Get users membership from a group in another domain in forest

Posted by danieldrnek on 16.11.2016

PS C:\> Get-ADGroupMember -Identity “groupe” -server “another.domain.local”

Define group members with disabled account

Posted by danieldrnek on 11.11.2016

Get-ADGroupMember -identity “group” | get-aduser | Where {$_.Enabled -eq $false} | FT samAccountName

Change Active Directory Group type

Posted by danieldrnek on 18.10.2016

Modify Active Directory Group type from Global Security do Domain Local etc.

step1:

Get-ADGroup -Filter ‘GroupCategory -eq “Security” -and GroupScope -eq “Global”‘ -SearchBase ‘OU=groups,Ou=domain,DC=domain,DC=local’ | Set-ADGroup -GroupScope Universal

Enter

step2:

Get-ADGroup -Filter ‘GroupCategory -eq “Security” -and GroupScope -eq “Universal”‘ -SearchBase ‘OU=groups,OU=domain,DC=domain,DC=local’ | Set-ADGroup -GroupScope Domainlocal

Enter

Get PC from AD which are not renamed

Posted by danieldrnek on 12.2.2016

PowerShell Script which find PC with wrong name. Default name MiniNT etc.

$body = Get-ADComputer -Filter “Name -like ‘minint*'” -SearchBase ‘OU=Desktop,OU=Computers,OU=company,DC=company,DC=local’
If ($body -ne $Null) {
$emailFrom = “alert@mail.com”
$emailTo = “somebody@company.com”
$subject = “Wrong name PC in Active Directory”
$body = $body
$smtpServer = “webmail.com”
$smtp = new-object Net.Mail.SmtpClient($smtpServer)
$smtp.Send($emailFrom, $emailTo, $subject, $body)
}