Monday, January 4, 2010

How to use PowerShell v2 RTM and the ActiveDirectory Module that comes with RSAT.

I noticed that not a lot of people are using the new Active Directory module in PowerShell v2 RTM (ps2rtm).  Maybe it's because you can only take advantage of the AD module if you are running Windows 7.  Windows 7 with AD module and ADWS will let you manage Win 2003 AD but you cannot run the PowerShell AD module on Win XP or 2003. 

I had been avoiding PowerShell until recently for the more familiar (in my case) vbscript for several years now.  I just didn't want to give up vb.  [adsi] in PowerShell didn't seem that much easier than adsi in vbscript.  However, recently a catastrophic event took place in my life (all my work in vb for the last year were gone) which caused me to re-evaluate PowerShell.  I'd been putting it off but now forces were at work that kind of shoved me in that direction.  So I dove in.  I have to say--I am so glad I did.

That said I'm finding that a large majority of the posh community are not using the latest greatest.  I can understand that.  Had I invested a couple of years in ps1 I would be reluctant to move to ps2rtm for production stuff (look at me I didn't even want to move away from vbscript).  Plus I was reluctant to move to Windows 7.  All my colleagues were using Win7 RCx not sure which version.  I waited until RTM and then only installed it on an extra workstation in my office.  Now I run it on my primary workstation--it really is a nice OS.

Anyway, I just wanted to say to moving to ps2rtm and using the new ActiveDirectory module is not that painful (if you are running Windows 7).  It takes all of 15 minutes.  I'm not trying to diminish the value of Quest tools, but really the future of ps2 includes a fully functional, fully featured set of AD tools.  And it's really not that hard to start taking advantage of them (even if you are running a Windows 2003 functional AD environment).

First prepare your AD environment.  Here are the instructions and download.  Read the page carefully.  For Windows 2003 DCs you will need to install two patches (the links for the patches are in the instructions on that page) and you may need to install the latest .Net 3.5 from Microsoft Update site.  Again all of the instructions and prerequisites are found on the page I linked to above.  I'm running a Windows 2003 native AD environment on DCs with Windows 2003 SP2 (no R2 in my environment) and ADWS works great.  You only need one DC running ADWS in each domain.

Next install the RSAT tools in Windows 7.  Installation and instructions are here.  After installing the RSAT tools you need to enable the AD features.

If you have prepared your environment according to the instructions, then, after starting PowerShell enter the command import-module activedirectory

enter get-help *-ad* or get-command -Module ActiveDirectory to see all of the AD functionality that the ActiveDirectory module gives.

Sorry Windows XP users or Windows 2003 server users.  The ActiveDirectory module is not (as of yet) available for those systems.  I saw a number of forums with complaints about that but with no response so not sure if MS will ever make the module available for those systems.

Have fun.

No comments:

Post a Comment