27 lines
1.0 KiB
Plaintext
27 lines
1.0 KiB
Plaintext
# global catalog port
|
|
`-server dc01.blackmesa.com:3268`
|
|
|
|
# set extension attr
|
|
`Set-ADUser -replace @{extensionAttribute15='f'}`
|
|
|
|
# pw never expires
|
|
`Get-AdUser -filter { passwordNeverExpires -eq $true -and enabled -eq $true } | Select Name, DistinguishedName`
|
|
|
|
# get user by SID
|
|
`get-aduser -Identity "S-1-5-21-" -server dc01.blackmesa.com:3268`
|
|
|
|
# force pw reset
|
|
`get-aduser -filter * -SearchBase 'OU=Users,DC=BlackMesa,DC=com' | set-aduser -ChangePasswordAtLogon $true`
|
|
|
|
# submit CSR to CA
|
|
`certreq -submit -attrib "CertificateTemplate:WebserverVersion3" docs_req.req`
|
|
|
|
# sort users by last logon
|
|
`get-aduser -filter 'enabled -eq "true"' -properties lastlogontimestamp | Select samaccountname, @{Name="lastLogontimestamp";Expression={[datetime]::FromFileTime($_.'lastLogontimestamp')}} | sort-object -property 'lastLogontimestamp' `
|
|
|
|
# check CRL
|
|
`certutil -URL "http://ca.blackmesa.com/CertEnroll/blackmesa ca01.crl"`
|
|
|
|
# copy group members to another group
|
|
`Get-ADGroupMember -Identity "Group1" | % {Add-ADGroupMember -Identity "Group2" -Members $_.distinguishedName}`
|