Monday, September 26, 2011

AD Security Groups and Creating Folders on a Share with Powershell

The below script is used to loop through all security groups in a particuler OU in Active Directory and create a folder on the share for each group and then, inside that folder, create a separate folder for each member of that group.

function CreateSubdirectory($path)
New-Item -ItemType Directory -Path $path


foreach ($group in get-adgroup -searchbase "OU=MyOU,DC=mydomain,DC=com" -filter *){

#create a subfolder $
$sharepath="\\SERVER\SHARE" + $
CreateSubdirectory $sharepath

foreach ($member in ($group.member | sort))
#create a folder for each memeber $
CreateSubdirectory $sharepath + $


Friday, September 23, 2011

Moving AD User to another OU using different credentials

In order to move Active Directory User to another OU you will need a service account with priviledges to move AD objects. Below is VBScript that worked for me:

sADDomain = "mydomain"
sADUser = "serviceuser"
sADPassword = "mypassword"

sDestOU = "LDAP://OU=My Group,DC=mydomain,DC=net"
Set objRootDSE = GetObject("LDAP:")
Set objSysInfo = CreateObject("ADSystemInfo")
Set objDestOU = objRootDSE.OpenDSObject(sDestOU, sADDomain & "\" & sADUser, sADPassword, ADS_SECURE_AUTHENTICATION)

Set objUser = objRootDSE.OpenDSObject("LDAP://" & objSysInfo.UserName, sADDomain & "\" & sADUser, sADPassword, ADS_SECURE_AUTHENTICATION)

objDestOU.MoveHere "LDAP://" & objUser.distinguishedName, vbNullString
If Err.Number = 0 Then
MsgBox "User moved successfully."
MsgBox "Error " & Err.Number & ": " & Err.Description
End If

Thursday, September 22, 2011

Running Powershell script with spaces in the name from VBScript

Running Powershell script from VBScript is rather simple:

Set objShell=CreateObject("Wscript.Shell)
sCmd="C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe C:\test.ps1"
objShell.Run sCmd, 1, true

But what to do when the Powershell script file has spaces in the name, like C:\My Path\test.ps1?

Theanswer is to use ampersand and single quotes:

Set objShell=CreateObject("Wscript.Shell)
sCmd="C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe " & Chr(34) & "& 'C:\script with spaces.ps1'" & Chr(34)
objShell.Run sCmd, 1, true


Set objShell=CreateObject("Wscript.Shell)
sPSPath="C:\script with spaces.ps1"
sCmd="C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe " & Chr(34) & "& '" & sPSPath & "'" & Chr(34)
objShell.Run sCmd, 1, true

Friday, September 16, 2011

Active Directory container vs. organizational unit

Active directory container is a built-in container that comes with AD and they cannot be altered to suit your organizational needs, without altering the AD schema. (Examples: Computers and Users containers).

An OU or Organizational Unit is a special purpose container created by the user and to which administrators can apply group policy. Group policy cannot be applied to a container. An organizational unit is a subdivision within an Active Directory into which you can place users, groups, computers, and other organizational units. You can create organizational units to suit your organization's functional or business structure. Each domain can implement its own organizational unit hierarchy.

Wednesday, September 7, 2011

Add an array value to the Registry using Powershell

The code below initializes array $a and creates a key named "MyArray" of type REG_MULTI_SZ in registry path HKEY_CURRENT_USER\Control Panel\Desktop\Test and sets its value to an array

$a = ("val1", "val2", "val3")

$RegPath= "Registry::HKEY_CURRENT_USER\Control Panel\Desktop\Test"

Set-itemProperty $RegPath -name "myArray" -value $a -type MultiString