Local powershell script to pull AdObject without installing RSAT
-
Is this a Windows 7 pc that would be running this powershell script?
-
Doh.. it is.
Yeah no you have to install rsat there to use it.
-
@dustinb3403 said in Local powershell script to pull AdObject without installing RSAT:
Is this a Windows 7 pc that would be running this powershell script?
Yes. Win 7 Pro. PS Logon script
-
@dustinb3403 said in Local powershell script to pull AdObject without installing RSAT:
Doh.. it is.
Yeah no you have to install rsat there to use it.
Say what? you don't get the AD module unless you install RSAT? that sucks!
-
@stess said in Local powershell script to pull AdObject without installing RSAT:
@dustinb3403 said in Local powershell script to pull AdObject without installing RSAT:
Is this a Windows 7 pc that would be running this powershell script?
Yes. Win 7 Pro. PS Logon script
So you're wanting every user's machine in the company to run this script when they log into their PC?
-
@dashrender said in Local powershell script to pull AdObject without installing RSAT:
@stess said in Local powershell script to pull AdObject without installing RSAT:
@dustinb3403 said in Local powershell script to pull AdObject without installing RSAT:
Is this a Windows 7 pc that would be running this powershell script?
Yes. Win 7 Pro. PS Logon script
So you're wanting every user's machine in the company to run this script when they log into their PC?
Yes. Basically, we want to run this script to pull a value from their AD user object and add the value to existing config file for one of the program we use. It does not have to get Get-ADobject as long as we can grab the value and change it. I am looking into Get-WMIObject but so far it is not working as we want it to.
EDIT: We use AD to store this value because I feel it's a good centralized place.
-
@stess said in Local powershell script to pull AdObject without installing RSAT:
@dashrender said in Local powershell script to pull AdObject without installing RSAT:
@stess said in Local powershell script to pull AdObject without installing RSAT:
@dustinb3403 said in Local powershell script to pull AdObject without installing RSAT:
Is this a Windows 7 pc that would be running this powershell script?
Yes. Win 7 Pro. PS Logon script
So you're wanting every user's machine in the company to run this script when they log into their PC?
Yes. Basically, we want to run this script to pull a value from their AD user object and add the value to existing config file for one of the program we use. It does not have to get Get-ADobject as long as we can grab the value and change it. I am looking into Get-WMIObject but so far it is not working as we want it to.
EDIT: We use AD to store this value because I feel it's a good centralized place.
What AD value is your script pulling, we may be able to find the GET-WMI comparable. . (may)
-
@dashrender said in Local powershell script to pull AdObject without installing RSAT:
@dustinb3403 said in Local powershell script to pull AdObject without installing RSAT:
Doh.. it is.
Yeah no you have to install rsat there to use it.
Say what? you don't get the AD module unless you install RSAT? that sucks!
If you're on windows 7, yeah.
-
@stess said in Local powershell script to pull AdObject without installing RSAT:
@dashrender said in Local powershell script to pull AdObject without installing RSAT:
@stess said in Local powershell script to pull AdObject without installing RSAT:
@dustinb3403 said in Local powershell script to pull AdObject without installing RSAT:
Is this a Windows 7 pc that would be running this powershell script?
Yes. Win 7 Pro. PS Logon script
So you're wanting every user's machine in the company to run this script when they log into their PC?
Yes. Basically, we want to run this script to pull a value from their AD user object and add the value to existing config file for one of the program we use. It does not have to get Get-ADobject as long as we can grab the value and change it. I am looking into Get-WMIObject but so far it is not working as we want it to.
EDIT: We use AD to store this value because I feel it's a good centralized place.
Are users allowed to change their own ADObjects?
-
What version of Powershell do your users have?
-
@dustinb3403 said in Local powershell script to pull AdObject without installing RSAT:
@stess said in Local powershell script to pull AdObject without installing RSAT:
@dashrender said in Local powershell script to pull AdObject without installing RSAT:
@stess said in Local powershell script to pull AdObject without installing RSAT:
@dustinb3403 said in Local powershell script to pull AdObject without installing RSAT:
Is this a Windows 7 pc that would be running this powershell script?
Yes. Win 7 Pro. PS Logon script
So you're wanting every user's machine in the company to run this script when they log into their PC?
Yes. Basically, we want to run this script to pull a value from their AD user object and add the value to existing config file for one of the program we use. It does not have to get Get-ADobject as long as we can grab the value and change it. I am looking into Get-WMIObject but so far it is not working as we want it to.
EDIT: We use AD to store this value because I feel it's a good centralized place.
What AD value is your script pulling, we may be able to find the GET-WMI comparable. . (may)
Telephony > IP Phone
@dashrender said in Local powershell script to pull AdObject without installing RSAT:
@stess said in Local powershell script to pull AdObject without installing RSAT:
@dashrender said in Local powershell script to pull AdObject without installing RSAT:
@stess said in Local powershell script to pull AdObject without installing RSAT:
@dustinb3403 said in Local powershell script to pull AdObject without installing RSAT:
Is this a Windows 7 pc that would be running this powershell script?
Yes. Win 7 Pro. PS Logon script
So you're wanting every user's machine in the company to run this script when they log into their PC?
Yes. Basically, we want to run this script to pull a value from their AD user object and add the value to existing config file for one of the program we use. It does not have to get Get-ADobject as long as we can grab the value and change it. I am looking into Get-WMIObject but so far it is not working as we want it to.
EDIT: We use AD to store this value because I feel it's a good centralized place.
Are users allowed to change their own ADObjects?
I can't even get AD commands to run without AD module > which required RSAT > which my manager said he doesn't want it installed for "reasons".
@dashrender said in Local powershell script to pull AdObject without installing RSAT:
What version of Powershell do your users have?
Version 2.0
-
That information is simply readable, by anyone with RSAT.
Having RSAT installed, doesn't mean people would be able to change or reset passwords or anything else from there.
But in terms of powershell, with Windows 7 system you will be required to install RSAT.
-
@dustinb3403 said in Local powershell script to pull AdObject without installing RSAT:
That information is simply readable, by anyone with RSAT.
Having RSAT installed, doesn't mean people would be able to change or reset passwords or anything else from there.
But in terms of powershell, with Windows 7 system you will be required to install RSAT.
Yes. But I cannot goes against my manager's decision (above my pay grade + I don't want headache from arguing with him)
Alternatively, I could export the data into powershell script itself. Instead of reading from CSV, it reads data from within itself. Not sure how this will goes or is it possible
-
@stess said in Local powershell script to pull AdObject without installing RSAT:
@dustinb3403 said in Local powershell script to pull AdObject without installing RSAT:
That information is simply readable, by anyone with RSAT.
Having RSAT installed, doesn't mean people would be able to change or reset passwords or anything else from there.
But in terms of powershell, with Windows 7 system you will be required to install RSAT.
Yes. But I cannot goes against my manager's decision (above my pay grade + I don't want headache from arguing with him)
Alternatively, I could export the data into powershell script itself. Instead of reading from CSV, it reads data from within itself. Not sure how this will goes or is it possible
Using powershell (old powershell on an old OS) is the issue here.
Can you provide your script so we can see what you have going on.
-
@dustinb3403 said in Local powershell script to pull AdObject without installing RSAT:
@stess said in Local powershell script to pull AdObject without installing RSAT:
@dustinb3403 said in Local powershell script to pull AdObject without installing RSAT:
That information is simply readable, by anyone with RSAT.
Having RSAT installed, doesn't mean people would be able to change or reset passwords or anything else from there.
But in terms of powershell, with Windows 7 system you will be required to install RSAT.
Yes. But I cannot goes against my manager's decision (above my pay grade + I don't want headache from arguing with him)
Alternatively, I could export the data into powershell script itself. Instead of reading from CSV, it reads data from within itself. Not sure how this will goes or is it possible
Using powershell (old powershell on an old OS) is the issue here.
Can you provide your script so we can see what you have going on.
$csvPath = "\svfs\fileshares\IT\Tools\ipphone export-csv.csv"
$logonuser = whoami
$csv = Import-Csv -Path $csvPath
$xmlPath = "C:\ProgramData\NEC-i\PC Phone\Settings.xml"
$necXML = New-Object XML
[xml]$necXML = Get-Content $xmlPathforeach ($csvread in $csv) {
$csvusername = $csvread.username
$csvextension = $csvread.ipphone
if ($csvusername -eq $logonuser){
$necXML.CygSettings.UserName = "$csvextension"
$necXML.CygSettings.CtiExtension = "$csvextension"
$necXML.CygSettings.Password = "1234"
$necXML.CygSettings.ServerIP = "NEC"
$necXML.Save($xmlPath)
}
} -
You could try using the ADSI object... check out https://social.technet.microsoft.com/wiki/contents/articles/4231.working-with-active-directory-using-powershell-adsi-adapter.aspx
That doesn't require any AD / RSAT to be installed.
-
You can apparently deploy the DLL needed for the Ad module
I found a very Simple and elegant way to make the AD Powershell Module Portable.
you will need 3 simple things
1.) the ActiveDirectory Module Directory from a system that has it already installed.
Standard path on a 64bit windows 7
C:WindowsSystem32WindowsPowerShellv1.0Modules
2.) Global Assembly Cache Utility Available from the Windows SDK
gacutil.exe
3.) the Microsoft.ActiveDirectory.Management dll assemblyfound on a system that already has the RSAT and powershell enabled. Microsoft.ActiveDirectory.Management.dllNow in order to make this work you need to install the dll using the gacutil program. commandline is as follows.
GACUTIL.exe -I Microsoft.ActiveDirectory.Management.dll
Once installed you must copy the entire directory from item 1 to the powershell module location.
Once copied you can then use the import command to import it and start using the cmdlets. below is my batch file I wrote to automate this for deployment during SCCM.
-
@dashrender said in Local powershell script to pull AdObject without installing RSAT:
You can apparently deploy the DLL needed for the Ad module
I found a very Simple and elegant way to make the AD Powershell Module Portable.
you will need 3 simple things
1.) the ActiveDirectory Module Directory from a system that has it already installed.
Standard path on a 64bit windows 7
C:WindowsSystem32WindowsPowerShellv1.0Modules
2.) Global Assembly Cache Utility Available from the Windows SDK
gacutil.exe
3.) the Microsoft.ActiveDirectory.Management dll assemblyfound on a system that already has the RSAT and powershell enabled. Microsoft.ActiveDirectory.Management.dllNow in order to make this work you need to install the dll using the gacutil program. commandline is as follows.
GACUTIL.exe -I Microsoft.ActiveDirectory.Management.dll
Once installed you must copy the entire directory from item 1 to the powershell module location.
Once copied you can then use the import command to import it and start using the cmdlets. below is my batch file I wrote to automate this for deployment during SCCM.
It required RSAT which is a No No from my manager.
-
To pull in the details you're looking for
get-aduser $logonuser -properties *would literally pull in everything (or it should) assuming your domain controllers are modern enough.That should at least get the details, you'd have to pair it down from there. .
Should being the key. . . (would test to confirm)
-
@stess said in Local powershell script to pull AdObject without installing RSAT:
@dashrender said in Local powershell script to pull AdObject without installing RSAT:
You can apparently deploy the DLL needed for the Ad module
I found a very Simple and elegant way to make the AD Powershell Module Portable.
you will need 3 simple things
1.) the ActiveDirectory Module Directory from a system that has it already installed.
Standard path on a 64bit windows 7
C:WindowsSystem32WindowsPowerShellv1.0Modules
2.) Global Assembly Cache Utility Available from the Windows SDK
gacutil.exe
3.) the Microsoft.ActiveDirectory.Management dll assemblyfound on a system that already has the RSAT and powershell enabled. Microsoft.ActiveDirectory.Management.dllNow in order to make this work you need to install the dll using the gacutil program. commandline is as follows.
GACUTIL.exe -I Microsoft.ActiveDirectory.Management.dll
Once installed you must copy the entire directory from item 1 to the powershell module location.
Once copied you can then use the import command to import it and start using the cmdlets. below is my batch file I wrote to automate this for deployment during SCCM.
It required RSAT which is a No No from my manager.
no, it requires a part of RSAT, but not the full RSAT.
