ADSIPrincipalContext.ps1 │ ├── New-ADSISite.ps1 │ ├── New-ADSISiteSubnet.ps1 │ ├── New-ADSIUser.ps1 │ ├── Remove-ADSIComputer.ps1 │ ├── Remove-ADSIGroup.ps1 │ ├── Remove-ADSIGroupMember.ps1 │ ├── Remove-ADSISite.ps1 │ ├── Remove-ADSISiteSubnet.ps1 │ ├── Remove-ADSIUser.ps1 │ ├── Reset-ADSIUserPasswordAge.ps1 │ ├── Search-ADSIAccount.ps1 │ ├── Set-ADSIComputer.ps1 │ ├── Set-ADSIGroup.ps1 │ ├── Set-ADSIUser.ps1 │ ├── Set-ADSIUserPassword.ps1 │ ├── Start-ADSIReplicationConsistencyCheck.ps1 │ ├── Test-ADSICredential.ps1 │ ├── Test-ADSIUserIsGroupMember.ps1 │ ├── Test-ADSIUserIsLockedOut.ps1 │ ├── Unlock-ADSIComputer.ps1 │ └── Unlock-ADSIUser.ps1 ├── source.psd1 └── source.psm1 └── tests └── module.unit.tests.ps1 /.gitignore: -------------------------------------------------------------------------------- 1 | # ignore folder output 2 | output/ 3 | buildoutput/ 4 | dependencies/ 5 | archive/ 6 | archives/ 7 | -------------------------------------------------------------------------------- /.vscode/settings.json: -------------------------------------------------------------------------------- 1 | { 2 | "editor.insertSpaces": true, 3 | "editor.tabSize": 4, 4 | "editor.autoIndent": true, 5 | "editor.detectIndentation": false, 6 | "editor.renderWhitespace": "all", 7 | "powershell.codeFormatting.ignoreOneLineBlock": false, 8 | "powershell.codeFormatting.newLineAfterCloseBrace": true, 9 | "powershell.codeFormatting.newLineAfterOpenBrace": true, 10 | "powershell.codeFormatting.openBraceOnSameLine": false, 11 | "powershell.codeFormatting.whitespaceAfterSeparator": true, 12 | "files.trimTrailingWhitespace": true, 13 | "files.encoding": "utf8" 14 | } 15 | -------------------------------------------------------------------------------- /Archives/AdsiPS/AdsiPS.psm1: -------------------------------------------------------------------------------- 1 | # Get public and private function definition files. 2 | $Public = @(Get-ChildItem -Path $PSScriptRoot\Public\*.ps1 -ErrorAction SilentlyContinue) 3 | $Private = @(Get-ChildItem -Path $PSScriptRoot\Private\*.ps1 -ErrorAction SilentlyContinue) 4 | 5 | # Dot source the files 6 | Foreach ($import in @($Public + $Private)) 7 | { 8 | TRY 9 | { 10 | . $import.fullname 11 | } 12 | CATCH 13 | { 14 | Write-Error -Message "Failed to import function $($import.fullname): $_" 15 | } 16 | } 17 | 18 | # Try to add necessary assembly during module import - fixes issue where params rely on types within this assembly 19 | # If this assembly was not loaded prior to running Get-ADSIGroup, for example, you were not able to use that function 20 | # If adding this assembly fails, we still allow the user to import the module, but we show them a helpful warning 21 | TRY 22 | { 23 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 24 | } 25 | CATCH 26 | { 27 | Write-Warning "[AdsiPS] Unable to add assembly 'System.DirectoryServices.AccountManagement'.`r`nPlease manually add this assembly into your session or you may encounter issues! `r`n`r`nRun the following command: 'Add-Type -AssemblyName System.DirectoryServices.AccountManagement'" 28 | } 29 | 30 | # Export all the functions 31 | Export-ModuleMember -Function $Public.Basename -Alias * 32 | -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Disable-ADSIComputer.ps1: -------------------------------------------------------------------------------- 1 | function Disable-ADSIComputer 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to disable a Computer Account 6 | 7 | .DESCRIPTION 8 | Function to disable a Computer Account 9 | 10 | .PARAMETER Identity 11 | Specifies the Identity of the Computer. 12 | 13 | You can provide one of the following properties 14 | DistinguishedName 15 | Guid 16 | Name 17 | SamAccountName 18 | Sid 19 | 20 | .PARAMETER Credential 21 | Specifies the alternative credential to use. 22 | By default it will use the current user windows credentials. 23 | 24 | .PARAMETER DomainName 25 | Specifies the alternative Domain. 26 | By default it will use the current domain. 27 | 28 | .EXAMPLE 29 | Disable-ADSIComputer TESTSERVER01 30 | 31 | This command will disable the account TESTSERVER01 32 | 33 | .EXAMPLE 34 | Disable-ADSIComputer TESTSERVER01 -whatif 35 | 36 | This command will emulate disabling the account TESTSERVER01 37 | 38 | .EXAMPLE 39 | Disable-ADSIComputer TESTSERVER01 -credential (Get-Credential) 40 | 41 | This command will disable the account TESTSERVER01 using the alternative credential specified 42 | 43 | .EXAMPLE 44 | Disable-ADSIComputer TESTSERVER01 -credential (Get-Credential) -domain LazyWinAdmin.local 45 | 46 | This command will disable the account TESTSERVER01 using the alternative credential specified in the domain lazywinadmin.local 47 | 48 | .NOTES 49 | https://github.com/lazywinadmin/ADSIPS 50 | 51 | .LINK 52 | https://msdn.microsoft.com/en-us/library/system.directoryservices.accountmanagement.computerprincipal(v=vs.110).aspx 53 | #> 54 | [CmdletBinding(SupportsShouldProcess = $true)] 55 | param ( 56 | [parameter(Mandatory = $true, ValueFromPipelineByPropertyName = $true, ValueFromPipeline = $true)] 57 | $Identity, 58 | 59 | [Alias("RunAs")] 60 | [System.Management.Automation.PSCredential] 61 | [System.Management.Automation.Credential()] 62 | $Credential = [System.Management.Automation.PSCredential]::Empty, 63 | 64 | [String]$DomainName) 65 | 66 | begin 67 | { 68 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 69 | 70 | # Create Context splatting 71 | $ContextSplatting = @{ } 72 | if ($PSBoundParameters['Credential']) 73 | { 74 | $ContextSplatting.Credential = $Credential 75 | } 76 | if ($PSBoundParameters['DomainName']) 77 | { 78 | $ContextSplatting.DomainName = $DomainName 79 | } 80 | 81 | } 82 | process 83 | { 84 | try 85 | { 86 | if ($pscmdlet.ShouldProcess("$Identity", "Disable Account")) 87 | { 88 | $Account = Get-ADSIComputer -Identity $Identity @ContextSplatting 89 | $Account.enabled = $false 90 | $Account.Save() 91 | } 92 | } 93 | catch 94 | { 95 | $pscmdlet.ThrowTerminatingError($_) 96 | } 97 | } 98 | } 99 | -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Enable-ADSIComputer.ps1: -------------------------------------------------------------------------------- 1 | function Enable-ADSIComputer 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to enable a Computer Account 6 | 7 | .DESCRIPTION 8 | Function to enable a Computer Account 9 | 10 | .PARAMETER Identity 11 | Specifies the Identity of the Computer. 12 | 13 | You can provide one of the following properties 14 | DistinguishedName 15 | Guid 16 | Name 17 | SamAccountName 18 | Sid 19 | 20 | .PARAMETER Credential 21 | Specifies the alternative credential to use. 22 | By default it will use the current user windows credentials. 23 | 24 | .PARAMETER DomainName 25 | Specifies the alternative Domain. 26 | By default it will use the current domain. 27 | 28 | .EXAMPLE 29 | Enable-ADSIComputer TESTSERVER01 30 | 31 | This command will enable the account TESTSERVER01 32 | 33 | .EXAMPLE 34 | Enable-ADSIComputer TESTSERVER01 -whatif 35 | 36 | This command will emulate disabling the account TESTSERVER01 37 | 38 | .EXAMPLE 39 | Enable-ADSIComputer TESTSERVER01 -credential (Get-Credential) 40 | 41 | This command will enable the account TESTSERVER01 using the alternative credential specified 42 | 43 | .EXAMPLE 44 | Enable-ADSIComputer TESTSERVER01 -credential (Get-Credential) -domain LazyWinAdmin.local 45 | 46 | This command will enable the account TESTSERVER01 using the alternative credential specified in the domain lazywinadmin.local 47 | 48 | .NOTES 49 | https://github.com/lazywinadmin/ADSIPS 50 | 51 | .LINK 52 | https://msdn.microsoft.com/en-us/library/system.directoryservices.accountmanagement.computerprincipal(v=vs.110).aspx 53 | #> 54 | [CmdletBinding(SupportsShouldProcess = $true)] 55 | param ( 56 | [parameter(Mandatory = $true, ValueFromPipelineByPropertyName = $true, ValueFromPipeline = $true)] 57 | $Identity, 58 | 59 | [Alias("RunAs")] 60 | [System.Management.Automation.PSCredential] 61 | [System.Management.Automation.Credential()] 62 | $Credential = [System.Management.Automation.PSCredential]::Empty, 63 | 64 | [String]$DomainName) 65 | 66 | begin 67 | { 68 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 69 | 70 | # Create Context splatting 71 | $ContextSplatting = @{ } 72 | if ($PSBoundParameters['Credential']) 73 | { 74 | $ContextSplatting.Credential = $Credential 75 | } 76 | if ($PSBoundParameters['DomainName']) 77 | { 78 | $ContextSplatting.DomainName = $DomainName 79 | } 80 | 81 | } 82 | process 83 | { 84 | try 85 | { 86 | if ($pscmdlet.ShouldProcess("$Identity", "enable Account")) 87 | { 88 | $Account = Get-ADSIComputer -Identity $Identity @ContextSplatting 89 | $Account.enabled = $true 90 | $Account.Save() 91 | } 92 | } 93 | catch 94 | { 95 | $pscmdlet.ThrowTerminatingError($_) 96 | } 97 | } 98 | } 99 | -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Enable-ADSIDomainControllerGlobalCatalog.ps1: -------------------------------------------------------------------------------- 1 | function Enable-ADSIDomainControllerGlobalCatalog 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to enable the Global Catalog role on a Domain Controller 6 | 7 | .DESCRIPTION 8 | Function to enable the Global Catalog role on a Domain Controller 9 | 10 | .PARAMETER ComputerName 11 | Specifies the Domain Controller 12 | 13 | .PARAMETER Credential 14 | Specifies alternate credentials to use. Use Get-Credential to create proper credentials. 15 | 16 | .EXAMPLE 17 | Enable-ADSIDomainControllerGlobalCatalog -ComputerName dc1.ad.local 18 | 19 | Connects to remote domain controller dc1.ad.local using current credentials and enable the GC role. 20 | 21 | .EXAMPLE 22 | Enable-ADSIDomainControllerGlobalCatalog -ComputerName dc2.ad.local -Credential (Get-Credential SuperAdmin) 23 | 24 | Connects to remote domain controller dc2.ad.local using SuperAdmin credentials and enable the GC role. 25 | 26 | .NOTES 27 | https://github.com/lazywinadmin/ADSIPS 28 | 29 | Version History 30 | 1.0 Initial Version (Micky Balladelli) 31 | 1.1 Update (Francois-Xavier Cat) 32 | Rename from Enable-ADSIReplicaGC to Enable-ADSIDomainControllerGlobalCatalog 33 | Add New-ADSIDirectoryContext to take care of the Context 34 | Other minor modifications 35 | 36 | #> 37 | 38 | [CmdletBinding()] 39 | param 40 | ( 41 | [Parameter(Mandatory = $true)] 42 | [string]$ComputerName, 43 | 44 | [Alias("RunAs")] 45 | [System.Management.Automation.PSCredential] 46 | [System.Management.Automation.Credential()] 47 | $Credential = [System.Management.Automation.PSCredential]::Empty 48 | ) 49 | 50 | process 51 | { 52 | try 53 | { 54 | $Context = New-ADSIDirectoryContext -ContextType 'DirectoryServer' @PSBoundParameters 55 | $DomainController = [System.DirectoryServices.ActiveDirectory.DomainController]::GetDomainController($context) 56 | 57 | if ($DomainController.IsGlobalCatalog()) 58 | { 59 | Write-Verbose -Message "[Enable-ADSIDomainControllerGlobalCatalog][PROCESS] $($DomainController.name) is already a Global Catalog" 60 | } 61 | else 62 | { 63 | Write-Verbose -Message "[Enable-ADSIDomainControllerGlobalCatalog][PROCESS] $($DomainController.name) Enabling Global Catalog ..." 64 | $DomainController.EnableGlobalCatalog() 65 | } 66 | 67 | Write-Verbose -Message "[Enable-ADSIDomainControllerGlobalCatalog][PROCESS] $($DomainController.name) Done." 68 | } 69 | catch 70 | { 71 | Write-Error -Message "[Enable-ADSIDomainControllerGlobalCatalog][PROCESS] Something wrong happened" 72 | $pscmdlet.ThrowTerminatingError($_) 73 | } 74 | } 75 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Get-ADSIComputerSite.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIComputerSite 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the AD Site of a Computer 6 | 7 | .DESCRIPTION 8 | Function to retrieve the AD Site of a Computer 9 | 10 | This function does not rely on the .NET Framework to retrieve the information 11 | http://www.pinvoke.net/default.aspx/netapi32.dsgetsitename 12 | 13 | There is .NET method to get this information but only works on the local machine. 14 | [System.DirectoryServices.ActiveDirectory.ActiveDirectorySite]::GetComputerSite() 15 | 16 | .PARAMETER ComputerName 17 | Specifies the computer name(s) that you want to know the site. 18 | 19 | .EXAMPLE 20 | Get-ADSIComputerName -ComputerName TestServer01 21 | 22 | This will retrieve the Site of the Computer TestServer01 23 | 24 | .EXAMPLE 25 | Get-ADSIComputerName -ComputerName TestServer01,TestServer02 26 | 27 | This will retrieve the Site of the Computers TestServer01 and TestServer02 28 | 29 | .NOTES 30 | https://github.com/lazywinadmin/ADSIPS 31 | 32 | Thanks to the Reddit folks for their help! :-) 33 | https://www.reddit.com/r/PowerShell/comments/4cjdk8/get_the_ad_site_name_of_a_computer/ 34 | #> 35 | 36 | [CmdletBinding()] 37 | [OutputType('System.Management.Automation.PSCustomObject')] 38 | param 39 | ( 40 | [parameter()] 41 | [String[]]$ComputerName = $env:computername 42 | ) 43 | 44 | begin 45 | { 46 | $code = @" 47 | using System; 48 | using System.Collections.Generic; 49 | using System.Runtime.InteropServices; 50 | 51 | public static class NetApi32 { 52 | private class unmanaged { 53 | [DllImport("NetApi32.dll", CharSet=CharSet.Auto, SetLastError=true)] 54 | internal static extern UInt32 DsGetSiteName([MarshalAs(UnmanagedType.LPTStr)]string ComputerName, out IntPtr SiteNameBuffer); 55 | 56 | [DllImport("Netapi32.dll", SetLastError=true)] 57 | internal static extern int NetApiBufferFree(IntPtr Buffer); 58 | } 59 | 60 | public static string DsGetSiteName(string ComputerName) { 61 | IntPtr siteNameBuffer = IntPtr.Zero; 62 | UInt32 hResult = unmanaged.DsGetSiteName(ComputerName, out siteNameBuffer); 63 | string siteName = Marshal.PtrToStringAuto(siteNameBuffer); 64 | unmanaged.NetApiBufferFree(siteNameBuffer); 65 | if(hResult == 0x6ba) { throw new Exception("ComputerName not found"); } 66 | return siteName; 67 | } 68 | } 69 | "@ 70 | 71 | Add-Type -TypeDefinition $code 72 | } 73 | process 74 | { 75 | foreach ($Computer in $ComputerName) 76 | { 77 | try 78 | { 79 | $Properties = @{ 80 | ComputerName = $Computer 81 | SiteName = [NetApi32]::DsGetSiteName($Computer) 82 | } 83 | 84 | New-Object -TypeName PSObject -property $Properties 85 | } 86 | catch 87 | { 88 | $pscmdlet.ThrowTerminatingError($_) 89 | } 90 | } 91 | } 92 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Get-ADSIDomain.ps1: -------------------------------------------------------------------------------- 1 | Function Get-ADSIDomain 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the current or specified domain 6 | 7 | .DESCRIPTION 8 | Function to retrieve the current or specified domain 9 | 10 | .PARAMETER Credential 11 | Specifies alternative credential to use 12 | 13 | .PARAMETER DomainName 14 | Specifies the DomainName to query 15 | 16 | .EXAMPLE 17 | Get-ADSIDomain 18 | 19 | Retrieve the current domain 20 | 21 | .EXAMPLE 22 | Get-ADSIDomain -DomainName lazywinadmin.com 23 | 24 | Retrieve the domain lazywinadmin.com 25 | 26 | .EXAMPLE 27 | Get-ADSIDomain -Credential (Get-Credential superAdmin) -Verbose 28 | 29 | Retrieve the current domain with the specified credential. 30 | 31 | .EXAMPLE 32 | Get-ADSIDomain -DomainName lazywinadmin.com -Credential (Get-Credential superAdmin) -Verbose 33 | 34 | Retrieve the domain lazywinadmin.com with the specified credential. 35 | 36 | .NOTES 37 | https://github.com/lazywinadmin/ADSIPS 38 | 39 | .OUTPUTS 40 | 'System.DirectoryServices.ActiveDirectory.Domain' 41 | 42 | .LINK 43 | https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.domain(v=vs.110).aspx 44 | #> 45 | [cmdletbinding()] 46 | [OutputType('System.DirectoryServices.ActiveDirectory.Domain')] 47 | param ( 48 | [Alias("RunAs")] 49 | [System.Management.Automation.PSCredential] 50 | [System.Management.Automation.Credential()] 51 | $Credential = [System.Management.Automation.PSCredential]::Empty, 52 | 53 | $DomainName = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain() 54 | ) 55 | process 56 | { 57 | try 58 | { 59 | if ($PSBoundParameters['Credential'] -or $PSBoundParameters['DomainName']) 60 | { 61 | Write-Verbose -Message '[PROCESS] Credential or DomainName specified' 62 | $Splatting = @{ } 63 | if ($PSBoundParameters['Credential']) 64 | { 65 | $Splatting.Credential = $Credential 66 | } 67 | if ($PSBoundParameters['DomainName']) 68 | { 69 | $Splatting.DomainName = $DomainName 70 | } 71 | 72 | $DomainContext = New-ADSIDirectoryContext @splatting -contextType Domain 73 | [System.DirectoryServices.ActiveDirectory.Domain]::GetDomain($DomainContext) 74 | } 75 | else 76 | { 77 | [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain() 78 | } 79 | 80 | } 81 | catch 82 | { 83 | $pscmdlet.ThrowTerminatingError($_) 84 | } 85 | } 86 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Get-ADSIDomainController.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIDomainController 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve Domain Controllers 6 | 7 | .DESCRIPTION 8 | Function to retrieve Domain Controllers 9 | 10 | .PARAMETER Credential 11 | Specifies alternative credential 12 | 13 | .PARAMETER DomainName 14 | Specifies the Domain Name where the function should look 15 | 16 | .EXAMPLE 17 | Get-ADSIDomainController 18 | 19 | .EXAMPLE 20 | Get-ADSIDomainController -Credential (Get-Credential) 21 | 22 | .EXAMPLE 23 | Get-ADSIDomainController -DomainName "FXTEST.local" 24 | 25 | .NOTES 26 | https://github.com/lazywinadmin/ADSIPS 27 | #> 28 | 29 | [CmdletBinding()] 30 | [OutputType('System.DirectoryServices.ActiveDirectory.DomainController')] 31 | param 32 | ( 33 | [Alias("RunAs")] 34 | [System.Management.Automation.PSCredential] 35 | [System.Management.Automation.Credential()] 36 | $Credential = [System.Management.Automation.PSCredential]::Empty, 37 | 38 | $DomainName = [System.DirectoryServices.ActiveDirectory.Domain]::Getcurrentdomain() 39 | ) 40 | 41 | begin 42 | { 43 | 44 | 45 | if ($PSBoundParameters['Credential']) 46 | { 47 | $Context = New-ADSIDirectoryContext -Credential $Credential -contextType Domain 48 | if ($PSBoundParameters['DomainName']) 49 | { 50 | $Context = New-ADSIDirectoryContext -Credential $Credential -contextType Domain -DomainName $DomainName 51 | } 52 | } 53 | else 54 | { 55 | $Context = New-ADSIDirectoryContext -contextType Domain 56 | if ($PSBoundParameters['DomainName']) 57 | { 58 | $Context = New-ADSIDirectoryContext -contextType Domain -DomainName $DomainName 59 | } 60 | } 61 | } 62 | process 63 | { 64 | [System.DirectoryServices.ActiveDirectory.DomainController]::FindAll($Context) 65 | } 66 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Get-ADSIDomainMode.ps1: -------------------------------------------------------------------------------- 1 | Function Get-ADSIDomainMode 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve Domain mode 6 | 7 | .DESCRIPTION 8 | Function to retrieve Domain mode 9 | 10 | .PARAMETER Credential 11 | Specifies alternative credential 12 | 13 | .PARAMETER DomainName 14 | Specifies the Domain Name where the function should look 15 | 16 | .EXAMPLE 17 | Get-ADSIDomainMode 18 | 19 | .EXAMPLE 20 | Get-ADSIDomainMode -Credential (Get-Credential) 21 | 22 | .EXAMPLE 23 | Get-ADSIDomainMode -DomainName "FXTEST.local" 24 | 25 | .NOTES 26 | https://github.com/lazywinadmin/ADSIPS 27 | #> 28 | [cmdletbinding()] 29 | param ( 30 | [Alias("RunAs")] 31 | [System.Management.Automation.PSCredential] 32 | [System.Management.Automation.Credential()] 33 | $Credential = [System.Management.Automation.PSCredential]::Empty, 34 | 35 | $DomainName = [System.DirectoryServices.ActiveDirectory.Domain]::Getcurrentdomain() 36 | ) 37 | process 38 | { 39 | try 40 | { 41 | if ($PSBoundParameters['Credential'] -or $PSBoundParameters['DomainName']) 42 | { 43 | Write-Verbose -Message '[PROCESS] Credential or DomainName specified' 44 | $Splatting = @{ } 45 | if ($PSBoundParameters['Credential']) 46 | { 47 | $Splatting.Credential = $Credential 48 | } 49 | if ($PSBoundParameters['DomainName']) 50 | { 51 | $Splatting.DomainName = $DomainName 52 | } 53 | 54 | (Get-ADSIDomain @splatting).DomainMode 55 | 56 | } 57 | else 58 | { 59 | (Get-ADSIDomain).DomainMode 60 | } 61 | 62 | } 63 | catch 64 | { 65 | $pscmdlet.ThrowTerminatingError($_) 66 | } 67 | } 68 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Get-ADSIDomainRoot.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIDomainRoot 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the Domain Root in the Forest 6 | 7 | .DESCRIPTION 8 | Function to retrieve the Domain Root in the Forest 9 | 10 | .PARAMETER Credential 11 | Specifies the alternative credential to use. Default is the current one. 12 | 13 | .PARAMETER ForestName 14 | Specifies the alternative forest name to query. Default is the current one. 15 | 16 | .EXAMPLE 17 | Get-ADSIDomainRoot 18 | 19 | Retrieve the current Domain Root 20 | 21 | .EXAMPLE 22 | Get-ADSIDomainRoot -ForestName ForestTest.lab 23 | 24 | Retrieve the Domain root of ForestTest.lab 25 | 26 | .EXAMPLE 27 | Get-ADSIDomainRoot -ForestName ForestTest.lab -credential (Get-Credential) 28 | 29 | Retrieve the Domain root of ForestTest.lab with the specified credential 30 | 31 | .NOTES 32 | https://github.com/lazywinadmin/ADSIPS 33 | 34 | .OUTPUTS 35 | System.DirectoryServices.ActiveDirectory.Domain 36 | 37 | .LINK 38 | https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.domain(v=vs.110).aspx 39 | #> 40 | 41 | [CmdletBinding()] 42 | [OutputType('System.DirectoryServices.ActiveDirectory.Domain')] 43 | param 44 | ( 45 | [Alias("RunAs")] 46 | [System.Management.Automation.PSCredential] 47 | [System.Management.Automation.Credential()] 48 | $Credential = [System.Management.Automation.PSCredential]::Empty, 49 | 50 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest() 51 | ) 52 | 53 | (Get-ADSIForest @PSBoundParameters).RootDomain 54 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Get-ADSIDomainTrustRelationship.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIDomainTrustRelationship 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the Trust relationship of a domain. Current one by default. 6 | 7 | .DESCRIPTION 8 | Function to retrieve the Trust relationship of a domain. Current one by default. 9 | 10 | .PARAMETER Credential 11 | Specifies the alternative credential to use. Default is the current user. 12 | 13 | .PARAMETER DomainName 14 | Specifies the alternative domain name to use. Default is the current one. 15 | 16 | .EXAMPLE 17 | Get-ADSIDomainTrustRelationship 18 | 19 | Retrieve the Trust relationship(s) of a current domain 20 | 21 | .EXAMPLE 22 | Get-ADSIDomainTrustRelationship -DomainName FX.lab 23 | 24 | Retrieve the Trust relationship(s) of domain fx.lab 25 | 26 | .EXAMPLE 27 | Get-ADSIDomainTrustRelationship -DomainName FX.lab -Credential (Get-Credential) 28 | 29 | Retrieve the Trust relationship(s) of domain fx.lab with the credential specified 30 | 31 | .NOTES 32 | https://github.com/lazywinadmin/ADSIPS 33 | 34 | .OUTPUTS 35 | System.DirectoryServices.ActiveDirectory.TrustRelationshipInformation 36 | 37 | .LINK 38 | https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.trustrelationshipinformation(v=vs.110).aspx 39 | #> 40 | 41 | [CmdletBinding()] 42 | [OutputType('System.DirectoryServices.ActiveDirectory.TrustRelationshipInformation')] 43 | param 44 | ( 45 | [Alias("RunAs")] 46 | [System.Management.Automation.PSCredential] 47 | [System.Management.Automation.Credential()] 48 | $Credential = [System.Management.Automation.PSCredential]::Empty, 49 | 50 | $DomainName = [System.DirectoryServices.ActiveDirectory.Domain]::GetcurrentDomain() 51 | ) 52 | 53 | process 54 | { 55 | try 56 | { 57 | if ($PSBoundParameters['Credential'] -or $PSBoundParameters['DomainName']) 58 | { 59 | Write-Verbose -Message '[PROCESS] Credential or FirstName specified' 60 | $Splatting = @{ } 61 | if ($PSBoundParameters['Credential']) 62 | { 63 | $Splatting.Credential = $Credential 64 | } 65 | if ($PSBoundParameters['DomainName']) 66 | { 67 | $Splatting.DomainName = $DomainName 68 | } 69 | 70 | (Get-ADSIDomain @splatting).GetAllTrustRelationships() 71 | 72 | } 73 | else 74 | { 75 | (Get-ADSIDomain).GetAllTrustRelationships() 76 | } 77 | 78 | } 79 | catch 80 | { 81 | $pscmdlet.ThrowTerminatingError($_) 82 | } 83 | } 84 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Get-ADSIForest.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIForest 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the current or specified forest 6 | 7 | .DESCRIPTION 8 | Function to retrieve the current or specified forest 9 | 10 | .PARAMETER Credential 11 | Specifies alternative credential to use 12 | 13 | .PARAMETER ForestName 14 | Specifies the ForestName to query 15 | 16 | .EXAMPLE 17 | Get-ADSIForest 18 | 19 | .EXAMPLE 20 | Get-ADSIForest -ForestName lazywinadmin.com 21 | 22 | .EXAMPLE 23 | Get-ADSIForest -Credential (Get-Credential superAdmin) -Verbose 24 | 25 | .EXAMPLE 26 | Get-ADSIForest -ForestName lazywinadmin.com -Credential (Get-Credential superAdmin) -Verbose 27 | 28 | .OUTPUTS 29 | System.DirectoryServices.ActiveDirectory.Forest 30 | 31 | .NOTES 32 | https://github.com/lazywinadmin/ADSIPS 33 | 34 | .LINK 35 | https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.forest(v=vs.110).aspx 36 | #> 37 | 38 | [CmdletBinding()] 39 | [OutputType('System.DirectoryServices.ActiveDirectory.Forest')] 40 | param 41 | ( 42 | [Alias("RunAs")] 43 | [System.Management.Automation.PSCredential] 44 | [System.Management.Automation.Credential()] 45 | $Credential = [System.Management.Automation.PSCredential]::Empty, 46 | 47 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest() 48 | ) 49 | 50 | process 51 | { 52 | try 53 | { 54 | if ($PSBoundParameters['Credential'] -or $PSBoundParameters['ForestName']) 55 | { 56 | Write-Verbose -Message "[PROCESS] Credential or FirstName specified" 57 | $Splatting = @{ } 58 | if ($PSBoundParameters['Credential']) 59 | { 60 | $Splatting.Credential = $Credential 61 | } 62 | if ($PSBoundParameters['ForestName']) 63 | { 64 | $Splatting.ForestName = $ForestName 65 | } 66 | 67 | $ForestContext = New-ADSIDirectoryContext @splatting -contextType Forest 68 | [System.DirectoryServices.ActiveDirectory.Forest]::GetForest($ForestContext) 69 | } 70 | else 71 | { 72 | [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest() 73 | } 74 | 75 | } 76 | catch 77 | { 78 | $pscmdlet.ThrowTerminatingError($_) 79 | } 80 | } 81 | } 82 | -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Get-ADSIForestDomain.ps1: -------------------------------------------------------------------------------- 1 | Function Get-ADSIForestDomain 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the forest domain(s) 6 | 7 | .DESCRIPTION 8 | Function to retrieve the forest domain(s) 9 | 10 | .PARAMETER Credential 11 | Specifies alternative credential to use 12 | 13 | .PARAMETER ForestName 14 | Specifies the ForestName to query 15 | 16 | .EXAMPLE 17 | Get-ADSIForest 18 | 19 | .EXAMPLE 20 | Get-ADSIForest -ForestName lazywinadmin.com 21 | 22 | .EXAMPLE 23 | Get-ADSIForest -Credential (Get-Credential superAdmin) -Verbose 24 | 25 | .EXAMPLE 26 | Get-ADSIForest -ForestName lazywinadmin.com -Credential (Get-Credential superAdmin) -Verbose 27 | 28 | .OUTPUTS 29 | System.DirectoryServices.ActiveDirectory.Forest 30 | 31 | .NOTES 32 | https://github.com/lazywinadmin/ADSIPS 33 | #> 34 | [cmdletbinding()] 35 | param ( 36 | [Alias("RunAs")] 37 | [System.Management.Automation.PSCredential] 38 | [System.Management.Automation.Credential()] 39 | $Credential = [System.Management.Automation.PSCredential]::Empty, 40 | 41 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest() 42 | ) 43 | process 44 | { 45 | try 46 | { 47 | if ($PSBoundParameters['Credential'] -or $PSBoundParameters['ForestName']) 48 | { 49 | Write-Verbose -Message '[PROCESS] Credential or FirstName specified' 50 | $Splatting = @{ } 51 | if ($PSBoundParameters['Credential']) 52 | { 53 | $Splatting.Credential = $Credential 54 | } 55 | if ($PSBoundParameters['ForestName']) 56 | { 57 | $Splatting.ForestName = $ForestName 58 | } 59 | 60 | (Get-ADSIForest @splatting).Domains 61 | 62 | } 63 | else 64 | { 65 | (Get-ADSIForest).Domains 66 | } 67 | 68 | } 69 | catch 70 | { 71 | $pscmdlet.ThrowTerminatingError($_) 72 | } 73 | } 74 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Get-ADSIForestMode.ps1: -------------------------------------------------------------------------------- 1 | Function Get-ADSIForestMode 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the forest mode 6 | 7 | .DESCRIPTION 8 | Function to retrieve the forest mode 9 | 10 | .PARAMETER Credential 11 | Specifies alternative credential to use 12 | 13 | .PARAMETER ForestName 14 | Specifies the ForestName to query 15 | 16 | .EXAMPLE 17 | Get-ADSIForestMode 18 | 19 | Retrieve the forest mode of the current forest 20 | 21 | .EXAMPLE 22 | Get-ADSIForestMode -ForestName lazywinadmin.com 23 | 24 | Retrieve the forest mode of the forest lazywinadmin.com 25 | 26 | .EXAMPLE 27 | Get-ADSIForestMode -Credential (Get-Credential superAdmin) -Verbose 28 | 29 | Retrieve the forest mode of the current forest using the credentials specified 30 | 31 | .EXAMPLE 32 | Get-ADSIForestMode -ForestName lazywinadmin.com -Credential (Get-Credential superAdmin) -Verbose 33 | 34 | Retrieve the forest mode of the forest lazywinadmin.com using the credentials specified 35 | 36 | .OUTPUTS 37 | System.directoryservices.activedirectory.forest.forestmode 38 | 39 | .NOTES 40 | https://github.com/lazywinadmin/ADSIPS 41 | 42 | .LINK 43 | https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.forest.forestmode(v=vs.110).aspx 44 | #> 45 | [cmdletbinding()] 46 | [OutputType('System.directoryservices.activedirectory.forest.forestmode')] 47 | param ( 48 | [Alias("RunAs")] 49 | [System.Management.Automation.PSCredential] 50 | [System.Management.Automation.Credential()] 51 | $Credential = [System.Management.Automation.PSCredential]::Empty, 52 | 53 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest() 54 | ) 55 | process 56 | { 57 | try 58 | { 59 | if ($PSBoundParameters['Credential'] -or $PSBoundParameters['ForestName']) 60 | { 61 | Write-Verbose -Message '[PROCESS] Credential or FirstName specified' 62 | $Splatting = @{ } 63 | if ($PSBoundParameters['Credential']) 64 | { 65 | $Splatting.Credential = $Credential 66 | } 67 | if ($PSBoundParameters['ForestName']) 68 | { 69 | $Splatting.ForestName = $ForestName 70 | } 71 | 72 | (Get-ADSIForest @splatting).ForestMode 73 | 74 | } 75 | else 76 | { 77 | (Get-ADSIForest).ForestMode 78 | } 79 | 80 | } 81 | catch 82 | { 83 | $pscmdlet.ThrowTerminatingError($_) 84 | } 85 | } 86 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Get-ADSIForestTrustRelationship.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIForestTrustRelationship 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the Forest Trust Relationship(s) 6 | 7 | .DESCRIPTION 8 | Function to retrieve the Forest Trust Relationship(s) 9 | 10 | .PARAMETER Credential 11 | Specifies the alternative credential to use. Default is the current user. 12 | 13 | .PARAMETER ForestName 14 | Specifies the alternative Forest name to query. Default is the current one. 15 | 16 | .NOTES 17 | https://github.com/lazywinadmin/ADSIPS 18 | 19 | .EXAMPLE 20 | Get-ADSIForestTrustRelationship 21 | 22 | Retrieve the Forest Trust Relationship of the current domain 23 | 24 | .EXAMPLE 25 | Get-ADSIForestTrustRelationship -ForestName 'lazywinadmin.com' 26 | 27 | Retrieve the Forest Trust Relationship of the forest lazywinadmin.com 28 | 29 | .EXAMPLE 30 | Get-ADSIForestTrustRelationship -ForestName 'lazywinadmin.com' -credential (Get-Credential) 31 | 32 | Retrieve the Forest Trust Relationship of the forest lazywinadmin.com using the specified credential 33 | 34 | .OUTPUTS 35 | System.DirectoryServices.ActiveDirectory.ForestTrustRelationshipInformation 36 | 37 | .LINK 38 | https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.foresttrustrelationshipinformation(v=vs.110).aspx 39 | #> 40 | 41 | [CmdletBinding()] 42 | [OutputType('System.DirectoryServices.ActiveDirectory.ForestTrustRelationshipInformation')] 43 | param 44 | ( 45 | [Alias("RunAs")] 46 | [System.Management.Automation.PSCredential] 47 | [System.Management.Automation.Credential()] 48 | $Credential = [System.Management.Automation.PSCredential]::Empty, 49 | 50 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest() 51 | ) 52 | 53 | process 54 | { 55 | try 56 | { 57 | Write-Verbose -Message '[Get-ADSIForestTrustRelationship][PROCESS] Credential or FirstName specified' 58 | (Get-ADSIForest @PSBoundParameters).GetAllTrustRelationships() 59 | } 60 | catch 61 | { 62 | $pscmdlet.ThrowTerminatingError($_) 63 | } 64 | } 65 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Get-ADSIGlobalCatalog.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIGlobalCatalog 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the Global Catalog in the Forest 6 | 7 | .DESCRIPTION 8 | Function to retrieve the Global Catalog in the Forest 9 | 10 | .PARAMETER Credential 11 | Specifies the alternative credential to use. Default is the current user. 12 | 13 | .PARAMETER ForestName 14 | Specifies the alternative Forest name to query. Default is the current one. 15 | 16 | .EXAMPLE 17 | Get-ADSIGlobalCatalog 18 | 19 | Retrieve the Global Catalog in the current Forest 20 | 21 | .EXAMPLE 22 | Get-ADSIGlobalCatalog -forestname 'lazywinadmin.com' 23 | 24 | Retrieve the Global Catalog in the forest 'lazywinadmin.com' 25 | 26 | .NOTES 27 | https://github.com/lazywinadmin/ADSIPS 28 | #> 29 | 30 | [CmdletBinding()] 31 | [OutputType('System.DirectoryServices.ActiveDirectory.GlobalCatalog')] 32 | param 33 | ( 34 | [Alias("RunAs")] 35 | [System.Management.Automation.PSCredential] 36 | [System.Management.Automation.Credential()] 37 | $Credential = [System.Management.Automation.PSCredential]::Empty, 38 | 39 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest() 40 | ) 41 | 42 | process 43 | { 44 | try 45 | { 46 | Write-Verbose -Message '[Get-ADSIGlobalCatalog][PROCESS] Credential or FirstName specified' 47 | (Get-ADSIForest @PSBoundParameters).GlobalCatalogs 48 | } 49 | catch 50 | { 51 | $pscmdlet.ThrowTerminatingError($_) 52 | } 53 | } 54 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Get-ADSIReplicaCurrentTime.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIReplicaCurrentTime 2 | { 3 | <# 4 | .SYNOPSIS 5 | Get-ADSIReplicaCurrentTime retrieves the current time of a given DC. 6 | 7 | .DESCRIPTION 8 | Get-ADSIReplicaCurrentTime retrieves the current time of a given DC. 9 | When using the verbose switch, this cmdlet will display the time difference with the current system. 10 | 11 | .PARAMETER ComputerName 12 | Defines the remote computer to connect to. 13 | 14 | .PARAMETER Credential 15 | Defines alternate credentials to use. Use Get-Credential to create proper credentials. 16 | 17 | .EXAMPLE 18 | Get-ADSIReplicaCurrentTime -ComputerName dc1.ad.local 19 | 20 | Connects to remote domain controller dc1.ad.local using current credentials and retrieves the current time. 21 | 22 | .NOTES 23 | https://github.com/lazywinadmin/ADSIPS 24 | #> 25 | [CmdletBinding()] 26 | param ([Parameter(Mandatory = $true)] 27 | [string]$ComputerName, 28 | 29 | [Alias("RunAs")] 30 | [System.Management.Automation.PSCredential] 31 | [System.Management.Automation.Credential()] 32 | $Credential = [System.Management.Automation.PSCredential]::Empty 33 | ) 34 | 35 | if ($ComputerName) 36 | { 37 | if ($Credential) 38 | { 39 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName, $Credential.UserName, $Credential.GetNetworkCredential().Password 40 | } 41 | else 42 | { 43 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName 44 | } 45 | } 46 | 47 | if ($context) 48 | { 49 | Write-Verbose -Message "Connecting to $ComputerName" 50 | $dc = [System.DirectoryServices.ActiveDirectory.DomainController]::GetDomainController($context) 51 | } 52 | 53 | if ($dc) 54 | { 55 | $now = Get-Date 56 | $minDiff = (New-TimeSpan -start $dc.CurrentTime -end ([System.TimeZoneInfo]::ConvertTimeToUtc($now))).minutes 57 | Write-Verbose -Message "Difference in minutes between $($dc.name) and current system is $minDiff" 58 | $dc.CurrentTime 59 | } 60 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Get-ADSIReplicaDomainInfo.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIReplicaDomainInfo 2 | { 3 | <# 4 | .SYNOPSIS 5 | Get-ADSIReplicaDomainInfo returns information about the connected DC's Domain. 6 | 7 | .DESCRIPTION 8 | Get-ADSIReplicaDomainInfo returns information about the connected DC's Domain. 9 | 10 | .PARAMETER ComputerName 11 | Defines the remote computer to connect to. 12 | 13 | .PARAMETER Credential 14 | Defines alternate credentials to use. Use Get-Credential to create proper credentials. 15 | 16 | .PARAMETER Recurse 17 | Recursively retrieves information about child domains 18 | 19 | .EXAMPLE 20 | Get-ADSIReplicaDomainInfo -ComputerName dc1.ad.local 21 | 22 | Forest : ad.local 23 | DomainControllers : {DC1.ad.local, DC2.ad.local} 24 | Children : {} 25 | DomainMode : Windows2012R2Domain 26 | DomainModeLevel : 6 27 | Parent : 28 | PdcRoleOwner : DC1.ad.local 29 | RidRoleOwner : DC1.ad.local 30 | InfrastructureRoleOwner : DC1.ad.local 31 | Name : ad.local 32 | 33 | Connects to remote domain controller dc1.ad.local using current credentials retrieves domain info. 34 | 35 | .NOTES 36 | https://github.com/lazywinadmin/ADSIPS 37 | #> 38 | [CmdletBinding()] 39 | param ([Parameter(Mandatory = $true)] 40 | [string]$ComputerName, 41 | 42 | [Alias("RunAs")] 43 | [System.Management.Automation.PSCredential] 44 | [System.Management.Automation.Credential()] 45 | $Credential = [System.Management.Automation.PSCredential]::Empty, 46 | 47 | [Switch]$Recurse 48 | ) 49 | 50 | if ($ComputerName) 51 | { 52 | if ($Credential) 53 | { 54 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName, $Credential.UserName, $Credential.GetNetworkCredential().Password 55 | } 56 | else 57 | { 58 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName 59 | } 60 | } 61 | 62 | if ($context) 63 | { 64 | Write-Verbose -Message "Connecting to $ComputerName" 65 | $dc = [System.DirectoryServices.ActiveDirectory.DomainController]::GetDomainController($context) 66 | } 67 | 68 | if ($dc) 69 | { 70 | $dc.domain 71 | if ($Recurse.IsPresent) 72 | { 73 | $dc.domain.children | Foreach-Object -Process { $_ } 74 | } 75 | 76 | } 77 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Get-ADSIReplicaForestInfo.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIReplicaForestInfo 2 | { 3 | <# 4 | .SYNOPSIS 5 | Get-ADSIReplicaForestInfo returns information about the connected DC's Forest. 6 | 7 | .DESCRIPTION 8 | 9 | Get-ADSIForestInfo returns information about the connected DC's Forest. 10 | 11 | .PARAMETER ComputerName 12 | 13 | Defines the remote computer to connect to. 14 | 15 | .PARAMETER Credential 16 | 17 | Defines alternate credentials to use. Use Get-Credential to create proper credentials. 18 | 19 | .EXAMPLE 20 | 21 | Get-ADSIReplicaForestInfo -ComputerName dc1.ad.local 22 | 23 | Name : ad.local 24 | Sites : {Default-First-Site-Name} 25 | Domains : {ad.local} 26 | GlobalCatalogs : {DC1.ad.local, DC2.ad.local} 27 | ApplicationPartitions : {DC=DomainDnsZones,DC=ad,DC=local, DC=ForestDnsZones,DC=ad,DC=local} 28 | ForestModeLevel : 6 29 | ForestMode : Windows2012R2Forest 30 | RootDomain : ad.local 31 | Schema : CN=Schema,CN=Configuration,DC=ad,DC=local 32 | SchemaRoleOwner : DC1.ad.local 33 | NamingRoleOwner : DC1.ad.local 34 | 35 | Connects to remote domain controller dc1.ad.local using current credentials retrieves forest info. 36 | 37 | .NOTES 38 | https://github.com/lazywinadmin/ADSIPS 39 | #> 40 | [CmdletBinding()] 41 | param ([Parameter(Mandatory = $true)] 42 | [string]$ComputerName, 43 | 44 | [Alias("RunAs")] 45 | [System.Management.Automation.PSCredential] 46 | [System.Management.Automation.Credential()] 47 | $Credential = [System.Management.Automation.PSCredential]::Empty 48 | ) 49 | 50 | if ($ComputerName) 51 | { 52 | if ($Credential) 53 | { 54 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName, $Credential.UserName, $Credential.GetNetworkCredential().Password 55 | } 56 | else 57 | { 58 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName 59 | } 60 | } 61 | 62 | if ($context) 63 | { 64 | Write-Verbose -Message "Connecting to $ComputerName" 65 | $dc = [System.DirectoryServices.ActiveDirectory.DomainController]::GetDomainController($context) 66 | } 67 | 68 | if ($dc) 69 | { 70 | Write-Verbose -Message "Information about forest $($dc.forest.name)" 71 | $dc.forest 72 | } 73 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Get-ADSIReplicaGCInfo.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIReplicaGCInfo 2 | { 3 | <# 4 | .SYNOPSIS 5 | Get-ADSIReplicaGCInfo finds out if a given DC holds the GC role. 6 | 7 | .DESCRIPTION 8 | Get-ADSIReplicaGCInfo finds out if a given DC holds the Global Catalog role. 9 | 10 | .PARAMETER ComputerName 11 | Defines the remote computer to connect to. 12 | 13 | .PARAMETER Credential 14 | Defines alternate credentials to use. Use Get-Credential to create proper credentials. 15 | 16 | .EXAMPLE 17 | Get-ADSIReplicaGCInfo -ComputerName dc1.ad.local 18 | 19 | Connects to remote domain controller dc1.ad.local using current credentials retrieves GC info. 20 | 21 | .NOTES 22 | https://github.com/lazywinadmin/ADSIPS 23 | #> 24 | [CmdletBinding()] 25 | param ([Parameter(Mandatory = $true)] 26 | [string]$ComputerName, 27 | 28 | [Alias("RunAs")] 29 | [System.Management.Automation.PSCredential] 30 | [System.Management.Automation.Credential()] 31 | $Credential = [System.Management.Automation.PSCredential]::Empty 32 | ) 33 | 34 | if ($ComputerName) 35 | { 36 | if ($Credential) 37 | { 38 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName, $Credential.UserName, $Credential.GetNetworkCredential().Password 39 | } 40 | else 41 | { 42 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName 43 | } 44 | } 45 | 46 | if ($context) 47 | { 48 | Write-Verbose -Message "Connecting to $ComputerName" 49 | $dc = [System.DirectoryServices.ActiveDirectory.DomainController]::GetDomainController($context) 50 | } 51 | 52 | if ($dc) 53 | { 54 | $IsGC = $dc.IsGlobalCatalog() 55 | if ($IsGC) 56 | { 57 | Write-Verbose -Message "$($dc.name) is a Global Catalog" 58 | } 59 | else 60 | { 61 | Write-Verbose -Message "$($dc.name) is a normal Domain Controller" 62 | } 63 | $IsGC 64 | } 65 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Get-ADSISite.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSISite 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the Active Directory Site(s) 6 | 7 | .DESCRIPTION 8 | Function to retrieve the Active Directory Site(s) 9 | 10 | .PARAMETER Credential 11 | Specifies alternative credential to use. Default is the current user. 12 | 13 | .PARAMETER ForestName 14 | Specifies the ForestName to query. Default is the current one 15 | 16 | .PARAMETER SiteName 17 | Specifies the Site Name to find. 18 | 19 | .EXAMPLE 20 | Get-ADSISite 21 | 22 | .EXAMPLE 23 | Get-ADSISite -ForestName lazywinadmin.com 24 | 25 | .EXAMPLE 26 | Get-ADSISite -Credential (Get-Credential superAdmin) -Verbose 27 | 28 | .EXAMPLE 29 | Get-ADSISite -ForestName lazywinadmin.com -Credential (Get-Credential superAdmin) -Verbose 30 | 31 | .EXAMPLE 32 | Get-ADSISite -Name 'Montreal' 33 | 34 | .OUTPUTS 35 | System.DirectoryServices.ActiveDirectory.ActiveDirectorySite 36 | 37 | .NOTES 38 | https://github.com/lazywinadmin/ADSIPS 39 | #> 40 | 41 | [CmdletBinding()] 42 | [OutputType('System.DirectoryServices.ActiveDirectory.ActiveDirectorySite')] 43 | param 44 | ( 45 | [Alias("RunAs")] 46 | [System.Management.Automation.PSCredential] 47 | [System.Management.Automation.Credential()] 48 | $Credential = [System.Management.Automation.PSCredential]::Empty, 49 | 50 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest(), 51 | 52 | [Alias("Name")] 53 | [String]$SiteName 54 | ) 55 | 56 | process 57 | { 58 | try 59 | { 60 | if ($PSBoundParameters['Name']) 61 | { 62 | # Remove Name from the PSBoundParameters Splatting 63 | [Void]$PSBoundParameters.Remove('Name') 64 | 65 | # Create a Forest Context 66 | $Context = New-ADSIDirectoryContext -ContextType Forest @PSBoundParameters 67 | 68 | # Get the site name specified 69 | [System.DirectoryServices.ActiveDirectory.ActiveDirectorySite]::FindByName($Context, $Name) 70 | } 71 | else 72 | { 73 | [Void]$PSBoundParameters.Remove('Name') 74 | (Get-ADSIForest @PSBoundParameters).Sites 75 | } 76 | } 77 | catch 78 | { 79 | $pscmdlet.ThrowTerminatingError($_) 80 | } 81 | } 82 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Get-ADSISiteLink.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSISiteLink 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the Active Directory Site Link(s) 6 | 7 | .DESCRIPTION 8 | Function to retrieve the Active Directory Site Link(s) 9 | 10 | .PARAMETER Credential 11 | Specifies alternative credential to use. Default is the current user. 12 | 13 | .PARAMETER ForestName 14 | Specifies the ForestName to query. Default is the current one 15 | 16 | .PARAMETER Name 17 | Specifies the Site Name to find. 18 | 19 | .EXAMPLE 20 | Get-ADSISiteLink 21 | 22 | .EXAMPLE 23 | Get-ADSISiteLink -ForestName lazywinadmin.com 24 | 25 | .EXAMPLE 26 | Get-ADSISiteLink -Credential (Get-Credential superAdmin) -Verbose 27 | 28 | .EXAMPLE 29 | Get-ADSISiteLink -ForestName lazywinadmin.com -Credential (Get-Credential superAdmin) -Verbose 30 | 31 | .EXAMPLE 32 | Get-ADSISiteLink -Name 'Azure' 33 | 34 | .OUTPUTS 35 | System.DirectoryServices.ActiveDirectory.ActiveDirectorySiteLink 36 | 37 | .NOTES 38 | https://github.com/lazywinadmin/ADSIPS 39 | #> 40 | 41 | [CmdletBinding()] 42 | [OutputType('System.DirectoryServices.ActiveDirectory.ActiveDirectorySiteLink')] 43 | param 44 | ( 45 | [Alias("RunAs")] 46 | [System.Management.Automation.PSCredential] 47 | [System.Management.Automation.Credential()] 48 | $Credential = [System.Management.Automation.PSCredential]::Empty, 49 | 50 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest(), 51 | 52 | [Parameter(ValueFromPipelineByPropertyName = $true)] 53 | [String]$Name 54 | ) 55 | 56 | process 57 | { 58 | try 59 | { 60 | (Get-ADSISite @PSBoundParameters).Sitelinks 61 | } 62 | catch 63 | { 64 | $pscmdlet.ThrowTerminatingError($_) 65 | } 66 | } 67 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Get-ADSISiteServer.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSISiteServer 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the Active Directory Site Servers 6 | 7 | .DESCRIPTION 8 | Function to retrieve the Active Directory Site Servers 9 | 10 | .PARAMETER Credential 11 | Specifies alternative credential to use. Default is the current user. 12 | 13 | .PARAMETER ForestName 14 | Specifies the ForestName to query. Default is the current one 15 | 16 | .PARAMETER Name 17 | Specifies the Site Name to find. 18 | 19 | .EXAMPLE 20 | Get-ADSISiteServer 21 | 22 | .EXAMPLE 23 | Get-ADSISiteServer -ForestName lazywinadmin.com 24 | 25 | .EXAMPLE 26 | Get-ADSISiteServer -Credential (Get-Credential superAdmin) -Verbose 27 | 28 | .EXAMPLE 29 | Get-ADSISiteServer -ForestName lazywinadmin.com -Credential (Get-Credential superAdmin) -Verbose 30 | 31 | .EXAMPLE 32 | Get-ADSISiteServer -Name 'Azure' 33 | 34 | .OUTPUTS 35 | System.DirectoryServices.ActiveDirectory.DomainController 36 | 37 | .NOTES 38 | https://github.com/lazywinadmin/ADSIPS 39 | #> 40 | 41 | [CmdletBinding()] 42 | [OutputType('System.DirectoryServices.ActiveDirectory.DomainController')] 43 | param 44 | ( 45 | [Alias("RunAs")] 46 | [System.Management.Automation.PSCredential] 47 | [System.Management.Automation.Credential()] 48 | $Credential = [System.Management.Automation.PSCredential]::Empty, 49 | 50 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest(), 51 | 52 | [Parameter(ValueFromPipelineByPropertyName = $true)] 53 | [String]$Name 54 | ) 55 | 56 | process 57 | { 58 | try 59 | { 60 | (Get-ADSISite @PSBoundParameters).servers 61 | } 62 | catch 63 | { 64 | $pscmdlet.ThrowTerminatingError($_) 65 | } 66 | } 67 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Get-ADSISiteSubnet.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSISiteSubnet 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the Active Directory Site subnets 6 | 7 | .DESCRIPTION 8 | Function to retrieve the Active Directory Site subnets 9 | 10 | .PARAMETER Credential 11 | Specifies alternative credential to use. Default is the current user. 12 | 13 | .PARAMETER ForestName 14 | Specifies the ForestName to query. Default is the current one 15 | 16 | .PARAMETER SubnetName 17 | Specifies the Site Name to find. 18 | 19 | .EXAMPLE 20 | Get-ADSISiteSubnet 21 | 22 | .EXAMPLE 23 | Get-ADSISiteSubnet -ForestName lazywinadmin.com 24 | 25 | .EXAMPLE 26 | Get-ADSISiteSubnet -Credential (Get-Credential superAdmin) -Verbose 27 | 28 | .EXAMPLE 29 | Get-ADSISiteSubnet -ForestName lazywinadmin.com -Credential (Get-Credential superAdmin) -Verbose 30 | 31 | .EXAMPLE 32 | Get-ADSISiteSubnet -Name 'Azure' 33 | 34 | .OUTPUTS 35 | System.DirectoryServices.ActiveDirectory.ActiveDirectorySubnet 36 | 37 | .NOTES 38 | https://github.com/lazywinadmin/ADSIPS 39 | #> 40 | 41 | [CmdletBinding()] 42 | [OutputType('System.DirectoryServices.ActiveDirectory.ActiveDirectorySubnet')] 43 | param 44 | ( 45 | [Alias("RunAs")] 46 | [System.Management.Automation.PSCredential] 47 | [System.Management.Automation.Credential()] 48 | $Credential = [System.Management.Automation.PSCredential]::Empty, 49 | 50 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest(), 51 | 52 | [Parameter(ValueFromPipelineByPropertyName = $true)] 53 | [Alias("Name")] 54 | [String]$SubnetName 55 | ) 56 | begin 57 | { 58 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 59 | 60 | # Create Context splatting 61 | $ContextSplatting = @{ ContextType = "Forest" } 62 | 63 | if ($PSBoundParameters['Credential']) 64 | { 65 | $ContextSplatting.Credential = $Credential 66 | } 67 | if ($PSBoundParameters['ForestName']) 68 | { 69 | $ContextSplatting.ForestName = $ForestName 70 | } 71 | 72 | $Context = New-ADSIDirectoryContext @ContextSplatting -contextType Forest 73 | } 74 | process 75 | { 76 | try 77 | { 78 | if ($PSBoundParameters['SubnetName']) 79 | { 80 | [System.DirectoryServices.ActiveDirectory.ActiveDirectorySubnet]::FindByName($Context, $SubnetName) 81 | } 82 | if (-not $PSBoundParameters['SubnetName']) 83 | { 84 | (Get-ADSISite @PSBoundParameters).subnets 85 | } 86 | } 87 | catch 88 | { 89 | $pscmdlet.ThrowTerminatingError($_) 90 | } 91 | } 92 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Get-ADSITombstoneLifetime.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSITombstoneLifetime 2 | { 3 | <# 4 | .SYNOPSIS 5 | Get-ADSITombstoneLifetime returns the number of days before a deleted object is removed from the directory services. 6 | 7 | .DESCRIPTION 8 | Get-ADSITombstoneLifetime returns the number of days before a deleted object is removed from the directory services. 9 | 10 | .PARAMETER Credential 11 | Defines alternate credentials to use. Use Get-Credential to create proper credentials. 12 | 13 | .PARAMETER DomainName 14 | Specifies the DomainName to query 15 | 16 | .EXAMPLE 17 | Get-ADSITombstoneLifetime 18 | 19 | For the current domain, returns the number of days before a deleted object is removed from the directory services. 20 | 21 | .NOTES 22 | https://github.com/lazywinadmin/ADSIPS 23 | #> 24 | [CmdletBinding()] 25 | param ( 26 | [Alias("RunAs")] 27 | [System.Management.Automation.PSCredential] 28 | [System.Management.Automation.Credential()] 29 | $Credential = [System.Management.Automation.PSCredential]::Empty, 30 | 31 | $DomainName = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain() 32 | ) 33 | 34 | try 35 | { 36 | 37 | if ($PSBoundParameters['Credential'] -or $PSBoundParameters['DomainName']) 38 | { 39 | Write-Verbose -Message '[PROCESS] Credential or DomainName specified' 40 | $Splatting = @{ } 41 | if ($PSBoundParameters['Credential']) 42 | { 43 | $Splatting.Credential = $Credential 44 | } 45 | if ($PSBoundParameters['DomainName']) 46 | { 47 | $Splatting.DomainName = $DomainName 48 | } 49 | 50 | $configurationNamingContext = (Get-ADSIRootDSE @splatting).configurationNamingContext 51 | 52 | } 53 | else 54 | { 55 | $configurationNamingContext = (Get-ADSIRootDSE).configurationNamingContext 56 | } 57 | 58 | } 59 | catch 60 | { 61 | $pscmdlet.ThrowTerminatingError($_) 62 | } 63 | 64 | $nTDSService = New-Object -TypeName System.DirectoryServices.DirectoryEntry -ArgumentList "LDAP://CN=Directory Service,CN=Windows NT,CN=Services,$configurationNamingContext" 65 | 66 | Write-Verbose "Domain : $DomainName" 67 | $nTDSService.tombstoneLifetime 68 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Move-ADSIComputer.ps1: -------------------------------------------------------------------------------- 1 | function Move-ADSIComputer 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to Move a Computer in Active Directory 6 | 7 | .DESCRIPTION 8 | Function to Move a Computer in Active Directory 9 | 10 | .PARAMETER Identity 11 | Specifies the Identity of the computer 12 | 13 | You can provide one of the following: 14 | DistinguishedName 15 | Guid 16 | Name 17 | SamAccountName 18 | Sid 19 | 20 | System.DirectoryService.AccountManagement.IdentityType 21 | https://msdn.microsoft.com/en-us/library/bb356425(v=vs.110).aspx 22 | 23 | .PARAMETER Credential 24 | Specifies alternative credential 25 | By default it will use the current user windows credentials. 26 | 27 | .PARAMETER DomainName 28 | Specifies the alternative Domain. 29 | By default it will use the current domain. 30 | 31 | .PARAMETER Destination 32 | Specifies the Distinguished Name where the object will be moved 33 | 34 | .EXAMPLE 35 | Move-ADSIComputer -identity 'TESTCOMP01' -Destination 'OU=Servers,DC=FX,DC=LAB' 36 | 37 | .NOTES 38 | https://github.com/lazywinadmin/ADSIPS 39 | 40 | .LINK 41 | https://msdn.microsoft.com/en-us/library/system.directoryservices.accountmanagement.computerprincipal(v=vs.110).aspx 42 | #> 43 | [CmdletBinding()] 44 | param ([Parameter(Mandatory = $true)] 45 | [string]$Identity, 46 | 47 | [Alias("RunAs")] 48 | [System.Management.Automation.PSCredential] 49 | [System.Management.Automation.Credential()] 50 | $Credential = [System.Management.Automation.PSCredential]::Empty, 51 | 52 | $DomainName, 53 | 54 | $Destination 55 | ) 56 | begin 57 | { 58 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 59 | 60 | # Create Context splatting 61 | $ContextSplatting = @{ ContextType = "Domain" } 62 | 63 | if ($PSBoundParameters['Credential']) 64 | { 65 | $ContextSplatting.Credential = $Credential 66 | } 67 | if ($PSBoundParameters['DomainName']) 68 | { 69 | $ContextSplatting.DomainName = $DomainName 70 | } 71 | 72 | $Context = New-ADSIPrincipalContext @ContextSplatting 73 | 74 | } 75 | process 76 | { 77 | try 78 | { 79 | $Computer = [System.DirectoryServices.AccountManagement.ComputerPrincipal]::FindByIdentity($Context, $Identity) 80 | 81 | # Retrieve DirectoryEntry 82 | #$Computer.GetUnderlyingObject() 83 | 84 | # Create DirectoryEntry object 85 | $NewDirectoryEntry = New-Object -TypeName System.DirectoryServices.DirectoryEntry -ArgumentList "LDAP://$Destination" 86 | 87 | # Move the computer 88 | $Computer.GetUnderlyingObject().psbase.moveto($NewDirectoryEntry) 89 | $Computer.Save() 90 | } 91 | catch 92 | { 93 | $pscmdlet.ThrowTerminatingError($_) 94 | } 95 | } 96 | } 97 | -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Move-ADSIDomainControllerToSite.ps1: -------------------------------------------------------------------------------- 1 | function Move-ADSIDomainControllerToSite 2 | { 3 | <# 4 | .SYNOPSIS 5 | Move-ADSIDomainControllerToSite moves the current DC to another site. 6 | 7 | .DESCRIPTION 8 | Move-ADSIDomainControllerToSite moves the current DC to another site. 9 | 10 | MSDN Documention on 'DirectoryServer.MoveToAnotherSite Method' 11 | https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.directoryserver.movetoanothersite(v=vs.110).aspx 12 | 13 | .PARAMETER ComputerName 14 | Specifies the Domain Controller 15 | 16 | .PARAMETER Credential 17 | Specifies alternate credentials to use. Use Get-Credential to create proper credentials. 18 | 19 | .PARAMETER Site 20 | Name of the Active Directory site 21 | 22 | .EXAMPLE 23 | Move-ADSIDomainControllerToSite -ComputerName dc1.ad.local -site "Paris" 24 | 25 | Connects to remote domain controller dc1.ad.local using current credentials and 26 | moves it to the site "Paris". 27 | 28 | .NOTES 29 | https://github.com/lazywinadmin/ADSIPS 30 | 31 | Version History 32 | 1.0 Initial Version (Micky Balladelli) 33 | 1.1 Update (Francois-Xavier Cat) 34 | Rename from Move-ADSIReplicaToSite to Move-ADSIDomainControllerToSite 35 | Add New-ADSIDirectoryContext to take care of the Context 36 | Other minor modifications 37 | #> 38 | 39 | [CmdletBinding()] 40 | param 41 | ( 42 | [Parameter(Mandatory)] 43 | [string]$ComputerName, 44 | 45 | [Alias("RunAs")] 46 | [System.Management.Automation.PSCredential] 47 | [System.Management.Automation.Credential()] 48 | $Credential = [System.Management.Automation.PSCredential]::Empty, 49 | 50 | [Parameter(Mandatory = $true)] 51 | [string]$Site 52 | ) 53 | process 54 | { 55 | try 56 | { 57 | # DirectoryContext Splatting 58 | $Splatting = $PSBoundParameters.Remove("Site") 59 | # Create the Context 60 | $Context = New-ADSIDirectoryContext -ContextType 'DirectoryServer' @Splatting 61 | 62 | $DomainController = [System.DirectoryServices.ActiveDirectory.DomainController]::GetDomainController($context) 63 | 64 | Write-Verbose -Message "[Move-ADSIDomainControllerToSite][PROCESS] $($DomainController.name) to site $Site" 65 | $DomainController.MoveToAnotherSite($Site) 66 | } 67 | catch 68 | { 69 | $pscmdlet.ThrowTerminatingError($_) 70 | } 71 | } 72 | } 73 | -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/New-ADSISite.ps1: -------------------------------------------------------------------------------- 1 | function New-ADSISite 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to create a new Site 6 | 7 | .DESCRIPTION 8 | Function to create a new Site 9 | 10 | .PARAMETER SiteName 11 | Specifies the SiteName 12 | 13 | .PARAMETER Location 14 | Specifies the Location of the site 15 | 16 | .PARAMETER Credential 17 | Specifies the alternative credential to use. 18 | By default it will use the current user windows credentials. 19 | 20 | .PARAMETER ForestName 21 | Specifies the alternative Forest where the subnet should be created 22 | By default it will use the current forest. 23 | 24 | .EXAMPLE 25 | PS C:\> New-ADSISite -SiteName "MTL01" -Location "Montreal, QC, Canada" 26 | 27 | .NOTES 28 | https://github.com/lazywinadmin/ADSIPS 29 | 30 | .LINK 31 | https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.activedirectorysite(v=vs.110).aspx 32 | #> 33 | 34 | [CmdletBinding(SupportsShouldProcess = $true)] 35 | param 36 | ( 37 | [Parameter(Mandatory = $true)] 38 | [Alias('Name')] 39 | [String]$SiteName, 40 | 41 | [String]$Location, 42 | 43 | [Alias("RunAs")] 44 | [System.Management.Automation.PSCredential] 45 | [System.Management.Automation.Credential()] 46 | $Credential = [System.Management.Automation.PSCredential]::Empty, 47 | 48 | [String]$ForestName 49 | ) 50 | 51 | begin 52 | { 53 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 54 | 55 | # Create Context splatting 56 | $ContextSplatting = @{ ContextType = "Forest" } 57 | 58 | if ($PSBoundParameters['Credential']) 59 | { 60 | $ContextSplatting.Credential = $Credential 61 | } 62 | if ($PSBoundParameters['ForestName']) 63 | { 64 | $ContextSplatting.ForestName = $ForestName 65 | } 66 | 67 | $Context = New-ADSIDirectoryContext @ContextSplatting 68 | } 69 | process 70 | { 71 | try 72 | { 73 | if ($PSCmdlet.ShouldProcess($SiteName, "Create Site")) 74 | { 75 | $Site = New-Object -TypeName System.DirectoryServices.ActiveDirectory.ActiveDirectorySite -ArgumentList $Context, $SiteName 76 | $Site.Location = $Location 77 | $Site.Save() 78 | 79 | #$site.GetDirectoryEntry() 80 | } 81 | } 82 | catch 83 | { 84 | $PSCmdlet.ThrowTerminatingError($_) 85 | } 86 | } 87 | end 88 | { 89 | 90 | } 91 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Remove-ADSIGroup.ps1: -------------------------------------------------------------------------------- 1 | function Remove-ADSIGroup 2 | { 3 | <# 4 | .SYNOPSIS 5 | function to remove a group 6 | 7 | .DESCRIPTION 8 | function to remove a group 9 | 10 | .PARAMETER Identity 11 | Specifies the Identity 12 | 13 | You can provide one of the following properties 14 | DistinguishedName 15 | Guid 16 | Name 17 | SamAccountName 18 | Sid 19 | UserPrincipalName 20 | 21 | Those properties come from the following enumeration: 22 | System.DirectoryServices.AccountManagement.IdentityType 23 | 24 | .PARAMETER Credential 25 | Specifies the alternative credential to use. 26 | By default it will use the current user windows credentials. 27 | 28 | .PARAMETER DomainName 29 | Specifies the alternative Domain where the user should be created 30 | By default it will use the current domain. 31 | 32 | .EXAMPLE 33 | Remove-ADSIGroup FXTESTGROUP 34 | 35 | .EXAMPLE 36 | Remove-ADSIGroup FXTESTGROUP -whatif 37 | 38 | .NOTES 39 | https://github.com/lazywinadmin/ADSIPS 40 | #> 41 | [CmdletBinding(SupportsShouldProcess = $true)] 42 | param ( 43 | [parameter(Mandatory = $true, ValueFromPipelineByPropertyName = $true, ValueFromPipeline = $true)] 44 | $Identity, 45 | 46 | [Alias("RunAs")] 47 | [System.Management.Automation.PSCredential] 48 | [System.Management.Automation.Credential()] 49 | $Credential = [System.Management.Automation.PSCredential]::Empty, 50 | 51 | [String]$DomainName) 52 | 53 | begin 54 | { 55 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 56 | 57 | # Create Context splatting 58 | $ContextSplatting = @{ 59 | Contexttype = "Domain" 60 | } 61 | 62 | if ($PSBoundParameters['Credential']) 63 | { 64 | $ContextSplatting.Credential = $Credential 65 | } 66 | if ($PSBoundParameters['DomainName']) 67 | { 68 | $ContextSplatting.DomainName = $DomainName 69 | } 70 | 71 | } 72 | process 73 | { 74 | try 75 | { 76 | if ($pscmdlet.ShouldProcess("$Identity", "Delete Account")) 77 | { 78 | (Get-ADSIGroup -Identity $Identity @ContextSplatting).delete() 79 | } 80 | } 81 | catch 82 | { 83 | $pscmdlet.ThrowTerminatingError($_) 84 | } 85 | } 86 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Remove-ADSISite.ps1: -------------------------------------------------------------------------------- 1 | Function Remove-ADSISite 2 | { 3 | <# 4 | .SYNOPSIS 5 | function to remove a Site 6 | 7 | .DESCRIPTION 8 | function to remove a Site 9 | 10 | .PARAMETER SiteName 11 | Specifies the Site Name 12 | 13 | .PARAMETER Credential 14 | Specifies the alternative credential to use. 15 | By default it will use the current user windows credentials. 16 | 17 | .PARAMETER ForestName 18 | Specifies the alternative Forest where the user should be created 19 | By default it will use the current Forest. 20 | 21 | .EXAMPLE 22 | Remove-ADSISite -SiteName WOW01 23 | 24 | .NOTES 25 | https://github.com/lazywinadmin/ADSIPS 26 | #> 27 | [CmdletBinding(SupportsShouldProcess = $true)] 28 | param ( 29 | [parameter(Mandatory = $true)] 30 | [String]$SiteName, 31 | 32 | [Alias("RunAs")] 33 | [System.Management.Automation.PSCredential] 34 | [System.Management.Automation.Credential()] 35 | $Credential = [System.Management.Automation.PSCredential]::Empty, 36 | 37 | [String]$ForestName 38 | 39 | ) 40 | begin 41 | { 42 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 43 | 44 | # Create Context splatting 45 | $ContextSplatting = @{} 46 | 47 | if ($PSBoundParameters['Credential']) 48 | { 49 | $ContextSplatting.Credential = $Credential 50 | } 51 | if ($PSBoundParameters['ForestName']) 52 | { 53 | $ContextSplatting.ForestName = $ForestName 54 | } 55 | } 56 | process 57 | { 58 | try 59 | { 60 | if ($PSCmdlet.ShouldProcess($SiteName, "Delete")) 61 | { 62 | # Delete Site 63 | (Get-ADSISite -Name $SiteName @ContextSplatting).Delete() 64 | } 65 | } 66 | catch 67 | { 68 | $pscmdlet.ThrowTerminatingError($_) 69 | break 70 | } 71 | } 72 | } 73 | 74 | -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Remove-ADSISiteSubnet.ps1: -------------------------------------------------------------------------------- 1 | function Remove-ADSISiteSubnet 2 | { 3 | <# 4 | .SYNOPSIS 5 | function to remove a Subnet 6 | 7 | .DESCRIPTION 8 | function to remove a Subnet 9 | 10 | .PARAMETER SubnetName 11 | Specifies the Subnet Name 12 | 13 | .PARAMETER Credential 14 | Specifies the alternative credential to use. 15 | By default it will use the current user windows credentials. 16 | 17 | .PARAMETER ForestName 18 | Specifies the alternative Forest where the user should be created 19 | By default it will use the current Forest. 20 | 21 | .EXAMPLE 22 | Remove-ADSISiteSubnet -SubnetName '192.168.8.0/24' 23 | 24 | .NOTES 25 | https://github.com/lazywinadmin/ADSIPS 26 | #> 27 | 28 | [CmdletBinding(SupportsShouldProcess = $true)] 29 | param 30 | ( 31 | [Parameter(Mandatory = $true)] 32 | [String]$SubnetName, 33 | 34 | [Alias("RunAs")] 35 | [System.Management.Automation.PSCredential] 36 | [System.Management.Automation.Credential()] 37 | $Credential = [System.Management.Automation.PSCredential]::Empty, 38 | 39 | [String]$ForestName 40 | ) 41 | 42 | begin 43 | { 44 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 45 | 46 | # Create Context splatting 47 | $ContextSplatting = @{ } 48 | 49 | if ($PSBoundParameters['Credential']) 50 | { 51 | $ContextSplatting.Credential = $Credential 52 | } 53 | if ($PSBoundParameters['ForestName']) 54 | { 55 | $ContextSplatting.ForestName = $ForestName 56 | } 57 | } 58 | process 59 | { 60 | try 61 | { 62 | if ($PSCmdlet.ShouldProcess($SubnetName, "Remove Subnet")) 63 | { 64 | (Get-ADSISiteSubnet -SubnetName $SubnetName @ContextSplatting).Delete() 65 | } 66 | } 67 | catch 68 | { 69 | $pscmdlet.ThrowTerminatingError($_) 70 | break 71 | } 72 | } 73 | end 74 | { 75 | } 76 | } 77 | 78 | 79 | 80 | 81 | -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Reset-ADSIUserPasswordAge.ps1: -------------------------------------------------------------------------------- 1 | function Reset-ADSIUserPasswordAge 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to reset a User's password age to zero 6 | 7 | .DESCRIPTION 8 | Function to reset a User's password age to zero 9 | 10 | .PARAMETER Identity 11 | Specifies the Identity 12 | 13 | .PARAMETER Credential 14 | Specifies alternative credential 15 | 16 | .EXAMPLE 17 | Reset-ADSIUserPasswordAge -Identity 'testaccount' 18 | 19 | .EXAMPLE 20 | Reset-ADSIUserPasswordAge -Identity 'testaccount' -Credential (Get-Credential) 21 | 22 | .NOTES 23 | https://github.com/lazywinadmin/ADSIPS 24 | #> 25 | 26 | [CmdletBinding(SupportsShouldProcess = $true)] 27 | param 28 | ( 29 | [Parameter(Mandatory = $true)] 30 | [string]$Identity, 31 | 32 | [Alias("RunAs")] 33 | [System.Management.Automation.PSCredential] 34 | [System.Management.Automation.Credential()] 35 | $Credential = [System.Management.Automation.PSCredential]::Empty 36 | ) 37 | process 38 | { 39 | if ($pscmdlet.ShouldProcess("$Identity", "Change Account Password")) 40 | { 41 | (Get-ADSIUser @PSBoundParameters).RefreshExpiredPassword() 42 | } 43 | } 44 | } 45 | -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Set-ADSIUserPassword.ps1: -------------------------------------------------------------------------------- 1 | function Set-ADSIUserPassword 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to change a User's password 6 | 7 | .DESCRIPTION 8 | Function to change a User's password 9 | 10 | .PARAMETER Identity 11 | Specifies the Identity 12 | 13 | .PARAMETER Credential 14 | Specifies alternative credential 15 | 16 | .PARAMETER AccountPassword 17 | Specifies the new password. 18 | The object needs to be a System.Security.SecureString. 19 | You can use something like that: 20 | $AccountPassword = (read-host -AsSecureString -Prompt "AccountPassword") 21 | 22 | .PARAMETER DomainName 23 | Specifies the DomainName to query 24 | By default it will take the current domain. 25 | 26 | .EXAMPLE 27 | Set-ADSIUserPassword -Identity 'testaccount' -AccountPassword (read-host -AsSecureString -Prompt "AccountPassword") 28 | 29 | Change the password of the account 'testaccount' to the specified new password 30 | 31 | .EXAMPLE 32 | Set-ADSIUserPassword -Identity 'testaccount' -AccountPassword (read-host -AsSecureString -Prompt "AccountPassword") -Credential (Get-Credential) 33 | 34 | Change the password of the account 'testaccount' using the credential specified, to the specified new password 35 | 36 | .NOTES 37 | https://github.com/lazywinadmin/ADSIPS 38 | #> 39 | [CmdletBinding(SupportsShouldProcess = $true)] 40 | param ( 41 | [parameter(Mandatory = $true)] 42 | $Identity, 43 | 44 | [parameter(Mandatory = $true)] 45 | [System.Security.SecureString]$AccountPassword, 46 | 47 | [Alias("RunAs")] 48 | [System.Management.Automation.PSCredential] 49 | [System.Management.Automation.Credential()] 50 | $Credential = [System.Management.Automation.PSCredential]::Empty, 51 | 52 | [String]$DomainName) 53 | 54 | begin 55 | { 56 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 57 | 58 | # Create Context splatting 59 | $ContextSplatting = @{ } 60 | if ($PSBoundParameters['Credential']) 61 | { 62 | $ContextSplatting.Credential = $Credential 63 | } 64 | if ($PSBoundParameters['DomainName']) 65 | { 66 | $ContextSplatting.DomainName = $DomainName 67 | } 68 | } 69 | process 70 | { 71 | try 72 | { 73 | if ($pscmdlet.ShouldProcess("$Identity", "Change Account Password")) 74 | { 75 | (Get-ADSIUser -Identity $Identity @ContextSplatting).SetPassword((New-Object -TypeName PSCredential -ArgumentList "user", $AccountPassword).GetNetworkCredential().Password) 76 | } 77 | } 78 | catch 79 | { 80 | $pscmdlet.ThrowTerminatingError($_) 81 | } 82 | } 83 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Start-ADSIReplicationConsistencyCheck.ps1: -------------------------------------------------------------------------------- 1 | function Start-ADSIReplicationConsistencyCheck 2 | { 3 | <# 4 | .SYNOPSIS 5 | Start-ADSIReplicationConsistencyCheck starts the knowledge consistency checker on a given DC. 6 | 7 | .DESCRIPTION 8 | Start-ADSIReplicationConsistencyCheck connects to an Active Directory Domain Controller and starts the KCC to verify if the replication 9 | topology needs to be optimized. 10 | 11 | .PARAMETER ComputerName 12 | Defines the remote computer to connect to. 13 | 14 | .PARAMETER Credential 15 | Defines alternate credentials to use. Use Get-Credential to create proper credentials. 16 | 17 | .EXAMPLE 18 | Start-ADSIReplicationConsistencyCheck -ComputerName dc1.ad.local 19 | Connects to remote domain controller dc1.ad.local using current credentials and starts a KCC check. 20 | 21 | .NOTES 22 | https://github.com/lazywinadmin/ADSIPS 23 | #> 24 | [CmdletBinding(SupportsShouldProcess = $true)] 25 | param ([Parameter(Mandatory = $true)] 26 | [string]$ComputerName, 27 | 28 | [Alias("RunAs")] 29 | [System.Management.Automation.PSCredential] 30 | [System.Management.Automation.Credential()] 31 | $Credential = [System.Management.Automation.PSCredential]::Empty 32 | ) 33 | 34 | if ($ComputerName) 35 | { 36 | if ($Credential) 37 | { 38 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName, $Credential.UserName, $Credential.GetNetworkCredential().Password 39 | } 40 | else 41 | { 42 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName 43 | } 44 | } 45 | 46 | if ($context) 47 | { 48 | Write-Verbose -Message "Connecting to $ComputerName" 49 | $dc = [System.DirectoryServices.ActiveDirectory.DomainController]::GetDomainController($context) 50 | } 51 | 52 | if ($PSCmdlet.ShouldProcess($dc, "Check Replication Consistency (KCC Check)")) 53 | { 54 | if ($dc) 55 | { 56 | $dc.CheckReplicationConsistency() 57 | Write-Verbose -Message "KCC Check started on $($dc.name)" 58 | } 59 | } 60 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Test-ADSICredential.ps1: -------------------------------------------------------------------------------- 1 | function Test-ADSICredential 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to test credential 6 | 7 | .DESCRIPTION 8 | Function to test credential 9 | 10 | .PARAMETER AccountName 11 | Specifies the AccountName to check 12 | 13 | .PARAMETER AccountPassword 14 | Specifies the AccountName's password 15 | 16 | .PARAMETER Credential 17 | Specifies the alternative credential to use. 18 | By default it will use the current user windows credentials. 19 | 20 | .PARAMETER DomainName 21 | Specifies the alternative Domain where the user should be created 22 | By default it will use the current domain. 23 | 24 | .EXAMPLE 25 | Test-ADCredential -AccountName 'Xavier' -Password 'Wine and Cheese!' 26 | 27 | .EXAMPLE 28 | PS C:\> New-ADSIUser -SamAccountName "fxtest04" -Enabled -AccountPassword (read-host -AsSecureString -Prompt "AccountPassword") -Passthru 29 | 30 | # You can test the credential using the following function 31 | Test-ADSICredential -AccountName "fxtest04" -Password "Password1" 32 | 33 | .OUTPUTS 34 | System.Boolean 35 | 36 | .NOTES 37 | https://github.com/lazywinadmin/ADSIPS 38 | #> 39 | [OutputType('System.Boolean')] 40 | [CmdletBinding()] 41 | param 42 | ( 43 | [Parameter(Mandatory)] 44 | [Alias("UserName")] 45 | [string]$AccountName, 46 | 47 | [Parameter(Mandatory)] 48 | [System.Security.SecureString]$AccountPassword, 49 | 50 | [Alias("RunAs")] 51 | [System.Management.Automation.PSCredential] 52 | [System.Management.Automation.Credential()] 53 | $Credential = [System.Management.Automation.PSCredential]::Empty, 54 | 55 | [String]$DomainName) 56 | begin 57 | { 58 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 59 | 60 | # Create Context splatting 61 | $ContextSplatting = @{ ContextType = "Domain" } 62 | 63 | if ($PSBoundParameters['Credential']) 64 | { 65 | $ContextSplatting.Credential = $Credential 66 | } 67 | if ($PSBoundParameters['DomainName']) 68 | { 69 | $ContextSplatting.DomainName = $DomainName 70 | } 71 | 72 | $Context = New-ADSIPrincipalContext @ContextSplatting 73 | } 74 | process 75 | { 76 | try 77 | { 78 | Write-Verbose -Message "[Test-ADSICredential][PROCESS] Validating $AccountName Credential against $($Context.ConnectedServer)" 79 | $Context.ValidateCredentials($AccountName, (New-Object -TypeName PSCredential -ArgumentList "user", $AccountPassword).GetNetworkCredential().Password) 80 | } 81 | catch 82 | { 83 | $pscmdlet.ThrowTerminatingError($_) 84 | } 85 | } 86 | } 87 | -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Test-ADSIUserIsGroupMember.ps1: -------------------------------------------------------------------------------- 1 | function Test-ADSIUserIsGroupMember 2 | { 3 | <# 4 | .SYNOPSIS 5 | This function will check if a domain user is member of a domain group 6 | 7 | .DESCRIPTION 8 | This function will check if a domain user is member of a domain group 9 | 10 | .PARAMETER GroupSamAccountName 11 | Specifies the Group to query 12 | 13 | .PARAMETER UserSamAccountName 14 | Specifies the user account 15 | 16 | .EXAMPLE 17 | Test-ADSIUserIsGroupMember -GroupSamAccountName TestGroup -UserSamAccountName Fxcat 18 | 19 | This will return $true or $false depending if the user Fxcat is member of TestGroup 20 | 21 | .NOTES 22 | https://github.com/lazywinadmin/ADSIPS 23 | #> 24 | param ( 25 | $GroupSamAccountName, 26 | 27 | $UserSamAccountName 28 | ) 29 | 30 | $UserInfo = [ADSI]"$((Get-ADSIUser -SamAccountName $UserSamAccountName).AdsPath)" 31 | $GroupInfo = [ADSI]"$((Get-ADSIGroup -SamAccountName $GroupSamAccountName).AdsPath)" 32 | 33 | #([ADSI]$GroupInfo.ADsPath).IsMember([ADSI]($UserInfo.AdsPath)) 34 | $GroupInfo.IsMember($UserInfo.ADsPath) 35 | 36 | } -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Test-ADSIUserIsLockedOut.ps1: -------------------------------------------------------------------------------- 1 | function Test-ADSIUserIsLockedOut 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to test if a User is LockedOut 6 | 7 | .DESCRIPTION 8 | Function to test if a User is LockedOut 9 | 10 | .PARAMETER Identity 11 | Specifies the Identity 12 | 13 | .PARAMETER Credential 14 | Specifies alternative credential 15 | 16 | .EXAMPLE 17 | Test-ADSIUserIsLockedOut -Identity 'testaccount' 18 | 19 | .EXAMPLE 20 | Test-ADSIUserIsLockedOut -Identity 'testaccount' -Credential (Get-Credential) 21 | 22 | .NOTES 23 | https://github.com/lazywinadmin/ADSIPS 24 | #> 25 | 26 | [CmdletBinding()] 27 | [OutputType('System.Boolean')] 28 | param 29 | ( 30 | [Parameter(Mandatory = $true)] 31 | [string]$Identity, 32 | 33 | [Alias("RunAs")] 34 | [System.Management.Automation.PSCredential] 35 | [System.Management.Automation.Credential()] 36 | $Credential = [System.Management.Automation.PSCredential]::Empty 37 | ) 38 | process 39 | { 40 | (Get-ADSIUser @PSBoundParameters).IsAccountLockedOut() 41 | } 42 | } 43 | -------------------------------------------------------------------------------- /Archives/AdsiPS/Public/Unlock-ADSIUser.ps1: -------------------------------------------------------------------------------- 1 | function Unlock-ADSIUser 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to Unlock a User in Active Directory 6 | 7 | .DESCRIPTION 8 | Function to Unlock a User in Active Directory 9 | 10 | .PARAMETER Identity 11 | Specifies the Identity 12 | 13 | .PARAMETER Credential 14 | Specifies alternative credential 15 | 16 | .EXAMPLE 17 | Unlock-ADSIUser -Identity 'testaccount' 18 | 19 | .EXAMPLE 20 | Unlock-ADSIUser -Identity 'testaccount' -Credential (Get-Credential) 21 | 22 | .PARAMETER DomainName 23 | Specifies the alternative Domain where the user should be created 24 | By default it will use the current domain. 25 | 26 | .NOTES 27 | https://github.com/lazywinadmin/ADSIPS 28 | #> 29 | [CmdletBinding()] 30 | param ([Parameter(Mandatory)] 31 | [string]$Identity, 32 | 33 | [Alias("RunAs")] 34 | [System.Management.Automation.PSCredential] 35 | [System.Management.Automation.Credential()] 36 | $Credential = [System.Management.Automation.PSCredential]::Empty, 37 | 38 | [String]$DomainName) 39 | begin 40 | { 41 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 42 | 43 | # Create Context splatting 44 | $ContextSplatting = @{ } 45 | if ($PSBoundParameters['Credential']) 46 | { 47 | $ContextSplatting.Credential = $Credential 48 | } 49 | if ($PSBoundParameters['DomainName']) 50 | { 51 | $ContextSplatting.DomainName = $DomainName 52 | } 53 | } 54 | process 55 | { 56 | (Get-ADSIUser -Identity $Identity @ContextSplatting).UnlockAccount() 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /Archives/Build/build.ps1: -------------------------------------------------------------------------------- 1 | #---------------------------------# 2 | # Header # 3 | #---------------------------------# 4 | Write-Host 'Running AppVeyor build script' -ForegroundColor Yellow 5 | Write-Host "ModuleName : $env:ModuleName" 6 | Write-Host "Build version : $env:APPVEYOR_BUILD_VERSION" 7 | Write-Host "Author : $env:APPVEYOR_REPO_COMMIT_AUTHOR" 8 | Write-Host "Branch : $env:APPVEYOR_REPO_BRANCH" 9 | 10 | #---------------------------------# 11 | # BuildScript # 12 | #---------------------------------# 13 | Write-Host 'Nothing to build, skipping.....' 14 | # Grab nuget bits, install modules, set build variables, start build. 15 | Get-PackageProvider -Name NuGet -ForceBootstrap | Out-Null 16 | 17 | Install-Module Psake, PSDeploy, Pester, BuildHelpers -force -verbose 18 | Import-Module Psake, BuildHelpers -verbose 19 | 20 | Write-Host 'Set Build Environment' 21 | Set-BuildEnvironment -force 22 | 23 | Write-host "Get BuildVariables" -ForegroundColor Yellow 24 | Get-BuildVariables 25 | 26 | Write-host "Get-ProjectName" -ForegroundColor Yellow 27 | Get-ProjectName 28 | 29 | Write-host "ENV:" -ForegroundColor Yellow 30 | gci env: 31 | 32 | Invoke-psake -BuildFile $PSScriptRoot\psake.ps1 -tasklist 'Deploy' -nologo 33 | exit ( [int]( -not $psake.build_success ) ) 34 | 35 | -------------------------------------------------------------------------------- /Archives/Build/deploy.psdeploy.ps1: -------------------------------------------------------------------------------- 1 | # Generic module deployment. 2 | # 3 | # ASSUMPTIONS: 4 | # 5 | # * folder structure either like: 6 | # 7 | # - RepoFolder 8 | # - This PSDeploy file 9 | # - ModuleName 10 | # - ModuleName.psd1 11 | # 12 | # OR the less preferable: 13 | # - RepoFolder 14 | # - RepoFolder.psd1 15 | # 16 | # * Nuget key in $ENV:NugetApiKey 17 | # 18 | # * Set-BuildEnvironment from BuildHelpers module has populated ENV:BHModulePath and related variables 19 | 20 | # Publish to gallery with a few restrictions 21 | if( 22 | $env:BHModulePath -and 23 | $env:BHBuildSystem -ne 'Unknown' -and 24 | $env:BHBranchName -eq "master" -and 25 | $env:BHCommitMessage -match '!deploy' 26 | ) 27 | { 28 | Deploy Module { 29 | By PSGalleryModule { 30 | FromSource $ENV:BHModulePath 31 | To PSGallery 32 | WithOptions @{ 33 | ApiKey = $ENV:NugetApiKey 34 | } 35 | } 36 | } 37 | } 38 | else 39 | { 40 | "Skipping deployment: To deploy, ensure that...`n" + 41 | "`t* You are in a known build system (Current: $ENV:BHBuildSystem)`n" + 42 | "`t* You are committing to the master branch (Current: $ENV:BHBranchName) `n" + 43 | "`t* Your commit message includes !deploy (Current: $ENV:BHCommitMessage)" | 44 | Write-Host 45 | } 46 | 47 | # Publish to AppVeyor if we're in AppVeyor 48 | if( 49 | $env:BHModulePath -and 50 | $env:BHBuildSystem -eq 'AppVeyor' 51 | ) 52 | { 53 | Deploy DeveloperBuild { 54 | By AppVeyorModule { 55 | FromSource $ENV:BHModulePath 56 | To AppVeyor 57 | WithOptions @{ 58 | Version = $env:APPVEYOR_BUILD_VERSION 59 | } 60 | } 61 | } 62 | } -------------------------------------------------------------------------------- /Archives/Build/psake.ps1: -------------------------------------------------------------------------------- 1 | # PSake makes variables declared here available in other scriptblocks 2 | # Init some things 3 | 4 | Properties { 5 | # Find the build folder based on build system 6 | $ProjectRoot = $ENV:BHProjectPath 7 | if(-not $ProjectRoot) 8 | { 9 | $ProjectRoot = Resolve-Path "$PSScriptRoot\.." 10 | } 11 | 12 | $Timestamp = Get-Date -UFormat "%Y%m%d-%H%M%S" 13 | $PSVersion = $PSVersionTable.PSVersion.Major 14 | $TestFile = "TestResults_PS$PSVersion`_$TimeStamp.xml" 15 | $lines = '----------------------------------------------------------------------' 16 | 17 | $Verbose = @{} 18 | if($ENV:BHCommitMessage -match "!verbose") 19 | { 20 | $Verbose = @{Verbose = $True} 21 | } 22 | } 23 | 24 | Task Default -Depends Test 25 | 26 | Task Init { 27 | $lines 28 | Set-Location $ProjectRoot 29 | "Build System Details:" 30 | Get-Item ENV:BH* 31 | "`n" 32 | } 33 | 34 | Task Test -Depends Init { 35 | $lines 36 | "`n`tSTATUS: Testing with PowerShell $PSVersion" 37 | 38 | # Gather test results. Store them in a variable and file 39 | $TestResults = Invoke-Pester -Path $ProjectRoot\Tests -PassThru -OutputFormat NUnitXml -OutputFile "$ProjectRoot\$TestFile" 40 | 41 | # In Appveyor? Upload our tests! #Abstract this into a function? 42 | If($ENV:BHBuildSystem -eq 'AppVeyor') 43 | { 44 | (New-Object 'System.Net.WebClient').UploadFile( 45 | "https://ci.appveyor.com/api/testresults/nunit/$($env:APPVEYOR_JOB_ID)", 46 | "$ProjectRoot\$TestFile" ) 47 | } 48 | 49 | Remove-Item "$ProjectRoot\$TestFile" -Force -ErrorAction SilentlyContinue 50 | 51 | # Failed tests? 52 | # Need to tell psake or it will proceed to the deployment. Danger! 53 | if($TestResults.FailedCount -gt 0) 54 | { 55 | Write-Error "Failed '$($TestResults.FailedCount)' tests, build failed" 56 | } 57 | "`n" 58 | } 59 | 60 | Task Build -Depends Test { 61 | $lines 62 | 63 | # Load the module, read the exported functions, update the psd1 FunctionsToExport 64 | Set-ModuleFunctions 65 | 66 | # Bump the module version 67 | Try 68 | { 69 | $Version = Get-NextNugetPackageVersion -Name $env:BHProjectName -ErrorAction Stop 70 | Update-Metadata -Path $env:BHPSModuleManifest -PropertyName ModuleVersion -Value $Version -ErrorAction stop 71 | } 72 | Catch 73 | { 74 | "Failed to update version for '$env:BHProjectName': $_.`nContinuing with existing version" 75 | } 76 | } 77 | 78 | Task Deploy -Depends Build { 79 | $lines 80 | 81 | $Params = @{ 82 | Path = "$ProjectRoot\Build" 83 | Force = $true 84 | Recurse = $false # We keep psdeploy artifacts, avoid deploying those : ) 85 | } 86 | Invoke-PSDeploy @Verbose @Params 87 | } -------------------------------------------------------------------------------- /Archives/Get-ADSIComputerSite.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSICurrentComputerSite 2 | { 3 | [System.DirectoryServices.ActiveDirectory.ActiveDirectorySite]::GetComputerSite() 4 | } -------------------------------------------------------------------------------- /Archives/Get-ADSIComputerSite2.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIComputerSite 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the Active Directory Site(s) 6 | 7 | .DESCRIPTION 8 | Function to retrieve the Active Directory Site(s) 9 | 10 | .PARAMETER Credential 11 | Specifies alternative credential to use. Default is the current user. 12 | 13 | .PARAMETER ForestName 14 | Specifies the ForestName to query. Default is the current one 15 | 16 | .PARAMETER Name 17 | Specifies the Site Name to find. 18 | 19 | .EXAMPLE 20 | Get-ADSIComputerSite 21 | 22 | .EXAMPLE 23 | Get-ADSIComputerSite -ForestName lazywinadmin.com 24 | 25 | .EXAMPLE 26 | Get-ADSIComputerSite -Credential (Get-Credential superAdmin) -Verbose 27 | 28 | .EXAMPLE 29 | Get-ADSIComputerSite -ForestName lazywinadmin.com -Credential (Get-Credential superAdmin) -Verbose 30 | 31 | .EXAMPLE 32 | Get-ADSIComputerSite -Name 'Montreal' 33 | 34 | .OUTPUTS 35 | System.DirectoryServices.ActiveDirectory.ActiveDirectorySite 36 | 37 | .NOTES 38 | Francois-Xavier Cat 39 | LazyWinAdmin.com 40 | @lazywinadm 41 | github.com/lazywinadmin 42 | #> 43 | 44 | [CmdletBinding()] 45 | [OutputType('System.DirectoryServices.ActiveDirectory.ActiveDirectorySite')] 46 | PARAM 47 | ( 48 | [System.Management.Automation.Credential()] 49 | [Alias('RunAs')] 50 | $Credential = [System.Management.Automation.PSCredential]::Empty, 51 | 52 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest(), 53 | 54 | [String]$ComputerName 55 | ) 56 | 57 | PROCESS 58 | { 59 | TRY 60 | { 61 | IF ($PSBoundParameters['ComputerName']) 62 | { 63 | # Remove Name from the PSBoundParameters Splatting 64 | [Void]$PSBoundParameters.Remove('ComputerName') 65 | 66 | # Create a Forest Context 67 | $Context = New-ADSIDirectoryContext -ContextType Forest @PSBoundParameters 68 | 69 | # Get the site name specified 70 | [System.DirectoryServices.ActiveDirectory.ActiveDirectorySite]::GetComputerSite() 71 | } 72 | ELSE 73 | { 74 | [Void]$PSBoundParameters.Remove('Name') 75 | (Get-ADSIForest @PSBoundParameters).Sites 76 | } 77 | } 78 | CATCH 79 | { 80 | $pscmdlet.ThrowTerminatingError($_) 81 | } 82 | } 83 | } -------------------------------------------------------------------------------- /Archives/Get-ADSIDomainDomainControllers.ps1: -------------------------------------------------------------------------------- 1 | Function Get-ADSIDomainDomainControllers 2 | { 3 | [cmdletbinding()] 4 | PARAM ( 5 | [Alias('RunAs')] 6 | [System.Management.Automation.Credential()] 7 | $Credential = [System.Management.Automation.PSCredential]::Empty, 8 | 9 | $DomainName = [System.DirectoryServices.ActiveDirectory.Domain]::GetcurrentDomain() 10 | ) 11 | PROCESS 12 | { 13 | TRY 14 | { 15 | IF ($PSBoundParameters['Credential'] -or $PSBoundParameters['DomainName']) 16 | { 17 | Write-Verbose -Message '[PROCESS] Credential or FirstName specified' 18 | $Splatting = @{ } 19 | IF ($PSBoundParameters['Credential']) { $Splatting.Credential = $Credential } 20 | IF ($PSBoundParameters['DomainName']) { $Splatting.DomainName = $DomainName } 21 | 22 | (Get-ADSIDomain @splatting).domaincontrollers 23 | 24 | } 25 | ELSE 26 | { 27 | (Get-ADSIDomain).domaincontrollers 28 | } 29 | 30 | } 31 | CATCH 32 | { 33 | $pscmdlet.ThrowTerminatingError($_) 34 | } 35 | } 36 | } -------------------------------------------------------------------------------- /Archives/Get-ADSIGroupMembership.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIGroupMembership 2 | { 3 | <# 4 | .SYNOPSIS 5 | This function will list all the member of the specified group 6 | 7 | .PARAMETER SamAccountName 8 | Specify the SamAccountName of the Group 9 | 10 | .EXAMPLE 11 | Get-ADSIGroupMembership -SamAccountName TestGroup 12 | 13 | .NOTES 14 | Francois-Xavier Cat 15 | LazyWinAdmin.com 16 | @lazywinadm 17 | #> 18 | [CmdletBinding()] 19 | PARAM ($SamAccountName) 20 | BEGIN 21 | { 22 | $search = [adsisearcher]"(&(objectCategory=group)(SamAccountName=$SamAccountName))" 23 | } 24 | PROCESS 25 | { 26 | TRY 27 | { 28 | foreach ($member in $search.FindOne().properties.member) 29 | { 30 | #User 31 | #Get-ADSIUser -DistinguishedName $member 32 | Get-ADSIObject -DistinguishedName $member 33 | 34 | #Group 35 | # need to be done here 36 | } 37 | } #try 38 | CATCH 39 | { 40 | $pscmdlet.ThrowTerminatingError($_) 41 | } 42 | } #process 43 | END { Write-Verbose -Message "[END] Function Get-ADSIGroupMembership End." } 44 | } 45 | -------------------------------------------------------------------------------- /Archives/Get-ADSIGroupMembership_.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIGroupMembership 2 | { 3 | <# 4 | .SYNOPSIS 5 | This function will list all the member of the specified group 6 | 7 | .PARAMETER SamAccountName 8 | Specify the SamAccountName of the Group 9 | 10 | .EXAMPLE 11 | Get-ADSIGroupMembership -SamAccountName TestGroup 12 | 13 | .NOTES 14 | Francois-Xavier Cat 15 | LazyWinAdmin.com 16 | @lazywinadm 17 | #> 18 | [CmdletBinding()] 19 | PARAM ($SamAccountName) 20 | BEGIN 21 | { 22 | $search = [adsisearcher]"(&(objectCategory=group)(SamAccountName=$SamAccountName))" 23 | } 24 | PROCESS 25 | { 26 | TRY 27 | { 28 | foreach ($member in $search.FindOne().properties.member) 29 | { 30 | #User 31 | #Get-ADSIUser -DistinguishedName $member 32 | Get-ADSIObject -DistinguishedName $member 33 | 34 | #Group 35 | # need to be done here 36 | } 37 | }#try 38 | CATCH 39 | { 40 | $pscmdlet.ThrowTerminatingError($_) 41 | } 42 | }#process 43 | END { Write-Verbose -Message "[END] Function Get-ADSIGroupMembership End." } 44 | } -------------------------------------------------------------------------------- /Archives/Get-ADSISiteConnection.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSISiteConnection 2 | { 3 | [CmdletBinding()] 4 | param ( 5 | [parameter(mandatory = $true, position = 0, ValueFromPipeline = $true)] 6 | $Domain, 7 | 8 | [parameter(mandatory = $true)] 9 | $Site 10 | ) 11 | $DomainName = $Domain.Name 12 | $ADEntry = [system.directoryservices.directoryentry]([ADSI]"LDAP://$DomainName") 13 | $source = New-Object -TypeName System.DirectoryServices.DirectorySearcher 14 | $source.SearchRoot = "LDAP://CN=$Site,CN=Sites,CN=Configuration,$DomainName" 15 | $source.SearchScope = 'Subtree' 16 | $source.PageSize = 100000 17 | $source.filter = "(objectclass=nTDSConnection)" 18 | try 19 | { 20 | $SiteConnections = $source.findall() 21 | if ($SiteConnections -ne $null) 22 | { 23 | foreach ($SiteConnection in $SiteConnections) 24 | { 25 | $Object = New-Object -TypeName 'PSObject' 26 | $Object | Add-Member -MemberType 'NoteProperty' -Name 'Domain' -Value $Domain.FQDN 27 | $Object | Add-Member -MemberType 'NoteProperty' -Name 'Site' -Value $Site 28 | $Object | Add-Member -MemberType 'NoteProperty' -Name 'Name' -Value $($SiteConnection.Properties.Item("Name")) 29 | $Object | Add-Member -MemberType 'NoteProperty' -Name 'FromServer' -Value $($SiteConnection.Properties.Item("fromserver") -split ',' -replace 'CN=', '')[3] 30 | $Object 31 | } 32 | } 33 | else 34 | { 35 | $Object = New-Object -TypeName 'PSObject' 36 | $Object | Add-Member -MemberType 'NoteProperty' -Name 'Domain' -Value $Domain.FQDN 37 | $Object | Add-Member -MemberType 'NoteProperty' -Name 'Site' -Value $Site 38 | $Object | Add-Member -MemberType 'NoteProperty' -Name 'Name' -Value '' 39 | $Object | Add-Member -MemberType 'NoteProperty' -Name 'FromServer' -Value '' 40 | $Object 41 | } 42 | } 43 | catch 44 | { 45 | } 46 | } -------------------------------------------------------------------------------- /Archives/Get-ADSISiteLink.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSISiteLink 2 | { 3 | <# 4 | .SYNOPSIS 5 | This function will query Active Directory for all Sites Links 6 | 7 | .PARAMETER Credential 8 | Specify the Credential to use 9 | 10 | .PARAMETER DomainDistinguishedName 11 | Specify the DistinguishedName of the Domain to query 12 | 13 | .PARAMETER SizeLimit 14 | Specify the number of item(s) to output. 15 | Default is 100. 16 | 17 | .NOTES 18 | Francois-Xavier Cat 19 | LazyWinAdmin.com 20 | @lazywinadm 21 | #> 22 | [CmdletBinding()] 23 | PARAM ( 24 | [Parameter()] 25 | [Alias("Domain", "DomainDN")] 26 | [String]$DomainDistinguishedName = $(([adsisearcher]"").Searchroot.path), 27 | 28 | [Alias("RunAs")] 29 | [System.Management.Automation.Credential()] 30 | $Credential = [System.Management.Automation.PSCredential]::Empty, 31 | 32 | [Alias("ResultLimit", "Limit")] 33 | [int]$SizeLimit = '100' 34 | ) 35 | BEGIN { } 36 | PROCESS 37 | { 38 | TRY 39 | { 40 | # Building the basic search object with some parameters 41 | $Search = New-Object -TypeName System.DirectoryServices.DirectorySearcher -ErrorAction 'Stop' 42 | $Search.SizeLimit = $SizeLimit 43 | $Search.Filter = "(objectClass=siteLink)" 44 | 45 | IF ($PSBoundParameters['DomainDistinguishedName']) 46 | { 47 | IF ($DomainDistinguishedName -notlike "LDAP://*") { $DomainDistinguishedName = "LDAP://$DomainDistinguishedName" }#IF 48 | Write-Verbose -Message "[PROCESS] Different Domain specified: $DomainDistinguishedName" 49 | $Search.SearchRoot = $DomainDistinguishedName 50 | } 51 | IF ($PSBoundParameters['Credential']) 52 | { 53 | Write-Verbose -Message "[PROCESS] Different Credential specified: $($credential.username)" 54 | $Cred = New-Object -TypeName System.DirectoryServices.DirectoryEntry -ArgumentList $DomainDistinguishedName, $($Credential.UserName), $($Credential.GetNetworkCredential().password) 55 | $Search.SearchRoot = $Cred 56 | } 57 | If (-not $PSBoundParameters["SizeLimit"]) 58 | { 59 | Write-Warning -Message "Default SizeLimit: 100 Results" 60 | } 61 | 62 | $Search.SearchRoot = $DomainDistinguishedName -replace "LDAP://", "LDAP://CN=Sites,CN=Configuration," 63 | 64 | foreach ($SiteLink in $($Search.FindAll())) 65 | { 66 | # Define the properties 67 | # The properties need to be lowercase!!!!!!!! 68 | $SiteLink.properties 69 | 70 | # Output the info 71 | #New-Object -TypeName PSObject -Property $Properties 72 | } 73 | }#TRY 74 | CATCH 75 | { 76 | $pscmdlet.ThrowTerminatingError($_) 77 | } 78 | }#PROCESS 79 | END 80 | { 81 | Write-Verbose -Message "[END] Function Get-ADSISite End." 82 | } 83 | } -------------------------------------------------------------------------------- /Archives/Get-ADSISitesInfo.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSISitesInfo 2 | { 3 | <# 4 | .SYNOPSIS 5 | Get-ADSISitesInfo returns information about the connected DC's Sites. 6 | 7 | .DESCRIPTION 8 | 9 | Get-ADSISitesInfo returns information about the Sites as seen by the connected DC. 10 | It returns information such as subnets, sites, sitelinks, ISTG, BH servers etc. 11 | 12 | 13 | .PARAMETER ComputerName 14 | 15 | Defines the remote computer to connect to. 16 | 17 | .PARAMETER Credential 18 | 19 | Defines alternate credentials to use. Use Get-Credential to create proper credentials. 20 | 21 | 22 | .EXAMPLE 23 | 24 | Get-ADSISitesInfo -ComputerName dc1.ad.local 25 | 26 | Name : Default-First-Site-Name 27 | Domains : {ad.local} 28 | Subnets : {} 29 | Servers : {DC1.ad.local, DC2.ad.local} 30 | AdjacentSites : {} 31 | SiteLinks : {DEFAULTIPSITELINK} 32 | InterSiteTopologyGenerator : DC1.ad.local 33 | Options : None 34 | Location : 35 | BridgeheadServers : {} 36 | PreferredSmtpBridgeheadServers : {} 37 | PreferredRpcBridgeheadServers : {} 38 | IntraSiteReplicationSchedule : System.DirectoryServices.ActiveDirectory.ActiveDirectorySchedule 39 | 40 | Connects to remote domain controller dc1.ad.local using current credentials retrieves site information. 41 | 42 | 43 | .NOTES 44 | https://github.com/lazywinadmin/ADSIPS 45 | #> 46 | [CmdletBinding()] 47 | param ([Parameter(Mandatory = $true)] 48 | [string]$ComputerName = $null, 49 | 50 | [Management.Automation.PSCredential] 51 | $Credential = $null 52 | ) 53 | 54 | if ($ComputerName) 55 | { 56 | if ($Credential) 57 | { 58 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName, $Credential.UserName, $Credential.GetNetworkCredential().Password 59 | } 60 | else 61 | { 62 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName 63 | } 64 | } 65 | 66 | if ($context) 67 | { 68 | Write-Verbose -Message "Connecting to $ComputerName" 69 | $dc = [System.DirectoryServices.ActiveDirectory.DomainController]::GetDomainController($context) 70 | } 71 | 72 | if ($dc) 73 | { 74 | Write-Verbose -Message "Information about forest $($dc.forest.name)" 75 | $dc.forest.sites | Foreach-Object -Process { $_ } 76 | } 77 | } -------------------------------------------------------------------------------- /Archives/Get-ADSITrustRelationShip.ps1: -------------------------------------------------------------------------------- 1 | Function Get-ADSITrustRelationShip 2 | { 3 | [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest().GetAllTrustRelationships() 4 | } -------------------------------------------------------------------------------- /Archives/New-ADSIDirectoryContextDomain.ps1: -------------------------------------------------------------------------------- 1 | Function New-ADSIDirectoryContextDomain 2 | { 3 | <# 4 | .DESCRIPTION 5 | Function to create an Active Directory Domain DirectoryContext object 6 | 7 | .SYNOPSIS 8 | Function to create an Active Directory Domain DirectoryContext object 9 | 10 | .PARAMETER DomainName 11 | Specifies the domain to query. 12 | Default is the current domain. 13 | 14 | .PARAMETER Credential 15 | Specifies the alternative credentials to use. 16 | It will use the current credential if not specified. 17 | 18 | .EXAMPLE 19 | New-ADSIDirectoryContextDomain 20 | 21 | .EXAMPLE 22 | New-ADSIDirectoryContextDomain -DomainName "Contoso.com" -Cred (Get-Credential) 23 | 24 | .EXAMPLE 25 | $Domain = [System.DirectoryServices.ActiveDirectory.Domain]::GetDomain($(New-ADSIDirectoryContextDomain -Credential LazyWinAdmin\francois-xavier.cat)) 26 | $Domain.DomainControllers 27 | $Domain.InfrastructureRoleOwner 28 | 29 | .NOTES 30 | Francois-Xavier.Cat 31 | LazyWinAdmin.com 32 | @lazywinadm 33 | 34 | https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.directorycontext(v=vs.110).aspx 35 | #> 36 | 37 | [CmdletBinding()] 38 | PARAM ( 39 | [Alias("RunAs")] 40 | [System.Management.Automation.Credential()] 41 | $Credential = [System.Management.Automation.PSCredential]::Empty, 42 | 43 | $DomainName = [System.DirectoryServices.ActiveDirectory.Domain]::Getcurrentdomain() 44 | 45 | ) 46 | PROCESS 47 | { 48 | # ContextType = Domain 49 | $ContextType = [System.DirectoryServices.ActiveDirectory.DirectoryContextType]::Domain 50 | 51 | TRY 52 | { 53 | IF ($PSBoundParameters['Credential']) 54 | { 55 | # Query the specified domain or current if not entered, with the specified credentials 56 | New-Object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList $ContextType, $DomainName, $($Credential.UserName), $($Credential.GetNetworkCredential().password) 57 | } 58 | ELSE 59 | { 60 | # Query the specified domain or current if not entered, with the current credentials 61 | New-Object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList $ContextType, $DomainName 62 | } 63 | }#TRY 64 | CATCH 65 | { 66 | 67 | } 68 | }#PROCESS 69 | } -------------------------------------------------------------------------------- /Archives/New-ADSIDirectoryContextForest.ps1: -------------------------------------------------------------------------------- 1 | Function New-ADSIDirectoryContextForest 2 | { 3 | <# 4 | .DESCRIPTION 5 | Function to create an Active Directory Forest DirectoryContext object 6 | 7 | .SYNOPSIS 8 | Function to create an Active Directory Forest DirectoryContext object 9 | 10 | .PARAMETER ForestName 11 | Specifies the forest to query. 12 | Default is the current forest. 13 | 14 | .PARAMETER Credential 15 | Specifies the alternative credentials to use. 16 | It will use the current credential if not specified. 17 | 18 | .EXAMPLE 19 | New-ADSIDirectoryContextForest 20 | 21 | .EXAMPLE 22 | New-ADSIDirectoryContextForest -ForestName "Contoso.com" -Cred (Get-Credential) 23 | 24 | .EXAMPLE 25 | $Forest = [System.DirectoryServices.ActiveDirectory.Forest]::GetForest($(New-ADSIDirectoryContextForest -Credential LazyWinAdmin\francois-xavier.cat))) 26 | $Forest.FindGlobalCatalog() 27 | 28 | .NOTES 29 | Francois-Xavier.Cat 30 | LazyWinAdmin.com 31 | @lazywinadm 32 | 33 | https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.directorycontext(v=vs.110).aspx 34 | #> 35 | 36 | [CmdletBinding()] 37 | PARAM ( 38 | [Alias("RunAs")] 39 | [System.Management.Automation.Credential()] 40 | $Credential = [System.Management.Automation.PSCredential]::Empty, 41 | 42 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest() 43 | 44 | ) 45 | PROCESS 46 | { 47 | # ContextType = Domain 48 | $ContextType = [System.DirectoryServices.ActiveDirectory.DirectoryContextType]::Forest 49 | 50 | TRY 51 | { 52 | IF ($PSBoundParameters['Credential']) 53 | { 54 | # Query the specified domain or current if not entered, with the specified credentials 55 | New-Object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList $ContextType, $ForestName, $($Credential.UserName), $($Credential.GetNetworkCredential().password) 56 | } 57 | ELSE 58 | { 59 | # Query the specified domain or current if not entered, with the current credentials 60 | New-Object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList $ContextType, $ForestName 61 | } 62 | }#TRY 63 | CATCH 64 | { 65 | 66 | } 67 | }#PROCESS 68 | } -------------------------------------------------------------------------------- /Archives/Remove-ADSIGroupMember.ps1: -------------------------------------------------------------------------------- 1 | function Remove-ADSIGroupMember 2 | { 3 | <# 4 | .SYNOPSIS 5 | This function will remove Domain user from a Domain Group 6 | .EXAMPLE 7 | Remove-ADSIGroupMember -GroupSamAccountName TestGroup -UserSamAccountName Fxcat 8 | 9 | This will remove the domain user fxcat from the group TestGroup 10 | 11 | .NOTES 12 | Francois-Xavier Cat 13 | LazyWinAdmin.com 14 | @lazywinadm 15 | #> 16 | [CmdletBinding()] 17 | PARAM ($GroupSamAccountName, 18 | 19 | $UserSamAccountName) 20 | $UserInfo = [ADSI]"$((Get-ADSIUser -SamAccountName $UserSamAccountName).AdsPath)" 21 | $GroupInfo = [ADSI]"$((Get-ADSIGroup -SamAccountName $GroupSamAccountName).AdsPath)" 22 | 23 | IF (Test-ADSIUserIsGroupMember -GroupSamAccountName $GroupSamAccountName -UserSamAccountName $UserSamAccountName) 24 | { 25 | Write-Verbose -Message "Removing $UserSamAccountName from $GroupSamAccountName" 26 | $GroupInfo.Remove($UserInfo.ADsPath) 27 | } 28 | ELSE 29 | { 30 | 31 | Write-Verbose -Message "$UserSamAccountName is not member of $GroupSamAccountName" 32 | } 33 | } -------------------------------------------------------------------------------- /Archives/WorkInProgress/Get-ADSIObject2.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIObject 2 | { 3 | 4 | <# 5 | .NOTES 6 | Francois-Xavier.Cat 7 | LazyWinAdmin.com 8 | @lazywinadm 9 | github.com/lazywinadmin 10 | #> 11 | [CmdletBinding()] 12 | PARAM( 13 | [parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$true, ValueFromPipeline=$true)] 14 | $Identity, 15 | 16 | [Alias("RunAs")] 17 | [System.Management.Automation.PSCredential] 18 | [System.Management.Automation.Credential()] 19 | $Credential = [System.Management.Automation.PSCredential]::Empty, 20 | 21 | [String]$DomainName 22 | ) 23 | 24 | BEGIN 25 | { 26 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 27 | 28 | # Create Context splatting 29 | $ContextSplatting = @{ 30 | Contexttype = "Domain" 31 | } 32 | 33 | IF ($PSBoundParameters['Credential']){$ContextSplatting.Credential = $Credential} 34 | IF ($PSBoundParameters['DomainName']){$ContextSplatting.DomainName = $DomainName} 35 | 36 | $Context = New-ADSIPrincipalContext @ContextSplatting 37 | } 38 | PROCESS 39 | { 40 | TRY{ 41 | # Resolving member 42 | # Directory Entry object 43 | $DirectoryEntryParams = $ContextSplatting 44 | $DirectoryEntryParams.remove('ContextType') 45 | $DirectoryEntry = New-ADSIDirectoryEntry @DirectoryEntryParams 46 | 47 | # Principal Searcher 48 | $DirectorySearcher = new-object -TypeName System.DirectoryServices.DirectorySearcher 49 | $DirectorySearcher.SearchRoot = $DirectoryEntry 50 | 51 | # Adding an Ambiguous Name Resolution LDAP Filter 52 | $DirectorySearcher.Filter = "(anr=$identity)" 53 | 54 | # Retrieve a single object 55 | $Account = $DirectorySearcher.FindOne().GetDirectoryEntry() 56 | 57 | if($Account) 58 | { 59 | switch ($Account.SchemaClassName) 60 | { 61 | 'user' {[System.DirectoryServices.AccountManagement.UserPrincipal]::FindByIdentity($Context, $Account.distinguishedname)} 62 | 'group' {[System.DirectoryServices.AccountManagement.GroupPrincipal]::FindByIdentity($Context, $Account.distinguishedname)} 63 | 'computer' {[System.DirectoryServices.AccountManagement.ComputerPrincipal]::FindByIdentity($Context, $Account.distinguishedname)} 64 | } 65 | } 66 | } 67 | CATCH{ 68 | Write-Error $Error[0] 69 | } 70 | } 71 | } -------------------------------------------------------------------------------- /Archives/WorkInProgress/Get-ADSIObject2.ps1_: -------------------------------------------------------------------------------- 1 | function Get-ADSIObject 2 | { 3 | 4 | <# 5 | .NOTES 6 | Francois-Xavier.Cat 7 | LazyWinAdmin.com 8 | @lazywinadm 9 | github.com/lazywinadmin 10 | #> 11 | [CmdletBinding()] 12 | PARAM( 13 | [parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$true, ValueFromPipeline=$true)] 14 | $Identity, 15 | 16 | [Alias("RunAs")] 17 | [System.Management.Automation.PSCredential] 18 | [System.Management.Automation.Credential()] 19 | $Credential = [System.Management.Automation.PSCredential]::Empty, 20 | 21 | [String]$DomainName 22 | ) 23 | 24 | BEGIN 25 | { 26 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 27 | 28 | # Create Context splatting 29 | $ContextSplatting = @{ 30 | Contexttype = "Domain" 31 | } 32 | 33 | IF ($PSBoundParameters['Credential']){$ContextSplatting.Credential = $Credential} 34 | IF ($PSBoundParameters['DomainName']){$ContextSplatting.DomainName = $DomainName} 35 | 36 | $Context = New-ADSIPrincipalContext @ContextSplatting 37 | } 38 | PROCESS 39 | { 40 | TRY{ 41 | # Resolving member 42 | # Directory Entry object 43 | $DirectoryEntryParams = $ContextSplatting.remove('ContextType') 44 | $DirectoryEntry = New-ADSIDirectoryEntry @DirectoryEntryParams 45 | 46 | # Principal Searcher 47 | $DirectorySearcher = new-object -TypeName System.DirectoryServices.DirectorySearcher 48 | $DirectorySearcher.SearchRoot = $DirectoryEntry 49 | 50 | # Adding an Ambiguous Name Resolution LDAP Filter 51 | $DirectorySearcher.Filter = "(anr=$identity)" 52 | 53 | # Retrieve a single object 54 | $Account = $DirectorySearcher.FindOne().GetDirectoryEntry() 55 | 56 | if($Account) 57 | { 58 | switch ($Account.SchemaClassName) 59 | { 60 | 'user' {[System.DirectoryServices.AccountManagement.UserPrincipal]::FindByIdentity($Context, $Account.distinguishedname)} 61 | 'group' {[System.DirectoryServices.AccountManagement.GroupPrincipal]::FindByIdentity($Context, $Account.distinguishedname)} 62 | 'computer' {[System.DirectoryServices.AccountManagement.ComputerPrincipal]::FindByIdentity($Context, $Account.distinguishedname)} 63 | } 64 | } 65 | } 66 | CATCH{ 67 | $pscmdlet.ThrowTerminatingError($_) 68 | } 69 | } 70 | } -------------------------------------------------------------------------------- /Archives/WorkInProgress/Get-ADSIUserCurrent.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIUserCurrent 2 | { 3 | $Context = New-ADSIPrincipalContext -ContextType 'Domain' 4 | $UserPrincipal = New-object -TypeName System.DirectoryServices.AccountManagement.UserPrincipal -ArgumentList $Context 5 | 6 | $UserPrincipal.current 7 | } -------------------------------------------------------------------------------- /Archives/WorkInProgress/GetUnderlyingSearcher.ps1: -------------------------------------------------------------------------------- 1 | $Context = New-ADSIPrincipalContext -ContextType Domain 2 | $UserPrincipal = New-object -TypeName System.DirectoryServices.AccountManagement.UserPrincipal -ArgumentList $Context 3 | 4 | 5 | #$GroupPrincipal.Name = $Identity 6 | $searcher = New-Object -TypeName System.DirectoryServices.AccountManagement.PrincipalSearcher 7 | $searcher.QueryFilter = $UserPrincipal 8 | $searcher.QueryFilter.Enabled=$false 9 | $searcher.QueryFilter.SamAccountName="fx*" 10 | 11 | 12 | #Omg... this reveal the query made against AD... 13 | $searcher.GetUnderlyingSearcher().filter 14 | #https://msdn.microsoft.com/en-us/library/system.directoryservices.accountmanagement.principalsearcher.getunderlyingsearcher(v=vs.110).aspx 15 | 16 | 17 | # retrieve other props 18 | $searcher.GetUnderlyingSearcher() 19 | 20 | # limit the output 21 | #$searcher.GetUnderlyingSearcher().SizeLimit = 1 22 | 23 | # SearchScope https://msdn.microsoft.com/en-us/library/system.directoryservices.searchscope(v=vs.110).aspx 24 | $searcher.GetUnderlyingSearcher().SearchScope = 'subtree' # "Base" "OneLevel" 25 | 26 | 27 | #include tombstone 28 | #$searcher.GetUnderlyingSearcher().Tombstone 29 | 30 | #SearchRoot 31 | #https://msdn.microsoft.com/en-us/library/system.directoryservices.directorysearcher.searchroot(v=vs.110).aspx 32 | $searcher.GetUnderlyingSearcher().SearchRoot ="" 33 | 34 | #Sort 35 | #https://msdn.microsoft.com/en-us/library/system.directoryservices.sortoption(v=vs.110).aspx 36 | $searcher.GetUnderlyingSearcher().Sort ="" 37 | 38 | #Get type of Properties to load 39 | $searcher.GetUnderlyingSearcher().propertiestoload.gettype()#StringCollection 40 | $searcher.GetUnderlyingSearcher().propertiestoload.gettype()|fl * 41 | 42 | $searcher.FindAll() 43 | 44 | 45 | 46 | #### TEST###### 47 | ### MY OWN LDAP FILTER ! 48 | 49 | $Context = New-ADSIPrincipalContext -ContextType Domain 50 | $UserPrincipal = New-object -TypeName System.DirectoryServices.AccountManagement.UserPrincipal -ArgumentList $Context 51 | 52 | 53 | #$GroupPrincipal.Name = $Identity 54 | $searcher = New-Object -TypeName System.DirectoryServices.AccountManagement.PrincipalSearcher 55 | $searcher.QueryFilter = $UserPrincipal 56 | $searcher.QueryFilter.AdvancedSearchFilter. 57 | #$searcher.GetUnderlyingSearcher().Filter = "(&(objectCategory=user)(objectClass=user)(samaccountname=fxt)(userAccountControl:1.2.840.113556.1.4.803:=2))" 58 | $searcher.GetUnderlyingSearcher().set_Filter("(&(objectCategory=user)(objectClass=user)(samaccountname=fxt)(userAccountControl:1.2.840.113556.1.4.803:=2))") 59 | $searcher 60 | 61 | $searcher.FindAll()|Select-Object -Propertyname 62 | 63 | 64 | $Context = New-ADSIPrincipalContext -ContextType Domain 65 | $UserPrincipal = New-object -TypeName System.DirectoryServices.AccountManagement.UserPrincipal -ArgumentList $Context 66 | $searcher2 = New-Object -TypeName System.directoryservices.directorysearcher -ArgumentList $UserPrincipal 67 | $searcher2.q 68 | -------------------------------------------------------------------------------- /Archives/WorkInProgress/Search-ADSIUser.ps1: -------------------------------------------------------------------------------- 1 | function Search-ADSIUser 2 | { 3 | $Context = New-ADSIPrincipalContext -ContextType 'Domain' 4 | $UserPrincipal = New-object -TypeName System.DirectoryServices.AccountManagement.UserPrincipal -ArgumentList $Context 5 | $UserPrincipal.Surname = "E*" 6 | 7 | # it will generate the filter for you 8 | 9 | $Searcher = New-Object -TypeName System.DirectoryServices.AccountManagement.PrincipalSearcher 10 | $Searcher.QueryFilter = $UserPrincipal 11 | 12 | 13 | $Searcher.FindAll() 14 | } 15 | -------------------------------------------------------------------------------- /Archives/WorkInProgress/Search-ADSIUserLogonTime.ps1: -------------------------------------------------------------------------------- 1 | function Search-ADSIUserLogonTime 2 | { 3 | $Context = New-ADSIPrincipalContext -ContextType 'Domain' 4 | $UserPrincipal = New-object -TypeName System.DirectoryServices.AccountManagement.UserPrincipal -ArgumentList $Context 5 | 6 | $UserPrincipal.findbylogontime($Context,$((Get-Date).AddDays(-1)),[System.DirectoryServices.AccountManagement.MatchType]::GreaterThan) 7 | } -------------------------------------------------------------------------------- /Archives/WorkInProgress/Set-ADSIUserExpiration.ps1: -------------------------------------------------------------------------------- 1 | function Set-ADSIUserExpiration 2 | { 3 | <# 4 | 5 | #> 6 | [CmdletBinding()] 7 | PARAM( 8 | [parameter(Mandatory=$true)] 9 | $Identity, 10 | [parameter(Mandatory=$true)] 11 | [datetime]$ExpirationDateTime, 12 | [Alias("RunAs")] 13 | [System.Management.Automation.Credential()] 14 | $Credential = [System.Management.Automation.PSCredential]::Empty, 15 | [String]$DomainName) 16 | 17 | BEGIN 18 | { 19 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 20 | 21 | # Create Context splatting 22 | $ContextSplatting=@{} 23 | IF ($PSBoundParameters['Credential']){$ContextSplatting.Credential = $Credential} 24 | IF ($PSBoundParameters['DomainName']){$ContextSplatting.DomainName = $DomainName} 25 | 26 | $Context = New-ADSIPrincipalContext @ContextSplatting -contexttype Domain 27 | } 28 | PROCESS 29 | { 30 | TRY{ 31 | $([System.Nullable[DateTime]]($ExpirationDateTime)) 32 | 33 | #(Get-ADSIUser -Identity $Identity @ContextSplatting).AccountExpirationDate = $($ExpirationDateTime.ToLocalTime()) 34 | #(Get-ADSIUser -Identity $Identity @ContextSplatting).invokeset('AccountExpirationDate',$($ExpirationDateTime.ToLocalTime())) 35 | #(Get-ADSIUser -Identity $Identity @ContextSplatting).set_AccountExpirationDate($($ExpirationDateTime.ToLocalTime().ToShortDateString())) 36 | #(Get-ADSIUser -Identity $Identity @ContextSplatting).set_AccountExpirationDate($([System.Nullable[DateTime]]($ExpirationDateTime))) 37 | (Get-ADSIUser -Identity $Identity @ContextSplatting).AccountExpirationDate =$([System.Nullable[DateTime]]($ExpirationDateTime)) 38 | (Get-ADSIUser -Identity $Identity @ContextSplatting).Save($Context) 39 | } 40 | CATCH{ 41 | $pscmdlet.ThrowTerminatingError($_) 42 | } 43 | } 44 | } 45 | 46 | Get-ADSIuser fxtest03 47 | (Get-ADSIuser fxtest03).AccountExpirationDate 48 | Set-ADSIUserExpiration -Identity fxtest03 -ExpirationDateTime $((Get-Date).AddDays(2)) 49 | (Get-ADSIuser fxtest03).AccountExpirationDate.HasValue 50 | 51 | Get-ADSIuser fxtest03 | gm -Force|where{$_.name -eq 'Set_accountExpirationDate'} | fl * 52 | 53 | 54 | (Get-Date).ToLocalTime().ToShortDateString() 55 | 56 | man Set-ADAccountExpiration 57 | 58 | 59 | [System.Nullable[DateTime]]((Get-date).AddDays(5)) 60 | -------------------------------------------------------------------------------- /Archives/WorkInProgress/Set-ADSIUserExpirationDate.ps1: -------------------------------------------------------------------------------- 1 | function Set-ADSIUserExpirationDate 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to set a User's expiration date 6 | 7 | .DESCRIPTION 8 | Function to set a User's expiration date 9 | 10 | .PARAMETER Identity 11 | Specifies the Identity 12 | 13 | .PARAMETER Credential 14 | Specifies alternative credential 15 | 16 | .PARAMETER AccountExpirationDate 17 | Specifies the account expiration date 18 | The object needs to be a DateTime type. 19 | 20 | .PARAMETER DomainName 21 | Specifies the DomainName to query 22 | By default it will take the current domain. 23 | 24 | .EXAMPLE 25 | Set-ADSIUserExpirationDate -Identity 'testaccount' -AccountExpirationDate $((Get-Date).AddDays(10)) 26 | 27 | Set the account expiration date of the account 'testaccount' to 10 days from today. 28 | 29 | .EXAMPLE 30 | Set-ADSIUserExpirationDate -Identity 'testaccount' -AccountExpirationDate $((Get-Date).AddDays(10)) -Credential (Get-Credential) 31 | 32 | Set the account expiration date of the account 'testaccount' to 10 days from today using the credential specified 33 | 34 | .NOTES 35 | https://github.com/lazywinadmin/ADSIPS 36 | #> 37 | [CmdletBinding(SupportsShouldProcess = $true)] 38 | PARAM ( 39 | [parameter(Mandatory = $true)] 40 | $Identity, 41 | 42 | [parameter(Mandatory = $true)] 43 | [System.DateTime]$AccountExpirationDate, 44 | 45 | [Alias("RunAs")] 46 | [System.Management.Automation.PSCredential] 47 | [System.Management.Automation.Credential()] 48 | $Credential = [System.Management.Automation.PSCredential]::Empty, 49 | 50 | [String]$DomainName) 51 | 52 | BEGIN 53 | { 54 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 55 | 56 | # Create Context splatting 57 | $ContextSplatting = @{ } 58 | IF ($PSBoundParameters['Credential']) { $ContextSplatting.Credential = $Credential } 59 | IF ($PSBoundParameters['DomainName']) { $ContextSplatting.DomainName = $DomainName } 60 | } 61 | PROCESS 62 | { 63 | TRY 64 | { 65 | if ($pscmdlet.ShouldProcess("$Identity", "Set the Account Expiration Date")) 66 | { 67 | $Account = (Get-ADSIUser -Identity $Identity @ContextSplatting) 68 | $Account.AccountExpirationDate = $AccountExpirationDate 69 | $Account.save() 70 | } 71 | } 72 | CATCH 73 | { 74 | $pscmdlet.ThrowTerminatingError($_) 75 | } 76 | } 77 | } -------------------------------------------------------------------------------- /Archives/install.ps1: -------------------------------------------------------------------------------- 1 | param([string]$InstallDirectory) 2 | 3 | $ModuleName = "AdsiPs" 4 | 5 | $fileList = echo ` 6 | AdsiPs.psd1 ` 7 | AdsiPs.psm1 8 | 9 | if ('' -eq $InstallDirectory) 10 | { 11 | $personalModules = Join-Path -Path ([Environment]::GetFolderPath('MyDocuments')) -ChildPath WindowsPowerShell\Modules 12 | 13 | if (($env:PSModulePath -split ';') -notcontains $personalModules) { 14 | Write-Warning -Message "$personalModules is not in `$env:PSModulePath" 15 | } 16 | 17 | if (-not(Test-Path $personalModules)) { 18 | Write-Error "$personalModules does not exist" 19 | } 20 | 21 | $InstallDirectory = Join-Path -Path $personalModules -ChildPath $ModuleName 22 | } 23 | 24 | if (-not(Test-Path $InstallDirectory)) { 25 | $null = mkdir $InstallDirectory 26 | } 27 | 28 | $WebClient = New-Object -typename System.Net.WebClient 29 | $fileList | 30 | Foreach-Object -Process { 31 | $WebClient.DownloadFile("https://raw.github.com/LazyWinAdmin/$ModuleName/master/$_","$installDirectory\$_") 32 | } 33 | -------------------------------------------------------------------------------- /CHANGELOG: -------------------------------------------------------------------------------- 1 | # Changelog 2 | All notable changes to this project will be documented in this file. 3 | 4 | ## [Unreleased] 5 | 6 | ## [1.0.0.6] - 2019-06-23 7 | ### Added 8 | - Add Get-ADSIUserPrimaryGroup (by @oze4) 9 | - This was added as part of the resolution for issue #70 10 | - By putting this function in it's own ps1 file, it keeps things clean and organized 11 | - Provides an additional 'feature' (is not limited to helping fix issue #70 - you can now get a users primary group very easily) 12 | 13 | ### Changed 14 | - Update Readme.md (by @oze4) 15 | - Numbering was not correct in regards to the last changes made 16 | - Cleaned it up 17 | - Update Build.ps1 (by @oze4) 18 | - Default tasks: Build 19 | - Add Warning message for Dependencies 20 | - Update Get-ADSIPrincipalGroupMembership (by @oze4) 21 | - Fix indentation 22 | - Fix #70 "Get-ADSIPrincipalGroupMembership Problem since Last update" 23 | - This was due to Primary User Group not being added to overall Group Membership 24 | - Update Get-ADSIUser (by @oze4) 25 | - Fix #72 "Review ParameterSetName to allow lazy typing" 26 | 27 | ## [1.0.0.5] - 2019-06-21 28 | ### Changed 29 | -Update Pester test to receive srcpath and compare source ps1 files and build functions 30 | -Update Manifest try,catch blocks 31 | 32 | ## [1.0.0.4] - 2019-06-21 33 | ### Changed 34 | -Build as been moved to Azure DevOps/Azure Pipelines and now auto-deploy to PowerShell Gallery 35 | 36 | ## [1.0.0.3] - 2017-11-30 37 | 38 | ## [1.0.0.2] - 2016-08-20 39 | 40 | ## [1.0.0.1] - 2016-08-17 -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2015 Francois-Xavier Cat 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /PITCHME.md: -------------------------------------------------------------------------------- 1 | # AdsiPS PowerShell Module 2 | 3 | --- 4 | 5 | ## To be continued... -------------------------------------------------------------------------------- /azure-pipelines.yml: -------------------------------------------------------------------------------- 1 | # Starter pipeline 2 | # Start with a minimal pipeline that you can customize to build and deploy your code. 3 | # Add steps that build, run tests, deploy, and more: 4 | # https://aka.ms/yaml 5 | 6 | 7 | schedules: 8 | - cron: "0 0 * * *" 9 | displayName: Daily midnight build 10 | branches: 11 | include: 12 | - master 13 | always: true 14 | trigger: 15 | - master 16 | resources: 17 | - repo: self 18 | queue: 19 | name: Hosted VS2017 20 | steps: 21 | - powershell: | 22 | .\build.ps1 -InstallDependencies:$true -verbose -tasks 'setEnvironment','build','test','deploy' 23 | displayName: 'PowerShell - Build > test > deploy' 24 | env: 25 | psgallerykey: $(psgallerykey) 26 | - task: PublishTestResults@2 27 | displayName: 'Publish Test Results **/TEST-*.xml' 28 | inputs: 29 | testResultsFormat: NUnit 30 | testResultsFiles: '**/test-*.xml' -------------------------------------------------------------------------------- /build/.psdeploy.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | $env:PSGalleryKey is set in the Continous Integration plaform 3 | $env:modulePath is set in the build.ps1 4 | $env:moduleName is set in the build.ps1 5 | $ENV:BH* are set by the BuildHelpers module 6 | #> 7 | if( 8 | $env:modulePath -and 9 | $env:BHBuildSystem -ne 'Unknown' -and 10 | $env:BHBranchName -eq "master" -and 11 | $env:BHCommitMessage -match '!deploy' 12 | ) 13 | { 14 | Deploy -Name Module { 15 | By -DeploymentType PSGalleryModule { 16 | FromSource -Source (Join-Path -path (Split-Path -Path $PSScriptRoot -Parent) -ChildPath "BuildOutput\$env:moduleName") 17 | To -Targets PSGallery 18 | WithOptions -Options @{ 19 | ApiKey = $env:PSGalleryKey 20 | } 21 | } 22 | } 23 | } 24 | else 25 | { 26 | "Skipping deployment: To deploy, ensure that...`n" + 27 | "`t* You are in a known build system (Current: $ENV:BHBuildSystem)`n" + 28 | "`t* You are committing to the master branch (Current: $ENV:BHBranchName) `n" + 29 | "`t* Your commit message includes !deploy (Current: $ENV:BHCommitMessage)" | 30 | Write-Host 31 | } -------------------------------------------------------------------------------- /build/build.scriptanalyzersettings.psd1: -------------------------------------------------------------------------------- 1 | @{ 2 | # Use Severity when you want to limit the generated diagnostic records to a 3 | # subset of: Error, Warning and Information. 4 | # Uncomment the following line if you only want Errors and Warnings but 5 | # not Information diagnostic records. 6 | Severity = @('Error','Warning') 7 | 8 | # Use IncludeRules when you want to run only a subset of the default rule set. 9 | #IncludeRules = @('PSAvoidDefaultValueSwitchParameter', 10 | # 'PSMisleadingBacktick', 11 | # 'PSMissingModuleManifestField', 12 | # 'PSReservedCmdletChar', 13 | # 'PSReservedParams', 14 | # 'PSShouldProcess', 15 | # 'PSUseApprovedVerbs', 16 | # 'PSUseDeclaredVarsMoreThanAssigments') 17 | 18 | # Use ExcludeRules when you want to run most of the default set of rules except 19 | # for a few rules you wish to "exclude". Note: if a rule is in both IncludeRules 20 | # and ExcludeRules, the rule will be excluded. 21 | ExcludeRules = @('PSUseToExportFieldsInManifest','PSMissingModuleManifestField') 22 | 23 | # You can use the following entry to supply parameters to rules that take parameters. 24 | # For instance, the PSAvoidUsingCmdletAliases rule takes a whitelist for aliases you 25 | # want to allow. 26 | Rules = @{ 27 | # Do not flag the following aliases. 28 | # PSAvoidUsingCmdletAliases = @{Whitelist = @('Where','Select')} 29 | 30 | # Check if your script uses cmdlets that are compatible on PowerShell Core, 31 | # version 6.0.0-alpha, on Linux. 32 | # PSUseCompatibleCmdlets = @{Compatibility = @("core-6.0.0-alpha-linux")} 33 | } 34 | } -------------------------------------------------------------------------------- /build/requirements.psd1: -------------------------------------------------------------------------------- 1 | @{ 2 | PSDependOptions = @{ 3 | # Target = '.\dependencies' 4 | AddToPath = $true 5 | # DependencyType = 'PSGalleryNuget' 6 | } 7 | Pester = '4.10.1' 8 | <#@{ 9 | Name = 'Pester' 10 | Parameters = @{ 11 | SkipPublisherCheck = $true 12 | } 13 | }#> 14 | PSScriptAnalyzer = 'Latest' 15 | ScriptAnalyzerRulesLWA = 'Latest' 16 | BuildHelpers = 'Latest' 17 | PSDeploy = 'Latest' 18 | InvokeBuild = 'Latest' 19 | } -------------------------------------------------------------------------------- /docs/doc_usecases.md: -------------------------------------------------------------------------------- 1 | # Use Cases 2 | 3 | 1. Learning Active Directory: We can't see the code behind the Microsoft ActiveDirectory Module and Quest ActiveDirectory Snapin. This module is a great way to explore and learn on how Active Directory is working, 4 | 1. Delegation: Active Directory queries need to be performed by a tool (GUI for example) and you don't want it to load AD module. Additionally you don't know who will use the tool and if they have/can/know how to install the module, 5 | 1. Performance: ADSI is faster, 6 | 1. Restricted environment: Sometime ActiveDirectory Module is not available/ or can't install it on a machine. -------------------------------------------------------------------------------- /src/public/Enable-ADSIDomainControllerGlobalCatalog.ps1: -------------------------------------------------------------------------------- 1 | function Enable-ADSIDomainControllerGlobalCatalog 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to enable the Global Catalog role on a Domain Controller 6 | 7 | .DESCRIPTION 8 | Function to enable the Global Catalog role on a Domain Controller 9 | 10 | .PARAMETER ComputerName 11 | Specifies the Domain Controller 12 | 13 | .PARAMETER Credential 14 | Specifies alternate credentials to use. Use Get-Credential to create proper credentials. 15 | 16 | .EXAMPLE 17 | Enable-ADSIDomainControllerGlobalCatalog -ComputerName dc1.ad.local 18 | 19 | Connects to remote domain controller dc1.ad.local using current credentials and enable the GC role. 20 | 21 | .EXAMPLE 22 | Enable-ADSIDomainControllerGlobalCatalog -ComputerName dc2.ad.local -Credential (Get-Credential SuperAdmin) 23 | 24 | Connects to remote domain controller dc2.ad.local using SuperAdmin credentials and enable the GC role. 25 | 26 | .NOTES 27 | https://github.com/lazywinadmin/ADSIPS 28 | 29 | Version History 30 | 1.0 Initial Version (Micky Balladelli) 31 | 1.1 Update (Francois-Xavier Cat) 32 | Rename from Enable-ADSIReplicaGC to Enable-ADSIDomainControllerGlobalCatalog 33 | Add New-ADSIDirectoryContext to take care of the Context 34 | Other minor modifications 35 | 36 | #> 37 | 38 | [CmdletBinding()] 39 | param 40 | ( 41 | [Parameter(Mandatory = $true)] 42 | [string]$ComputerName, 43 | 44 | [Alias("RunAs")] 45 | [System.Management.Automation.PSCredential] 46 | [System.Management.Automation.Credential()] 47 | $Credential = [System.Management.Automation.PSCredential]::Empty 48 | ) 49 | 50 | process 51 | { 52 | try 53 | { 54 | $Context = New-ADSIDirectoryContext -ContextType 'DirectoryServer' @PSBoundParameters 55 | $DomainController = [System.DirectoryServices.ActiveDirectory.DomainController]::GetDomainController($context) 56 | 57 | if ($DomainController.IsGlobalCatalog()) 58 | { 59 | Write-Verbose -Message "[Enable-ADSIDomainControllerGlobalCatalog][PROCESS] $($DomainController.name) is already a Global Catalog" 60 | } 61 | else 62 | { 63 | Write-Verbose -Message "[Enable-ADSIDomainControllerGlobalCatalog][PROCESS] $($DomainController.name) Enabling Global Catalog ..." 64 | $DomainController.EnableGlobalCatalog() 65 | } 66 | 67 | Write-Verbose -Message "[Enable-ADSIDomainControllerGlobalCatalog][PROCESS] $($DomainController.name) Done." 68 | } 69 | catch 70 | { 71 | Write-Error -Message "[Enable-ADSIDomainControllerGlobalCatalog][PROCESS] Something wrong happened" 72 | $pscmdlet.ThrowTerminatingError($_) 73 | } 74 | } 75 | } -------------------------------------------------------------------------------- /src/public/Get-ADSIClass.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIClass 2 | { 3 | <# 4 | .SYNOPSIS 5 | Find all the object classes available in the current or 6 | specified Active Directory forest. 7 | 8 | .DESCRIPTION 9 | This function is mostly a wrapper around Get-ADSISchema. 10 | 11 | .PARAMETER ClassName 12 | Specify the name of the Class to retrieve 13 | 14 | .PARAMETER AllClasses 15 | This will list all the property present in the domain. 16 | This parameter is the default one and is hidden. 17 | 18 | .PARAMETER ForestName 19 | Specifies the Forest name 20 | 21 | .PARAMETER Credential 22 | Specifies alternative credential to use 23 | 24 | .EXAMPLE 25 | Get-ADSIClass 26 | 27 | Retrieve all the Class available in the forest 28 | 29 | .EXAMPLE 30 | Get-ADSIClass -ClassName user 31 | 32 | Retrieve the 'user' class. 33 | 34 | .NOTES 35 | https://github.com/lazywinadmin/ADSIPS 36 | #> 37 | [CmdletBinding(DefaultParameterSetName = 'AllClass')] 38 | param 39 | ( 40 | [Parameter(ParameterSetName = 'ClassName', 41 | Mandatory = $false)] 42 | [String]$ClassName, 43 | 44 | [Parameter(DontShow=$true,ParameterSetName = 'AllClasses', 45 | Mandatory = $false)] 46 | [Switch]$AllClasses, 47 | 48 | [Alias("RunAs")] 49 | [System.Management.Automation.PSCredential] 50 | [System.Management.Automation.Credential()] 51 | $Credential = [System.Management.Automation.PSCredential]::Empty, 52 | 53 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest() 54 | ) 55 | process{ 56 | if($ClassName){ 57 | Get-ADSISchema @PSBoundParameters 58 | }else{ 59 | Get-ADSISchema @PSBoundParameters -AllClasses 60 | } 61 | } 62 | } -------------------------------------------------------------------------------- /src/public/Get-ADSIComputerSite.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIComputerSite 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the AD Site of a Computer 6 | 7 | .DESCRIPTION 8 | Function to retrieve the AD Site of a Computer 9 | 10 | This function does not rely on the .NET Framework to retrieve the information 11 | http://www.pinvoke.net/default.aspx/netapi32.dsgetsitename 12 | 13 | There is .NET method to get this information but only works on the local machine. 14 | [System.DirectoryServices.ActiveDirectory.ActiveDirectorySite]::GetComputerSite() 15 | 16 | .PARAMETER ComputerName 17 | Specifies the computer name(s) that you want to know the site. 18 | 19 | .EXAMPLE 20 | Get-ADSIComputerName -ComputerName TestServer01 21 | 22 | This will retrieve the Site of the Computer TestServer01 23 | 24 | .EXAMPLE 25 | Get-ADSIComputerName -ComputerName TestServer01,TestServer02 26 | 27 | This will retrieve the Site of the Computers TestServer01 and TestServer02 28 | 29 | .NOTES 30 | https://github.com/lazywinadmin/ADSIPS 31 | 32 | Thanks to the Reddit folks for their help! :-) 33 | https://www.reddit.com/r/PowerShell/comments/4cjdk8/get_the_ad_site_name_of_a_computer/ 34 | #> 35 | 36 | [CmdletBinding()] 37 | [OutputType('System.Management.Automation.PSCustomObject')] 38 | param 39 | ( 40 | [parameter()] 41 | [String[]]$ComputerName = $env:computername 42 | ) 43 | 44 | begin 45 | { 46 | $code = @" 47 | using System; 48 | using System.Collections.Generic; 49 | using System.Runtime.InteropServices; 50 | 51 | public static class NetApi32 { 52 | private class unmanaged { 53 | [DllImport("NetApi32.dll", CharSet=CharSet.Auto, SetLastError=true)] 54 | internal static extern UInt32 DsGetSiteName([MarshalAs(UnmanagedType.LPTStr)]string ComputerName, out IntPtr SiteNameBuffer); 55 | 56 | [DllImport("Netapi32.dll", SetLastError=true)] 57 | internal static extern int NetApiBufferFree(IntPtr Buffer); 58 | } 59 | 60 | public static string DsGetSiteName(string ComputerName) { 61 | IntPtr siteNameBuffer = IntPtr.Zero; 62 | UInt32 hResult = unmanaged.DsGetSiteName(ComputerName, out siteNameBuffer); 63 | string siteName = Marshal.PtrToStringAuto(siteNameBuffer); 64 | unmanaged.NetApiBufferFree(siteNameBuffer); 65 | if(hResult == 0x6ba) { throw new Exception("ComputerName not found"); } 66 | return siteName; 67 | } 68 | } 69 | "@ 70 | 71 | Add-Type -TypeDefinition $code 72 | } 73 | process 74 | { 75 | foreach ($Computer in $ComputerName) 76 | { 77 | try 78 | { 79 | $Properties = @{ 80 | ComputerName = $Computer 81 | SiteName = [NetApi32]::DsGetSiteName($Computer) 82 | } 83 | 84 | New-Object -TypeName PSObject -property $Properties 85 | } 86 | catch 87 | { 88 | $pscmdlet.ThrowTerminatingError($_) 89 | } 90 | } 91 | } 92 | } -------------------------------------------------------------------------------- /src/public/Get-ADSIDomain.ps1: -------------------------------------------------------------------------------- 1 | Function Get-ADSIDomain 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the current or specified domain 6 | 7 | .DESCRIPTION 8 | Function to retrieve the current or specified domain 9 | 10 | .PARAMETER Credential 11 | Specifies alternative credential to use 12 | 13 | .PARAMETER DomainName 14 | Specifies the DomainName to query 15 | 16 | .EXAMPLE 17 | Get-ADSIDomain 18 | 19 | Retrieve the current domain 20 | 21 | .EXAMPLE 22 | Get-ADSIDomain -DomainName lazywinadmin.com 23 | 24 | Retrieve the domain lazywinadmin.com 25 | 26 | .EXAMPLE 27 | Get-ADSIDomain -Credential (Get-Credential superAdmin) -Verbose 28 | 29 | Retrieve the current domain with the specified credential. 30 | 31 | .EXAMPLE 32 | Get-ADSIDomain -DomainName lazywinadmin.com -Credential (Get-Credential superAdmin) -Verbose 33 | 34 | Retrieve the domain lazywinadmin.com with the specified credential. 35 | 36 | .NOTES 37 | https://github.com/lazywinadmin/ADSIPS 38 | 39 | .OUTPUTS 40 | 'System.DirectoryServices.ActiveDirectory.Domain' 41 | 42 | .LINK 43 | https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.domain(v=vs.110).aspx 44 | #> 45 | [cmdletbinding()] 46 | [OutputType('System.DirectoryServices.ActiveDirectory.Domain')] 47 | param ( 48 | [Alias("RunAs")] 49 | [System.Management.Automation.PSCredential] 50 | [System.Management.Automation.Credential()] 51 | $Credential = [System.Management.Automation.PSCredential]::Empty, 52 | 53 | $DomainName = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain() 54 | ) 55 | process 56 | { 57 | $FunctionName = (Get-Variable -Name MyInvocation -Scope 0 -ValueOnly).Mycommand 58 | try 59 | { 60 | if ($PSBoundParameters['Credential'] -or $PSBoundParameters['DomainName']) 61 | { 62 | Write-Verbose -Message '[PROCESS] Credential or DomainName specified' 63 | $Splatting = @{ } 64 | if ($PSBoundParameters['Credential']) 65 | { 66 | Write-Verbose "[$FunctionName] Found Credential Parameter" 67 | $Splatting.Credential = $Credential 68 | } 69 | if ($PSBoundParameters['DomainName']) 70 | { 71 | Write-Verbose "[$FunctionName] Found Credential Parameter" 72 | $Splatting.DomainName = $DomainName 73 | } 74 | 75 | $DomainContext = New-ADSIDirectoryContext @splatting -contextType Domain 76 | [System.DirectoryServices.ActiveDirectory.Domain]::GetDomain($DomainContext) 77 | } 78 | else 79 | { 80 | [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain() 81 | } 82 | 83 | } 84 | catch 85 | { 86 | $pscmdlet.ThrowTerminatingError($_) 87 | } 88 | } 89 | } -------------------------------------------------------------------------------- /src/public/Get-ADSIDomainController.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIDomainController 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve Domain Controllers 6 | 7 | .DESCRIPTION 8 | Function to retrieve Domain Controllers 9 | 10 | .PARAMETER Credential 11 | Specifies alternative credential 12 | 13 | .PARAMETER DomainName 14 | Specifies the Domain Name where the function should look 15 | 16 | .EXAMPLE 17 | Get-ADSIDomainController 18 | 19 | .EXAMPLE 20 | Get-ADSIDomainController -Credential (Get-Credential) 21 | 22 | .EXAMPLE 23 | Get-ADSIDomainController -DomainName "FXTEST.local" 24 | 25 | .NOTES 26 | https://github.com/lazywinadmin/ADSIPS 27 | #> 28 | 29 | [CmdletBinding()] 30 | [OutputType('System.DirectoryServices.ActiveDirectory.DomainController')] 31 | param 32 | ( 33 | [Alias("RunAs")] 34 | [System.Management.Automation.PSCredential] 35 | [System.Management.Automation.Credential()] 36 | $Credential = [System.Management.Automation.PSCredential]::Empty, 37 | 38 | $DomainName = [System.DirectoryServices.ActiveDirectory.Domain]::Getcurrentdomain() 39 | ) 40 | 41 | begin 42 | { 43 | $FunctionName = (Get-Variable -Name MyInvocation -Scope 0 -ValueOnly).Mycommand 44 | 45 | if ($PSBoundParameters['Credential']) 46 | { 47 | Write-Verbose "[$FunctionName] Found Credential Parameter" 48 | $Context = New-ADSIDirectoryContext -Credential $Credential -contextType Domain 49 | if ($PSBoundParameters['DomainName']) 50 | { 51 | Write-Verbose "[$FunctionName] Found DomainName Parameter" 52 | $Context = New-ADSIDirectoryContext -Credential $Credential -contextType Domain -DomainName $DomainName 53 | } 54 | } 55 | else 56 | { 57 | $Context = New-ADSIDirectoryContext -contextType Domain 58 | if ($PSBoundParameters['DomainName']) 59 | { 60 | Write-Verbose "[$FunctionName] Found DomainName Parameter" 61 | $Context = New-ADSIDirectoryContext -contextType Domain -DomainName $DomainName 62 | } 63 | } 64 | } 65 | process 66 | { 67 | [System.DirectoryServices.ActiveDirectory.DomainController]::FindAll($Context) 68 | } 69 | } 70 | -------------------------------------------------------------------------------- /src/public/Get-ADSIDomainMode.ps1: -------------------------------------------------------------------------------- 1 | Function Get-ADSIDomainMode 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve Domain mode 6 | 7 | .DESCRIPTION 8 | Function to retrieve Domain mode 9 | 10 | .PARAMETER Credential 11 | Specifies alternative credential 12 | 13 | .PARAMETER DomainName 14 | Specifies the Domain Name where the function should look 15 | 16 | .EXAMPLE 17 | Get-ADSIDomainMode 18 | 19 | .EXAMPLE 20 | Get-ADSIDomainMode -Credential (Get-Credential) 21 | 22 | .EXAMPLE 23 | Get-ADSIDomainMode -DomainName "FXTEST.local" 24 | 25 | .NOTES 26 | https://github.com/lazywinadmin/ADSIPS 27 | #> 28 | [cmdletbinding()] 29 | param ( 30 | [Alias("RunAs")] 31 | [System.Management.Automation.PSCredential] 32 | [System.Management.Automation.Credential()] 33 | $Credential = [System.Management.Automation.PSCredential]::Empty, 34 | 35 | $DomainName = [System.DirectoryServices.ActiveDirectory.Domain]::Getcurrentdomain() 36 | ) 37 | process 38 | { 39 | try 40 | { 41 | if ($PSBoundParameters['Credential'] -or $PSBoundParameters['DomainName']) 42 | { 43 | Write-Verbose -Message '[PROCESS] Credential or DomainName specified' 44 | $Splatting = @{ } 45 | if ($PSBoundParameters['Credential']) 46 | { 47 | $Splatting.Credential = $Credential 48 | } 49 | if ($PSBoundParameters['DomainName']) 50 | { 51 | $Splatting.DomainName = $DomainName 52 | } 53 | 54 | (Get-ADSIDomain @splatting).DomainMode 55 | 56 | } 57 | else 58 | { 59 | (Get-ADSIDomain).DomainMode 60 | } 61 | 62 | } 63 | catch 64 | { 65 | $pscmdlet.ThrowTerminatingError($_) 66 | } 67 | } 68 | } -------------------------------------------------------------------------------- /src/public/Get-ADSIDomainRoot.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIDomainRoot 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the Domain Root in the Forest 6 | 7 | .DESCRIPTION 8 | Function to retrieve the Domain Root in the Forest 9 | 10 | .PARAMETER Credential 11 | Specifies the alternative credential to use. Default is the current one. 12 | 13 | .PARAMETER ForestName 14 | Specifies the alternative forest name to query. Default is the current one. 15 | 16 | .EXAMPLE 17 | Get-ADSIDomainRoot 18 | 19 | Retrieve the current Domain Root 20 | 21 | .EXAMPLE 22 | Get-ADSIDomainRoot -ForestName ForestTest.lab 23 | 24 | Retrieve the Domain root of ForestTest.lab 25 | 26 | .EXAMPLE 27 | Get-ADSIDomainRoot -ForestName ForestTest.lab -credential (Get-Credential) 28 | 29 | Retrieve the Domain root of ForestTest.lab with the specified credential 30 | 31 | .NOTES 32 | https://github.com/lazywinadmin/ADSIPS 33 | 34 | .OUTPUTS 35 | System.DirectoryServices.ActiveDirectory.Domain 36 | 37 | .LINK 38 | https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.domain(v=vs.110).aspx 39 | #> 40 | 41 | [CmdletBinding()] 42 | [OutputType('System.DirectoryServices.ActiveDirectory.Domain')] 43 | param 44 | ( 45 | [Alias("RunAs")] 46 | [System.Management.Automation.PSCredential] 47 | [System.Management.Automation.Credential()] 48 | $Credential = [System.Management.Automation.PSCredential]::Empty, 49 | 50 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest() 51 | ) 52 | 53 | (Get-ADSIForest @PSBoundParameters).RootDomain 54 | } -------------------------------------------------------------------------------- /src/public/Get-ADSIDomainTrustRelationship.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIDomainTrustRelationship 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the Trust relationship of a domain. Current one by default. 6 | 7 | .DESCRIPTION 8 | Function to retrieve the Trust relationship of a domain. Current one by default. 9 | 10 | .PARAMETER Credential 11 | Specifies the alternative credential to use. Default is the current user. 12 | 13 | .PARAMETER DomainName 14 | Specifies the alternative domain name to use. Default is the current one. 15 | 16 | .EXAMPLE 17 | Get-ADSIDomainTrustRelationship 18 | 19 | Retrieve the Trust relationship(s) of a current domain 20 | 21 | .EXAMPLE 22 | Get-ADSIDomainTrustRelationship -DomainName FX.lab 23 | 24 | Retrieve the Trust relationship(s) of domain fx.lab 25 | 26 | .EXAMPLE 27 | Get-ADSIDomainTrustRelationship -DomainName FX.lab -Credential (Get-Credential) 28 | 29 | Retrieve the Trust relationship(s) of domain fx.lab with the credential specified 30 | 31 | .NOTES 32 | https://github.com/lazywinadmin/ADSIPS 33 | 34 | .OUTPUTS 35 | System.DirectoryServices.ActiveDirectory.TrustRelationshipInformation 36 | 37 | .LINK 38 | https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.trustrelationshipinformation(v=vs.110).aspx 39 | #> 40 | 41 | [CmdletBinding()] 42 | [OutputType('System.DirectoryServices.ActiveDirectory.TrustRelationshipInformation')] 43 | param 44 | ( 45 | [Alias("RunAs")] 46 | [System.Management.Automation.PSCredential] 47 | [System.Management.Automation.Credential()] 48 | $Credential = [System.Management.Automation.PSCredential]::Empty, 49 | 50 | $DomainName = [System.DirectoryServices.ActiveDirectory.Domain]::GetcurrentDomain() 51 | ) 52 | 53 | process 54 | { 55 | try 56 | { 57 | if ($PSBoundParameters['Credential'] -or $PSBoundParameters['DomainName']) 58 | { 59 | Write-Verbose -Message '[PROCESS] Credential or FirstName specified' 60 | $Splatting = @{ } 61 | if ($PSBoundParameters['Credential']) 62 | { 63 | $Splatting.Credential = $Credential 64 | } 65 | if ($PSBoundParameters['DomainName']) 66 | { 67 | $Splatting.DomainName = $DomainName 68 | } 69 | 70 | (Get-ADSIDomain @splatting).GetAllTrustRelationships() 71 | 72 | } 73 | else 74 | { 75 | (Get-ADSIDomain).GetAllTrustRelationships() 76 | } 77 | 78 | } 79 | catch 80 | { 81 | $pscmdlet.ThrowTerminatingError($_) 82 | } 83 | } 84 | } -------------------------------------------------------------------------------- /src/public/Get-ADSIForest.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIForest 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the current or specified forest 6 | 7 | .DESCRIPTION 8 | Function to retrieve the current or specified forest 9 | 10 | .PARAMETER Credential 11 | Specifies alternative credential to use 12 | 13 | .PARAMETER ForestName 14 | Specifies the ForestName to query 15 | 16 | .EXAMPLE 17 | Get-ADSIForest 18 | 19 | .EXAMPLE 20 | Get-ADSIForest -ForestName lazywinadmin.com 21 | 22 | .EXAMPLE 23 | Get-ADSIForest -Credential (Get-Credential superAdmin) -Verbose 24 | 25 | .EXAMPLE 26 | Get-ADSIForest -ForestName lazywinadmin.com -Credential (Get-Credential superAdmin) -Verbose 27 | 28 | .OUTPUTS 29 | System.DirectoryServices.ActiveDirectory.Forest 30 | 31 | .NOTES 32 | https://github.com/lazywinadmin/ADSIPS 33 | 34 | .LINK 35 | https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.forest(v=vs.110).aspx 36 | #> 37 | 38 | [CmdletBinding()] 39 | [OutputType('System.DirectoryServices.ActiveDirectory.Forest')] 40 | param 41 | ( 42 | [Alias("RunAs")] 43 | [System.Management.Automation.PSCredential] 44 | [System.Management.Automation.Credential()] 45 | $Credential = [System.Management.Automation.PSCredential]::Empty, 46 | 47 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest() 48 | ) 49 | 50 | process 51 | { 52 | try 53 | { 54 | if ($PSBoundParameters['Credential'] -or $PSBoundParameters['ForestName']) 55 | { 56 | Write-Verbose -Message "[PROCESS] Credential or FirstName specified" 57 | $Splatting = @{ } 58 | if ($PSBoundParameters['Credential']) 59 | { 60 | $Splatting.Credential = $Credential 61 | } 62 | if ($PSBoundParameters['ForestName']) 63 | { 64 | $Splatting.ForestName = $ForestName 65 | } 66 | 67 | $ForestContext = New-ADSIDirectoryContext @splatting -contextType Forest 68 | [System.DirectoryServices.ActiveDirectory.Forest]::GetForest($ForestContext) 69 | } 70 | else 71 | { 72 | [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest() 73 | } 74 | 75 | } 76 | catch 77 | { 78 | $pscmdlet.ThrowTerminatingError($_) 79 | } 80 | } 81 | } 82 | -------------------------------------------------------------------------------- /src/public/Get-ADSIForestDomain.ps1: -------------------------------------------------------------------------------- 1 | Function Get-ADSIForestDomain 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the forest domain(s) 6 | 7 | .DESCRIPTION 8 | Function to retrieve the forest domain(s) 9 | 10 | .PARAMETER Credential 11 | Specifies alternative credential to use 12 | 13 | .PARAMETER ForestName 14 | Specifies the ForestName to query 15 | 16 | .EXAMPLE 17 | Get-ADSIForest 18 | 19 | .EXAMPLE 20 | Get-ADSIForest -ForestName lazywinadmin.com 21 | 22 | .EXAMPLE 23 | Get-ADSIForest -Credential (Get-Credential superAdmin) -Verbose 24 | 25 | .EXAMPLE 26 | Get-ADSIForest -ForestName lazywinadmin.com -Credential (Get-Credential superAdmin) -Verbose 27 | 28 | .OUTPUTS 29 | System.DirectoryServices.ActiveDirectory.Forest 30 | 31 | .NOTES 32 | https://github.com/lazywinadmin/ADSIPS 33 | #> 34 | [cmdletbinding()] 35 | param ( 36 | [Alias("RunAs")] 37 | [System.Management.Automation.PSCredential] 38 | [System.Management.Automation.Credential()] 39 | $Credential = [System.Management.Automation.PSCredential]::Empty, 40 | 41 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest() 42 | ) 43 | process 44 | { 45 | try 46 | { 47 | if ($PSBoundParameters['Credential'] -or $PSBoundParameters['ForestName']) 48 | { 49 | Write-Verbose -Message '[PROCESS] Credential or FirstName specified' 50 | $Splatting = @{ } 51 | if ($PSBoundParameters['Credential']) 52 | { 53 | $Splatting.Credential = $Credential 54 | } 55 | if ($PSBoundParameters['ForestName']) 56 | { 57 | $Splatting.ForestName = $ForestName 58 | } 59 | 60 | (Get-ADSIForest @splatting).Domains 61 | 62 | } 63 | else 64 | { 65 | (Get-ADSIForest).Domains 66 | } 67 | 68 | } 69 | catch 70 | { 71 | $pscmdlet.ThrowTerminatingError($_) 72 | } 73 | } 74 | } -------------------------------------------------------------------------------- /src/public/Get-ADSIForestMode.ps1: -------------------------------------------------------------------------------- 1 | Function Get-ADSIForestMode 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the forest mode 6 | 7 | .DESCRIPTION 8 | Function to retrieve the forest mode 9 | 10 | .PARAMETER Credential 11 | Specifies alternative credential to use 12 | 13 | .PARAMETER ForestName 14 | Specifies the ForestName to query 15 | 16 | .EXAMPLE 17 | Get-ADSIForestMode 18 | 19 | Retrieve the forest mode of the current forest 20 | 21 | .EXAMPLE 22 | Get-ADSIForestMode -ForestName lazywinadmin.com 23 | 24 | Retrieve the forest mode of the forest lazywinadmin.com 25 | 26 | .EXAMPLE 27 | Get-ADSIForestMode -Credential (Get-Credential superAdmin) -Verbose 28 | 29 | Retrieve the forest mode of the current forest using the credentials specified 30 | 31 | .EXAMPLE 32 | Get-ADSIForestMode -ForestName lazywinadmin.com -Credential (Get-Credential superAdmin) -Verbose 33 | 34 | Retrieve the forest mode of the forest lazywinadmin.com using the credentials specified 35 | 36 | .OUTPUTS 37 | System.directoryservices.activedirectory.forest.forestmode 38 | 39 | .NOTES 40 | https://github.com/lazywinadmin/ADSIPS 41 | 42 | .LINK 43 | https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.forest.forestmode(v=vs.110).aspx 44 | #> 45 | [cmdletbinding()] 46 | [OutputType('System.directoryservices.activedirectory.forest.forestmode')] 47 | param ( 48 | [Alias("RunAs")] 49 | [System.Management.Automation.PSCredential] 50 | [System.Management.Automation.Credential()] 51 | $Credential = [System.Management.Automation.PSCredential]::Empty, 52 | 53 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest() 54 | ) 55 | process 56 | { 57 | try 58 | { 59 | if ($PSBoundParameters['Credential'] -or $PSBoundParameters['ForestName']) 60 | { 61 | Write-Verbose -Message '[PROCESS] Credential or FirstName specified' 62 | $Splatting = @{ } 63 | if ($PSBoundParameters['Credential']) 64 | { 65 | $Splatting.Credential = $Credential 66 | } 67 | if ($PSBoundParameters['ForestName']) 68 | { 69 | $Splatting.ForestName = $ForestName 70 | } 71 | 72 | (Get-ADSIForest @splatting).ForestMode 73 | 74 | } 75 | else 76 | { 77 | (Get-ADSIForest).ForestMode 78 | } 79 | 80 | } 81 | catch 82 | { 83 | $pscmdlet.ThrowTerminatingError($_) 84 | } 85 | } 86 | } -------------------------------------------------------------------------------- /src/public/Get-ADSIForestTrustRelationship.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIForestTrustRelationship 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the Forest Trust Relationship(s) 6 | 7 | .DESCRIPTION 8 | Function to retrieve the Forest Trust Relationship(s) 9 | 10 | .PARAMETER Credential 11 | Specifies the alternative credential to use. Default is the current user. 12 | 13 | .PARAMETER ForestName 14 | Specifies the alternative Forest name to query. Default is the current one. 15 | 16 | .NOTES 17 | https://github.com/lazywinadmin/ADSIPS 18 | 19 | .EXAMPLE 20 | Get-ADSIForestTrustRelationship 21 | 22 | Retrieve the Forest Trust Relationship of the current domain 23 | 24 | .EXAMPLE 25 | Get-ADSIForestTrustRelationship -ForestName 'lazywinadmin.com' 26 | 27 | Retrieve the Forest Trust Relationship of the forest lazywinadmin.com 28 | 29 | .EXAMPLE 30 | Get-ADSIForestTrustRelationship -ForestName 'lazywinadmin.com' -credential (Get-Credential) 31 | 32 | Retrieve the Forest Trust Relationship of the forest lazywinadmin.com using the specified credential 33 | 34 | .OUTPUTS 35 | System.DirectoryServices.ActiveDirectory.ForestTrustRelationshipInformation 36 | 37 | .LINK 38 | https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.foresttrustrelationshipinformation(v=vs.110).aspx 39 | #> 40 | 41 | [CmdletBinding()] 42 | [OutputType('System.DirectoryServices.ActiveDirectory.ForestTrustRelationshipInformation')] 43 | param 44 | ( 45 | [Alias("RunAs")] 46 | [System.Management.Automation.PSCredential] 47 | [System.Management.Automation.Credential()] 48 | $Credential = [System.Management.Automation.PSCredential]::Empty, 49 | 50 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest() 51 | ) 52 | 53 | process 54 | { 55 | try 56 | { 57 | Write-Verbose -Message '[Get-ADSIForestTrustRelationship][PROCESS] Credential or FirstName specified' 58 | (Get-ADSIForest @PSBoundParameters).GetAllTrustRelationships() 59 | } 60 | catch 61 | { 62 | $pscmdlet.ThrowTerminatingError($_) 63 | } 64 | } 65 | } -------------------------------------------------------------------------------- /src/public/Get-ADSIGlobalCatalog.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIGlobalCatalog 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the Global Catalog in the Forest 6 | 7 | .DESCRIPTION 8 | Function to retrieve the Global Catalog in the Forest 9 | 10 | .PARAMETER Credential 11 | Specifies the alternative credential to use. Default is the current user. 12 | 13 | .PARAMETER ForestName 14 | Specifies the alternative Forest name to query. Default is the current one. 15 | 16 | .EXAMPLE 17 | Get-ADSIGlobalCatalog 18 | 19 | Retrieve the Global Catalog in the current Forest 20 | 21 | .EXAMPLE 22 | Get-ADSIGlobalCatalog -forestname 'lazywinadmin.com' 23 | 24 | Retrieve the Global Catalog in the forest 'lazywinadmin.com' 25 | 26 | .NOTES 27 | https://github.com/lazywinadmin/ADSIPS 28 | #> 29 | 30 | [CmdletBinding()] 31 | [OutputType('System.DirectoryServices.ActiveDirectory.GlobalCatalog')] 32 | param 33 | ( 34 | [Alias("RunAs")] 35 | [System.Management.Automation.PSCredential] 36 | [System.Management.Automation.Credential()] 37 | $Credential = [System.Management.Automation.PSCredential]::Empty, 38 | 39 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest() 40 | ) 41 | 42 | process 43 | { 44 | try 45 | { 46 | Write-Verbose -Message '[Get-ADSIGlobalCatalog][PROCESS] Credential or FirstName specified' 47 | (Get-ADSIForest @PSBoundParameters).GlobalCatalogs 48 | } 49 | catch 50 | { 51 | $pscmdlet.ThrowTerminatingError($_) 52 | } 53 | } 54 | } -------------------------------------------------------------------------------- /src/public/Get-ADSIReplicaCurrentTime.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIReplicaCurrentTime 2 | { 3 | <# 4 | .SYNOPSIS 5 | Get-ADSIReplicaCurrentTime retrieves the current time of a given DC. 6 | 7 | .DESCRIPTION 8 | Get-ADSIReplicaCurrentTime retrieves the current time of a given DC. 9 | When using the verbose switch, this cmdlet will display the time difference with the current system. 10 | 11 | .PARAMETER ComputerName 12 | Defines the remote computer to connect to. 13 | 14 | .PARAMETER Credential 15 | Defines alternate credentials to use. Use Get-Credential to create proper credentials. 16 | 17 | .EXAMPLE 18 | Get-ADSIReplicaCurrentTime -ComputerName dc1.ad.local 19 | 20 | Connects to remote domain controller dc1.ad.local using current credentials and retrieves the current time. 21 | 22 | .NOTES 23 | https://github.com/lazywinadmin/ADSIPS 24 | #> 25 | [CmdletBinding()] 26 | param ([Parameter(Mandatory = $true)] 27 | [string]$ComputerName, 28 | 29 | [Alias("RunAs")] 30 | [System.Management.Automation.PSCredential] 31 | [System.Management.Automation.Credential()] 32 | $Credential = [System.Management.Automation.PSCredential]::Empty 33 | ) 34 | 35 | if ($ComputerName) 36 | { 37 | if ($Credential) 38 | { 39 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName, $Credential.UserName, $Credential.GetNetworkCredential().Password 40 | } 41 | else 42 | { 43 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName 44 | } 45 | } 46 | 47 | if ($context) 48 | { 49 | Write-Verbose -Message "Connecting to $ComputerName" 50 | $dc = [System.DirectoryServices.ActiveDirectory.DomainController]::GetDomainController($context) 51 | } 52 | 53 | if ($dc) 54 | { 55 | $now = Get-Date 56 | $minDiff = (New-TimeSpan -start $dc.CurrentTime -end ([System.TimeZoneInfo]::ConvertTimeToUtc($now))).minutes 57 | Write-Verbose -Message "Difference in minutes between $($dc.name) and current system is $minDiff" 58 | $dc.CurrentTime 59 | } 60 | } -------------------------------------------------------------------------------- /src/public/Get-ADSIReplicaDomainInfo.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIReplicaDomainInfo 2 | { 3 | <# 4 | .SYNOPSIS 5 | Get-ADSIReplicaDomainInfo returns information about the connected DC's Domain. 6 | 7 | .DESCRIPTION 8 | Get-ADSIReplicaDomainInfo returns information about the connected DC's Domain. 9 | 10 | .PARAMETER ComputerName 11 | Defines the remote computer to connect to. 12 | 13 | .PARAMETER Credential 14 | Defines alternate credentials to use. Use Get-Credential to create proper credentials. 15 | 16 | .PARAMETER Recurse 17 | Recursively retrieves information about child domains 18 | 19 | .EXAMPLE 20 | Get-ADSIReplicaDomainInfo -ComputerName dc1.ad.local 21 | 22 | Forest : ad.local 23 | DomainControllers : {DC1.ad.local, DC2.ad.local} 24 | Children : {} 25 | DomainMode : Windows2012R2Domain 26 | DomainModeLevel : 6 27 | Parent : 28 | PdcRoleOwner : DC1.ad.local 29 | RidRoleOwner : DC1.ad.local 30 | InfrastructureRoleOwner : DC1.ad.local 31 | Name : ad.local 32 | 33 | Connects to remote domain controller dc1.ad.local using current credentials retrieves domain info. 34 | 35 | .NOTES 36 | https://github.com/lazywinadmin/ADSIPS 37 | #> 38 | [CmdletBinding()] 39 | param ([Parameter(Mandatory = $true)] 40 | [string]$ComputerName, 41 | 42 | [Alias("RunAs")] 43 | [System.Management.Automation.PSCredential] 44 | [System.Management.Automation.Credential()] 45 | $Credential = [System.Management.Automation.PSCredential]::Empty, 46 | 47 | [Switch]$Recurse 48 | ) 49 | 50 | if ($ComputerName) 51 | { 52 | if ($Credential) 53 | { 54 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName, $Credential.UserName, $Credential.GetNetworkCredential().Password 55 | } 56 | else 57 | { 58 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName 59 | } 60 | } 61 | 62 | if ($context) 63 | { 64 | Write-Verbose -Message "Connecting to $ComputerName" 65 | $dc = [System.DirectoryServices.ActiveDirectory.DomainController]::GetDomainController($context) 66 | } 67 | 68 | if ($dc) 69 | { 70 | $dc.domain 71 | if ($Recurse.IsPresent) 72 | { 73 | $dc.domain.children | Foreach-Object -Process { $_ } 74 | } 75 | 76 | } 77 | } -------------------------------------------------------------------------------- /src/public/Get-ADSIReplicaForestInfo.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIReplicaForestInfo 2 | { 3 | <# 4 | .SYNOPSIS 5 | Get-ADSIReplicaForestInfo returns information about the connected DC's Forest. 6 | 7 | .DESCRIPTION 8 | 9 | Get-ADSIForestInfo returns information about the connected DC's Forest. 10 | 11 | .PARAMETER ComputerName 12 | 13 | Defines the remote computer to connect to. 14 | 15 | .PARAMETER Credential 16 | 17 | Defines alternate credentials to use. Use Get-Credential to create proper credentials. 18 | 19 | .EXAMPLE 20 | 21 | Get-ADSIReplicaForestInfo -ComputerName dc1.ad.local 22 | 23 | Name : ad.local 24 | Sites : {Default-First-Site-Name} 25 | Domains : {ad.local} 26 | GlobalCatalogs : {DC1.ad.local, DC2.ad.local} 27 | ApplicationPartitions : {DC=DomainDnsZones,DC=ad,DC=local, DC=ForestDnsZones,DC=ad,DC=local} 28 | ForestModeLevel : 6 29 | ForestMode : Windows2012R2Forest 30 | RootDomain : ad.local 31 | Schema : CN=Schema,CN=Configuration,DC=ad,DC=local 32 | SchemaRoleOwner : DC1.ad.local 33 | NamingRoleOwner : DC1.ad.local 34 | 35 | Connects to remote domain controller dc1.ad.local using current credentials retrieves forest info. 36 | 37 | .NOTES 38 | https://github.com/lazywinadmin/ADSIPS 39 | #> 40 | [CmdletBinding()] 41 | param ([Parameter(Mandatory = $true)] 42 | [string]$ComputerName, 43 | 44 | [Alias("RunAs")] 45 | [System.Management.Automation.PSCredential] 46 | [System.Management.Automation.Credential()] 47 | $Credential = [System.Management.Automation.PSCredential]::Empty 48 | ) 49 | 50 | if ($ComputerName) 51 | { 52 | if ($Credential) 53 | { 54 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName, $Credential.UserName, $Credential.GetNetworkCredential().Password 55 | } 56 | else 57 | { 58 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName 59 | } 60 | } 61 | 62 | if ($context) 63 | { 64 | Write-Verbose -Message "Connecting to $ComputerName" 65 | $dc = [System.DirectoryServices.ActiveDirectory.DomainController]::GetDomainController($context) 66 | } 67 | 68 | if ($dc) 69 | { 70 | Write-Verbose -Message "Information about forest $($dc.forest.name)" 71 | $dc.forest 72 | } 73 | } -------------------------------------------------------------------------------- /src/public/Get-ADSIReplicaGCInfo.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIReplicaGCInfo 2 | { 3 | <# 4 | .SYNOPSIS 5 | Get-ADSIReplicaGCInfo finds out if a given DC holds the GC role. 6 | 7 | .DESCRIPTION 8 | Get-ADSIReplicaGCInfo finds out if a given DC holds the Global Catalog role. 9 | 10 | .PARAMETER ComputerName 11 | Defines the remote computer to connect to. 12 | 13 | .PARAMETER Credential 14 | Defines alternate credentials to use. Use Get-Credential to create proper credentials. 15 | 16 | .EXAMPLE 17 | Get-ADSIReplicaGCInfo -ComputerName dc1.ad.local 18 | 19 | Connects to remote domain controller dc1.ad.local using current credentials retrieves GC info. 20 | 21 | .NOTES 22 | https://github.com/lazywinadmin/ADSIPS 23 | #> 24 | [CmdletBinding()] 25 | param ([Parameter(Mandatory = $true)] 26 | [string]$ComputerName, 27 | 28 | [Alias("RunAs")] 29 | [System.Management.Automation.PSCredential] 30 | [System.Management.Automation.Credential()] 31 | $Credential = [System.Management.Automation.PSCredential]::Empty 32 | ) 33 | 34 | if ($ComputerName) 35 | { 36 | if ($Credential) 37 | { 38 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName, $Credential.UserName, $Credential.GetNetworkCredential().Password 39 | } 40 | else 41 | { 42 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName 43 | } 44 | } 45 | 46 | if ($context) 47 | { 48 | Write-Verbose -Message "Connecting to $ComputerName" 49 | $dc = [System.DirectoryServices.ActiveDirectory.DomainController]::GetDomainController($context) 50 | } 51 | 52 | if ($dc) 53 | { 54 | $IsGC = $dc.IsGlobalCatalog() 55 | if ($IsGC) 56 | { 57 | Write-Verbose -Message "$($dc.name) is a Global Catalog" 58 | } 59 | else 60 | { 61 | Write-Verbose -Message "$($dc.name) is a normal Domain Controller" 62 | } 63 | $IsGC 64 | } 65 | } -------------------------------------------------------------------------------- /src/public/Get-ADSISite.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSISite 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the Active Directory Site(s) 6 | 7 | .DESCRIPTION 8 | Function to retrieve the Active Directory Site(s) 9 | 10 | .PARAMETER Credential 11 | Specifies alternative credential to use. Default is the current user. 12 | 13 | .PARAMETER ForestName 14 | Specifies the ForestName to query. Default is the current one 15 | 16 | .PARAMETER SiteName 17 | Specifies the Site Name to find. 18 | 19 | .EXAMPLE 20 | Get-ADSISite 21 | 22 | .EXAMPLE 23 | Get-ADSISite -ForestName lazywinadmin.com 24 | 25 | .EXAMPLE 26 | Get-ADSISite -Credential (Get-Credential superAdmin) -Verbose 27 | 28 | .EXAMPLE 29 | Get-ADSISite -ForestName lazywinadmin.com -Credential (Get-Credential superAdmin) -Verbose 30 | 31 | .EXAMPLE 32 | Get-ADSISite -Name 'Montreal' 33 | 34 | .OUTPUTS 35 | System.DirectoryServices.ActiveDirectory.ActiveDirectorySite 36 | 37 | .NOTES 38 | https://github.com/lazywinadmin/ADSIPS 39 | #> 40 | 41 | [CmdletBinding()] 42 | [OutputType('System.DirectoryServices.ActiveDirectory.ActiveDirectorySite')] 43 | param 44 | ( 45 | [Alias("RunAs")] 46 | [System.Management.Automation.PSCredential] 47 | [System.Management.Automation.Credential()] 48 | $Credential = [System.Management.Automation.PSCredential]::Empty, 49 | 50 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest(), 51 | 52 | [Alias("Name")] 53 | [String]$SiteName 54 | ) 55 | 56 | process 57 | { 58 | try 59 | { 60 | if ($PSBoundParameters['Name']) 61 | { 62 | # Remove Name from the PSBoundParameters Splatting 63 | [Void]$PSBoundParameters.Remove('Name') 64 | 65 | # Create a Forest Context 66 | $Context = New-ADSIDirectoryContext -ContextType Forest @PSBoundParameters 67 | 68 | # Get the site name specified 69 | [System.DirectoryServices.ActiveDirectory.ActiveDirectorySite]::FindByName($Context, $Name) 70 | } 71 | else 72 | { 73 | [Void]$PSBoundParameters.Remove('Name') 74 | (Get-ADSIForest @PSBoundParameters).Sites 75 | } 76 | } 77 | catch 78 | { 79 | $pscmdlet.ThrowTerminatingError($_) 80 | } 81 | } 82 | } -------------------------------------------------------------------------------- /src/public/Get-ADSISiteLink.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSISiteLink 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the Active Directory Site Link(s) 6 | 7 | .DESCRIPTION 8 | Function to retrieve the Active Directory Site Link(s) 9 | 10 | .PARAMETER Credential 11 | Specifies alternative credential to use. Default is the current user. 12 | 13 | .PARAMETER ForestName 14 | Specifies the ForestName to query. Default is the current one 15 | 16 | .PARAMETER Name 17 | Specifies the Site Name to find. 18 | 19 | .EXAMPLE 20 | Get-ADSISiteLink 21 | 22 | .EXAMPLE 23 | Get-ADSISiteLink -ForestName lazywinadmin.com 24 | 25 | .EXAMPLE 26 | Get-ADSISiteLink -Credential (Get-Credential superAdmin) -Verbose 27 | 28 | .EXAMPLE 29 | Get-ADSISiteLink -ForestName lazywinadmin.com -Credential (Get-Credential superAdmin) -Verbose 30 | 31 | .EXAMPLE 32 | Get-ADSISiteLink -Name 'Azure' 33 | 34 | .OUTPUTS 35 | System.DirectoryServices.ActiveDirectory.ActiveDirectorySiteLink 36 | 37 | .NOTES 38 | https://github.com/lazywinadmin/ADSIPS 39 | #> 40 | 41 | [CmdletBinding()] 42 | [OutputType('System.DirectoryServices.ActiveDirectory.ActiveDirectorySiteLink')] 43 | param 44 | ( 45 | [Alias("RunAs")] 46 | [System.Management.Automation.PSCredential] 47 | [System.Management.Automation.Credential()] 48 | $Credential = [System.Management.Automation.PSCredential]::Empty, 49 | 50 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest(), 51 | 52 | [Parameter(ValueFromPipelineByPropertyName = $true)] 53 | [String]$Name 54 | ) 55 | 56 | process 57 | { 58 | try 59 | { 60 | (Get-ADSISite @PSBoundParameters).Sitelinks 61 | } 62 | catch 63 | { 64 | $pscmdlet.ThrowTerminatingError($_) 65 | } 66 | } 67 | } -------------------------------------------------------------------------------- /src/public/Get-ADSISiteServer.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSISiteServer 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the Active Directory Site Servers 6 | 7 | .DESCRIPTION 8 | Function to retrieve the Active Directory Site Servers 9 | 10 | .PARAMETER Credential 11 | Specifies alternative credential to use. Default is the current user. 12 | 13 | .PARAMETER ForestName 14 | Specifies the ForestName to query. Default is the current one 15 | 16 | .PARAMETER Name 17 | Specifies the Site Name to find. 18 | 19 | .EXAMPLE 20 | Get-ADSISiteServer 21 | 22 | .EXAMPLE 23 | Get-ADSISiteServer -ForestName lazywinadmin.com 24 | 25 | .EXAMPLE 26 | Get-ADSISiteServer -Credential (Get-Credential superAdmin) -Verbose 27 | 28 | .EXAMPLE 29 | Get-ADSISiteServer -ForestName lazywinadmin.com -Credential (Get-Credential superAdmin) -Verbose 30 | 31 | .EXAMPLE 32 | Get-ADSISiteServer -Name 'Azure' 33 | 34 | .OUTPUTS 35 | System.DirectoryServices.ActiveDirectory.DomainController 36 | 37 | .NOTES 38 | https://github.com/lazywinadmin/ADSIPS 39 | #> 40 | 41 | [CmdletBinding()] 42 | [OutputType('System.DirectoryServices.ActiveDirectory.DomainController')] 43 | param 44 | ( 45 | [Alias("RunAs")] 46 | [System.Management.Automation.PSCredential] 47 | [System.Management.Automation.Credential()] 48 | $Credential = [System.Management.Automation.PSCredential]::Empty, 49 | 50 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest(), 51 | 52 | [Parameter(ValueFromPipelineByPropertyName = $true)] 53 | [String]$Name 54 | ) 55 | 56 | process 57 | { 58 | try 59 | { 60 | (Get-ADSISite @PSBoundParameters).servers 61 | } 62 | catch 63 | { 64 | $pscmdlet.ThrowTerminatingError($_) 65 | } 66 | } 67 | } -------------------------------------------------------------------------------- /src/public/Get-ADSISiteSubnet.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSISiteSubnet 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve the Active Directory Site subnets 6 | 7 | .DESCRIPTION 8 | Function to retrieve the Active Directory Site subnets 9 | 10 | .PARAMETER Credential 11 | Specifies alternative credential to use. Default is the current user. 12 | 13 | .PARAMETER ForestName 14 | Specifies the ForestName to query. Default is the current one 15 | 16 | .PARAMETER SubnetName 17 | Specifies the Site Name to find. 18 | 19 | .EXAMPLE 20 | Get-ADSISiteSubnet 21 | 22 | .EXAMPLE 23 | Get-ADSISiteSubnet -ForestName lazywinadmin.com 24 | 25 | .EXAMPLE 26 | Get-ADSISiteSubnet -Credential (Get-Credential superAdmin) -Verbose 27 | 28 | .EXAMPLE 29 | Get-ADSISiteSubnet -ForestName lazywinadmin.com -Credential (Get-Credential superAdmin) -Verbose 30 | 31 | .EXAMPLE 32 | Get-ADSISiteSubnet -Name 'Azure' 33 | 34 | .OUTPUTS 35 | System.DirectoryServices.ActiveDirectory.ActiveDirectorySubnet 36 | 37 | .NOTES 38 | https://github.com/lazywinadmin/ADSIPS 39 | #> 40 | 41 | [CmdletBinding()] 42 | [OutputType('System.DirectoryServices.ActiveDirectory.ActiveDirectorySubnet')] 43 | param 44 | ( 45 | [Alias("RunAs")] 46 | [System.Management.Automation.PSCredential] 47 | [System.Management.Automation.Credential()] 48 | $Credential = [System.Management.Automation.PSCredential]::Empty, 49 | 50 | $ForestName = [System.DirectoryServices.ActiveDirectory.Forest]::Getcurrentforest(), 51 | 52 | [Parameter(ValueFromPipelineByPropertyName = $true)] 53 | [Alias("Name")] 54 | [String]$SubnetName 55 | ) 56 | begin 57 | { 58 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 59 | 60 | # Create Context splatting 61 | $ContextSplatting = @{ ContextType = "Forest" } 62 | 63 | if ($PSBoundParameters['Credential']) 64 | { 65 | $ContextSplatting.Credential = $Credential 66 | } 67 | if ($PSBoundParameters['ForestName']) 68 | { 69 | $ContextSplatting.ForestName = $ForestName 70 | } 71 | 72 | $Context = New-ADSIDirectoryContext @ContextSplatting -contextType Forest 73 | } 74 | process 75 | { 76 | try 77 | { 78 | if ($PSBoundParameters['SubnetName']) 79 | { 80 | [System.DirectoryServices.ActiveDirectory.ActiveDirectorySubnet]::FindByName($Context, $SubnetName) 81 | } 82 | if (-not $PSBoundParameters['SubnetName']) 83 | { 84 | (Get-ADSISite @PSBoundParameters).subnets 85 | } 86 | } 87 | catch 88 | { 89 | $pscmdlet.ThrowTerminatingError($_) 90 | } 91 | } 92 | } -------------------------------------------------------------------------------- /src/public/Get-ADSITombstoneLifetime.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSITombstoneLifetime 2 | { 3 | <# 4 | .SYNOPSIS 5 | Get-ADSITombstoneLifetime returns the number of days before a deleted object is removed from the directory services. 6 | 7 | .DESCRIPTION 8 | Get-ADSITombstoneLifetime returns the number of days before a deleted object is removed from the directory services. 9 | 10 | .PARAMETER Credential 11 | Defines alternate credentials to use. Use Get-Credential to create proper credentials. 12 | 13 | .PARAMETER DomainName 14 | Specifies the DomainName to query 15 | 16 | .EXAMPLE 17 | Get-ADSITombstoneLifetime 18 | 19 | For the current domain, returns the number of days before a deleted object is removed from the directory services. 20 | 21 | .NOTES 22 | https://github.com/lazywinadmin/ADSIPS 23 | #> 24 | [CmdletBinding()] 25 | param ( 26 | [Alias("RunAs")] 27 | [System.Management.Automation.PSCredential] 28 | [System.Management.Automation.Credential()] 29 | $Credential = [System.Management.Automation.PSCredential]::Empty, 30 | 31 | $DomainName = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain() 32 | ) 33 | 34 | try 35 | { 36 | 37 | if ($PSBoundParameters['Credential'] -or $PSBoundParameters['DomainName']) 38 | { 39 | Write-Verbose -Message '[PROCESS] Credential or DomainName specified' 40 | $Splatting = @{ } 41 | if ($PSBoundParameters['Credential']) 42 | { 43 | $Splatting.Credential = $Credential 44 | } 45 | if ($PSBoundParameters['DomainName']) 46 | { 47 | $Splatting.DomainName = $DomainName 48 | } 49 | 50 | $configurationNamingContext = (Get-ADSIRootDSE @splatting).configurationNamingContext 51 | 52 | } 53 | else 54 | { 55 | $configurationNamingContext = (Get-ADSIRootDSE).configurationNamingContext 56 | } 57 | 58 | } 59 | catch 60 | { 61 | $pscmdlet.ThrowTerminatingError($_) 62 | } 63 | 64 | $nTDSService = New-Object -TypeName System.DirectoryServices.DirectoryEntry -ArgumentList "LDAP://CN=Directory Service,CN=Windows NT,CN=Services,$configurationNamingContext" 65 | 66 | Write-Verbose "Domain : $DomainName" 67 | $nTDSService.tombstoneLifetime 68 | } -------------------------------------------------------------------------------- /src/public/Get-ADSIUserPrimaryGroup.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADSIUserPrimaryGroup 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to retrieve User's primary group 6 | 7 | .DESCRIPTION 8 | Get primary AD group of a user 9 | 10 | .PARAMETER Identity 11 | Specifies the Identity of the User 12 | Uses the return of "Get-ADSIUser" 13 | 14 | .PARAMETER ReturnNameAndDescriptionOnly 15 | Returns a PSCustomObject of just the name and description 16 | ex: $return = [pscustomobject]@{ 17 | 'name' = [string]$primaryGroup.Properties.name 18 | 'description' = [string]$primaryGroup.Properties.description 19 | } 20 | 21 | .EXAMPLE 22 | Get-ADSIUserPrimaryGroup -Identity (Get-ADSIUser 'User1') 23 | 24 | Get primary AD group of user User1 25 | 26 | .NOTES 27 | https://github.com/lazywinadmin/ADSIPS 28 | CHANGE LOG 29 | -1.0 | 2019/06/22 | Matt Oestreich (oze4) 30 | - Initial creation 31 | #> 32 | 33 | param( 34 | [Parameter(Mandatory=$true)] 35 | [System.DirectoryServices.AccountManagement.AuthenticablePrincipal]$Identity, 36 | 37 | [Parameter(Mandatory=$false)] 38 | [switch]$ReturnNameAndDescriptionOnly 39 | ) 40 | 41 | try { 42 | $UnderlyingProperties = $Identity.GetUnderlyingObject() 43 | $userSid = (New-Object System.Security.Principal.SecurityIdentifier ($($UnderlyingProperties.properties.objectSID), 0)).AccountDomainSid.Value 44 | $groupSid = ('{0}-{1}' -f $userSid, $UnderlyingProperties.properties.primarygroupid.ToString()) 45 | $primaryGroup = [adsi]("LDAP://") 46 | if ($PSBoundParameters["ReturnNameAndDescriptionOnly"]) { 47 | [pscustomobject]@{ 48 | 'name' = [string]$primaryGroup.Properties.name 49 | 'description' = [string]$primaryGroup.Properties.description 50 | } 51 | } else { 52 | $primaryGroup 53 | } 54 | } catch { 55 | $PSCmdlet.ThrowTerminatingError($_) 56 | } 57 | 58 | } 59 | -------------------------------------------------------------------------------- /src/public/Move-ADSIDomainControllerToSite.ps1: -------------------------------------------------------------------------------- 1 | function Move-ADSIDomainControllerToSite 2 | { 3 | <# 4 | .SYNOPSIS 5 | Move-ADSIDomainControllerToSite moves the current DC to another site. 6 | 7 | .DESCRIPTION 8 | Move-ADSIDomainControllerToSite moves the current DC to another site. 9 | 10 | MSDN Documention on 'DirectoryServer.MoveToAnotherSite Method' 11 | https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.directoryserver.movetoanothersite(v=vs.110).aspx 12 | 13 | .PARAMETER ComputerName 14 | Specifies the Domain Controller 15 | 16 | .PARAMETER Credential 17 | Specifies alternate credentials to use. Use Get-Credential to create proper credentials. 18 | 19 | .PARAMETER Site 20 | Name of the Active Directory site 21 | 22 | .EXAMPLE 23 | Move-ADSIDomainControllerToSite -ComputerName dc1.ad.local -site "Paris" 24 | 25 | Connects to remote domain controller dc1.ad.local using current credentials and 26 | moves it to the site "Paris". 27 | 28 | .NOTES 29 | https://github.com/lazywinadmin/ADSIPS 30 | 31 | Version History 32 | 1.0 Initial Version (Micky Balladelli) 33 | 1.1 Update (Francois-Xavier Cat) 34 | Rename from Move-ADSIReplicaToSite to Move-ADSIDomainControllerToSite 35 | Add New-ADSIDirectoryContext to take care of the Context 36 | Other minor modifications 37 | #> 38 | 39 | [CmdletBinding()] 40 | param 41 | ( 42 | [Parameter(Mandatory)] 43 | [string]$ComputerName, 44 | 45 | [Alias("RunAs")] 46 | [System.Management.Automation.PSCredential] 47 | [System.Management.Automation.Credential()] 48 | $Credential = [System.Management.Automation.PSCredential]::Empty, 49 | 50 | [Parameter(Mandatory = $true)] 51 | [string]$Site 52 | ) 53 | process 54 | { 55 | try 56 | { 57 | # DirectoryContext Splatting 58 | $Splatting = $PSBoundParameters.Remove("Site") 59 | # Create the Context 60 | $Context = New-ADSIDirectoryContext -ContextType 'DirectoryServer' @Splatting 61 | 62 | $DomainController = [System.DirectoryServices.ActiveDirectory.DomainController]::GetDomainController($context) 63 | 64 | Write-Verbose -Message "[Move-ADSIDomainControllerToSite][PROCESS] $($DomainController.name) to site $Site" 65 | $DomainController.MoveToAnotherSite($Site) 66 | } 67 | catch 68 | { 69 | $pscmdlet.ThrowTerminatingError($_) 70 | } 71 | } 72 | } 73 | -------------------------------------------------------------------------------- /src/public/New-ADSISite.ps1: -------------------------------------------------------------------------------- 1 | function New-ADSISite 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to create a new Site 6 | 7 | .DESCRIPTION 8 | Function to create a new Site 9 | 10 | .PARAMETER SiteName 11 | Specifies the SiteName 12 | 13 | .PARAMETER Location 14 | Specifies the Location of the site 15 | 16 | .PARAMETER Credential 17 | Specifies the alternative credential to use. 18 | By default it will use the current user windows credentials. 19 | 20 | .PARAMETER ForestName 21 | Specifies the alternative Forest where the subnet should be created 22 | By default it will use the current forest. 23 | 24 | .EXAMPLE 25 | PS C:\> New-ADSISite -SiteName "MTL01" -Location "Montreal, QC, Canada" 26 | 27 | .NOTES 28 | https://github.com/lazywinadmin/ADSIPS 29 | 30 | .LINK 31 | https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.activedirectorysite(v=vs.110).aspx 32 | #> 33 | 34 | [CmdletBinding(SupportsShouldProcess = $true)] 35 | param 36 | ( 37 | [Parameter(Mandatory = $true)] 38 | [Alias('Name')] 39 | [String]$SiteName, 40 | 41 | [String]$Location, 42 | 43 | [Alias("RunAs")] 44 | [System.Management.Automation.PSCredential] 45 | [System.Management.Automation.Credential()] 46 | $Credential = [System.Management.Automation.PSCredential]::Empty, 47 | 48 | [String]$ForestName 49 | ) 50 | 51 | begin 52 | { 53 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 54 | 55 | # Create Context splatting 56 | $ContextSplatting = @{ ContextType = "Forest" } 57 | 58 | if ($PSBoundParameters['Credential']) 59 | { 60 | $ContextSplatting.Credential = $Credential 61 | } 62 | if ($PSBoundParameters['ForestName']) 63 | { 64 | $ContextSplatting.ForestName = $ForestName 65 | } 66 | 67 | $Context = New-ADSIDirectoryContext @ContextSplatting 68 | } 69 | process 70 | { 71 | try 72 | { 73 | if ($PSCmdlet.ShouldProcess($SiteName, "Create Site")) 74 | { 75 | $Site = New-Object -TypeName System.DirectoryServices.ActiveDirectory.ActiveDirectorySite -ArgumentList $Context, $SiteName 76 | $Site.Location = $Location 77 | $Site.Save() 78 | 79 | #$site.GetDirectoryEntry() 80 | } 81 | } 82 | catch 83 | { 84 | $PSCmdlet.ThrowTerminatingError($_) 85 | } 86 | } 87 | end 88 | { 89 | 90 | } 91 | } -------------------------------------------------------------------------------- /src/public/Remove-ADSIGroup.ps1: -------------------------------------------------------------------------------- 1 | function Remove-ADSIGroup 2 | { 3 | <# 4 | .SYNOPSIS 5 | function to remove a group 6 | 7 | .DESCRIPTION 8 | function to remove a group 9 | 10 | .PARAMETER Identity 11 | Specifies the Identity 12 | 13 | You can provide one of the following properties 14 | DistinguishedName 15 | Guid 16 | Name 17 | SamAccountName 18 | Sid 19 | UserPrincipalName 20 | 21 | Those properties come from the following enumeration: 22 | System.DirectoryServices.AccountManagement.IdentityType 23 | 24 | .PARAMETER Credential 25 | Specifies the alternative credential to use. 26 | By default it will use the current user windows credentials. 27 | 28 | .PARAMETER DomainName 29 | Specifies the alternative Domain where the user should be created 30 | By default it will use the current domain. 31 | 32 | .EXAMPLE 33 | Remove-ADSIGroup FXTESTGROUP 34 | 35 | .EXAMPLE 36 | Remove-ADSIGroup FXTESTGROUP -whatif 37 | 38 | .NOTES 39 | https://github.com/lazywinadmin/ADSIPS 40 | #> 41 | [CmdletBinding(SupportsShouldProcess = $true)] 42 | param ( 43 | [parameter(Mandatory = $true, ValueFromPipelineByPropertyName = $true, ValueFromPipeline = $true)] 44 | $Identity, 45 | 46 | [Alias("RunAs")] 47 | [System.Management.Automation.PSCredential] 48 | [System.Management.Automation.Credential()] 49 | $Credential = [System.Management.Automation.PSCredential]::Empty, 50 | 51 | [String]$DomainName) 52 | 53 | begin 54 | { 55 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 56 | 57 | $FunctionName = (Get-Variable -Name MyInvocation -Scope 0 -ValueOnly).Mycommand 58 | 59 | # Create Context splatting 60 | $ContextSplatting = @{ 61 | Contexttype = "Domain" 62 | } 63 | 64 | if ($PSBoundParameters['Credential']){ 65 | Write-Verbose "[$FunctionName] Found Credential Parameter" 66 | $ContextSplatting.Credential = $Credential 67 | } 68 | if ($PSBoundParameters['DomainName']){ 69 | Write-Verbose "[$FunctionName] Found DomainName Parameter" 70 | $ContextSplatting.DomainName = $DomainName 71 | } 72 | 73 | } 74 | process 75 | { 76 | try 77 | { 78 | Write-Verbose "[$FunctionName] Recursive Parameter found" 79 | if ($pscmdlet.ShouldProcess("$Identity", "Delete Account")) 80 | { 81 | (Get-ADSIGroup -Identity $Identity @ContextSplatting).delete() 82 | } 83 | } 84 | catch 85 | { 86 | $pscmdlet.ThrowTerminatingError($_) 87 | } 88 | } 89 | } -------------------------------------------------------------------------------- /src/public/Remove-ADSISite.ps1: -------------------------------------------------------------------------------- 1 | Function Remove-ADSISite 2 | { 3 | <# 4 | .SYNOPSIS 5 | function to remove a Site 6 | 7 | .DESCRIPTION 8 | function to remove a Site 9 | 10 | .PARAMETER SiteName 11 | Specifies the Site Name 12 | 13 | .PARAMETER Credential 14 | Specifies the alternative credential to use. 15 | By default it will use the current user windows credentials. 16 | 17 | .PARAMETER ForestName 18 | Specifies the alternative Forest where the user should be created 19 | By default it will use the current Forest. 20 | 21 | .EXAMPLE 22 | Remove-ADSISite -SiteName WOW01 23 | 24 | .NOTES 25 | https://github.com/lazywinadmin/ADSIPS 26 | #> 27 | [CmdletBinding(SupportsShouldProcess = $true)] 28 | param ( 29 | [parameter(Mandatory = $true, ValueFromPipeline = $true)] 30 | $SiteName, 31 | 32 | [Alias("RunAs")] 33 | [System.Management.Automation.PSCredential] 34 | [System.Management.Automation.Credential()] 35 | $Credential = [System.Management.Automation.PSCredential]::Empty, 36 | 37 | [String]$ForestName 38 | 39 | ) 40 | begin 41 | { 42 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 43 | 44 | $FunctionName = (Get-Variable -Name MyInvocation -Scope 0 -ValueOnly).Mycommand 45 | 46 | # Create Context splatting 47 | $ContextSplatting = @{ } 48 | if ($PSBoundParameters['Credential']){ 49 | Write-Verbose "[$FunctionName] Found Credential Parameter" 50 | $ContextSplatting.Credential = $Credential 51 | } 52 | 53 | if ($PSBoundParameters['ForestName']){ 54 | Write-Verbose "[$FunctionName] Found ForestName Parameter" 55 | $ContextSplatting.ForestName = $ForestName 56 | } 57 | } 58 | process 59 | { 60 | try 61 | { 62 | if($SiteName.GetType().FullName -eq 'System.String') { 63 | $ADSISite = Get-ADSISite -Name $SiteName @ContextSplatting 64 | if($ADSISite -eq $null){ 65 | Write-Error "[$FunctionName] Could not find Site" 66 | } else { 67 | Write-Verbose "[$FunctionName] Found Site" 68 | } 69 | } else { 70 | $ADSISite = $SiteName 71 | } 72 | 73 | if ($PSCmdlet.ShouldProcess($SiteName, "Delete")) 74 | { 75 | # Delete Site 76 | $ADSISite.Delete() 77 | } 78 | } 79 | catch 80 | { 81 | $pscmdlet.ThrowTerminatingError($_) 82 | break 83 | } 84 | } 85 | } 86 | 87 | -------------------------------------------------------------------------------- /src/public/Remove-ADSISiteSubnet.ps1: -------------------------------------------------------------------------------- 1 | function Remove-ADSISiteSubnet 2 | { 3 | <# 4 | .SYNOPSIS 5 | function to remove a Subnet 6 | 7 | .DESCRIPTION 8 | function to remove a Subnet 9 | 10 | .PARAMETER SubnetName 11 | Specifies the Subnet Name 12 | 13 | .PARAMETER Credential 14 | Specifies the alternative credential to use. 15 | By default it will use the current user windows credentials. 16 | 17 | .PARAMETER ForestName 18 | Specifies the alternative Forest where the user should be created 19 | By default it will use the current Forest. 20 | 21 | .EXAMPLE 22 | Remove-ADSISiteSubnet -SubnetName '192.168.8.0/24' 23 | 24 | .NOTES 25 | https://github.com/lazywinadmin/ADSIPS 26 | #> 27 | 28 | [CmdletBinding(SupportsShouldProcess = $true)] 29 | param 30 | ( 31 | [Parameter(Mandatory = $true, ValueFromPipeline = $true)] 32 | $SubnetName, 33 | 34 | [Alias("RunAs")] 35 | [System.Management.Automation.PSCredential] 36 | [System.Management.Automation.Credential()] 37 | $Credential = [System.Management.Automation.PSCredential]::Empty, 38 | 39 | [String]$ForestName 40 | ) 41 | 42 | begin 43 | { 44 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 45 | 46 | $FunctionName = (Get-Variable -Name MyInvocation -Scope 0 -ValueOnly).Mycommand 47 | 48 | # Create Context splatting 49 | $ContextSplatting = @{ } 50 | if ($PSBoundParameters['Credential']){ 51 | Write-Verbose "[$FunctionName] Found Credential Parameter" 52 | $ContextSplatting.Credential = $Credential 53 | } 54 | 55 | if ($PSBoundParameters['ForestName']){ 56 | Write-Verbose "[$FunctionName] Found ForestName Parameter" 57 | $ContextSplatting.ForestName = $ForestName 58 | } 59 | } 60 | process 61 | { 62 | try 63 | { 64 | if($SubnetName.GetType().FullName -eq 'System.String') { 65 | $ADSISiteSubnet = Get-ADSISiteSubnet -SubnetName $SubnetName @ContextSplatting 66 | if($ADSISiteSubnet -eq $null){ 67 | Write-Error "[$FunctionName] Could not find Site" 68 | } else { 69 | Write-Verbose "[$FunctionName] Found Site" 70 | } 71 | } else { 72 | $ADSISiteSubnet = $SubnetName 73 | } 74 | if ($PSCmdlet.ShouldProcess($SubnetName, "Remove Subnet")) 75 | { 76 | $ADSISiteSubnet.Delete() 77 | } 78 | } 79 | catch 80 | { 81 | $pscmdlet.ThrowTerminatingError($_) 82 | break 83 | } 84 | } 85 | end 86 | { 87 | } 88 | } 89 | 90 | 91 | 92 | 93 | -------------------------------------------------------------------------------- /src/public/Reset-ADSIUserPasswordAge.ps1: -------------------------------------------------------------------------------- 1 | function Reset-ADSIUserPasswordAge 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to reset a User's password age to zero 6 | 7 | .DESCRIPTION 8 | Function to reset a User's password age to zero 9 | 10 | .PARAMETER Identity 11 | Specifies the Identity 12 | 13 | .PARAMETER DomainName 14 | Specify the Domain Distinguished name 15 | 16 | .PARAMETER Credential 17 | Specifies alternative credential 18 | 19 | .EXAMPLE 20 | Reset-ADSIUserPasswordAge -Identity 'testaccount' 21 | 22 | .EXAMPLE 23 | Reset-ADSIUserPasswordAge -Identity 'testaccount' -Credential (Get-Credential) 24 | 25 | .NOTES 26 | https://github.com/lazywinadmin/ADSIPS 27 | #> 28 | 29 | [CmdletBinding(SupportsShouldProcess = $true)] 30 | param 31 | ( 32 | [Parameter(Mandatory = $true, ValueFromPipeline)] 33 | $Identity, 34 | 35 | [Alias("Domain", "DomainDN")] 36 | [String]$DomainName = $(([adsisearcher]"").Searchroot.path), 37 | 38 | [Alias("RunAs")] 39 | [System.Management.Automation.PSCredential] 40 | [System.Management.Automation.Credential()] 41 | $Credential = [System.Management.Automation.PSCredential]::Empty 42 | ) 43 | 44 | begin { 45 | $FunctionName = (Get-Variable -Name MyInvocation -Scope 0 -ValueOnly).Mycommand 46 | 47 | # Create Context splatting 48 | $ContextSplatting = @{} 49 | 50 | if ($PSBoundParameters['Credential']) 51 | { 52 | Write-Verbose "[$FunctionName] Found Credential Parameter" 53 | $ContextSplatting.Credential = $Credential 54 | } 55 | if ($PSBoundParameters['DomainName']) 56 | { 57 | Write-Verbose "[$FunctionName] Found DomainName Parameter" 58 | $ContextSplatting.DomainName = $DomainName 59 | } 60 | } 61 | 62 | process 63 | { 64 | if($Identity.GetType().FullName -eq 'System.String') { 65 | if ($pscmdlet.ShouldProcess("$Identity", "Change Account Password")) 66 | { 67 | (Get-ADSIUser -Identity $Identity @ContextSplatting).RefreshExpiredPassword() 68 | } 69 | } else { 70 | if ($pscmdlet.ShouldProcess("$($Identity.SamAccountName)", "Change Account Password")) 71 | { 72 | $Identity.RefreshExpiredPassword() 73 | } 74 | } 75 | } 76 | } -------------------------------------------------------------------------------- /src/public/Set-ADSIUserPassword.ps1: -------------------------------------------------------------------------------- 1 | function Set-ADSIUserPassword 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to change a User's password 6 | 7 | .DESCRIPTION 8 | Function to change a User's password 9 | 10 | .PARAMETER Identity 11 | Specifies the Identity 12 | 13 | .PARAMETER Credential 14 | Specifies alternative credential 15 | 16 | .PARAMETER AccountPassword 17 | Specifies the new password. 18 | The object needs to be a System.Security.SecureString. 19 | You can use something like that: 20 | $AccountPassword = (read-host -AsSecureString -Prompt "AccountPassword") 21 | 22 | .PARAMETER DomainName 23 | Specifies the DomainName to query 24 | By default it will take the current domain. 25 | 26 | .EXAMPLE 27 | Set-ADSIUserPassword -Identity 'testaccount' -AccountPassword (read-host -AsSecureString -Prompt "AccountPassword") 28 | 29 | Change the password of the account 'testaccount' to the specified new password 30 | 31 | .EXAMPLE 32 | Set-ADSIUserPassword -Identity 'testaccount' -AccountPassword (read-host -AsSecureString -Prompt "AccountPassword") -Credential (Get-Credential) 33 | 34 | Change the password of the account 'testaccount' using the credential specified, to the specified new password 35 | 36 | .NOTES 37 | https://github.com/lazywinadmin/ADSIPS 38 | #> 39 | [CmdletBinding(SupportsShouldProcess = $true)] 40 | param ( 41 | [parameter(Mandatory = $true, ValueFromPipeline = $true)] 42 | $Identity, 43 | 44 | [parameter(Mandatory = $true)] 45 | [System.Security.SecureString]$AccountPassword, 46 | 47 | [Alias("RunAs")] 48 | [System.Management.Automation.PSCredential] 49 | [System.Management.Automation.Credential()] 50 | $Credential = [System.Management.Automation.PSCredential]::Empty, 51 | 52 | [String]$DomainName) 53 | 54 | begin 55 | { 56 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 57 | 58 | $FunctionName = (Get-Variable -Name MyInvocation -Scope 0 -ValueOnly).Mycommand 59 | 60 | # Create Context splatting 61 | $ContextSplatting = @{ } 62 | if ($PSBoundParameters['Credential']){ 63 | Write-Verbose "[$FunctionName] Found Credential Parameter" 64 | $ContextSplatting.Credential = $Credential 65 | } 66 | if ($PSBoundParameters['DomainName']){ 67 | Write-Verbose "[$FunctionName] Found DomainName Parameter" 68 | $ContextSplatting.DomainName = $DomainName 69 | } 70 | } 71 | process 72 | { 73 | try 74 | { 75 | if ($pscmdlet.ShouldProcess("$Identity", "Change Account Password")) 76 | { 77 | (Get-ADSIUser -Identity $Identity @ContextSplatting).SetPassword((New-Object -TypeName PSCredential -ArgumentList "user", $AccountPassword).GetNetworkCredential().Password) 78 | } 79 | } 80 | catch 81 | { 82 | $pscmdlet.ThrowTerminatingError($_) 83 | } 84 | } 85 | } -------------------------------------------------------------------------------- /src/public/Start-ADSIReplicationConsistencyCheck.ps1: -------------------------------------------------------------------------------- 1 | function Start-ADSIReplicationConsistencyCheck 2 | { 3 | <# 4 | .SYNOPSIS 5 | Start-ADSIReplicationConsistencyCheck starts the knowledge consistency checker on a given DC. 6 | 7 | .DESCRIPTION 8 | Start-ADSIReplicationConsistencyCheck connects to an Active Directory Domain Controller and starts the KCC to verify if the replication 9 | topology needs to be optimized. 10 | 11 | .PARAMETER ComputerName 12 | Defines the remote computer to connect to. 13 | 14 | .PARAMETER Credential 15 | Defines alternate credentials to use. Use Get-Credential to create proper credentials. 16 | 17 | .EXAMPLE 18 | Start-ADSIReplicationConsistencyCheck -ComputerName dc1.ad.local 19 | Connects to remote domain controller dc1.ad.local using current credentials and starts a KCC check. 20 | 21 | .NOTES 22 | https://github.com/lazywinadmin/ADSIPS 23 | #> 24 | [CmdletBinding(SupportsShouldProcess = $true)] 25 | param ([Parameter(Mandatory = $true)] 26 | [string]$ComputerName, 27 | 28 | [Alias("RunAs")] 29 | [System.Management.Automation.PSCredential] 30 | [System.Management.Automation.Credential()] 31 | $Credential = [System.Management.Automation.PSCredential]::Empty 32 | ) 33 | 34 | if ($ComputerName) 35 | { 36 | if ($Credential) 37 | { 38 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName, $Credential.UserName, $Credential.GetNetworkCredential().Password 39 | } 40 | else 41 | { 42 | $context = new-object -TypeName System.DirectoryServices.ActiveDirectory.DirectoryContext -ArgumentList "DirectoryServer", $ComputerName 43 | } 44 | } 45 | 46 | if ($context) 47 | { 48 | Write-Verbose -Message "Connecting to $ComputerName" 49 | $dc = [System.DirectoryServices.ActiveDirectory.DomainController]::GetDomainController($context) 50 | } 51 | 52 | if ($PSCmdlet.ShouldProcess($dc, "Check Replication Consistency (KCC Check)")) 53 | { 54 | if ($dc) 55 | { 56 | $dc.CheckReplicationConsistency() 57 | Write-Verbose -Message "KCC Check started on $($dc.name)" 58 | } 59 | } 60 | } -------------------------------------------------------------------------------- /src/public/Test-ADSIUserIsGroupMember.ps1: -------------------------------------------------------------------------------- 1 | function Test-ADSIUserIsGroupMember 2 | { 3 | <# 4 | .SYNOPSIS 5 | This function will check if a domain user is member of a domain group 6 | 7 | .DESCRIPTION 8 | This function will check if a domain user is member of a domain group 9 | 10 | .PARAMETER GroupSamAccountName 11 | Specifies the Group to query 12 | 13 | .PARAMETER UserSamAccountName 14 | Specifies the user account 15 | 16 | .PARAMETER DomainName 17 | Specify the Domain Distinguished name 18 | 19 | .PARAMETER Credential 20 | Specify alternative Credential 21 | 22 | .EXAMPLE 23 | Test-ADSIUserIsGroupMember -GroupSamAccountName TestGroup -UserSamAccountName Fxcat 24 | 25 | This will return $true or $false depending if the user Fxcat is member of TestGroup 26 | 27 | .NOTES 28 | https://github.com/lazywinadmin/ADSIPS 29 | #> 30 | 31 | [CmdletBinding()] 32 | [OutputType('System.Boolean')] 33 | param ( 34 | [Parameter(Mandatory = $true, ValueFromPipeLine = $true)] 35 | $UserSamAccountName, 36 | [Parameter(Mandatory = $true)] 37 | [System.String]$GroupSamAccountName, 38 | 39 | [Alias("Domain", "DomainDN")] 40 | [String]$DomainName = $(([adsisearcher]"").Searchroot.path), 41 | 42 | [Alias("RunAs")] 43 | [System.Management.Automation.PSCredential] 44 | [System.Management.Automation.Credential()] 45 | $Credential = [System.Management.Automation.PSCredential]::Empty 46 | ) 47 | 48 | begin { 49 | $FunctionName = (Get-Variable -Name MyInvocation -Scope 0 -ValueOnly).Mycommand 50 | 51 | # Create Context splatting 52 | $ContextSplatting = @{} 53 | 54 | if ($PSBoundParameters['Credential']) 55 | { 56 | Write-Verbose "[$FunctionName] Found Credential Parameter" 57 | $ContextSplatting.Credential = $Credential 58 | } 59 | if ($PSBoundParameters['DomainName']) 60 | { 61 | Write-Verbose "[$FunctionName] Found DomainName Parameter" 62 | $ContextSplatting.DomainName = $DomainName 63 | } 64 | } 65 | 66 | process { 67 | 68 | if($UserSamAccountName.GetType().FullName -eq 'System.String') { 69 | $UserInfo = Get-ADSIUser -Identity $UserSamAccountName @ContextSplatting 70 | if($UserInfo -eq $null){ 71 | Write-Error "[$FunctionName] Could not find User" 72 | } else { 73 | Write-Verbose "[$FunctionName] Found User" 74 | } 75 | } else { 76 | Write-Verbose "[$FunctionName] Found User" 77 | $UserInfo = $UserSamAccountName 78 | } 79 | 80 | $GroupInfo = Get-ADSIGroup -Identity $GroupSamAccountName @ContextSplatting 81 | if($GroupInfo -eq $null){ 82 | Write-Error "[$FunctionName] Could not find Group" 83 | } else { 84 | Write-Verbose "[$FunctionName] Found Group" 85 | } 86 | $UserInfo.isMemberOf($GroupInfo) 87 | } 88 | } -------------------------------------------------------------------------------- /src/public/Test-ADSIUserIsLockedOut.ps1: -------------------------------------------------------------------------------- 1 | function Test-ADSIUserIsLockedOut 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to test if a User is LockedOut 6 | 7 | .DESCRIPTION 8 | Function to test if a User is LockedOut 9 | 10 | .PARAMETER Identity 11 | Specifies the Identity 12 | 13 | .PARAMETER DomainName 14 | Specify the Domain Distinguished name 15 | 16 | .PARAMETER Credential 17 | Specify alternative Credential 18 | 19 | .EXAMPLE 20 | Test-ADSIUserIsLockedOut -Identity 'testaccount' 21 | 22 | .EXAMPLE 23 | Test-ADSIUserIsLockedOut -Identity 'testaccount' -Credential (Get-Credential) 24 | 25 | .NOTES 26 | https://github.com/lazywinadmin/ADSIPS 27 | #> 28 | 29 | [CmdletBinding()] 30 | [OutputType('System.Boolean')] 31 | param 32 | ( 33 | [Parameter(Mandatory = $true, ValueFromPipeline = $true)] 34 | $Identity, 35 | 36 | [Alias("Domain", "DomainDN")] 37 | [String]$DomainName = $(([adsisearcher]"").Searchroot.path), 38 | 39 | [Alias("RunAs")] 40 | [System.Management.Automation.PSCredential] 41 | [System.Management.Automation.Credential()] 42 | $Credential = [System.Management.Automation.PSCredential]::Empty 43 | ) 44 | 45 | begin { 46 | $FunctionName = (Get-Variable -Name MyInvocation -Scope 0 -ValueOnly).Mycommand 47 | 48 | # Create Context splatting 49 | $ContextSplatting = @{} 50 | 51 | if ($PSBoundParameters['Credential']) 52 | { 53 | Write-Verbose "[$FunctionName] Found Credential Parameter" 54 | $ContextSplatting.Credential = $Credential 55 | } 56 | if ($PSBoundParameters['DomainName']) 57 | { 58 | Write-Verbose "[$FunctionName] Found DomainName Parameter" 59 | $ContextSplatting.DomainName = $DomainName 60 | } 61 | } 62 | 63 | process { 64 | 65 | if($Identity.GetType().FullName -eq 'System.String') { 66 | $User = Get-ADSIUser -Identity $Identity @ContextSplatting 67 | if($User -eq $null){ 68 | Write-Error "[$FunctionName] Could not find User" 69 | } else { 70 | Write-Verbose "[$FunctionName] Found User" 71 | } 72 | } else { 73 | Write-Verbose "[$FunctionName] Found User" 74 | $User = $Identity 75 | } 76 | 77 | $User.IsAccountLockedOut() 78 | } 79 | } 80 | -------------------------------------------------------------------------------- /src/public/Unlock-ADSIComputer.ps1: -------------------------------------------------------------------------------- 1 | function Unlock-ADSIComputer 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to Unlock a Computer object in Active Directory 6 | 7 | .DESCRIPTION 8 | Function to Unlock a Computer object in Active Directory 9 | 10 | .PARAMETER Identity 11 | Specifies the Identity 12 | 13 | .PARAMETER Credential 14 | Specifies alternative credential 15 | 16 | .EXAMPLE 17 | Unlock-ADSIComputer -Identity 'testcomputeraccount' 18 | 19 | .EXAMPLE 20 | Unlock-ADSIComputer -Identity 'testcomputeraccount' -Credential (Get-Credential) 21 | 22 | .PARAMETER DomainName 23 | Specifies the alternative Domain where the computer should be created 24 | By default it will use the current domain. 25 | 26 | .NOTES 27 | https://github.com/lazywinadmin/ADSIPS 28 | #> 29 | [CmdletBinding()] 30 | param ([Parameter(Mandatory, ValueFromPipeline = $true)] 31 | $Identity, 32 | 33 | [Alias("RunAs")] 34 | [System.Management.Automation.PSCredential] 35 | [System.Management.Automation.Credential()] 36 | $Credential = [System.Management.Automation.PSCredential]::Empty, 37 | 38 | [String]$DomainName 39 | ) 40 | begin 41 | { 42 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 43 | 44 | $FunctionName = (Get-Variable -Name MyInvocation -Scope 0 -ValueOnly).Mycommand 45 | 46 | # Create Context splatting 47 | $ContextSplatting = @{ } 48 | if ($PSBoundParameters['Credential']){ 49 | Write-Verbose "[$FunctionName] Found Credential Parameter" 50 | $ContextSplatting.Credential = $Credential 51 | } 52 | if ($PSBoundParameters['DomainName']){ 53 | Write-Verbose "[$FunctionName] Found DomainName Parameter" 54 | $ContextSplatting.DomainName = $DomainName 55 | } 56 | } 57 | process 58 | { 59 | (Get-ADSIComputer -Identity $Identity @ContextSplatting).UnlockAccount() 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /src/public/Unlock-ADSIUser.ps1: -------------------------------------------------------------------------------- 1 | function Unlock-ADSIUser 2 | { 3 | <# 4 | .SYNOPSIS 5 | Function to Unlock a User in Active Directory 6 | 7 | .DESCRIPTION 8 | Function to Unlock a User in Active Directory 9 | 10 | .PARAMETER Identity 11 | Specifies the Identity 12 | 13 | .PARAMETER Credential 14 | Specifies alternative credential 15 | 16 | .EXAMPLE 17 | Unlock-ADSIUser -Identity 'testaccount' 18 | 19 | .EXAMPLE 20 | Unlock-ADSIUser -Identity 'testaccount' -Credential (Get-Credential) 21 | 22 | .PARAMETER DomainName 23 | Specifies the alternative Domain where the user should be created 24 | By default it will use the current domain. 25 | 26 | .NOTES 27 | https://github.com/lazywinadmin/ADSIPS 28 | #> 29 | [CmdletBinding()] 30 | param ([Parameter(Mandatory, ValueFromPipeline = $true)] 31 | $Identity, 32 | 33 | [Alias("RunAs")] 34 | [System.Management.Automation.PSCredential] 35 | [System.Management.Automation.Credential()] 36 | $Credential = [System.Management.Automation.PSCredential]::Empty, 37 | 38 | [String]$DomainName 39 | ) 40 | begin 41 | { 42 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 43 | 44 | $FunctionName = (Get-Variable -Name MyInvocation -Scope 0 -ValueOnly).Mycommand 45 | 46 | # Create Context splatting 47 | $ContextSplatting = @{ } 48 | if ($PSBoundParameters['Credential']){ 49 | Write-Verbose "[$FunctionName] Found Credential Parameter" 50 | $ContextSplatting.Credential = $Credential 51 | } 52 | if ($PSBoundParameters['DomainName']){ 53 | Write-Verbose "[$FunctionName] Found DomainName Parameter" 54 | $ContextSplatting.DomainName = $DomainName 55 | } 56 | } 57 | process 58 | { 59 | (Get-ADSIUser -Identity $Identity @ContextSplatting).UnlockAccount() 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /src/source.psm1: -------------------------------------------------------------------------------- 1 | 2 | # Try to add necessary assembly during module import - fixes issue where params rely on types within this assembly 3 | # If this assembly was not loaded prior to running Get-ADSIGroup, for example, you were not able to use that function 4 | # If adding this assembly fails, we still allow the user to import the module, but we show them a helpful warning 5 | TRY 6 | { 7 | Add-Type -AssemblyName System.DirectoryServices.AccountManagement 8 | } 9 | CATCH 10 | { 11 | Write-Warning "[AdsiPS] Unable to add assembly 'System.DirectoryServices.AccountManagement'.`r`nPlease manually add this assembly into your session or you may encounter issues! `r`n`r`nRun the following command: 'Add-Type -AssemblyName System.DirectoryServices.AccountManagement'" 12 | } --------------------------------------------------------------------------------