Difference between revisions of "Quest Active Directory and O365"
| Line 19: | Line 19: | ||
'''Unlock a specific user account'''<br> | '''Unlock a specific user account'''<br> | ||
Unlock-QADUser DSotnikov<br> | Unlock-QADUser DSotnikov<br> | ||
| + | '''Extensionattributes'''<br> | ||
| + | Get-QADUser user1 | Set-QADUser -objectAttributes @{extensionAttribute1="your value"}<br> | ||
| + | |||
'''Get all disabled accounts'''<br> | '''Get all disabled accounts'''<br> | ||
Get-QADUser -Disabled<br> | Get-QADUser -Disabled<br> | ||
Revision as of 11:00, 25 June 2014
Add-PSSnapin Quest.ActiveRoles.ADManagement
To disconnect at the end of session : Disconnect-QADService
$pw = read-host "Enter password" -AsSecureString
connect-QADService -service 'SECRET'-ConnectionAccount 'SECRET'-ConnectionPassword $pw
The following are examples of configuring the ProxyAddresses atribute :
$roy = get-qaduser gthom009
$roy | set-qaduser -objectAttributes @{ProxyAddresses=@{Update=@("SMTP:roy@globomantics.com")}}
$roy | set-qaduser -objectAttributes @{ProxyAddresses=@{Delete=@("SMTP:roy@globomantics.com")}
$roy | set-qaduser -objectAttributes @{ProxyAddresses=@{Append=@("smtp:george2@bold.ac.uk")}}
The following sets the users password.
Set-QADUser <user> -UserPassword “Password”
Unlocking a user unlock-QADUser 'MyDomain\JSmith'
To connect to Office365
$O365Cred = Get-Credential
$O365Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $O365Cred -Authentication Basic -AllowRedirection
Import-PSSession $O365Session
Connect-MsolService -Credential $O365Cred
Unlock a specific user account
Unlock-QADUser DSotnikov
Extensionattributes
Get-QADUser user1 | Set-QADUser -objectAttributes @{extensionAttribute1="your value"}
Get all disabled accounts
Get-QADUser -Disabled
Get all locked accounts in the accounting department
Get-QADUser -Locked -Department Accounting
Examples of get-QADGroup
Display the description of the 'SuperAdmins' group in domain ss64Dom PS C:>(get-QADGroup 'ss64Dom\SuperAdmins').DirectoryEntry.description Using an LDAP search filter, display all the groups whose description starts with an 's' PS C:> get-QADGroup -SearchRoot 'ss64.com/sampleOU' -LdapFilter '(description=s*)' List all distribution groups in a specific OU container: PS C:> get-QADGroup -SearchRoot 'ss64.com/sampleOU' -GroupType 'Distribution' ( Security ??? ) Retrieve groups from a particular container that have the user usr1021 as a direct or indirect member: PS C:> get-QADGroup -SearchRoot '<DN of container>' -ContainsIndirectMember 'ss64Dom\usr1021'
