All About Active Directory
Lets we learn about Active Directory....
Script
Script import all
Command : csvde -i -f filename.csv
Script export all
Command : csvde -f filename.csv
export one OU and not the whole Active Directory domain.
Command: CSVDE -d "OU=Newport,DC=cp,dc=com" -f Newport.csv
Filter the Rows Object class selected user and computer
Command: CSVDE -f adusers.csv -r objectClass=user
Tuning the CSVDE -r Filter
CSVDE -f export.csv -r "(&(objectClass=user)(sn=Thomas))"
CSVDE -f export.csv -r "(&(objectClass=user)(sn=Thom*))"
CSVDE -f export.csv -r "(&(objectClass=user)(sn=IT*))"
Filter the Columns with -l (lower case L)
Command: CSVDE -f export3.csv -l "DN, objectclass, objectcategory, givenName, sn"
Script Password
dsmod user "CN=....,OU=...,OU=....,DC=.....,DC=.....l" -pwd changethispassword -mustchpwd yes
Account Control Values
Normal Day to Day Values:
===========================
512 - Enable Account
514 - Disable account
544 - Account Enabled - Require user to change password at first logon
4096 - Workstation/server
66048 - Enabled, password never expires
66050 - Disabled, password never expires
262656 - Smart Card Logon Required
532480 - Domain controller
===========================
512 - Enable Account
514 - Disable account
544 - Account Enabled - Require user to change password at first logon
4096 - Workstation/server
66048 - Enabled, password never expires
66050 - Disabled, password never expires
262656 - Smart Card Logon Required
532480 - Domain controller
All Other Values:
===========================
1 - script
2 - accountdisable
8 - homedir_required
16 - lockout
32 - passwd_notreqd
64 - passwd_cant_change
128 - encrypted_text_pwd_allowed
256 - temp_duplicate_account
512 - normal_account
2048 - interdomain_trust_account
4096 - workstation_trust_account
8192 - server_trust_account
65536 - dont_expire_password
131072 - mns_logon_account
262144 - smartcard_required
524288 - trusted_for_delegation
1048576 - not_delegated
2097152 - use_des_key_only
4194304 - dont_req_preauth
8388608 - password_expired
16777216 - trusted_to_auth_for_delegation
===========================
1 - script
2 - accountdisable
8 - homedir_required
16 - lockout
32 - passwd_notreqd
64 - passwd_cant_change
128 - encrypted_text_pwd_allowed
256 - temp_duplicate_account
512 - normal_account
2048 - interdomain_trust_account
4096 - workstation_trust_account
8192 - server_trust_account
65536 - dont_expire_password
131072 - mns_logon_account
262144 - smartcard_required
524288 - trusted_for_delegation
1048576 - not_delegated
2097152 - use_des_key_only
4194304 - dont_req_preauth
8388608 - password_expired
16777216 - trusted_to_auth_for_delegation
Field active directory
DN : location OU
objectClass : user/computer
givenName : First name
sn : Last name
displayName : Display name
description : description
sAMAccountName : Username
userPrincipalName : ...@.... (Username)
physicalDeliveryOfficeName : office
telephoneNumber : telp
title : job title
department : dept
company : company
ipPhone : ext
mail : email
manager : manager direct
Komentar
Posting Komentar