Active IQ Unified Manager Discussions

Query Active Directory

narendrathawani
6,773 Views

Hello! Is there any way to query Active Directory to validate if the User or Group is valid ? Does it require Importing any Module ?

Thanks,

Narendra

5 REPLIES 5

bachman
6,774 Views

I'm not online to my lab at the moment, so I can't check if this already exists. You could use something like the examples below:

PowerShell - Powertips: Checking whether User or Group exists

http://learningpcs.blogspot.com/2011/01/powershell-powertips-checking-whether.html

Test if AD object/path exists

http://dmitrysotnikov.wordpress.com/2010/03/22/test-if-ad-object-path-exists/

Use PowerShell to check whether AD user exists

http://social.technet.microsoft.com/Forums/windowsserver/en-US/5db5d6a4-7609-46a5-a3fc-0fb9611f3892/use-powershell-to-check-whether-and-ad-user-exists


narendrathawani
6,774 Views

These examples use Get-ADUser cmdlet which is part of ActiveDirectory module.

So, it will require loading ActiveDirectory module in WFA ?

lasswellt
6,774 Views

I don't know if anyone responded to you yet, but yes, you'll have to add the ActiveDirectory module to the WFA server.

From PS command line:

Import-Module ServerManager

Add-WindowsFeature RSAT-AD-PowerShell

sinhaa
6,773 Views

Import-Module ServerManager itself didn't work for me on my windows 2008 Server. I found that its only available by default on Windows 2008 R2, and you need to install Exchange elsewhere.

Looking at alternatives and ActiveDirectory module seems good but again I think ActiveDirectory powershell modules are not available unless you have AD Domain Service running on your Server for which you WFA server itself will need to be a Domain Controller ( dcpromo ) which is cumbersome and not even required. If anyone can suggest otherwise, then please help.

I see its easier to enable Powershell Remoting on Active Directory and then invoking commands to AD server to query for results. Powershell Module ActiveDirectory will be available on your Domain Controller. Ypu can see it as "Start-> Administrative Tools -> Active Directory Modules for Windows Powershell" to verify.

On AD server : Enable-PSRemoting

Select A for all choices.

Now from your WFA server you can invoke commands to query for users etc.

Invoke-Command -ComputerName adserver.com -Credential $creds -ScriptBlock {Import-Module ActiveDirectory ; Get-ADUser -Filter * -SearchBase "DC=DOMAIN,DC=COM"}

warm regards,

sinhaa

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

lasswellt
6,774 Views

Sorry that command works on Server 2012. The kit works off DC there. No need to be a DC.

I'm not sure the package you need on Win 2008

Public