Site Meter Microsoft Talk » Blog Archive » Essential Tools for Active Directory - 2

Essential Tools for Active Directory - 2

by Alpesh Nakar

hd2-windows Dsadd

Dsadd is used to create an instance of an Active Directory object class on a particular directory partition. These classes include users, computers, contacts, groups, organizational units, and quotas. Dsadd has a generic syntax that consists of the following:

dsadd <ObjectType> <ObjectDistinguishedName> attributes

Note that each object type you create takes a specific set of switches corresponding to the attributes available for that type. This command creates a single user object with various attributes populated (note that the following is all on one line):

dsadd user cn=afuller,ou=IT,dc=contoso,dc=com
–samID afuller –fn Andrew –ln Fuller –pwd *
-memberOf cn=IT,ou=Groups,dc=contoso,dc=com "cn=Help Desk,ou=Groups,
dc=contoso,dc=com"
–desc "Marketing Director"

The –memberOf switch requires the full distinguished name (DN) of each group the user should be added to; if you want to add the user to multiple groups you can add multiple DNs separated by spaces.

If any element contains a space, such as the DN of the Help Desk group, it needs to be enclosed in double quotes. If an element contains a backslash, like an OU called IT\EMEA, the backslash must be entered twice: IT\\EMEA. (These requirements apply to all of the ds* tools.)

When you use the -pwd * switch, you’ll be prompted to enter a password for the user at the command line. You can specify the password within the command itself (-pwd P@ssword1), but this will display the password in plain text on the screen or in any text or script file that you’ve embedded the command into.

Similarly, you can create a group object and an OU using the following two commands:

dsadd computer cn=WKS1,ou=Workstations,dc=contoso,dc=com
dsadd ou "ou=Training OU,dc=contoso,dc=com"

Dsmod

Dsmod is used to modify an existing object, and you work with it much as with dsadd, using different submenus and syntax depending on the type of object you’re modifying. The following dsmod statement changes a user’s password and modifies his account so he will be prompted to change to a new password on next logon:

dsmod user "cn=afuller,ou=IT,dc=contoso,dc=com" –pwd P@ssw0rd1
    –mustchpwd yes

To see how similar these switches are, look at the dsadd syntax you would use to create this user with the same attributes configured:

dsadd user "cn=afuller,ou=IT,dc=contoso,dc=com" –pwd P@ssw0rd1
    –mustchpwd yes

As you can clearly see, if you know the switches to create objects in dsadd, you can use those same switches to modify users with dsmod.

Dsrm

The converse of dsadd is dsrm; as you might imagine, this tool lets you delete an object from the command line. The basic dsrm syntax is pretty straightforward: simply enter dsrm followed by the distinguished name of the object you want to delete, like so:

dsrm cn=WKS1,ou=Workstations,dc=contoso,dc=com

By default, dsrm will prompt "Are you sure you want to delete this object?" Type Y, then press Enter. You can suppress this prompt using the –noprompt switch, but, obviously, you then get no chance to confirm that you’ve selected the correct object before deleting it. Two additional switches can be helpful if you are deleting a container object, that is, an organizational unit that could potentially contain other objects within it. The following command deletes the TrainingOU organizational unit and all objects contained within it:

dsrm ou=TrainingOU,dc=contoso,dc=com –subtree

This one deletes all child objects contained within TrainingOU but leaves the organizational unit object itself in place:

dsrm ou=TrainingOU,dc=contoso,dc=com –subtree
    –exclude

Dsmove

To move or rename an object in Active Directory, you use the dsmove tool, but note that you should use it to move an object only within a single domain. To migrate objects between domains or forests, use the Active Directory Migration Tool (ADMT), a free download from the Microsoft Web site. Dsmove relies on two switches that can be used separately or in combination. This command gives Steve Conn’s account a new last name:

dsmove "cn=Conn, Steve,ou=IT,dc=contoso,dc=com"
    –newname "Steve Conn"

This command moves Steve’s account from the IT OU to the Training OU:

dsmove "cn=Conn, Steve,ou=IT,dc=contoso,dc=com" –newparent
    ou=Training,dc=contoso,dc=com

You can combine a rename and a move into a single operation by specifying both switches at once, like this:

dsmove "cn=Conn, Steve,ou=IT,dc=contoso,dc=com" –newname
    "Steve Conn" –newparent ou=Training,dc=contoso,dc=com
 
Recommended Microsoft Daisy: Convert Text to Audio | HowTo: Make a smooth transition from Office 2003 to Office 2007
 

Posted in Server on November 15th, 2007

Link to this Entry

Recent Posts

Related Posts

Leave a Reply


About Microsoft Talk

This blog is for you all Microsoft enthusiasts out there. Somehow we happen to use Microsoft directly or indirectly. Microsoft revolutised what we call IT today. We are connected with Microsoft in some or the other way. Depending on which side of the fence you are on, you take note, Microsoft is everywhere. If you use non-MS products, your ISP, your web-host, yours truly - somebody somewhere is using Microsoft or is a spin off as a result of something that Microsoft had to offer then. Invariable, we do end end up using Microsoft Technologies. What do you think?

With MSTALKONLINE, you will come to experience Microsoft Technologies, that you experience day to day. In the weeks to come, I will focus on latest and greatest happenings in the land of Microsoft and your comments and suggestions will be one of the driving factors

Microsoft Talk Author(s)
    » Alpesh-Nakar

NAVIGATE

LINKS

CATEGORIES

TOP COMMENTERS

RECENT COMMENTS

SUBSCRIBE

ARCHIVES

Blogging Flair

 

Technology Channel Posts

  • And We’re Back!
    Hi everyone! Phew! We are back in action (as you can see). Did you miss me? I missed you! Group hug! Too much? Okay. I’ll behave. I am very glad to be back in action and posting here on [...]
  • Sometimes Old Is New (to You)
    While looking for something else, I came upon an older article about a copy of a well respected subwoofer by Hsu Research. The project is very straightforward, using sound building techniques, and [...]
  • Technical Difficulties
    Hello everyone. As you likely already know, many of the sites on the 451press network are down and have been down for some time (what seems like forever!). I would like to apologize on behalf [...]
  • ATi Brings Back A Winner
    For the last couple of years, there has been a huge hole in the video card market. It was 2006 when the last ATi All-in-Wonder was produced, and nVidia had discontinued their similar offering before [...]
  • The Search for Truth… (continued)
    On the other side are aligned a much smaller number of scientists, some dedicated amateurs, very little money (the grants get taken away as soon as it’s clear the research is leading away from AGW) [...]
  • Introduction to Forums – A Warning
    While getting on to a forum and posting (especially for the first time) can be a lot of fun and exhilarating, there is a sobering note that comes along with joining forums (and with communicating [...]
  • Home Theater On The Cheap Rides Again
    Now and then, a choice comes up which makes sense right away, yet allows expansion capability and growth potential. It is not often that a Home Theater in a Box will be acceptable to any serious [...]
  • The Search for Truth…
    In Using the Net and Finding the Truth I used the search for information about Anthropogenetic Global Warming (AGW – Human-caused Global Warming) to talk about Internet use. Here is an example [...]
  • From Time Window to Time Portal
    DCM Time Windows were one of the speakers that defined the ‘cheapskate’ high end of the late ‘70s. Looking at the speaker was anything but awe inspiring. It was a small two-way tower, with [...]
  • Introducing Mr. JM
    I pretty much grew up with computers as part of my life. I had them at school and used typing, games, etc programs. I remember using dot matrix printers and planning the most basic version of [...]

 

Hot Off The Press

  • Weekly Forecast: View To A Kill
    (Hint: Play song and read at the same time!) Mystery, intrigue and dances in the fire, or a least a little snarkiness, are the keynotes of this dramatic week as the planet of secrets, Pluto, [...]
  • Some Summer Music Pics from Five Magazine
    That's this SUNDAY in TAOS....go camping too. Brave Combo Nearly thirty years ago, someone classifi ed Denton, Texas’ Brave Combo as a new wave polka band, which they are. Th ey even won [...]
  • So You Think You Can Dance - Will B. Wingfield
    So, let me get this party started this season.  I've been watching half-heartedly until tonight, but tonight, some of these guys really got my attention tonight.  And, at the ripe age of [...]
  • July Book Blowout
    I can’t quite remember how I found it, but Mrs. S at Blue Archipelago is hosting a reading challenge for the month of July and I have decided to take part. Usually I’m a bit wary of joining [...]
  • Kids Learn Space Science with the Zula Patrol
    Yesterday I watched the Zula Patrol premiere as part of the qubo block on ION. Besides the kind of annoying theme song at the beginning I found this to be a pretty good educational cartoon for [...]
  • News from Five Magazine
    At last! Let's see how far I get. www.readfive.comThis summer in Taos Joan Armitrading will perform. Here an interview by Bill Nevins with Joan A. “Under the surface there was always a [...]
  • Idol Teachers
    I just watched a video clip. It was from the pilot episode of a potential new sitcom called Teachers. The pilot seems to revolve around the life of a young, fresh-faced teacher named Tim Donnely, [...]
  • Love Question Nine
    Woo hoo! I’m glad to be back and doing the Love Questions meme from Short Sweet Love Poems. I do enjoy the questions and reading the thoughts of others. This week we have a very interesting, [...]
  • Fruits of the Spirit: Be kind to each other
    But the fruit of the Spirit is love, joy, peace, patience, kindness, goodness, faithfulness, gentleness and self-control. Against such things there is no law. Galatians 5:22-23 Kindness is [...]
  • Happy Day After the 4th!
    I'm sorry I didn't post yesterday Jolie-Pitt fans. One weekend a month we have an 8 year old girl for respite, and things kind of go a bit haywire when that happens. Going from a 2 children home to a [...]