Create and Manage ADUC

Question 1

What are the different methods to create AD Users and computers?

Answer 1

Through ADUC, the AD Admin Center, or through PowerShell.

*Note: Cannot copy accounts within AD Admin Center

Question 2

How do you configure AD templates?

Answer 2

1. Within ADUC, navigate to the corresponding OU where a template is needed and right click in that OU and select New > Template.
2. Once a template has been created, right click on the template and select Copy to create a new account from that template.

Question 3

How do you automate the creation of Active Directory accounts?

Answer 3

Automation is done through PowerShell using the Get, Set, New, and Remove cmdlets tied in with ADUser or ADComputer.

Within the PowerShell ISE, contains different parameter sets to pre-stage before running the command.

Question 4

What PowerShell command is used to disable accounts in AD?

Answer 4

Disable-ADAccount -Identity

Question 5

What PowerShell command is used to enable accounts in AD?

Answer 5

Enable-ADAccount -Identity

Question 6

What PowerShell command is used to unlock accounts in AD?

Answer 6

Unlock-ADAccount -Identity

Question 7

What PowerShell command is used to automate password resets?

Answer 7

Set-ADAccountPassword -Identity -Reset -NewPassword (ConvertTo-SecureString -AsPlainText -Force)

Question 8

What PowerShell cmdlet is used to search the AD Database for filters such as inactive, disabled, or expiring accounts?

Answer 8

Search-ADAccount

Question 9

What are two old school command-line utilities that can be used to export/import data from AD DS using the .csv format?

Answer 9

CSVDE and LDIFDE.

Question 10

What PowerShell cmdlet is used to import AD DS data from a .csv file?

Answer 10

Import-Csv

Question 11

How do you implement an offline domain join?

Answer 11

By utilizing the command-line utility djoin:

On DC, djoin /provision /domain /machine /savefile

On server to be joined, djoin /requestodj /loadfile /windowspath %systemroot% /localos