Powershell Domain Controller Assessment

To get a list of the FSMO Role holders for a Single Domain.

1 Get-ADDomain | Select-Object DistinguishedName, SchemaMaster, DomainNamingMaster, InfrastructureMaster, PDCEmulator, RIDMaster

To get a list of the FSMO Role holders in a Forest.

1 Get-ADForest | Select-Object Name,SchemaMaster, DomainNamingMaster,InfrastructureMaster, PDCEmulator, RIDMasterall

To get a nicely formatted list with all the Domain Controllers and who owns which particular role.

1 Get-ADDomainController -Filter * | Select-Object Name, Domain, Forest, OperationMasterRoles | Where-Object {$_.OperationMasterRoles}

ref: https://www.markou.me/2016/10/get-list-fsmo-role-holders-using-powershell-one-liners/

Powershell : Domain Binding & Description

To bind a machine to the domain, rename it and put it in the desired OU:

Add-Computer -DomainName $FQDN -NewName $COMPUTERNAME -Credential $DOMAINBINDACCOUNT -OUPath "OU=SOMEOU, DC=test, DC=com" -restart

To replace an AD Computer object’s Description field:

$description = "This is a test description"
$ADComputer = get-adcomputer <ENGS-XXXX> -properties Description
Set-ADComputer $ADComputer -Description "$($ADComputer.Description) $description"

Powershell : Useful Commands

Get members of a group:

get-adgroupmember -identity <GROUPNAME>

Get a list of user’s “PasswordLastSet” field has a date greater than 31/01/2000 along with their usernames and email addresses:

get-aduser -filter * -Properties PasswordLastSet | where {$_.passwordLastSet -ge [DateTime] "01/31/2000 00:01 AM"} | Select-Object Name, PasswordLastSet, SamAccountName, EmailAddress

Compare two CSV files for differences:

$refCSV = import-csv .\Source.csv 
$compCSV = import-csv .\Reference.csv 
compare-object -referenceobject $refCSV -DifferenceObject $compCSV | foreach { $_.InputObject}

Iterate over a text file of usernames (one per line) and query AD for some values, printing the useraccount’s containing OU in a easily readable form and output to results.csv:

$usersaffected = "c:\tmp\listofusernames.txt"
$output = foreach ($line in get-content $usersaffected) {get-aduser $line -Properties * | Select @{l='OU';e={$_.DistinguishedName.split(',')[1].split('=')[1]}},"whenCreated", "emailaddress", "passwordLastSet", "distinguishedName"}
$output | export-csv -path c:\tmp\results.csv

Powershell : Query Computer for Installed Software

Onwards with the powershell quest, this code queries the remote computer named “PC1” for installed software and writes the results to a local file “C:\PC1_InstalledPrograms.csv”. The ouput is filtered for the “Displayname”,”Publisher”,”Version” and sorted by DisplayName.

Note: it does require SCCM’s Software Centre installed I think!

PS C:\Windows\system32> get-wmiobject -class win32reg_addremoveprograms -computername PC1 | select-object Displayname,Publisher,Version | export-csv -path "c:\PC1.csv"