Active Directory

GNU/Linux Test LDAP server SSL/TLS connection

/ GNU/Linux /

Test LDAP server SSL/TLS connection using LDAP commandline client…

ldapsearch -H ldaps://dc01.totietoot.nl -b "OU=Employees,OU=Totietoot,DC=Totietoot,DC=nl" "userPrincipalName=john@totietoot.nl" -W -D john@totietoot.nl -d 1
env LDAPTLS_REQCERT=never|allow|try|demand LDAPTLS_CACERT=/path/to/ca-cert.pem ldapsearch -H ldaps://dc01.totietoot.nl -b "OU=Employees,OU=Totietoot,DC=Totietoot,DC=nl" "userPrincipalName=john@totietoot.nl" -W -D john@totietoot.nl -d 1

PowerShell AD groupmembers

/ PowerShell Scripting /

Simple script using dsquery to query groupmembers from an Active Directory group and return the results to screen. The script takes parameters from the commandline (groupmem.ps1 “DOMAIN” “GROUP_NAME”).

[string]$sADPath = dsquery group -domain "$($args[0])" -name "$($args[1])"
$sADPath = "LDAP://" + $sADPath | Foreach-Object {$_ -replace "`"", ""}
$oADGroup = [ADSI]("$sADPath")
$oADGroup.path
$oADGroup.member

 

MSAD Move FSMO Roles

/ MS Windows Server /

Commands or tools to move or view Active Directory Flexible Single Master Operations roles.

Schema Master (1 per forrest)

regsvr32 schmmgmt.dll
mmc -> Schema

Domain Naming Master (1 per forrest)

AD Domains and Trusts

RID Master (uitgave SID’s) (1 per domain)

AD Users and Computers

Infrastructure Master (AD infrastructuur) (1 per domain)

AD Users and Computers

PDC Emulator (Time Server, log-on NT4 clients, Password chenges) (1 per domain)

AD Users and Computers