PowerShell module overview
This topic introduces PowerShell cmdlets that you can use to manage and administer your directory via Adaxes.
To use the Adaxes PowerShell module, you need to install the PowerShell module component of Adaxes.
PowerShell module cmdlets
You can use Adaxes PowerShell module cmdlets to perform various administrative, configuration, and diagnostic tasks. You can use the module to manage users, computers, groups and organizational units (OUs) in all the domains managed by Adaxes.
All cmdlets in the Adaxes PowerShell module have the Adm prefix on their nouns, for example, New-AdmUser or Enable-AdmAccount.
The following table lists all the cmdlets that are available in Adaxes PowerShell module.
-
Cmdlet
-
Description
-
Adds one or more members to a group.
-
Adds a member to one or more groups.
-
Clears the expiration date for a directory account.
-
Disables a directory account.
-
Enables a directory account.
-
Gets one or more directory objects.
-
Gets the root of a Directory Server information tree.
-
Gets one or more users.
-
Gets one or more computers.
-
Gets one or more groups.
-
Gets one or more organizational units.
-
Gets the members of a group.
-
Gets the groups the specified user, computer or group is a member of.
-
Moves a directory object or a container of objects to a different container or domain.
-
Creates a directory object.
-
Enrolls a user for Password Self-Service.
-
Disenrolls a user from Password Self-Service.
-
Creates a new user.
-
Creates a new Active Directory computer.
-
Creates a new group.
-
Removes a member from one or more groups.
-
Creates a new organizational unit.
-
Removes a directory object.
-
Removes a user.
-
Removes a computer.
-
Removes a group.
-
Removes an organizational unit.
-
Removes one or more members from a group.
-
Changes the name of an object.
-
Gets a directory user or computer.
-
Modifies a directory object.
-
Modifies a user.
-
Modifies a computer.
-
Modifies a group.
-
Modifies an organizational unit.
-
Modifies user account control (UAC) values for an Active Directory account.
-
Modifies the password of a directory account.
-
Sets the expiration date for a directory account.
-
Unlocks an Active Directory account.
To get a list of all cmdlets contained in the Adaxes PowerShell module, you can use the Get-Command -Module Adaxes
command. For more information about any of the module cmdlets, use the Get-Help <cmdlet name>
cmdlet, where <cmdlet name> is the name of the cmdlet that you want to research. For more detailed information, you can run any of the following cmdlets:
- Get-Help <cmdlet name> -Full
- Get-Help <cmdlet name> -Detailed
- Get-Help <cmdlet name> -Examples
Operations on directory objects can be performed either via the Adaxes service, or by directly accessing Active Directory domain controllers. When using the Adaxes Service as a proxy, you benefit from Adaxes features like Active Directory automation, workflow rules, data validation policies, audit and reporting. If you want an operation to be performed via the Adaxes Service, you need to specify the AdaxesService parameter for a cmdlet:
Enable-AdmAccount -Identity johnSmith -AdaxesService localhost
Active Directory module provider
You can use the Adaxes Active Directory module provider to easily navigate and access data that is stored in Active Directory. The Active Directory module provider exposes the Active Directory database through a hierarchical navigation system, which is very similar to the file system. For example, while you are using the module, you can use the following commands to navigate through Active Directory:
- cd
- dir
- remove
- .
- ..
You can use the Active Directory module provider to map Active Directory domains to specific provider drives. When the Active Directory module is first loaded, a default Active Directory drive (Adaxes:) is mounted. To connect to that drive, run the cd Adaxes:
command. To connect a new drive to an Active Directory domain, use the following cmdlet:
New-PSDrive -Name <name of the drive> -PSProvider AdaxesActiveDirectory
-Root "Adaxes:/[<Adaxes service host>/[<domain (NetBIOS/FQDN)>[<base DN>]]]"
-Credential <domain name>\<username>
-
Parameter
-
Description
-
–Name
<name of the drive>
-
Specifies the name of the drive that is being added.
-
–PSProvider AdaxesActiveDirectory
-
The name of the provider, in this case, AdaxesActiveDirectory.
-
–Root
-
Possible values:
- <Adaxes service host> - the DNS name or IP address of the computer where your Adaxes service is running.
- <domain (NetBIOS/FQDN)> - the Netbios or FQDN name of the AD domain.
- <base DN> - the distinguished name (DN) of an Active Directory object (e.g. CN=Users,DC=mycompany,DC=com).
-
–Credential <domain name>\<username>
-
Optional parameter that specifies the credentials that you must have to connect to the Adaxes service. If this parameter is ommitted, the credentials of the currently logged on user will be used.
Example
New-PSDrive -Name "MyDrive" -PSProvider AdaxesActiveDirectory `
-Root "Adaxes:/adaxeshost.company.com/domain.com/CN=Users,DC=domain,DC=com"