-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathPowershell cmds generic.txt
255 lines (190 loc) · 10.2 KB
/
Powershell cmds generic.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
# Active Directory PowerShell Commands
get-command -Module ActiveDirectory
# Display Basic Domain Information
Get-ADDomain
# Get all Domain Controllers by Hostname and Operating
Get-ADDomainController -filter * | select hostname, operatingsystem
# Get all Fine Grained Password Policies
Get-ADFineGrainedPasswordPolicy -filter *
# Get Domain Default Password Policy
# Gets the password policy from the logged in domain
Get-ADDefaultDomainPasswordPolicy
# Backup Active Directory System State Remotely
# This will back up the domain controllers system state data.
# Change DC-Name to your server name and change the Backup-Path. The backup path can be a local disk or a UNC path
invoke-command -ComputerName DC-Name -scriptblock {wbadmin start systemstateback up -backupTarget:"Backup-Path" -quiet}
# Get User and List All Properties (attributes)
# Change username to the samAccountName of the account
Get-ADUser user01 -Properties *
# Get User and List Specific Properties
# Just add whatever you want to display after select
Get-ADUser username -Properties * | Select name, department, title
# Get All Active Directory users in domain and all their properties
Get-ADUser -Filter * -Properties * | Export-csv 'users_output.csv'
Get-ADUser -Filter * -Properties * | Select SamAccountName, LastLogonDate | Export-csv 'users_logon_output.csv'
Get-ADUser -Filter {name -like "*john*"} | Select name, department, DisplayName, EmailAddress, HomePhone, mailNickname, Manager, memberof, SamAccountName, title, UserPrincipalName | Export-csv -path 'custom_users_output.csv'
Get-ADUser -Filter * | Select name, department, DisplayName, EmailAddress, HomePhone, mailNickname, Manager, MemberOf, SamAccountName, title, UserPrincipalName, LastLogonDate | Export-csv 'users_output.csv'
# Get All Users From a Specific OU
# OU = the distinguished path of the OU
Get-ADUser -SearchBase 'OU=TestOU,DC=w2k16,DC=domainname,DC=local' -Filter *
# Get AD Users by Name
# This command will find all users that have the word bob in the name.
# Change bob to the word you want to search for.
get-Aduser -Filter {name -like "*bob*"}
# Get All Disabled User Accounts
Search-ADAccount -AccountDisabled | select name
# Disable User Account
Disable-ADAccount -Identity testBU
# Enable User Account
Enable-ADAccount -Identity testBU
# Get All Accounts with Password Set to Never Expire
get-aduser -filter * -properties Name, PasswordNeverExpires | where {$_.passwordNeverExpires -eq "true" } | Select-Object DistinguishedName,Name,Enabled
# Find All Locked User Accounts
Search-ADAccount -LockedOut
# Unlock User Account
Unlock-ADAccount -Identity testBU
# List all Disabled User Accounts
Search-ADAccount -AccountDisabled
Search-ADAccount -AccountDisabled | Select-Object DistinguishedName,Name,Enabled
# Force Password Change at Next Login
Set-ADUser -Identity testBU -ChangePasswordAtLogon $true
# Move a Single User to a New OU
# You will need the distinguishedName of the user and the target OU
Move-ADObject -Identity "CN=Test2user,OU=TestOU,DC=w2k16,DC=domainname,DC=local" -TargetPath "OU=Test2OU,DC=w2k16,DC=domainname,DC=local"
# Move Users to an OU from a CSV
# Setup a csv with a name field and a list of the users sAmAccountNames. Then just change the target OU path.
# Read user sAMAccountNames from csv file (field labeled "Name").
$TargetOU = "OU=Test2OU,DC=w2k16,DC=domainname,DC=local"
Import-Csv -Path users_to_move.csv | ForEach-Object {
$UserDN = (Get-ADUser -Identity $_.Name).distinguishedName
Move-ADObject -Identity $UserDN -TargetPath $TargetOU }
# Get All members Of A Security group
Get-ADGroupMember -identity 'Test 1 Group'
# Get All Security Groups. will list all security groups in a domain
Get-ADGroup -filter *
Get-ADGroup -filter {name -like "*test*"}
# Add User to Group
# Change group-name to the AD group you want to add users to
Add-ADGroupMember -Identity "Test 2 Group" -Members TestOU, TestBU
# Export Users From a Group
# This will export group members to a CSV, change group-name to the group you want to export.
Get-ADGroupMember -identity 'Test 2 Group' | select name | Export-csv -path 'Test2GroupOutputGroupmembers.csv' -NoTypeInformation
Get-ADGroupMember -identity 'Test 2 Group' | select DistinguishedName, GroupCategory, GroupScope, Name,
ObjectClass, ObjectGUID, SamAccountName, SID | Export-csv -path 'Test2GroupOutputGroupmembersFull.csv' -NoTypeInformation
# Get Group by keyword
# Find a group by keyword. Helpful if you are not sure of the name, change group-name.
get-adgroup -filter * | Where-Object {$_.name -like "*test*"}
# Import a List of Users to a Group
$members = Import-CSV 'users_to_add.csv' | ForEach-Object {
$UserDN = (Get-ADUser -Identity $_.Name).distinguishedName
Add-ADGroupMember -Identity "Test 2 Group" -Members $UserDN}
# AD Computer Commands
# Get All Computers
# This will list all computers in the domain
Get-AdComputer -filter *
# Get All Computers by Name
# This will list all the computers in the domain and only display the hostname
Get-ADComputer -filter * | select name
# Get All Computers from an OU
Get-ADComputer -SearchBase "OU=TestOU,DC=w2k16,DC=domainname,DC=local" -Filter *
# Get a Count of All Computers in Domain
Get-ADComputer -filter * | measure
# Get all Windows 10 Computers
# Change Windows 10 to any OS you want to search for
Get-ADComputer -filter {OperatingSystem -Like '*Windows 10*'} -property * | select name, operatingsystem
Get-ADComputer -filter {OperatingSystem -Like '*Windows 7*'} -property * | select name, operatingsystem
# Get a Count of All computers by Operating System
# This will provide a count of all computers and group them by the operating system. A great command to give you a quick inventory of computers in AD.
Get-ADComputer -Filter "name -like '*'" -Properties operatingSystem | group -Property operatingSystem | Select Name,Count
# Delete a single Computer
Remove-ADComputer -Identity "USER04-SRV4"
# Delete a List of Computer Accounts
# Add the hostnames to a text file and run the command below.
Get-Content -Path 'pcs_to_del.csv' | Remove-ADComputer
# Delete Computers From an OU
Get-ADComputer -SearchBase "OU=DELME,OU=Workstations,OU=Computers,OU=TestOU,DC=w2k16,DC=iscllc,DC=local" -Filter * | Remove -ADComputer
# Group Policy Section
# Get all GPO related commands
get-command -Module grouppolicy
# Get all GPOs by status
get-GPO -all | select DisplayName, gpostatus
# Backup all GPOs in the Domain
Backup-Gpo -All -Path C:\Users\Administrator\GPObackup
# Office 365 PowerShell Commands
# Connect To Exchange Online
# This will pop up and ask for credentials
$UserCredential = Get-Credential $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection Import-PSSession $Session
# Force Azure Sync
# This is for the azure ad sync client.
# Force delta sync (only sync changes
Start-ADSyncSyncCycle -PolicyType Delta Force a full sync Start-ADSyncSyncCycle -PolicyType Initial
# Get A List of All Office 365 Users
Get-MsolUser | Select DisplayName, City, Department, ObjectID
# Get Full mailbox details
Get-Mailbox email-address | fl
# Get Calendar Permissions
Get-MailboxFolderPermission username:calendar
# Enable Remote Mailbox (Hybrid Environment)
# Use this command if you have an existing on-premise user that needs an office 365 mailbox. There are other ways to do this but this creates all the attributes in the AD account.
# Replace the username and the tenant fields
Enable-RemoteMailbox username -RemoteRoutingAddress "[email protected]"
# Windows Server & Client Commands
# Get all Services
get-service
# Get all Processes
get-process
# Display Network Adapters
# Gets detailed about the network adapter installed such as name, status, speed and mac address.
Get-NetAdapter
# Restart Remote Computers
Restart-Computer -ComputerName "DESKTOP-VANILLA", "S1L-WIN7-001"
# Get Last Boot Time
# This takes a few lines
$os = Get-WmiObject win32_operatingsystem
$uptime = (Get-Date) - $os.ConvertToDateTime($os.LastBootUpTime)
Write-Output ("Last boot: " + $os.ConvertToDateTime($os.LastBootUpTime))
# You can also run this single line to get last boot time
systeminfo | more
# Start a Remote Session
# Use this to start an interactive session with a remote computer
Enter-PSSession -ComputerName DESKTOP.LOCAL
# Read the Content of a File (Open a file)
# This example shows how to read the content of the windows firewall log file
Get-Content -Path "c:\windows\system32\logfiles\firewall\pfirewall.log"
# Copy Files & Folders
# Use this command to copy an entire folder to another folder. This will copy the folder and all the sub
folder/files. The -verbose command will display the results to the console.
copy-item C:\Users\Public\TestTopLevel -destination \\WINDESKTOP\GPOBackup -recurse -verbose
# Basic PowerShell Commands
# Get Execution Policy
get-executionpolicy
# Set Execution Policy to Unrestricted
set-executionpolicy unrestricted
# Show PowerShell Version
$PSVersionTable
# Get help for a command
# Use this to get the help information for a command
get-help command-name
# Search Get Help
# Use this to search the help files. This is useful if you don�t know the command or want to see if one exists.
get-help *keyword*
# Get Installed Modules
# Use this command to display all the installed modules on a computer
get-installedmodule
# List All Available Modules
# This will list all available modules on the computer.
Get-Module -ListAvailable
# Exporting results to CSV
# Add export-csv to the end of commands
Get-ADUser testOU -Properties * | Select name, department, title | export-csv 'user.csv'
# Display available commands
# This will display all commands that are available based on the modules that are loaded.
get-command
# Find New Modules
# Replace *ntfs* with the keyword you want to search for. This searches modules at
https://www.powershellgallery.com/
Find-Module *ntfs*
# Install a New Module
# Installs modules from https://www.powershellgallery.com/
# I found a module called NTFSSecurity, to install it I run this command
install-module NTFSSecurity