Get AD System info remotely using PowerShell function

In this post you will find out how to get basic AD system information using PowerShell function. There are multiple articles on our blog describing plenty of Active Directory aspects. This time I want to show you another great function which helps discover useful data from remote systems. Get AD System Using below function you can get the following information: – Computername – DomainDNSName – DomainShortName – ForestDNSName – IsNativeMode …

How to add progress bar in your PowerShell scripts?

Today you will learn how to add progress bar in your code. In last post I described how to combine CSV files and this time I’m gonna show how to use those files and add cool feature to script. Progress bar Script is based on Write-Progress cmdlet which displays a progress bar in a Windows PowerShell command window that depicts the status of a running command or script. You can …

PowerShell Tip of the Week: Combine multiple CSV files

Recently I had to combine multiple files and count unique users from them. Script is pretty simple but it might me useful in some troubleshooting sessions. Below you can find two examples about how can this be done. Combine CSV files I created folder called Files on my desktop and pasted there user lists in CSV format. Files contains multiple columns but I was focusing only on Samaccountname: File example …

Basic DC health email report via PowerShell

Today I would like to share one of the scripts for basic DC health checks. Some time ago I added article about DCDIAG and Repadmin. This time I created html formatted report for DCDIAG, ADSystem and AD Services. You can modify this easily and add additional functions. DC Health report Script contains lots of lines so we need to break it apart to make it more understandable. For health checks …

Find duplicated SPNs in Active Directory

Today’s script will help you to in easy way find duplicated SPNs in Active Directory. What is SPN? SPN (Service Principal Name) according to Microsoft definition is unique identifier of service instance. To better understand it we can compare it to alias (CNAME record) in DNS. A Service Principal Name is a pointer to account created in Active Directory domain. It can be either created for service account or computer …

Use Set-ADUser command to update user attributes

How to use Set-ADUser command? Updating user properties manually can be time consuming. This is why its good to have a script for bulk modifications. One of the ActiveDirectory module command is called Set-ADUser and it allows us to modify user properties. Below you can find script for adding or updating AD user mobile phone. To update phone number for one specific user we can just run the following command: …

Identify Azure AD provisioning errors

In this article I want to show you how to identify Azure AD provisioning errors during sync. One of the feature of Azure Active Directory is identifying issues caused by conflicts during run one of the synchronization tools. Usually this kind of issues are caused by two attrbiutes UserPrincipalName and ProxyAddress which should be unique for objects like Users or Groups in one Azure AD tenant. Identifying Azure AD provisioning …

Get restricted groups from GPO

Today I want to share you my function which will show you how to get restricted groups from GPO. In big Active Directory environments access to servers and workstations are usually managed by AD groups and group policies. Script which I prepared can help administrators to find which restricted groups have an acccess to servers/workstations in specific OU. How script works? Script is checking for all of the GPOs which …

Use PowerShell to generate token bloat report

Today you will find out how to create token bloat report and send it to specified email address. If you are working in large scale environment you may find this useful. Token bloat There is often a situation when some user is complaining that he is unable to access some corporate applications. After short investigation you can find that one of the reason for that might be large number of …

PowerShell one-liner: Find BitLocker key

As you probably know PowerShell is a powerful tool and getting BitLocker key is one of its capabilities. In this article you will find out how to use one-liner script based on ActiveDirectory module to gather BitLocker key information. The easiest way is to use Get-BitLockerVolume command but we need to have BitLocker module installed: Get-ADObject is one of the AD module commands which helps to gets an Active Directory …