{"id":2777,"date":"2020-05-01T00:57:24","date_gmt":"2020-05-01T00:57:24","guid":{"rendered":"https:\/\/wiki.thomasandsofia.com\/?p=2777"},"modified":"2020-05-04T12:09:33","modified_gmt":"2020-05-04T12:09:33","slug":"8-how-to-use-powershell-with-active-directory","status":"publish","type":"post","link":"https:\/\/wiki.thomasandsofia.com\/?p=2777","title":{"rendered":"8 How to use Powershell with Active Directory"},"content":{"rendered":"<p><a href=\"\/7-securing-your-domain\/\">&lt; 7 Securing your Domain<\/a> | <a href=\"\/active-directory-and-group-policies\/\">Home<\/a> | <a href=\"\/9-active-directory-backups\/\">9 Active Directory Backups &gt;<\/a><\/p>\n<h1>34: Enabling Script Execution for Powershell<\/h1>\n<p><a href=\"https:\/\/www.udemy.com\/course\/active-directory-group-policy-2012\/learn\/lecture\/8301955#content\" target=\"_blank\" rel=\"noopener\">https:\/\/www.udemy.com\/course\/active-directory-group-policy-2012\/learn\/lecture\/8301955#content<\/a><\/p>\n<h2>Issue: Run a script in Powershell and save it can cause an error.<\/h2>\n<ul>\n<li>Start &gt; Powershell ISE (Editor?) &gt; Click dropdown to open editor pane.\n<ul>\n<li>echo &#8220;Hello, World!&#8221; &gt; Run Script (Play icon)<\/li>\n<li>File &gt; Save As &gt; \\somefolder\\somefilename<\/li>\n<li>Run again (This did not happen to me)<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<pre>File C:\\somefolder\\somefilename cannot be loaded because running scripts is disabled on this system.\u00a0 for more information, see about_Execution_Policies at http:\/\/go.microsoft.com.....<\/pre>\n<h2>Look for what might be blocking&#8230;<\/h2>\n<ul>\n<li>rsop.msc\n<ul>\n<li>Computer Config &gt; Admin Templates &gt; Windows Components &gt; Windows Powershell &gt; Turn on Script Execution &gt; <strong>Disabled<\/strong><\/li>\n<li>User Config &gt; Admin Templates &gt; Windows Components &gt; Windows Powershell &gt; Turn on Script Execution &gt; <strong>Enabled<\/strong>\n<ul>\n<li>Computer config has precedence!<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Disable it<\/h2>\n<ul>\n<li>Hint: Is in Default Domain Policy\n<ul>\n<li>Comps &gt; Policies &gt; Admin Temps &gt; Win Comps &gt; Win Powershell &gt; Turn on script execution &gt; Not configured<\/li>\n<li>Users &gt; Policies &gt; Admin Temps &gt; Win Comps &gt; Win Powershell &gt; Turn on script execution &gt; Not configured<\/li>\n<\/ul>\n<\/li>\n<li>gpupdate \/force<\/li>\n<\/ul>\n<h1>Powershell Basics<\/h1>\n<p><a href=\"https:\/\/www.udemy.com\/course\/active-directory-group-policy-2012\/learn\/lecture\/8472356#content\" target=\"_blank\" rel=\"noopener\">https:\/\/www.udemy.com\/course\/active-directory-group-policy-2012\/learn\/lecture\/8472356#content<\/a><\/p>\n<p>Focus on Powershell with Active Directory<\/p>\n<h2>Attributes<\/h2>\n<p>This isn&#8217;t a PowerShell command, but these will be used with many of the commands.<\/p>\n<ul>\n<li>AD &gt; View &gt; Advanced Features<\/li>\n<li>AD &gt; &#8230; &gt; Find Object (user, whatever) [RtClk] &gt; Properties\n<ul>\n<li>Open &#8216;Attribute Editor&#8217; tab<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>Even Better:<\/h3>\n<pre>Get-Help Set-ADUser<\/pre>\n<h2>Commands<\/h2>\n<h4>CLS<\/h4>\n<ul>\n<li>Clear Screen<\/li>\n<\/ul>\n<h4>Get-ADUser<\/h4>\n<ul>\n<li>Display information about the user including basic attributes<\/li>\n<\/ul>\n<p><strong>GetADUser -Identity &#8216;LoginName&#8217;<\/strong><\/p>\n<p><strong>GetADUser -Filter {Attribute -eq &#8216;value&#8217;}<\/strong><\/p>\n<p><strong>GetADUser -Identity &#8216;LoginName&#8217; -Properties &lt;attribute1 attribute2 &#8230;&gt;<\/strong><\/p>\n<ul>\n<li>Includes these attributes in the returned list.<\/li>\n<\/ul>\n<h4>Get-Alias<\/h4>\n<ul>\n<li>Displays command aliases, such as &#8216;cls -&gt; Clear-Host&#8217;<\/li>\n<\/ul>\n<h4>Get-Command *-AD*<\/h4>\n<ul>\n<li>Displays all commands available in PS for AD<\/li>\n<\/ul>\n<h4>Get-Help command<\/h4>\n<ul>\n<li>Help<\/li>\n<\/ul>\n<h4>Get-History<\/h4>\n<ul>\n<li>View last &#8216;handfull&#8217; of commands executed<\/li>\n<\/ul>\n<h4>Import-Module ActiveDirectory<\/h4>\n<ul>\n<li>Run this if your AD command are not available<\/li>\n<\/ul>\n<h4>Set-ADUser &#8220;sAMAccountName&#8221; -Attribute &#8220;New Value&#8221;<\/h4>\n<pre>Set-ADUser \"sales\" -EmailAddress \"sales@domain.tld\"\r\n# Alternative to set the 'Identity' but my test showed this was not needed.\r\nSet-ADUser -Identity \"sales\" ..<\/pre>\n<h4>Start-Transcripit<\/h4>\n<ul>\n<li>Stores commands in history.\u00a0 Will display the file path<\/li>\n<li>Good idea to run this as soon as you start Powershell<\/li>\n<\/ul>\n<h2>Keyboard Shortcuts<\/h2>\n<h4>Up\/Down arrows<\/h4>\n<ul>\n<li>Scroll through previous commands<\/li>\n<\/ul>\n<h4>Tab<\/h4>\n<ul>\n<li>Linux Auto-Complete<\/li>\n<li>Keep pressing tab to get all available commands<\/li>\n<\/ul>\n<h2>Variables<\/h2>\n<pre>$MyVariable = 15\r\necho $MyVariable\r\n15<\/pre>\n<p>&nbsp;<\/p>\n<h1>36: Listing AD Users with Powershell<\/h1>\n<p><a href=\"https:\/\/www.udemy.com\/course\/active-directory-group-policy-2012\/learn\/lecture\/8287286#content\" target=\"_blank\" rel=\"noopener\">https:\/\/www.udemy.com\/course\/active-directory-group-policy-2012\/learn\/lecture\/8287286#content<\/a><\/p>\n<h3>Display all users<\/h3>\n<pre># Import the active directory module\r\nImport-Module ActiveDirectory\r\n\r\n# List all AD Users &amp; limit to 100 users\r\nGet-ADUser -Filter * -ResultSetSize 100<\/pre>\n<h3>Display just names by piping through Select-Object<\/h3>\n<pre>Get-ADUser -Filter * -ResultSetSize 100 | Select-Object Name\r\n\r\nName           \r\n----           \r\nAdministrator  \r\nGuest          \r\nkrbtgt         \r\nThomas Roberts \r\nSales Guy      \r\nEngineering Guy<\/pre>\n<h3>Display Multiple Attributes<\/h3>\n<pre>Get-ADUser -Filter * -ResultSetSize 100 | Select-Object Name, UserPrincipalName, Enabled\r\n\r\nName            UserPrincipalName     Enabled\r\n----            -----------------     -------\r\nAdministrator                            True\r\nGuest                                   False\r\nkrbtgt                                  False\r\nThomas Roberts  thomas@tas.local         True\r\nSales Guy       sales@tas.local          True\r\nEngineering Guy engineering@tas.local    True<\/pre>\n<h3>Additional Attributes<\/h3>\n<pre>Get-ADUser -Filter * -ResultSetSize 100 -Properties lastLogon | Select-Object Name, UserPrincipalName, Enabled, lastLogon\r\n\r\nName            UserPrincipalName     Enabled          LastLogon\r\n----            -----------------     -------          ---------\r\nAdministrator                            True 132328447195664590\r\nGuest                                   False                  0\r\nkrbtgt                                  False                  0\r\nThomas Roberts  thomas@tas.local         True 132328333914902895\r\nSales Guy       sales@tas.local          True 132327158751384175\r\nEngineering Guy engineering@tas.local    True 132328334198648061<\/pre>\n<h3>Get all users from a specific OU<\/h3>\n<p>Get-ADUser -Filter * -SearchBase &#8220;LDAP_PATH&#8221;<\/p>\n<pre>Get-ADUser -Filter * -SearchBase \"OU=Domain Users,OU=tas,DC=tas,DC=local\" | Select-Object Name\r\n\r\n\r\nName           \r\n----           \r\nAdministrator  \r\nSales Guy      \r\nEngineering Guy\r\nThomas Roberts<\/pre>\n<h4>To get the Ldap path to the &#8216;Domain Users&#8217; OU:<\/h4>\n<h5>Using Powershell (hard way)<\/h5>\n<pre>PS C:\\&gt; cd AD:\r\nPS AD:\\&gt; dir\r\n\r\n\r\nName                 ObjectClass          DistinguishedName                                                                                     \r\n----                 -----------          -----------------                                                                                     \r\ntas                  domainDNS            DC=tas,DC=local                                                                                       \r\nConfiguration        configuration        CN=Configuration,DC=tas,DC=local                                                                      \r\nSchema               dMD                  CN=Schema,CN=Configuration,DC=tas,DC=local                                                            \r\nDomainDnsZones       domainDNS            DC=DomainDnsZones,DC=tas,DC=local                                                                     \r\nForestDnsZones       domainDNS            DC=ForestDnsZones,DC=tas,DC=local   \r\n\r\nPS AD:\\&gt; cd '.\\DC=tas,DC=local'\r\nPS AD:\\DC=tas,DC=local&gt; dir\r\n\r\nName                 ObjectClass          DistinguishedName                                                                                     \r\n----                 -----------          -----------------                                                                                     \r\nBuiltin              builtinDomain        CN=Builtin,DC=tas,DC=local                                                                            \r\nComputers            container            CN=Computers,DC=tas,DC=local                                                                          \r\nDomain Controllers   organizationalUnit   OU=Domain Controllers,DC=tas,DC=local                                                                 \r\nForeignSecurityPr... container            CN=ForeignSecurityPrincipals,DC=tas,DC=local                                                          \r\nInfrastructure       infrastructureUpdate CN=Infrastructure,DC=tas,DC=local                                                                     \r\nKeys                 container            CN=Keys,DC=tas,DC=local                                                                               \r\nLostAndFound         lostAndFound         CN=LostAndFound,DC=tas,DC=local                                                                       \r\nManaged Service A... container            CN=Managed Service Accounts,DC=tas,DC=local                                                           \r\nNTDS Quotas          msDS-QuotaContainer  CN=NTDS Quotas,DC=tas,DC=local                                                                        \r\nProgram Data         container            CN=Program Data,DC=tas,DC=local                                                                       \r\nSystem               container            CN=System,DC=tas,DC=local                                                                             \r\ntas                  organizationalUnit   OU=tas,DC=tas,DC=local                                                                                \r\nTest OU              organizationalUnit   OU=Test OU,DC=tas,DC=local                                                                            \r\nTPM Devices          msTPM-Information... CN=TPM Devices,DC=tas,DC=local                                                                        \r\nUsers                container            CN=Users,DC=tas,DC=local  \r\n\r\nPS AD:\\...&gt; cd OU=tas\r\nPS AD:\\OU=tas, DC=tas,DC=local&gt; dir\r\n\r\nName                 ObjectClass          DistinguishedName                                                                                     \r\n----                 -----------          -----------------                                                                                     \r\nDisabled Users       organizationalUnit   OU=Disabled Users,OU=tas,DC=tas,DC=local                                                              \r\nDomain Computers     organizationalUnit   OU=Domain Computers,OU=tas,DC=tas,DC=local                                                            \r\nDomain Groups        organizationalUnit   OU=Domain Groups,OU=tas,DC=tas,DC=local                                                               \r\nDomain Users         organizationalUnit   OU=Domain Users,OU=tas,DC=tas,DC=local                                                                \r\nEngineering$         volume               CN=Engineering$,OU=tas,DC=tas,DC=local                                                                \r\nSales$               volume               CN=Sales$,OU=tas,DC=tas,DC=local                                                                      \r\nTest no inherit      organizationalUnit   OU=Test no inherit,OU=tas,DC=tas,DC=local  \r\n\r\nPS AD:\\OU=tas,DC=tas,DC=local&gt; cd '.\\OU=Domain Users'\r\nPS AD:\\OU=Domain Users,OU=tas,DC=tas,DC=local&gt; # This is the ldap path!<\/pre>\n<p>ldap path = &#8220;OU=Domain Users,OU=tas,DC=tas,DC=local&#8221;<\/p>\n<h5>Using AD (Easy Way)<\/h5>\n<ul>\n<li>AD &gt; View &gt; Advanced Features<\/li>\n<li>AD &gt; &#8230; &gt; Domain Users [RtClk] &gt; Properties &gt; Attribute Editor &gt; distinguishedName<\/li>\n<\/ul>\n<p><a href=\"https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2020\/05\/getdn.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-2787\" src=\"https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2020\/05\/getdn.png\" alt=\"\" width=\"710\" height=\"456\" srcset=\"https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2020\/05\/getdn.png 710w, https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2020\/05\/getdn-300x193.png 300w, https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2020\/05\/getdn-150x96.png 150w\" sizes=\"auto, (max-width: 710px) 100vw, 710px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<h3>List all group members of a Security Group<\/h3>\n<pre>Get-ADGroupMember 'SecurityGroupName' | Select-Object Name, DistinguishedName<\/pre>\n<h3>List all Disabled accounts<\/h3>\n<pre>Search-ADAccount -AccountDisabled<\/pre>\n<h2>Export Any Output to a .CSV<\/h2>\n<pre>Get-ADUser -Filter * -SearchBase \"OU=Domain Users,OU=tas,DC=tas,DC=local\" | Select-Object Name | Export-Csv \"C:\\Domain Users.csv\"<\/pre>\n<h1>37: Configure User Roaming Profile Path with Powershell<\/h1>\n<p><a href=\"https:\/\/www.udemy.com\/course\/active-directory-group-policy-2012\/learn\/lecture\/8414098#content\" target=\"_blank\" rel=\"noopener\">https:\/\/www.udemy.com\/course\/active-directory-group-policy-2012\/learn\/lecture\/8414098#content<\/a><\/p>\n<p>Create a script that sets the\u00a0 Profile Path for all users in the Roaming Profiles group<\/p>\n<pre># Import the active directory module\r\nImport-Module ActiveDirectory\r\n\r\n# Get all members of the Roaming Profiles Group\r\nGet-ADGroupMember 'Roaming Profile Users' |\r\n    # Loop through each user\r\n    ForEach-Object {\r\n        # Do this for each member\r\n        # $_ = Current Object\r\n        Set-ADUser $_.SamAccountName -ProfilePath (\"\\\\WINAD01\\Profiles$\\\" + $_.SamAccountName)\r\n    }<\/pre>\n<p>&nbsp;<\/p>\n<h1>38: Creating User Accounts with Powershell<\/h1>\n<p><a href=\"https:\/\/www.udemy.com\/course\/active-directory-group-policy-2012\/learn\/lecture\/8287270#content\" target=\"_blank\" rel=\"noopener\">https:\/\/www.udemy.com\/course\/active-directory-group-policy-2012\/learn\/lecture\/8287270#content<\/a><\/p>\n<p>HInt:<\/p>\n<ul>\n<li>get-help new-aduser<\/li>\n<li>Boolean True \/ False must be set to 1 \/ 0<\/li>\n<li>Default &#8216;Enabled&#8217; is False<\/li>\n<\/ul>\n<pre># Import the active directory module\r\nImport-Module ActiveDirectory\r\n\r\n# You will need the distinguish name of the \"Domain Users\" OU for the user's path\r\nNew-ADUser `\r\n    -Name \"Chucky Cheese\" `\r\n    -GivenName \"Chucky\" `\r\n    -SurName \"Cheese\" `\r\n    -SamAccountName \"ccheese\" `\r\n    -AccountPassword (ConvertTo-SecureString \"Password1234\" -AsPlainText -Force) `\r\n    -Path \"OU=Domain Users,OU=tas,DC=tas,DC=local\" `\r\n    -ChangePasswordAtLogon 1 `\r\n    -Enabled 1<\/pre>\n<h3>Running the script and enter the details at run time<\/h3>\n<pre># Import the active directory module\r\nImport-Module ActiveDirectory\r\n\r\n# Get the variables from the user\r\n$firstName = Read-Host -Prompt \"First name\"\r\n$lastName = Read-Host -Prompt \"Last name\"\r\n$password = (ConvertTo-SecureString \"Password1234\" -AsPlainText -Force)\r\n$path = \"OU=Domain Users,OU=tas,DC=tas,DC=local\"\r\n\r\n# You will need the distinguish name of the \"Domain Users\" OU for the user's path\r\nNew-ADUser `\r\n    -Name \"$firstName $lastName\" `\r\n    -GivenName $firstName `\r\n    -SurName $lastName `\r\n    -SamAccountName \"$firstName.$lastName\" `\r\n    -AccountPassword $password `\r\n    -Path $path `\r\n    -ChangePasswordAtLogon 1 `\r\n    -Enabled 1<\/pre>\n<h1>39: Creating User Accounts from a CSV File<\/h1>\n<p><a href=\"https:\/\/www.udemy.com\/course\/active-directory-group-policy-2012\/learn\/lecture\/8493210#content\" target=\"_blank\" rel=\"noopener\">https:\/\/www.udemy.com\/course\/active-directory-group-policy-2012\/learn\/lecture\/8493210#content<\/a><\/p>\n<h2>Resource:<\/h2>\n<p><a href=\"https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2020\/05\/AD39-User-Accounts.csv\">AD39 User Accounts<\/a><\/p>\n<h2>Code<\/h2>\n<pre># Import the active directory module\r\nImport-Module ActiveDirectory\r\n\r\n# Import users from .csv\r\n$filepath = \"C:\\Users\\Administator\\Downloads\\AD39-User-Accounts.csv\"\r\n\r\n# Import the csv into an array\r\n$users = Import-CSV $filepath\r\n\r\n# Setup some contants\r\n$password = (ConvertTo-SecureString \"Password1234\" -AsPlainText -Force)\r\n$path = \"OU=Domain Users,OU=tas,DC=tas,DC=local\"\r\n\r\nForEach ($user in $users) {\r\n    # Do this for each user\r\n    echo (\"Adding: \" + $user.'First Name' + \" \" + $user.'Last Name')\r\n\r\n    New-ADUser `\r\n        -Name ($user.'First Name' + \" \" + $user.'Last Name') `\r\n        -GivenName $user.'First Name' `\r\n        -SurName $user.'Lirst Name' `\r\n        -SamAccountName ($user.'First Name' + \".\" + $user.'Last Name') `\r\n        -UserPrincipalName ($user.'First Name' + \".\" + $user.'Last Name') `\r\n        -Description $user.Description `\r\n        -EmailAddress $user.\"Email Address\" `\r\n        -Title $user.\"Job Title\" `\r\n        -OfficePhone $user.\"Office Phone\" `\r\n        -AccountPassword $password `\r\n        -Path $path `\r\n        -ChangePasswordAtLogon 1 `\r\n        -Enabled ([System.Convert]::ToBoolean($user.Enabled))\r\n}\r\n<\/pre>\n<p>&nbsp;<\/p>\n<h1>40: Move All Disabled Users to &#8216;Disabled Users OU&#8221; with Powershell<\/h1>\n<p>This scrip also disables any accounts in the Disabled Users OU that have NOT been disabled.<\/p>\n<p><a href=\"https:\/\/www.udemy.com\/course\/active-directory-group-policy-2012\/learn\/lecture\/8301949#content\" target=\"_blank\" rel=\"noopener\">https:\/\/www.udemy.com\/course\/active-directory-group-policy-2012\/learn\/lecture\/8301949#content<\/a><\/p>\n<pre># Import the active directory module\r\nImport-Module ActiveDirectory\r\n\r\n# List all disabled users\r\nSearch-ADAccount -AccountDisabled | Select-Object Name, DistinguishedName\r\n\r\n$disabledOU = \"OU=Disabled Users,OU=tas,DC=tas,DC=local\"\r\n\r\n# Move these users to the Diabled Users OU\r\n# This also moves users already in the disabled account!\r\nSearch-ADAccount -AccountDisabled | Move-ADObject -TargetPath $disabledOU\r\n#This filters these users out\r\nSearch-ADAccount -AccountDisabled | \r\n   Where {$_.DistinguishedName -notlike $disabledOU} | \r\n   Move-ADObject -TargetPath $disabledOU\r\n\r\n# Disable any accounts in this path that have not been disabled\r\nGet-ADUser -Filter {Enabled -eq $True} -SearchBase $disabledOU | Disable-ADAccount<\/pre>\n<h1>41: How to create AD Accounts with duplicate names<\/h1>\n<p><a href=\"https:\/\/www.udemy.com\/course\/active-directory-group-policy-2012\/learn\/lecture\/8301949#content\" target=\"_blank\" rel=\"noopener\">https:\/\/www.udemy.com\/course\/active-directory-group-policy-2012\/learn\/lecture\/8301949#content<\/a><\/p>\n<ul>\n<li>Use the original account creation script<\/li>\n<li>Create a function that checks if the acct. exists.\n<ul>\n<li>If so, return the next index digit (t.roberts, t.roberts1, t.roberts2)<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<pre># Import the active directory module\r\nImport-Module ActiveDirectory\r\n\r\n# Import users from .csv\r\n$filepath = \"C:\\scripts\\UserAccounts.csv\"\r\n\r\n# Import the csv into an array\r\n$users = Import-CSV $filepath\r\n\r\n# Setup some contants\r\n$password = (ConvertTo-SecureString \"Password1234\" -AsPlainText -Force)\r\n$path = \"OU=Domain Users,OU=tas,DC=tas,DC=local\"\r\n\r\nForEach ($user in $users) {\r\n    # Do this for each user\r\n    echo (\"Adding: \" + $user.'First Name' + \" \" + $user.'Last Name')\r\n\r\n    $accountNumber = checkName($user.'First Name'[0] + $user.'Last Name')\r\n    $userName = ($user.'First Name'[0] + $user.'Last Name' + $accountNumber)\r\n\r\n    New-ADUser `\r\n        -Name ($user.'First Name' + \" \" + $user.'Last Name' +  $accountNumber) `\r\n        -GivenName $user.'First Name' `\r\n        -SurName $user.'Lirst Name' `\r\n        -SamAccountName $userName `\r\n        -UserPrincipalName $userName `\r\n        -Description $user.Description `\r\n        -EmailAddress $user.\"Email Address\" `\r\n        -Title $user.\"Job Title\" `\r\n        -OfficePhone $user.\"Office Phone\" `\r\n        -AccountPassword $password `\r\n        -Path $path `\r\n        -ChangePasswordAtLogon 1 `\r\n        -Enabled ([System.Convert]::ToBoolean($user.Enabled))\r\n}\r\n\r\nfunction checkName($username) {\r\n    $i = 1\r\n    if ( userNameTaken($username) -eq $True) {\r\n        while ( userNameTaken($username + $i) -eq $True) {\r\n            $i++\r\n        }\r\n    } else {\r\n        return \"\"\r\n    }\r\n    return $i\r\n}\r\n\r\nfunction userNameTaken($username) {\r\n    $testPrincipal = Get-ADUser -Filter { userPrincipalName -eq $username }\r\n    $testSamAcctName = Get-ADUser -Filter { samAccountName -eq $username }\r\n    if ( $testPrincipal -eq $Null -and $testSamAcctName -eq $Null) {\r\n        return $False\r\n    } else {\r\n        return $True\r\n    }\r\n}\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>&lt; 7 Securing your Domain | Home | 9 Active Directory Backups &gt; 34: Enabling Script Execution for Powershell https:\/\/www.udemy.com\/course\/active-directory-group-policy-2012\/learn\/lecture\/8301955#content Issue: Run a script in Powershell and save it can cause an error. Start &gt; Powershell ISE (Editor?) &gt; Click dropdown to open editor pane. echo &#8220;Hello, World!&#8221; &gt; Run Script (Play icon) File &gt; ..<\/p>\n<div class=\"clear-fix\"><\/div>\n<p><a href=\"https:\/\/wiki.thomasandsofia.com\/?p=2777\" title=\"read more...\">Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[33],"tags":[],"class_list":["post-2777","post","type-post","status-publish","format-standard","hentry","category-active-directory"],"_links":{"self":[{"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/posts\/2777","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2777"}],"version-history":[{"count":21,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/posts\/2777\/revisions"}],"predecessor-version":[{"id":2814,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/posts\/2777\/revisions\/2814"}],"wp:attachment":[{"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2777"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2777"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2777"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}