In the last blog post we covered setting the goals for the project, general guidelines, how I set up a project in GitHub and the creation of the module manifest. In this blog post we will cover some of the API around ActiveDirectory that we can use in Windows PowerShell to access and query it either from a host already in the domain or with alternate credentials against a specific host.
Currently when working in Windows PowerShell there are 4 main ways to interact with Active Directory:
- ActiveDirectory module - gets installed with RSAT or when then Domain Controller role is added to a server. Varies per version of Windows.
- System.DirectoryServices Namespace - it is a .Net wrapper around the ADSI (Active Directory Service Interface) COM object. It represents a specific path or Object in AD allowing for the pulling of information and modification.
- System.DirectoryServices.ActiveDirectory namespace - It provides several .Net classes that abstract AD services. Provides access to manipulating forest, domain, site, subnet, partition, and schema are part of the object model.
- System.DirectoryServices.AccountManagement namespace provides uniform access and manipulation of user, computer, and group security principals