— If you were directed here from the forums, pay special attention to the notes. I am doing this because so often people post code without telling you what tools you need to run it! —

I often times see people heading over to the forums to get some help with working with AD type stuff and don’t really know where to start or what the options are.

The biggest part over looked (and what I’m covering here) is the methods available for working with the AD from Powershell.

You’ve got three options outlined below with pro’s and con’s

• Active Directory modulefrom Microsoft (RSAT)
  • Pros
    • Easy to use
    • Available on Windows 7 and 2008 (RSAT feature)
    • Built in/Native
  • Cons
    • Requires Active Directory Web Services
  • Notes:
    • cmdlets are in the standard verb-noun format and are documented on Technet pretty well
• Quest ActiveRoles Management
  • Pros
    • Easy to use
    • Works on just about anything
  • Cons
    • Requires the module to be installed to use it (bad for scripting)
  • Notes
    • all cmdlets are in the format verb-QAnoun so, if you see a cmdlet with QA you need the quest tools
• .NET Directory Services
  • Pros
    • Works anywhere
    • No requirements
    • Great for scripts to assure they always work
  • Cons
    • Requires more code
    • Deeper understanding of AD to utilize
  • Notes
  • nice shortcut to DirectoryEntry by casting: $domain = [ADSI] “LDAP://path”
  • $searcher = [ADSISearcher] “LDAP filter query“

My personal choice is the .NET method, since I can use it in a script and know for sure it will work, but, it’s a LOT more coding. If you are doing admin type work, you might want to look at either the Quest tools or using the Active Directory module. If you want to know if the AD module is installed and available you can run the following command

Get-Module –list

You should see the ActiveDirectory module in the list. You can then import it if you’d like to use it

Import-Module ActiveDirectory

If you are unsure if you have ADWS running on your domain attempting to import the module will tell you if it cant find one.

and you can use the link above to get started or simply list out the commands in that module.

Get-Command –Module ActiveDirectory

I’m sure you’ve noticed I haven’t gone in to great detail on how to use these, install or verify requirements. There is a ton of info out there on that, this is mostly to help you figure out which methods are out there, and if someone pasted code, to help you figure out which one the code requires.

Hope this helps, if you’d like to see more details on any of this let me know!