Remote Shared Mailbox

Get Remote Shared Mailbox using LDAPFilter

Find out how to get Remote Shared Mailbox using LDAPFilter. In this short article, I wanted to share a PowerShell script for getting user objects where property msExchRecipientTypeDetails is a Remote Shared Mailbox. Recipient Type Values First, we need to find which property and value are for Remote Shared Mailboxes. There are three attributes that we can check: msExchRemoteRecipientType msExchRecipientDisplayType msExchRecipientTypeDetails In this case, we will focus on msExchRecipientTypeDetails attribute …

get computer

Get AD Computer examples

In this post, I want to share a few examples of Get-ADComputer command. If ever you wondered how to get computer objects from Active Directory by some specific property, by password last set property or range, last logon date, or some other search criteria this article if for you. Below you can find few scripts that I was using recently 🙂 Get all computers To get all computers from Active …

move computer

PowerShell Tip of the Week: Move computer objects to OU

Find out how to move computer objects to different OU. In this example, you need to have the Active Directory module installed and distingushednames of the target organizational unit and the source. Move computers PowerShell script is based on Move-ADObject command. This cmdlet moves an object or a container of objects from one container to another or from one domain to another. To move a single computer you can use …

lastlogondate

Get users who haven’t logged in longer than X days (LastLogonDate)

Find out how to get users who haven’t logged in longer than X days. In today’s post, I wanted to share a simple Active Directory inventory script. It is using AD module commands and saving results into a CSV file. LastLogonDate This script might be useful in getting users that haven’t logged for a longer amount of time. It is checking lastlogondate property: Please be aware that it gets a …

move computer

Get Active Directory empty groups

Recently I was asked to find all Active Directory empty groups. In this case, I was using ActiveDirectory module commands with LDAP filters. Active Directory empty groups The Get-ADGroup cmdlet gets a group or performs a search to retrieve multiple groups from an Active Directory. The Identity parameter specifies the Active Directory group to get. You can identify a group by its distinguished name (DN), GUID, security identifier (SID), Security Accounts Manager (SAM) account …

Add AD group to local administrators of the server

Today post will help you to understand how add AD group to local administrators. Below script in first way is searching Active Directory for servers with Windows Server OS (this can be filtered deeper with LDAP filter adjustment). Once all computers objects are gathered script create AD group. Name of the AD group uses pattern ADMComputerName. When AD group is created it’s added to local administrators group of the server. …