MCITP 70-640: Active Directory Command Line Tools

preview_player
Показать описание
This videos looks at 5 Active Directory command lines tools that can be used in scripts to speed up administration in your domain. Using these command line tools, the administrator can add, modify, delete and retrieve information about any object in Active Directory.

This video will look at all the Command line tools shown above. Even thought each command line tool performs a different function, you will start to see that the parameters used in different tools are simpler.

DSAdd 0:47
DSGet 04:34
DSMod 05:32
DSRM 06:31
DSQuery 07:43

Distinguished Name
A lot of the commands ask for a parameter called distinguished name. The distinguished name uniquely identifies an object in Active Directory. The same way a full filename and path would identify a file on a hard disk. The Distinguished Name identifies the Active Directory object using the following syntax.
CN Common Name
OU Organizational Unit Name
DC Domain Component

An example of a distinguished name is as follows
cn=Simth,cn=users,dc=ITFreeTraining,dc=local
DSAdd
The DSAdd command allows objects to be created in Active Directory. The parameter supported by the command are computer, contact, group, OU, user and quota.

Examples:
DSAdd computer "cn=pc1,cn=computers,dc=ITFreeTraining,dc=local"
DSAdd group "cn=GSales,ou=Users,ou=New York,dc=ITFreeTraining,dc=local" --scope g

DSGet
This command gets information about an object in Active Directory. The command requires the type of object to be retrieve to be given. This can be computer, contact, group, OU, server, user, subnet, site, quote and partition. Following this is the Distinguished Name of the object. After this you need to indicate what information you want to retrieve, for example to retrieve the description for the object you would add -desc
Example:
DSGet user "cn=John Doe,ou=Users,ou=New York,dc=ITFreeTraining,dc=local" --fn --ln -email

DSMod
DSMos allows individual attributes of Active Directory objects to be modified. This command support the following parameters computer, contact, group, OU, server, user, quote and partition.
Example:

DSRM
This command deletes and object in Active Directory. Unlike the other commands, the type of object does not need to be given in the command line. The command support additional parameters like --NoPrompt will remove the prompt asking you to procedure before deleting the object.
Example:
dsrm "OU=Testing,dc=ITFreeTraining,dc=local" --subtree -c

DSQuery
This command queries the Active Directory database for objects. It supports the following parameters computer, contact, group, ou, site, server, user, quote, partition and LDAP queries.
Example:
dsquery ou DC=ITFreeTraining,DC=Local

References
"MCTS 70-640 Configuring Windows Server 2008 Active Directory" pg 88-89
  1. ITFreeTraining
  2. DSAdd
  3. DSGet
  4. DSMod
  5. DSRM
  6. DSQuery
Рекомендации по теме
MCITP 70-640: Active 0:08:43

MCITP 70-640: Active Directory Command Line Tools

MCITP 70 640 0:08:43

MCITP 70 640 Active Directory Command Line Tools

MCITP 70-640: Active 0:13:43

MCITP 70-640: Active Directory Windows Auditing

MCITP 70-640: Active 0:14:24

MCITP 70-640: Active Directory Computer Accounts

MCITP 70-640: Active 0:08:04

MCITP 70-640: Active Directory Under The Hood

MCITP 70-640: Installing 0:17:57

MCITP 70-640: Installing Active Directory

MCITP 70-640: Active 0:09:38

MCITP 70-640: Active Directory Groups

MCITP 70-640: Installing 0:15:07

MCITP 70-640: Installing Active Directory on Server Core

MCITP 70-640: Active 0:18:56

MCITP 70-640: Active Directory Domain Functional Levels

MCITP 70-640: Active 0:26:14

MCITP 70-640: Active Directory Replication

MCITP 70-640: Active 0:18:41

MCITP 70-640: Active Directory different group types available

MCITP 70-640: VBScript 0:09:49

MCITP 70-640: VBScript

MCITP 70-640: Active 0:08:09

MCITP 70-640: Active Directory forest and trees

MCITP 70-640: Active 0:18:55

MCITP 70-640: Active Directory Migration Tool (ADMT)

MCITP 70-640: Group 0:11:13

MCITP 70-640: Group Strategy AGDLP

MCITP 70-640: Active 0:10:03

MCITP 70-640: Active Directory Accounts

MCITP 70 640 0:15:07

MCITP 70 640 Installing Active Directory on Server Core

MCITP 70-640: Upgrading 0:11:57

MCITP 70-640: Upgrading Active Directory

MCITP 70-640: Uninstalling 0:07:32

MCITP 70-640: Uninstalling Active Directory

MCITP 70-640: PowerShell 0:10:41

MCITP 70-640: PowerShell

MCITP 70-640:Delegation of 0:06:34

MCITP 70-640:Delegation of Control

MCITP 70 640 0:18:55

MCITP 70 640 Active Directory Migration Tool ADMT

MCITP 70-640: Active 0:08:30

MCITP 70-640: Active Directory adding a child domain

MCITP 70-640: Moving 0:08:29

MCITP 70-640: Moving Operation Master Roles

Комментарии
Автор

That's good to hear. Glad you like the video.

itfreetraining
Автор

No problem at all. Thanks for watching.

itfreetraining
Автор

Thank you for awesome videos !!! It helps me a lot .

subteran
Автор

Its gr8 information.. thanks for your videos...

mazeeth
Автор

Not really, unfortunately the whole command needs to be entered. In the new videos we are working on scripts rather than typing the commands in like we have been. This allows the viewer to download the script if they wish and also allows us to highlight the commands in different colors making it easier for the viewer to see which part of the command that we are talking about.

itfreetraining
Автор

It's is unlikely that we will cover NAS, but will keep in mind.

itfreetraining
Автор

Is there a shortcut for entering the distinguished name? Entering in "cn=joe, ou=sales, ou=Users, ou=New York, dc=itfreetraining, dc=local"
each time really detracts from using these commands on the fly. Is there something similar to tab-completion or perhaps a "start where my account is located" shortcut?

solath
Автор

Unfortunately, maybe my dad used to watch this while I was from a year ago

MasonGarver