dsquery user -name * -limit 0 | dsget user -samid -hmdir -hmdrv
lists all users and their UNC home directory paths and drive letter mapping

dsquery user ou=admin,dc=mydomain,dc=com -limit 0 | dsmod user -mustchpwd yes
enables “user must change password at next logon” flag

dsquery user -name ericb
quick query to retrieve OU of user object

dsquery server -hasfsmo pdc
identifies which DC has the PDC Emulator role

import-module activedirectory
get-addomain mydomain.com | format-list pdcemulator,ridmaster,infrastructuremaster
get-adforest mydomain.com | format-list schemamaster,domainnamingmaster
another method of identifying which DCs have which FSMO roles

net user /domain <username>
lists user info including account expiration, group membership, home directory and user profile paths, and last logon time

get-adgroupmember -identity “<group>” | select name
lists names of group members for specified security group. alternatively “| select samaccountname” could be used

get-acl “<directory/file>” | format-list
lists NTFS permissions for specified filesystem object

import-module activedirectory
(get-aduser -identity <username> -properties memberof | select-object memberof).memberof
provides a clearly formatted listing of groups specified user is a member of (powershell)
source: http://www.benmorris.me/2012/07/powershell-get-ad-user-group.html

import-module activedirectory
(get-aduser -filter * -searchbase “ou=students,dc=domain,dc=com”).count
displays total number of users in specified OU

netdom renamecomputer %computername% /newname: <new computer name>
changes computer name

netdom join %computername% /domain: <domain> /userd: <user> /passwordd:*
joins computer to specified domain

netdom reset <computer name> /domain: <domain>
resets secure channel secret for specified computer

winrs -r:<computer name> <command>
run command (i.e. ipconfig /all) remotely on specified computer

netsh interface ip show config
basically ipconfig but via netsh

netsh interface ip set address name=”Ethernet” source=static addr=192.168.1.4 mask=255.255.255.0 gateway=192.168.1.254
setting a static IP address

netsh interface ip set address name=”Ethernet” source=dhcp
configuring interface for a DHCP assigned address

netsh interface ip set dnsservers name=”Ethernet” source=dhcp
configuring interface for DHCP assigned DNS servers

netsh interface ip set dns name=”Ethernet” static 192.168.1.40
statically assigning primary DNS server (verify)

netsh interface ip add dns name=”Ethernet” 192.168.1.41 index=2
statically assigning secondary DNS server (verify)

ipconfig /flushdns
clears local DNS cache

ipconfig /displaydns
lists contents of DNS cache

ipconfig /registerdns
manually re-registers client’s DNS name

route print
list gateway and route info

arp -a
lists MAC address cache

netstat -an | find /i “listening”
lists ports system is listening on

repadmin /syncall
syncs DC with replication partners

repadmin /replsummary
displays replication summary (there should be no deltas greater than 60 minutes)
more info here: http://terrytlslau.tls1.cc/2011/07/how-to-read-result-of-repadmin.html

Comments are closed.