Adaxes SDKShow AllHide All

PowerShell Module

This topic introduces PowerShell cmdlets that you can use to manage and administer Active Directory via Adaxes.

To use the Adaxes PowerShell module, you need to install the PowerShell Module for Active Directory component of Adaxes.

Active Directory Module Cmdlets

You can use Adaxes Active Directory module cmdlets to perform various administrative, configuration, and diagnostic tasks in Active Directory. You can use the module to manage users, computers, groups and Organizational Units (OUs) in all AD domains managed by Adaxes.

All cmdlets in the Adaxes PowerShell module have the Adm prefix on their nouns, for example, New-AdmUser or Enable-AdmAccount.

The following table lists all the cmdlets that are available in Adaxes Active Directory module.

CmdletDescription
Add-AdmGroupMemberAdds one or more members to an Active Directory group.
Add-AdmPrincipalGroupMembershipAdds a member to one or more Active Directory groups.
Clear-AdmAccountExpirationClears the expiration date for an Active Directory account.
Disable-AdmAccountDisables an Active Directory account.
Enable-AdmAccountEnables an Active Directory account.
Get-AdmObjectGets one or more Active Directory objects.
Get-AdmRootDSEGets the root of a Directory Server information tree.
Get-AdmUserGets one or more Active Directory users.
Get-AdmComputerGets one or more Active Directory computers.
Get-AdmGroupGets one or more Active Directory groups.
Get-AdmOrganizationalUnitGets one or more Active Directory organizational units.
Get-AdmGroupMemberGets the members of an Active Directory group.
Get-AdmPrincipalGroupMembershipGets the Active Directory groups that have a specified user, computer or group.
Move-AdmObjectMoves an Active Directory object or a container of objects to a different container or domain.
New-AdmObjectCreates an Active Directory object.
New-AdmPasswordSelfServiceEnrollmentEnrolls an Active Directory user into the Password Self-Service.
Remove-AdmPasswordSelfServiceEnrollmentDisenrolls an Active Directory user from the Password Self-Service.
New-AdmUserCreates a new Active Directory user.
New-AdmComputerCreates a new Active Directory computer.
New-AdmGroupCreates an Active Directory group.
Remove-AdmPrincipalGroupMembershipRemoves a member from one or more Active Directory groups.
New-AdmOrganizationalUnitCreates a new Active Directory organizational unit.
Remove-AdmObjectRemoves an Active Directory object.
Remove-AdmUserRemoves an Active Directory user.
Remove-AdmComputerRemoves an Active Directory computer.
Remove-AdmGroupRemoves an Active Directory group.
Remove-AdmOrganizationalUnitRemoves an Active Directory organizational unit.
Remove-AdmGroupMemberRemoves one or more members from an Active Directory group.
Rename-AdmObjectChanges the name of an Active Directory object.
Search-AdmAccountGets an Active Directory user or computer.
Set-AdmObjectModifies an Active Directory object.
Set-AdmUserModifies an Active Directory user.
Set-AdmComputerModifies an Active Directory computer object.
Set-AdmGroupModifies an Active Directory group.
Set-AdmOrganizationalUnitModifies an Active Directory organizational unit.
Set-AdmAccountControlModifies user account control (UAC) values for an Active Directory account.
Set-AdmAccountPasswordModifies the password of an Active Directory account.
Set-AdmAccountExpirationSets the expiration date for an Active Directory account.
Unlock-AdmAccountUnlocks an Active Directory account.

To get a list of all cmdlets contained in the Adaxes PowerShell module, you can use the Get-Command -Module Adaxes command. For more information about any of the Active Directory module cmdlets, use the Get-Help <cmdlet name> cmdlet, where <cmdlet name> is the name of the cmdlet that you want to research. For more detailed information, you can run any of the following cmdlets:

  • Get-Help <cmdlet name> -Full
  • Get-Help <cmdlet name> -Detailed
  • Get-Help <cmdlet name> -Examples

Operations on Active Directory objects can be performed either via the Adaxes Service, or by directly accessing Active Directory domain controllers. When using the Adaxes Service as a proxy, you benefit from Adaxes features like Active Directory automation, workflow rules, data validation policies, audit and reporting. If you want an operation to be performed via the Adaxes Service, you need to specify the AdaxesService parameter for a cmdlet:

Enable-AdmAccount -Identity johnSmith -AdaxesService localhost

Active Directory Module Provider

You can use the Adaxes Active Directory module provider to easily navigate and access data that is stored in Active Directory. The Active Directory module provider exposes the Active Directory database through a hierarchical navigation system, which is very similar to the file system. For example, while you are using the module, you can use the following commands to navigate through Active Directory:

  • cd
  • dir
  • remove
  • .
  • ..

You can use the Active Directory module provider to map Active Directory domains to specific provider drives. When the Active Directory module is first loaded, a default Active Directory drive (Adaxes:) is mounted. To connect to that drive, run the cd Adaxes: command. To connect a new drive to an Active Directory domain, use the following cmdlet:

New-PSDrive -Name <name of the drive> -PSProvider AdaxesActiveDirectory
    -Root "Adaxes:/[<Adaxes service host>/[<domain (NetBIOS/FQDN)>[<base DN>]]]"
    -Credential <domain name>\<username>

ParameterDescription
–Name <name of the drive> Specifies the name of the drive that is being added.
–PSProvider AdaxesActiveDirectory The name of the provider, in this case, AdaxesActiveDirectory.
–Root
  • <Adaxes service host> - the DNS name or IP address of the computer where your Adaxes service is running.
  • <domain (NetBIOS/FQDN)> - the Netbios or FQDN name of the AD domain.
  • <base DN> - the distinguished name (DN) of an Active Directory object (e.g. CN=Users,DC=mycompany,DC=com).
–Credential <domain name>\<username> Optional parameter that specifies the credentials that you must have to connect to the Adaxes service. If this parameter is ommitted, the credentials of the currently logged on user will be used.

Example:

New-PSDrive -Name "MyDrive" -PSProvider AdaxesActiveDirectory `
    -Root "Adaxes:/adaxeshost.company.com/domain.com/CN=Users,DC=domain,DC=com"

See Also