PoshTip #11 – Active Directory PSDrive
One of cool feature enabled by the Active Directory module is the “Active Directory PSDrive”. You can browse your AD as if it is a hard drive.
First, you need to import the AD module :
Import-Module ActiveDirectory
And then, Browse your AD :
C:\> cd AD: AD:\> dir Name ObjectClass DistinguishedName ---- ----------- ----------------- TESTDomain domainDNS DC=TESTDomain,DC=local Configuration configuration CN=Configuration,DC=TESTDomain,DC=local Schema dMD CN=Schema,CN=Configuration,DC=TESTDomain,DC=local DomainDnsZones domainDNS DC=DomainDnsZones,DC=TESTDomain,DC=local ForestDnsZones domainDNS DC=ForestDnsZones,DC=TESTDomain,DC=local AD:\> cd "DC=TESTDomain,DC=local"
And you can list all the containers :
AD:\DC=TESTDomain,DC=local> dir Name ObjectClass DistinguishedName ---- ----------- ----------------- Builtin builtinDomain CN=Builtin,DC=TESTDomain,DC=local Computers container CN=Computers,DC=TESTDomain,DC=local Domain Controllers organizationalUnit OU=Domain Controllers,DC=TESTDomain,DC=local ForeignSecurityPr... container CN=ForeignSecurityPrincipals,DC=TESTDomain,DC=local Infrastructure infrastructureUpdate CN=Infrastructure,DC=TESTDomain,DC=local INSTANCES organizationalUnit OU=INSTANCES,DC=TESTDomain,DC=local LAB organizationalUnit OU=LAB,DC=TESTDomain,DC=local LostAndFound lostAndFound CN=LostAndFound,DC=TESTDomain,DC=local Managed Service A... container CN=Managed Service Accounts,DC=TESTDomain,DC=local Microsoft Exchang... organizationalUnit OU=Microsoft Exchange Security Groups,DC=TESTDomain,DC=local Microsoft Exchang... msExchSystemObjec... CN=Microsoft Exchange System Objects,DC=TESTDomain,DC=local NTDS Quotas msDS-QuotaContainer CN=NTDS Quotas,DC=TESTDomain,DC=local OperationsManager container CN=OperationsManager,DC=TESTDomain,DC=local Program Data container CN=Program Data,DC=TESTDomain,DC=local System container CN=System,DC=TESTDomain,DC=local TPM Devices msTPM-Information... CN=TPM Devices,DC=TESTDomain,DC=local Users container CN=Users,DC=TESTDomain,DC=local
Cool. Now you can use the Get-ChildItem cmdlet :
AD:\> cd "Users" AD:\CN=Users,DC=TESTDomain,DC=local> Get-ChildItem | Where-Object {$_.ObjectClass -eq "Group"} Name ObjectClass DistinguishedName ---- ----------- ----------------- Allowed RODC Pass... group CN=Allowed RODC Password Replication Group,CN=Users,DC=TESTDomain,DC=local Cert Publishers group CN=Cert Publishers,CN=Users,DC=TESTDomain,DC=local Cloneable Domain ... group CN=Cloneable Domain Controllers,CN=Users,DC=TESTDomain,DC=local ConfigMgr Remote ... group CN=ConfigMgr Remote Control Users,CN=Users,DC=TESTDomain,DC=local CSAdministrator group CN=CSAdministrator,CN=Users,DC=TESTDomain,DC=local CSArchivingAdmini... group CN=CSArchivingAdministrator,CN=Users,DC=TESTDomain,DC=local CSHelpDesk group CN=CSHelpDesk,CN=Users,DC=TESTDomain,DC=local CSLocationAdminis... group CN=CSLocationAdministrator,CN=Users,DC=TESTDomain,DC=local CsPersistentChatA... group CN=CsPersistentChatAdministrator,CN=Users,DC=TESTDomain,DC=local CSResponseGroupAd... group CN=CSResponseGroupAdministrator,CN=Users,DC=TESTDomain,DC=local CSResponseGroupMa... group CN=CSResponseGroupManager,CN=Users,DC=TESTDomain,DC=local