New-ADUser Name <string> SamAccountName <pre-windows 2000 logon name> -AccountPassword (Read-Host AsSecurestring AccountPassword ) Enabled $true ChangePasswordAtLogon $true New-ADUser Name Amy Strande SamAccountName "AmyS -GivenName Amy Surname Strande DisplayName Amy Strande AccountPassword (ConvertTo-SecureString AsPlainText Pa$$w0rd Force) Enabled $true Path OU=IT, DC=Contoso, DC=Com -Description "Vice President, IT" ChangePasswordAtLogon $true

Set-ADAccountPassword identity cn=amy strand, ou=it, dc=contoso, dc=com Reset NewPassword (ConvertTo-SecureString AsPlainText Pa$$w0rd2 Force)

Unlock-ADAccount identity cn=amy strand, ou=it, dc=contoso, dc=com

Task 1: Create a user account with Active Directory Users and Computers. Task 2: Create a user account with Windows PowerShell.

Task 1: Administer a user account. Task 2: Administer the life cycle of a user account.

Get-ADUser UserName Set-ADUser [-parameter value ] Get-ADUser Tony.Krijnen Set-ADUser office "Stockholm" Get-ADUser Filter Name like * SearchBase OU=Production, DC=Contoso, DC=Com Get-ADUser Filter Name like * SearchBase OU=Production, DC=Contoso, DC=Com Set- ADuser Department Production Company Contoso, Ltd

Task 1: Explore the properties of an Active Directory user object. Task 2: Explore all attributes of an Active Directory user object. Task 3: Analyze the naming and display of user object attributes.

Task 1: Modify the attributes of multiple user objects. Task 2: Manage user attributes by using Windows PowerShell.

Task 1: Create a user account template for Sales. Task 2: Create a new user account based on a template.

csvde -f filename

DN,objectClass,sn,givenName,sAMAccountName,userPrincipalName "CN=David Jones,OU=Employees,OU=User Accounts,DC=contoso,DC=com",user,Jones,David,david.jones,david.jones@contoso.com "CN=Lisa Andrews,OU=Employees,OU=User Accounts,DC=contoso,DC=com",user,Andrews,Lisa,lisa.andrews,lisa.andrews@contoso.com

csvde -i -f filename -k DN,objectClass,sn,givenName,sAMAccountName,userPrincipalName "CN=David Jones,OU=Employees,OU=User Accounts,DC=contoso,DC=com",user,Jones,David,david.jones,david.jones@contoso.com "CN=Lisa Andrews,OU=Employees,OU=User Accounts,DC=contoso,DC=com",user,Andrews,Lisa,lisa.andrews,lisa.andrews@contoso.com

dn: CN=Bonnie Kearney,OU=Employees,OU=User Accounts,DC=contoso,DC=com changetype: add objectclass: top objectclass: person objectclass: organizationalperson objectclass: user cn: Bonnie Kearney sn: Kearney title: Operations description: Operations (London) givenname: Bonnie displayname: Kearney, Bonnie company: Contoso, Ltd. samaccountname: bonnie.kearney userprincipalname: bonnie.kearney@contoso.com mail: bonnie.kearney@contoso.com dn: CN=Bobby Moore,OU=Employees,OU=User Accounts,DC=contoso,DC=com changetype: add objectclass: top objectclass: person

objectclass: organizationalperson objectclass: user cn: Bobby Moore sn: Moore title: Legal description: Legal (New York) givenname: Bobby displayname: Moore, Bobby company: Contoso, Ltd. samaccountname: bobby.moore userprincipalname: bobby.moore@contoso.com mail: bobby.moore@contoso.com ldifde i f newusers.ldf

Import-CSV Users.csv foreach {New-ADUser -SamAccountName $_.SamAccountName -Name $_.Name -Surname $_.Surname -GivenName $_.GivenName -Path "OU=Finance,OU=UserAccounts,DC=FABRIKAM,DC=COM" -AccountPassword (ConvertTo-SecureString -AsPlainText $_.SamAccountName -Force) -Enabled $true}

Task 1: Export users with CSVDE. csvde -f D:\LABFILES\LAB03C\UsersNamedApril.csv -r "(name=april*)" -l DN,objectClass,sAMAccountName,sn,givenName,userPrincipalName Task 2: Import users with CSVDE. csvde -i -f D:\Labfiles\LAB03C\NewUsers.csv -k

Task 1: Import users with LDIFDE. ldifde -i -f D:\Labfiles\LAB03C\NewUsers.ldf -k

Task 1: Import users with PowerShell. Set-ExecutionPolicy remotesigned D:\labfiles\Lab03c\importusers.ps1

New-ADServiceAccount [-SAMAccountName <String>] [-Path <String>] Install-ADServiceAccount -Identity <ADServiceAccount>

Task 1: Use Windows PowerShell to create and associate a managed service account. New-ADServiceAccount Name App1_SVR1 Add-ADComputerServiceAccount identity NYC-SVR1 ServiceAccount App1_SVR1 Get-ADServiceAccount -Filter 'Name -like "*"' FT Name,HostComputers A Task 2: Install a managed service account on a server. Install-ADServiceAccount -Identity App1_SVR1

To prepare for the next lab