Active Directory

GNU/Linux Test LDAP server SSL/TLS connection

Test LDAP server SSL/TLS connection using LDAP commandline client…

ldapsearch -H ldaps://dc01.totietoot.nl -b "OU=Employees,OU=Totietoot,DC=Totietoot,DC=nl" "userPrincipalName=john@totietoot.nl" -W -D john@totietoot.nl -d 1
env LDAPTLS_REQCERT=never|allow|try|demand LDAPTLS_CACERT=/path/to/ca-cert.pem ldapsearch -H ldaps://dc01.totietoot.nl -b "OU=Employees,OU=Totietoot,DC=Totietoot,DC=nl" "userPrincipalName=john@totietoot.nl" -W -D john@totietoot.nl -d 1

PowerShell AD groupmembers

Simple script using dsquery to query groupmembers from an Active Directory group and return the results to screen. The script takes parameters from the commandline (groupmem.ps1 “DOMAIN” “GROUP_NAME”).

[string]$sADPath = dsquery group -domain "$($args[0])" -name "$($args[1])"
$sADPath = "LDAP://" + $sADPath | Foreach-Object {$_ -replace "`"", ""}
$oADGroup = [ADSI]("$sADPath")
$oADGroup.path
$oADGroup.member

 

MSAD Move FSMO Roles

Commands or tools to move or view Active Directory Flexible Single Master Operations roles.

Schema Master (1 per forrest)

regsvr32 schmmgmt.dll
mmc -> Schema

Domain Naming Master (1 per forrest)

AD Domains and Trusts

RID Master (uitgave SID’s) (1 per domain)

AD Users and Computers

Infrastructure Master (AD infrastructuur) (1 per domain)

AD Users and Computers

PDC Emulator (Time Server, log-on NT4 clients, Password chenges) (1 per domain)

AD Users and Computers