Active Directory
This page contains a handful source of Active Directory AD commands
Powershell
All the commands listed here as supposed to be executed from a Windows machine with access to powershell. Similar actions can be executed from a Linux machine but with other commands.
Reference: https://learn.microsoft.com/en-us/powershell/module/activedirectory/?view=windowsserver2022-ps
Users
Add to the domain
New-ADUser -Name "Orion Starchaser" -Accountpassword (ConvertTo-SecureString -AsPlainText (Read-Host "Enter a secure password") -Force ) -Enabled $true -OtherAttributes @{'title'="Analyst";'mail'="[email protected]"} -ChangePasswordAtLogon $true
Add to particular organization unit
New-ADUser -Name "KarimBuzdar" -GivenName "Karim" -Surname "Buzdar" -SamAccountName "kbuzdar" -UserPrincipalName "[email protected]" -Path "OU=Users,DC=faqforge,DC=com" -AccountPassword (ConvertTo-SecureString "P@ssw0rd!" -AsPlainText -Force) -Enabled $true
Remove-ADUser -Identity pvalencia
Get a particular user
Get-ADUser -Identity m.ohare
Get all users in organization unit:
Get-ADUser -Filter * -SearchBase "OU=Finance,OU=UserAccounts,DC=FABRIKAM,DC=COM"
Search for user with a filter:
Get-ADUser -Filter 'Name -like "*SvcAccount"' | Format-Table Name,SamAccountName -A
Get all properties:
Get-ADUser -Identity amasters -Properties *
Unlock account
Unlock account:
Unlock-ADAccount -Identity amasters
Set new password:
Set-ADAccountPassword -Identity amasters -NewPassword (ConvertTo-SecureString -AsPlainText "qwert@12345" -Force)
Force change password after next logon:
Set-ADUser -Identity amasters -ChangePasswordAtLogon $true
Organization unit
Create a new OU under some path
New-ADOrganizationalUnit -Name "Analysts" -Path "OU=IT,OU=HQ-NYC,OU=Employees,OU=Corp,DC=INLANEFREIGHT,DC=LOCAL"
Move created user to the new created OU
Move-ADObject -Identity a.callisto -TargetPath "OU=Analysts,OU=IT,OU=HQ-NYC,OU=Employees,OU=Corp,DC=INLANEFREIGHT,DC=LOCAL"
or by Common name:
Move-ADObject -Identity "CN=a.callisto,OU=IT,OU=HQ-NYC,OU=Employees,OU=Corp,DC=INLANEFREIGHT,DC=LOCAL" -TargetPath "OU=Analysts,OU=IT,OU=HQ-NYC,OU=Employees,OU=Corp,DC=INLANEFREIGHT,DC=LOCAL"
Security group
New-ADGroup -Name "Security Analysts" -SamAccountName analysts -GroupCategory Security -GroupScope Global -DisplayName "Security Analysts" -Path "OU=Analysts,OU=IT,OU=HQ-NYC,OU=Employees,OU=Corp,DC=INLANEFREIGHT,DC=LOCAL" -Description "Members of this group are Security Analysts under the IT OU"
Add users to the group:
Add-ADGroupMember -Identity analysts -Members ACepheus,OStarchaser,ACallisto
Security group policy
Get by name:
Get-GPO -Name "Group Policy Test"
Copy and rename GPO (Group policy Object):
Copy-GPO -SourceName "Logon Banner" -TargetName "Security Analysts Control"
Link the GPO to a OU:
New-GPLink -Name "Security Analysts Control" -Target "ou=Analysts,ou=IT,OU=HQ-NYC,OU=Employees,OU=Corp,dc=INLANEFREIGHT,dc=LOCAL" -LinkEnabled Yes
To edit the security group policy it's better to do it from the UI, using the Group Policy Management Center (GPMC) available in Server Management > Tools.
Computer
Add a computer to the domain, credentials refer to the user whose credentials we will use to authorize the join:
Add-Computer -DomainName 'INLANEFREIGHT.LOCAL' -Credential 'INLANEFREIGHT\HTB-student_adm' -Restart
That command must be run from the computer that did not join the domain yet.
You can do the same but remotely:
Add-Computer -ComputerName ACADEMY-IAD-W10 -LocalCredential ACADEMY-IAD-W10\image -DomainName INLANEFREIGHT.LOCAL -Credential INLANEFREIGHT\htb-student_adm -Restart
We can we the details of a computer in the domain by running:
Get-ADComputer -Identity "name" -Properties * | select CN,CanonicalName,IPv4Address
You can move the computer to another OU by running:
Move-ADObject -Identity "name" -TargetPath "OU=Analysts,OU=IT,OU=HQ-NYC,OU=Employees,OU=Corp,DC=INLANEFREIGHT,DC=LOCAL"
Bash
Add one user to a group on behalf of another user (-U)
net rpc group addmem "SERVICE [email protected]" "p.agila" -U "fluffy.htb"/"P.AGILA"%"prometheusx-303" -S 10.10.11.69
``