www.kreslavsky.com

Finding Disabled Users:

get-qaduser –disabled

Create a new Active Directory user:

new-QADUser -name '<User CN>' -parentContainer '<Parent DN>' -UserPassword
'<Password>' -FirstName '<User First Name>' -LastName '<User Last Name>'
-UserPrincipalName '<User UPN>'

Create multiple users in Active Directory:

$parentDN = “<ParentDN>" $strPass = “userPaswd” For ($i = 1; $i -le 1000; $i++) { $strUserName = “User” + $i New-QADUser -name $strUserName -parentContainer $parentDN -UserPassword $strPass }

Modify Attributes for several users:

$strfileServer = "\\Servername\"
$objOU = [ADSI] "LDAP://<OU DN>"
$objOU.psbase.Children |% {
    $uac = [int](($_.userAccountControl).ToString())
    if (($_.objectClass -eq "user") -and (($uac -band 2) -eq 0))
    {
        $_.put("homeDirectory", $strFileServer + $_.sAMAccountName)
        $_.SetInfo()
    }
}

Delete user in Active Directory

remove-QADObject -identity <User DN>

Set user profile in Active Directory

get-QADUser -identity "<User DN>" |
set-QADUser -HomeDirectory '\\Servername\Katrin' -HomeDrive
'H:' -ProfilePath '\\server1\profiles\jsmith'
-scriptpath '\\dcname\netlogon\logonscript.vbs'

Move User to other OU

move-QADObject -Identity <UserDN> -NewParentContainerName <New OU DN>

Find Locked User Accounts

Get-QADuser -locked

Unlock User Account

Unlock-QADUser -Identity <UserDN>

Retrieve Password lockout policy

Get-QADObject domainname.com | format-list Name, *password*, *lockout*

Related Articles

• PowerShell script to find all Local Users on a remote computer (0)
• Exchange 2007 CCR Database Move Examples (0)
• How to update exchange 2007 Offline Address List (0)
• Exchange 2007 ADD Powershell CmdLets (0)
• Move Domain Controller to other site – PowerShell (0)
• PowerShell Script To Create Snapshot of All VMs – Hyper-V (0)
• Rename all Domain Local Administrator Username Via Script (2)
• Windows 2008 Identify all AD admins script (0)
• Find user group membership Powershell script (0)
• Windows programs shortcuts (0)