With command line tools a lot of complex tasks can be accomplished easily and efficiently; I'll state below two of common tasks that admins may need to perform in Active Directory and explain how to perform those tasks in the easiest way.
Tasks :
For the first scenario [ task ] , it can be accomplished using Directory Services commands as follow:
Hope that those commands are helpful ;)
Tasks :
- Copy group's membership from one user to another one
- Copy all members from one group to another group
- TestUser1 is a domain user who is member of two groups [ TestGroup1 & TestGroup2 ] . We require that TestUser2 - a newly created domain user - to be a member of all Active Directory groups that TestUser1 is member in it.
- TestGroup3 includes the following members [ TestUser3 : TestUser7 ] ,those users are required to be added to another group named TestGroup4.
For the first scenario [ task ] , it can be accomplished using Directory Services commands as follow:
dsget user "SourceUserDN" –memberof | dsmod group –addmbr "TargetUserDN"
For my example and as both users are located at TestOU which located directly under my domain node, our command will be as follow:
dsget user "CN=TestUser1,OU=TestOU,DC=itguydiaries,DC=net" -memberof | dsmod group -addmbr "CN=TestUser2,OU=TestOU,DC=itguydiaries,DC=net"
Here is a screen shoot for command execution and result : 
The dsmod failure above is due to that the user is already a member of "Domain Users" group.
For the first scenario [ task ] , we can accomplish it using Directory Service commands as follow:
dsget group "SourceGroupDN" –members | dsmod group "TargetGroupDN" –addmbr
For my example and as both groups are located at TestOU which located directly under my domain node, our command will be as follow:
dsget group "CN=TestGroup3, OU=TestOU,DC=itguydiaries,DC=net " –members | dsmod group "CN=TestGroup4, OU=TestOU,DC=itguydiaries,DC=net" –addmbr
And here is a screen shoot for command execution and result : 
Hope that those commands are helpful ;)
No comments:
Post a Comment