= Cheatsheet Active Directory =

**Summary**: Active Directory hints, tips, oneliners and best practices. \\
**Date**: 8 December 2024 \\
{{tag>cheatsheet ad powershell}}

== Active Directory Users ==

> Count all users in all departments
<code powershell>
Get-ADUser -SearchBase "OU=Users,DC=GetShifting,DC=local" -filter * -Properties name,department,enabled  | where {$_.enabled -eq "true"} | group department | select name, count
</code>
\\
> All enabled users that have never logged in
<code powershell>
Get-ADUser -Filter {(lastlogondate -notlike "*" -AND enabled -eq "True")} -SearchBase "OU=Users,DC=GetShifting,DC=local"
</code>
\\
> All enabled users that have not logged on for more than 90 days
<code powershell>
$90Days = (get-date).adddays(-90)
Get-ADUser -Filter {(lastlogondate -le $90days -AND enabled -eq "True")} -SearchBase "OU=Users,DC=GetShifting,DC=local"
</code>
\\
> Get the most common reasons on a user for not being able to logon
<code powershell>
Get-ADUser User123 -Properties * | Select-Object enabled,passwordexpired,lockedout
</code>

== Active Directory Groups ==

> Get all groups in a specific OU
<code powershell>
Get-ADGroup -SearchBase "OU=Groups,DC=GetShifting,DC=local" -Filter * | Select-Object name
</code>
\\
> Get all groupmembers from a specific group
<code powershell>
Get-ADGroupMember "RDP Desktop Users" -recursive | Select-Object Name
</code>
\\

== Active Directory Servers ==

> All servers
<code powershell>
Get-ADComputer -Filter {(operatingSystem -like "*windows*Server*")}
</code>
Note: Does not select Windows 2000 Servers.
> Select servers on properties
<code powershell>
Get-ADComputer -filter {(description -like "*financial*" -AND name -like "SQL*")} -Properties * | select name, description
</code>

== Active Directory DNS ==

> Get all AD DNS zones with all properties
<code powershell>
Get-ChildItem "AD:CN=MicrosoftDNS,DC=DomainDNSZones,DC=getshifting,DC=local" | Select-Object *
</code>
\\
> Get all records in a DNS zone with all properties
<code powershell>
Get-ChildItem "AD:DC=getshifting.local,CN=MicrosoftDNS,DC=DomainDNSZones,DC=getshifting,DC=local" | Select-Object *
</code>
\\
>Get creation and modify date of AD DNS records
<code powershell>
Get-ChildItem "AD:DC=getshifting.local,CN=MicrosoftDNS,DC=DomainDNSZones,DC=getshifting,DC=local" | Where-Object {$_.name -like "build*"} | Get-ADObject -Properties Created,Modified | Select-Object Name,Created,Modified
</code>

== Active Directory Policies ==

> Get the max password age from the policy
<code powershell>
(Get-ADDefaultDomainPasswordPolicy -ErrorAction Stop).MaxPasswordAge.Days
</code>

== Service Principal Names ==

Create a service principle name:

* Open a command prompt and use the following command:

<code>
setspn -A BOBJCentralMS/crystalsrv.company.local BOservice
</code>
Check:
<code>
C:\Windows\system32>setspn -Q BOBJCentralMS/crystalsrv.company.local
CN=BusinessObjects Service,OU=ServiceAccounts,DC=company,DC=local
        BOBJCentralMS/crystalsrv.company.local
        BOBJCentralMS/crystal01srv.company.local

Existing SPN found!
</code>