Server 2012 R2 Powershell

Override UAC restrictions on running elevated processes on workgroup

New-ItemProperty -Name LocalAccountTokenFilterPolicy -path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -propertyType DWord -value 1

Get ADComputer lastLogonDate

Get-ADComputer -SearchBase 'CN=Users,DC=xxx,DC=com,DC=SG' -Filter * -Properties * | FT Name,LastLogonDate
Get-ADComputer -SearchBase 'CN=Computers,DC=xxx,DC=com,DC=SG' -Filter * -Properties * | Sort LastLogonDate | FT Name,LastLogonDate

Get-ADComputer -Filter * -Properties * | FT Name, LastLogonDate -Autosize
Get-ADComputer -Filter * -Properties * | sort LastLogonDate | FT Name, LastLogonDate -Autosize

Get all XP machines

Get-ADComputer -Filter * -Properties * | FT Name, LastLogonDate, OperatingSystem -Autosize
Get-ADComputer -Filter * -Properties * | Sort OperatingSystem | FT Name, LastLogonDate, OperatingSystem -Autosize

Enable inheritance on all AD user accounts

Error: Insufficient access rights to perform the operation

Security Tab > Select Advance > Enable the check box Include Inheritable Permissions from this object’s parent

AD DS deployment

Import-Module ADDSDeployment
Install-ADDSForest `
-CreateDnsDelegation:$false `
-DatabasePath "C:\Windows\NTDS" `
-DomainMode "Win2012R2" `
-DomainName "" `
-DomainNetbiosName "2012GUI" `
-ForestMode "Win2012R2" `
-InstallDns:$true `
-LogPath "C:\Windows\NTDS" `
-NoRebootOnCompletion:$false `
-SysvolPath "C:\Windows\SYSVOL" `

Prevent registering unwanted NIC(s) in DNS on a Mulithomed Domain Controller

On Unwanted NIC TCP/IP Properties -> Advanced -> DNS - > Uncheck "Register this connections Address in DNS"

DNS server console > highlight server > Properties > Interfaces tab > select "listen on only the following IP addresses"

Zone properties > Name server tab > Select FQDN server > Edit > Remove unwanted IP address associated in the list

Add Active Directory Schema snap-in (MMC)

Run CMD as administrator and enter below command
regsvr32 schmmgmt.dll

2012 Server Core

Enable RDP

# Turn on RDPs

# Enable or disable Firewall for RDP
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
Disable-NetFirewallRule -DisplayGroup "Remote Desktop"

# Verify setting
Get-netfirewallrule -DisplayGroup "Remote Desktop" | Ft Name, Enabled -a

Join core to domain

Add-computer -DomainName

#Confirm it's joined to domain and restart computer
Get-wmiObject -Class Win32_ComputerSystem

Core to Domain Controller

Import-Module ADDSDeployment
Install-ADDSDomainController `
-NoGlobalCatalog:$false `
-CreateDnsDelegation:$false `
-CriticalReplicationOnly:$false `
-DatabasePath "C:\Windows\NTDS" `
-DomainName "" `
-InstallDns:$true `
-LogPath "C:\Windows\NTDS" `
-NoRebootOnCompletion:$false `
-SiteName "Default-First-Site-Name" `
-SysvolPath "C:\Windows\SYSVOL" `

Minimum administrative privileges required for a user to administer Core server

Enable Remote Management for Core to be managed by another host

#Event Viewer
Enable-NetFirewallRule -DisplayGroup "Remote Event Log Management"

Enable-NetFirewallRule -DisplayGroup "Remote Service Management"

#Shared Folders
Enable-NetFirewallRule -DisplayGroup "File And Printer Sharing"

#Task Scheduler
Enable-NetFirewallRule -DisplayGroup "Performance Logs and Alerts"

#Disk Management(requires on both core and host managing core)
Enable-NetFirewallRule -DisplayGroup "Remote Volume Management"

#Required to enable service name "Virtual Disk" on core
Set-Service VDS -StartupType Automatic

#Windows Firewall with Advanced Security
Enable-NetFirewallRule -DisplayGroup "Windows Firewall Remote Management"

#MMC snap-ins
Enable-NetFirewallRule -DisplayGroup "Remote Administration"

#IP Security Monitor On/Off/view
Cscript \windows\system32\scregedit.wsf /im 1
Cscript \windows\system32\scregedit.wsf /im 0
Cscript \windows\system32\scregedit.wsf /im /v

Checking DNS


Query system info


Enable Windows update on Core (Run over Remote Desktop RDP, not remote shell)

sconfig > 5 > Automatic

#View current setting
cscript C:\windows\System32\SCregEdit.wsf /AU /v

#Stop Windows Update service
net stop wuauserv

#Enable Automatic Windows Update
cscript C:\windows\System32\SCregEdit.wsf /AU /4

#Disable Windows Update
cscript C:\windows\System32\SCregEdit.wsf /AU /1

#Start Windows Update service
net start wuauserv

Remove old domain controller (still online)

Import-Module ADDSDeployment
Uninstall-ADDSDomainController `
-Credential (Get-Credential) `
-DemoteOperationMasterRole:$true `
-DnsDelegationRemovalCredential (Get-Credential) `
-RemoveDnsDelegation:$true `

Enable PSRemoting


Test-WSMan serverName

Install driver on Core

pnputil –i –a <driver.inf>

#list installed drivers
sc query type= driver

To disable a device driver

sc query type= driver
sc delete <service_name_get_from_sc_query_type=_driver>

Enable Firewall for remote management (Computer Management)

Enable-NetFirewallRule -DisplayGroup "Windows Remote Management"
Enable-NetFirewallRule -DisplayGroup "Remote Event Log Management"
Enable-NetFirewallRule -DisplayGroup "Remote Volume Management"
Set-Service VDS -StartupType Automatic

Get-NetFirewallRule | Select DisplayGroup -Unique | Sort DisplayGroup
Enable-NetFirewallRule -name RVM-RPCSS-In-TCP,RVM-VDSLDR-In-TCP,RVM-VDS-In-TCP

Add static route on Windows to survive reboot (persistent)

#Add persistent route
route -p add MASK
route -p add MASK

#To remove route
route -p delete
route -p delete

#View existing route
route print

Add static route without Default Gateway

route -p add MASK

Convert a disk to GPT

list disk 
select disk # 
convert gpt 
list disk

Active Directory

# To install AD DS
Install-WindowsFeature AD-Domain-Services

# To install first DC in new forest
Install-ADDSForest -DomainName -CreateDNSDelegation DomainMode Win2008 – ForestMode Win 2008 R2 -DatabasePath "d:\NTDS" -SysvolPath "d:\SYSVOL" –LogPath "e:\Logs" 

# To install first DC in a child or tree domain

# To install additional domain controller in domain

Install DHCP RSAT (Remote Server administration Tool)

Install-WindowsFeature -Name RSAT -DHCP

Find version and Build No

gwmi win32_operatingsystem | % caption
(Get-ItemProperty -Path c:\windows\system32\hal.dll).VersionInfo.FileVersion

Find Windows key that is embedded in the BIOS/UEFI

wmic path softwarelicensingservice get OA3xOriginalProductKey
powershell "(Get-WmiObject -query 'select * from SoftwareLicensingService').OA3xOriginalProductKey"

Get AD members

#Domain Admins
Get-ADGroupMember "Domain Admins"
Get-AdGroupMember "Enterprise Admins" -recursive
Get-ADGroupMember "administrators"

A user is member of (including nested groups)

dsget user "CN=User Name Kim XYZ,OU=X,dc=XXX,dc=com,dc=sg" -memberof
dsget user "CN=User Name Kim XYZ,OU=X,dc=XXX,dc=com,dc=sg" -memberof -expand

Rename domain computer

Rename-Computer -ComputerName OldPC -NewName NewPC -domaincredential
Rename-Computer -ComputerName OldPC -NewName NewPC -domaincredential -Restart

Count number of object in an OU

Get-ADComputer -SearchBase "OU=XXX Computers,DC=XXX,DC=COM,DC=SG" -Filter {Enabled -eq $true} -Properties CanonicalName | Group-Object {($_.CanonicalName -Split "/")}

Search AD PasswordNeverExpires

Search-ADAccount -PasswordNeverExpires -UsersOnly
Search-ADAccount -PasswordNeverExpires -UsersOnly | FT Name, ObjectClass, PasswordNeverExpires -AutoSize
Search-ADAccount -PasswordNeverExpires -UsersOnly -SearchBase "OU=Users_365,DC=xxx,DC=com,DC=sg" | FT Name, ObjectClass, PasswordNeverExpires -AutoSize

Get-ADUser -Filter {PasswordNeverExpires -eq $true}
Get-ADUser -Filter {PasswordNeverExpires -eq $true -AND enabled -eq $true}
Get-ADUser -Filter {PasswordNeverExpires -eq $true -AND enabled -eq $true} -SearchBase "OU=Users_365,DC=xxx,DC=com,DC=sg"
Get-ADUser -Filter {PasswordNeverExpires -eq $true -AND enabled -eq $true} -SearchBase "OU=Users_365,DC=xxx,DC=com,DC=sg" -Properties * | FT Name, UserprincipalName, ObjectClass,PasswordNeverExpires -AutoSize

Check for disk bad sector and repair

chkdsk C: /f /r /x

Redircmp (change newly joined computers to another OU)

#Set new location

redircmp OU="XXX Computers OU",DC=XXX,dc=COM,DC=SG

#Verify changes
Get-ADDomain | select ComputersContainer

Remove network drive

#Get network drives
gwmi win32_networkconnection

Remove-PSDrive -Name K
NET USE\\serverB\sharex /delete

Common PowerShell command

Find total number of cores on your CPU

WMIC CPU Get DeviceID,NumberOfCores
WMIC CPU Get DeviceID,NumberOfCores,NumberOfLogicalProcessors,SocketDesignation

Find 32-bit or 64-bit OS

gwmi win32_operatingsystem | select osarchitecture

Get System Enclosure (SerialNumber)

wmic bios get SerialNumber
Get-WmiObject win32_SystemEnclosure
Get-WmiObject win32_bios | format-list SerialNumber

Who logged in

#Currently logged in user
gwmi win32_computersystem | select USername, Caption, Manufacturer

#Previously logged in users
gwmi win32_loggedonuser | select Antecedent
gwmi win32_loggedonuser | select Antecedent -Unique
dir env:user*

Force time update

W32tm /resync /force

Check status

w32tm /query /status

Set NTP manually

w32tm /config /

Configure a client PC to sync time from the domain

w32tm /config /syncfromflags:domhier /update

net stop w32time
net start w32time

Create shared folder

Create shared tmp

(Get-WmiObject Win32_Share -List).Create("C:\tmp", "tmp",0);

Delete shared tmp

if ($share = Get-WmiObject -Class Win32_Share -Filter "Name='tmp'") { $share.delete() }

Enable Firewall

netsh advfirewall firewall set rule group="File and Printer Sharing" new enable=yes

Check who is PDC (Primary domain controller)

Get-ADComputer(Get-ADDomainController -Discover -Service "PrimaryDC").name
Get-ADDomainController -Discover -Service "PrimaryDC"

Create snapshot of Active Directory

ntdsutil: snapshot
snapshot: Activate Instance ntds
snapshot: create

List and mount snapshot

snapshot: list all
snapshot: mount {4598e3c6-f54f-436f-baeb-d73105e9619e}

Run instance of Active Directory from the snapshot

dsamain /dbpath C:\$SNAP_201704211025_VOLUMEC$\Windows\NTDS\ntds.dit /ldapPort 33389

Run Active Directory Users and Computers (dsa.msc)

Get AD Users Password Expiry Dates

Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False} –Properties "DisplayName", "msDS-UserPasswordExpiryTimeComputed" | Select-Object -Property "Displayname",@{Name="ExpiryDate";Expression={[datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")}}

Expiring passwords sorted

Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False} –Properties "DisplayName", "msDS-UserPasswordExpiryTimeComputed" | sort "msDS-UserPasswordExpiryTimeComputed" | Select-Object -Property "Displayname",@{Name="ExpiryDate";Expression={[datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")}}

Logon script



Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top