Skip to main content

Using activedirectory powershell module with 2003 domain controllers


See the following for step by step how to use active directory powersSell cmdlets against 2003 domain controllers
http://blogs.technet.com/b/ashleymcglone/archive/2011/03/17/step-by-step-how-to-use-active-directory-powershell-cmdlets-against-2003-domain-controllers.aspx

Also, in order to run RSAT on Windows 7, with 2003 or 2008 DC's:
This is still untested, but it looks like the author has figured out how to add the Active Directory PowerShell modules to Windows 7.

Why would you want to do this?

Well, I am writing PowerShell script to document AD, and I would like to be able to run them in an older AD environment, such as an upgrade candidate, etc.

With a Win 7 workstation, I am hoping that I can load it up and run the script against an old 2003 server.

System Requirements:
This information was found on a forum (http://social.technet.microsoft.com/Forums/windowsserver/en-US/094f9dd3-669a-4bea-9f81-f2ea009384d1/powershell-v2-and-active-directory-module)

Also see: http://www.mikepfeiffer.net/2010/01/how-to-install-the-active-directory-module-for-windows-powershell/

I decided to post the content here just in case I loose access to the blog.


In summary:
I found a very Simple and Elegant way to make the AD PowerShell Module Portable.
you will need 3 simple things
1.) the ActiveDirectory Module Directory from a system that has it already installed. 
Standard path on a 64bit windows 7
C:\Windows\System32\WindowsPowerShell\v1.0\Modules
2.)  Global Assembly Cache Utility
Available from the Windows SDK
gacutil.exe
3.) the Microsoft.ActiveDirectory.Management dll assembly
found on a system that already has the RSAT and powershell enabled. Microsoft.ActiveDirectory.Management.dll
Now in order to make this work you need to install the dll using the gacutil program.  commandline is as follows.
GACUTIL.exe -I Microsoft.ActiveDirectory.Management.dll
Once installed you must copy the entire directory from item 1 to the powershell module location.
Once copied you can then use the import command to import it and start using the cmdlets.  below is my batch file I wrote to automate this for deployment during SCCM.
We want our help desk to be able to clone security groups assigned to our computers for application deployment so that when they image a replacement computer the new computer will automatically get the previously assigned applications.  Also see below for that powershell script as well.  Hope this helps the community.
And for the people/MS that say it can not be done,  here to you :)

REM ************************************
REM SET Working Directory
REM ************************************

@setlocal enableextensions
@cd /d "%~dp0"

REM ************************************
REM Copy Module
REM ************************************

if not exist C:\Windows\System32\WindowsPowerShell\v1.0\Modules\ActiveDirectory mkdir C:\Windows\System32\WindowsPowerShell\v1.0\Modules\ActiveDirectory
xcopy /y /e .\ActiveDirectory\*.* C:\Windows\System32\WindowsPowerShell\v1.0\Modules\ActiveDirectory

REM ************************************
REM Install Microsoft Active Directory Assembly
REM ************************************

gacutil.exe -i Microsoft.ActiveDirectory.Management.dll
REM ************************************
REM Set Powershell Execution Policy
REM ************************************

powershell set-executionpolicy remotesigned
REM ************************************
REM Run Computer Membership Clone
REM ************************************

powershell ./ADCompMemberof.ps1
exit

######################################################################
Powershell script to copy group membership of a computer object in AD
  # Create TS Environment COM Object
$TS = New-Object -ComObject Microsoft.SMS.TSEnvironment
$Target=$TS.Value('_SMSTSMachineName')
$Source=$TS.Value('OldComputer')

$array = @()
$groups = Get-AdComputer -Identity $source -property "MemberOf" 

Foreach($group in $groups.memberOf) {
$array +=$group
}

Get-ADComputer -Identity $target | Add-ADPrincipalGroupMembership -MemberOf $array

Comments

Popular posts from this blog

"Blinky" TDOA RDF Detector

Our local Amateur Radio club is building a Radio Direction Finding TDOA (Time Difference of Arrival) detector that has LED's to indicate the direction (Left or right) of the fox.  Here are the build instructions.   (Note: this project was originally presented by NZ1J.  See his video:   https://www.youtube.com/watch?v=mNqUKYkifOo&t=68s   ) Here is the completed project: We start with the schematic:   Note that you either install PIN Diode pairs s D3 and D2, or Diodes pair D1 and D4.   The difference between these is the packaging.  If you are ok with Surface mount, then install D1/D4.  If you want discrete components use D3/D2. Next is the PCB.   The PCB can be ordered using the GRBR files available from the author.  The BOM for the electronic parts is as such: Doppler Direction Finder Bill of Materials   11/12/2021        Qty Part Digi-key Part Numbe...

Radio Direction Finding - TDOA

This article describes a few projects that I built from plans for Amateur Radio Fox Hunting. Basically, the hobby/sport is for someone to hide a few low power "Foxes", which are small transmitters that beep or send Morse Code, and then have a bunch of HAM's try to find them. The first project that I built was a Yagi Antenna (Directional receiver) and a 4MHZ Offset Attenuator.  The attenuator is needed when you get close to the fox and you need to reduce the power of the received signal.  I struggled with this setup because, on my first 2 fox hunts, there was too much reflection and multi-path interference.  This causes false direction detection and if you are not mentally prepared for this, you want to throw all of your equipment into a garbage can and take up a different hobby.   There are some truly strange individuals who find this frustration fun and enjoy making other people suffer, but I will leave that discussion for another day.  Anyw...

Internet Explorer 11 (Windows 8.1) "Google Bug". Back Button hangs IE

I discovered this week that there is a bug in Google's web page that causes Internet Explorer 11 to hang when you click the back button. The specific scenario is that when you start on Google's web page, and go to a link of some sort, it can trigger this bug when you click back to return to google.  This is fairly well documented on some forums, in that it has been like this for a while, and Google seems unwilling, or unable, to modify their code to not trigger this bug. I do not consider it a IE11 bug as much as I consider it a problem with Google.  Microsoft should of course fix their issue, but also you would think that Google might take this seriously.  To trigger the issue, Go to google.com and search for something that takes you to a Microsoft page.  Example: "Exchange edge server".  Click on the first link and then click on any link on that Microsoft page.  Then click back twice.  The first "back" will work fine because it takes you to the ...