Use powershell to start Active Directory Lightweight Directory Service - powershell

Windows10 PRO & PowerShell v5.1
I used Enable-WindowsOptionalFeatures cmdlet to enable the Active Directory Lightweight Directory Services.
When I try to use Set-ADDomain, it doesn't work, because Active Directory Web Services aren't running. I know I could use the ADLDS Setup Wizard to start this service. Does any cmdlet can achieve that ?

When you have enabled the windows feature Active Directory Lightweight Directory Services then no AD LDS instance has been added yet. You can add an AD LDS instance by running %systemroot%\ADAM\adaminstall, which is possible to run in silent mode as well if you need to script it.
See https://technet.microsoft.com/en-us/library/cc816778(v=ws.10).aspx and https://technet.microsoft.com/en-us/library/cc816774(v=ws.10).aspx for more information on how to add an AD LDS instance.
The command Set-ADDomain that you mention is to be used with an AD DS domain, which is not the same thing as AD LDS.

sc [\\dc.contoso] start adws
In an elevated command prompt can do the trick.
Get-Service -Name adws [-ComputerName dc.contoso] | Start-Service
Is the Powershell pendant.
In short:
No, there isn't "the special cmdlet to start ADWS", but it's easy to use PowerShell (or cmd) to start that service.

Related

The specified module ActiveDirectory was not loaded

I have an SSIS job that executes a powershell module that's attempting to pull information from Active Directory. However, when I run the script I get this error:
The specified module ActiveDirectory was not loaded because no valid
module file was found in any module directory
I found this similar question, however they are using Windows Server 2008, whereas I am using Windows Server 2016. I tried to follow the instructions in the question, but I wasn't able to locate neither "Remote Server Administration Tools" nor "Active Directory module for Windows Powershell."
Can you check whether Active Directory Web Services service is running under services?
If not start it and run below command
Get-module -list
You can check whether Active Directory module is listed down.
Run below command to Enable Active Directory module
Add-WindowsFeature RSAT-AD-PowerShell

How To Populate Shutdown Executable field in IIS App Pool through Powershell

In Internet Information Services Manager, for each app pool, there is an option to set path to a Shutdown Executable, and any parameters under Rapid-Fail Protection in advanced settings.
I have several app pools (a couple hundred) and would like to use a PowerShell script to automate setting
the shutdown field of each one to a program I created.
Does such a PowerShell command exist? I have pored through the appropriate documentation but with no results.
Short answer? I cant figure it out in Powershell specifically, However.. using "appcmd.exe" I was able to make this happen. I wrote a script that tried to restart the app pool and emails me the result. This script gets kicked off by the rapid fail protection. I can share this script too if you like...
However, I really didnt want to manually set every app pool as you mention, so I came up with the following.. Its not as pretty or elegant as some, but, it works:
$poolList = (Get-ItemProperty -Path "IIS:\AppPools\*").name
ForEach($pool in $poolList) {
C:\Windows\System32\inetsrv\appcmd.exe set apppool "$pool" /Failure.autoshutdownParams:"D:\_Scripts\CheckPools.ps1 -PoolName $pool"
C:\Windows\System32\inetsrv\appcmd.exe set apppool "$pool" /Failure.autoshutdownexe:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
Get-ItemProperty -Path "IIS:\AppPools\$pool" -name Failure.autoshutdownexe|select *
}
I can confirm for me, with Windows 2016, this script sets the Shutdown Executable, and the Shutdown Executable Parameter. The Executable is set to launch powershell, and the parameters calls a powershell script and passes it the app pool name.

Powershell as scheduled task issue with importing module, it seems

I am attempting to configure some powershell/view powercli scripts for our VMware horizon environment. I have a powershell script that works properly to query the horizon instance and check machine states. However, when I try to run this as a scheduled task using a service account, it seems to fail to import a module, as a command is unrecognized ("The term 'Connect-HVServer' is not recognized as the name of a cmdlet, function, script file, or operable program.")
I tried profiles as well, didn't matter.
What I observed is that if I open powershell as the user in question (run as different user > authenticate as service account), leaving that powershell instance open will allow the scheduled task to run as expected. However, if i close the powershell instance, the scheduled task fails. This is obviously not viable since the goal is for this script to run on a schedule without the service account (or any account) being logged into the windows server at the time the powershell script gets run.
The problem you're running into is environment variables. In the course of running as a user versus running as machine, the PSModulePath environment variable changes to include user-directories for user-scoped module installs. You should install PowerCLI machine-wide.
Alternatives (these assume your service account has admin privileges):
Modify your $Env:PSModulePath in the script to include each user's module path
Specify the path in an Import-Module statement in your script before you use any of the cmdlets
Example of the first alternative:
foreach ($user in (Get-ChildItem -Path C:\Users)) {
$Env:PSModulePath += ";$($user.FullName)\Documents\WindowsPowerShell\Modules"
}
Example of the second:
Import-Module -Name 'C:\Users\KnownUser\Documents\WindowsPowerShell\Modules\PowerCLI'

Using 'net use' through PowerShell exhibits different behaviour when done through cmd on a Windows Server 2012 instance

I have a cloud service with the following line of code in startup.cmd:
net use n: \\<storage-account>.file.core.windows.net\scorm /u:<storage-account> <storage-password>
This successfully creates the mapped drive to point to the Azure File Services share, but it shows in Windows explorer as a disconnected drive and any attempt to remove it using the 'Disconnect' option results in a "This network connection does not exist" although if I double click the folder I am successfully able to access the files.
If I run the same command through a cmd prompt the drive shows as connected with the name of the share and the path displayed. Do I need to do anything different in the PowerShell startup command to render the same results as the cmd line prompt?
The "net use" command only connects to the share in the context you are running. So you will have to run the "net use" in the same context your role will run.
For web roles this will be "NT AUTHORITY\NETWORK SERVICE". To run "net use" in that context, you need a tool like psexec.exe, which you can download from Windows Sysinternals.
Place psexec.exe into your role's bin directory, and set up an elevated startup script with this command:
psexec -accepteula -u "NT AUTHORITY\NETWORK SERVICE" net use n: \\<storage-account>.file.core.windows.net\test /u:<storage-account> <storage-password>
Drives are mapped to your user token, and administrators have two tokens. Limited and elevated. Make sure you are using consistent tokens. I.e. if mapped while Run As Aministrator then only programs running elevated can access that mapping.

Powershell execute qdauser remotely

I'm trying to run QADuser from a server that I have install the quest cmdlets.
With remote session in able to add the snapin but I can't run the QADuser
For get-QADuser -identity xxx00 I receive
Object reference not set to an instance of an object
I run Powershell 2.0 with administrator account and I can't install quest cmdlets on my PC.
It sounds like it may be an authentication problem introduced by the remoting.
If you start with Connect-QADService, and specify the credentials does it work?