Tag Archives: windows powershell

Useful links for getting into Server 2012 and Active Directory

If you’re just getting into Windows Server 2012, or you’re doing a lot of work with it, but want to go a bit deeper into the system, here’s a few links that should get you well on the way.

It’s also handy if, like me, you’ve started on the new MCSA/MCSE tracks and want some more resources to read so you can brush up and round out your knowledge.

I’ll add links as I remember them, come across them again, or just find new ones. Check back occasionally for updates.


If you’re getting ready to take the 70-410 Exam: Installing and Configuring Windows Server 2012, there’s a nice little practice test I found that might help you on your way.


Backup DHCP Logs with Powershell

I’ve uploaded another little Powershell script to GitHub, as a module this time!

It’s called backupDhcpLogs and it tries to do what it says on the tin. Of course, if you couldn’t read the tin, it’s a module to back up DHCP logs.

Currently it backs up the previous days of logs to a destination you specify and will also remove logs from the destination that are older than a number of days you specify. There is also the option to back up the DHCP server configuration if you so wish.

However, I’ve got some more work to do on it. I’d like to offer an option to back up all the logs that exist, while managing them in the same way. Additionally, I would also like to offer a slightly more modern backup method using ‘Export-DhcpServer’ or ‘Backup-DhcpServer’, and not ‘netsh’.

I also had to remove a check for the DHCP Server Windows feature from the module, as it was stopping it from running when using the ‘Run whether the user is logged in or not’ option in the task scheduler. It’s something I’ll figure out eventually, then put the functionality back in.

Even more work with shadowGroupSync

There has been a couple of updates to the shadowGroupSync tool over the past few days. Apart from a bit of development, I also I went and threw it to GitHub. You can check out my previous posts on it, or grab the latest version. There’s also a development branch in the repository that lets you choose the type of group to create. UPDATE: The features from the development branch are now all in the stable version.

The stable branch has also had a few features added and a couple of little snags fixed. The main new feature is the ability to specify multiple source organisational units for inclusion into a single shadow group. These changes make the utility very useful for generating distribution lists or access groups based on whatever conditions you want; like employee type, manager, or existing group memberships.

The stable ‘master’ branch is essentially the script use myself on a day to day basis, so it should work fine for you. However, as with all things not done yet, the development branch ‘next’ may be unstable. If downloading it sets your computer/server/domain/datacenter on fire (delete as appropriate), that’s got nothing to do with me.

AD Shadow Groups with Windows PowerShell: An Update

I’ve made a fair amount of changes to the shadow group sync script, it’s a fair amount more powerful and much more flexible than the first version. You can now sync user and computer objects into groups from an OU, but with the added functionality of filters to narrow for specific user or computer attribute values. There are a few changes to the format of the CSV, detailed in the script comments, along with an example of the filters that you can use (see the Microsoft TechNet article on PowerShell Active Directory filter syntax for more information).


There’s some more changes here, the script now takes the CSV as an argument to the script file. For example:

.\shadowGroupSync.ps1 ".\TheCSVFile.csv"
.\shadowGroupSync.ps1 -file ".\TheCSVFile.csv"

are both valid ways or running the script.

As before, feel free to use it in any way you want. It’s pretty straightforward, but may contain bugs which I take no responsibility for.

Current version:

Older versions:

Thanks to i3laze for his work with this. I probably wouldn’t have made the effort to extend the script without it.

Managing AD Shadow Groups using Windows PowerShell

I’ve done a bit of work with Windows PowerShell lately, here’s a little script to sync AD OUs with ‘Shadow Groups’.

I couldn’t find a full solution that I could pick up and use, so I rolled my own to sync some OUs containing computers with some groups.

The script reads from a CSV that defines the source OUs and the group names you want to populate. Inside the script, the destination OU gets set, where the shadow groups will exist.

I’ve linked to the code below, feel free to use it in any way you want. It’s pretty straightforward, but may contain bugs which I take no responsibility for.

Download: shadowGroupSync.zip


i3laze (i3laze ‘at’ yandex ‘dot’ ru) supplied an updated script that deals with syncing mail-enabled users and child domains, and not just computers. As with the first version, I take no responsibility if the script has bugs or somehow manages to nuke your domain.

Download: i3laze-shadowGroupSync

I’ve done some work to merge the two versions, which will give the script a lot more flexibility as to the object types it will sync, but there’s still got a bit of testing to do before I post it.


Newer versions of the script are here. This post is kept as a reference to the first version of the script.