Wednesday, September 28, 2011

Powershell OU Management

I like this post hence pasting it as is from the site
http://dmitrysotnikov.wordpress.com/2007/05/04/ou-management-with-powershell/

Get the list of OUs:
PS C:> Get-QADObject -Type OrganizationalUnit  

Name               Type               DN
----               ----               --
Domain Controllers organizationalUnit OU=Domain Controllers,DC=ps64,DC=local
Microsoft Excha... organizationalUnit OU=Microsoft Exchange Security Groups,DC=ps64,DC=local

Create New OU in domain root:
PS C:\> New-QADObject -Type organizationalUnit -Name TestOU -ParentContainer ps64.local/
Name               Type               DN
----               ----               --
TestOU             organizationalUnit OU=TestOU,DC=ps64,DC=local

Create 5 test users in the new OU:
PS C:> 1..5 | ForEach { New-QADUser -ParentContainer ps64.local/TestOU -Name ("TestUser" + $_)}
Name               Type               DN
----               ----               --
TestUser1          user               CN=TestUser1,OU=TestOU,DC=ps64,DC=local
TestUser2          user               CN=TestUser2,OU=TestOU,DC=ps64,DC=local
TestUser3          user               CN=TestUser3,OU=TestOU,DC=ps64,DC=local
TestUser4          user               CN=TestUser4,OU=TestOU,DC=ps64,DC=local
TestUser5          user               CN=TestUser5,OU=TestOU,DC=ps64,DC=local

Get a list of users in an OU (and all nested OUs):
PS C:\> Get-QADUser -SearchRoot ps64.local/TestOU
Name               Type               DN
----               ----               --
TestUser1          user               CN=TestUser1,OU=TestOU,DC=ps64,DC=local
TestUser2          user               CN=TestUser2,OU=TestOU,DC=ps64,DC=local
TestUser3          user               CN=TestUser3,OU=TestOU,DC=ps64,DC=local
TestUser4          user               CN=TestUser4,OU=TestOU,DC=ps64,DC=local
TestUser5          user               CN=TestUser5,OU=TestOU,DC=ps64,DC=local

Get only users placed directly in the OU (and not in sub-OUs):
PS C:\> Get-QADUser -SearchRoot ps64.local/TestOU -SearchScope OneLevel
Name               Type               DN
----               ----               --
TestUser1          user               CN=TestUser1,OU=TestOU,DC=ps64,DC=local
TestUser2          user               CN=TestUser2,OU=TestOU,DC=ps64,DC=local
TestUser3          user               CN=TestUser3,OU=TestOU,DC=ps64,DC=local
TestUser4          user               CN=TestUser4,OU=TestOU,DC=ps64,DC=local
TestUser5          user               CN=TestUser5,OU=TestOU,DC=ps64,DC=local

Modify all users from an OU:
PS C:\> Get-QADUser -SearchRoot ps64.local/TestOU | Set-QADUser -City TestCity
PS C:> Get-QADUser -SearchRoot ps64.local/TestOU | Format-Table Name, City
Name                                                City
----                                                ----
TestUser1                                           TestCity
TestUser2                                           TestCity
TestUser3                                           TestCity
TestUser4                                           TestCity
TestUser5                                           TestCity

Get statistics on the number of objects in each OU:
PS C:\> Get-QADObject -Type organizationalUnit | foreach { Write-Host $_.Name: (Get-QADObject -SearchRoot $_.DN).Count}
Domain Controllers : 5
Microsoft Exchange Security Groups : 6
TestOU : 6


Get the list of AD objects by OU:
PS C:\> Get-QADObject -Type organizationalUnit | foreach { Write-Host ([char]10) $_.Name ([char]10); Get-QADObject -SearchRoot $_.DN }
Domain Controllers  

Name               Type               DN
----               ----               --
Domain Controllers organizationalUnit OU=Domain Controllers,DC=ps64,DC=local
SPB9880            computer           CN=SPB9880,OU=Domain Controllers,DC=ps64,DC=local
RID Set            rIDSet             CN=RID Set,CN=SPB9880,OU=Domain Controllers,DC=ps64,DC=local
NTFRS Subscript... nTFRSSubscriptions CN=NTFRS Subscriptions,CN=SPB9880,OU=Domain Controllers,DC=ps64,DC=local
Domain System V... nTFRSSubscriber    CN=Domain System Volume (SYSVOL share),CN=NTFRS Subscriptions,CN=SPB9880,OU=Do...  

Microsoft Exchange Security Groups  

Microsoft Excha... organizationalUnit OU=Microsoft Exchange Security Groups,DC=ps64,DC=local
Exchange Servers   group              CN=Exchange Servers,OU=Microsoft Exchange Security Groups,DC=ps64,DC=local
Exchange Organi... group              CN=Exchange Organization Administrators,OU=Microsoft Exchange Security Groups,...
Exchange Recipi... group              CN=Exchange Recipient Administrators,OU=Microsoft Exchange Security Groups,DC=...
Exchange View-O... group              CN=Exchange View-Only Administrators,OU=Microsoft Exchange Security Groups,DC=...
ExchangeLegacyI... group              CN=ExchangeLegacyInterop,OU=Microsoft Exchange Security Groups,DC=ps64,DC=local  

TestOU  

TestOU             organizationalUnit OU=TestOU,DC=ps64,DC=local
TestUser1          user               CN=TestUser1,OU=TestOU,DC=ps64,DC=local
TestUser2          user               CN=TestUser2,OU=TestOU,DC=ps64,DC=local
TestUser3          user               CN=TestUser3,OU=TestOU,DC=ps64,DC=local
TestUser4          user               CN=TestUser4,OU=TestOU,DC=ps64,DC=local
TestUser5          user               CN=TestUser5,OU=TestOU,DC