Whenever someone tells me that my insistence that domain controllers should never have a GUI (Graphical User Interface) I introduce them to the Remote Server Administration Tools, and all is well. Yes, you can manage your Active Directory Domain Services (AD DS) from the comfort of your Windows 11 (or Windows 10) PC with the MMC consoles that you know and love.
With that said, most of what we do in Active Directory can be done in PowerShell. Take creating a user, for instance.
New-ADUser iName Mitch –DisplayName “Mitch Garvis” –EmailAddress mgarvis@behike.ca –GivenName Mitch –Surname Garvis
Add-ADGroupMember –Identity “Bloggers” –Members Mitch
Set-ADAccountPassword Mitch –Reset –NewPassword (ConvertTo-SecureString –AsPlainText “P@55w.rd” –Force –Verbose”) –PassThru
Enable-ADAccount –Identity Mitch
These four lines are all you need to:
- Create the user account.
- Add the account to a security group.
- Set the password for the user.
- Enable the user account.
Of course, there are a lot more things that we could configure when we create the user, including all of the criteria that can be configured in the Active Directory Users and Computers (ADUC) console… but since these are the ones that most people use, I decided to keep the cmdlets short and sweet. For a full list of options, from the PowerShell prompt type Get-Help New-ADUser.
The World According to Mitch 
Leave a Reply