Event 4 for the PowerShell Scripting Games 2013 has closed, here are a few learning points I picked up on from entries submitted.
1) Random AD Users
The first part of this event is to work with 20 randomly selected users from Active Directory. Initial thoughts might be that this is pretty straightforward. If you use the Get-ADUser cmdlet from the AD module then you could do something like this:
Get-ADUser | Get-Random -Count 20
This might be OK for small testing environments, but could potentially have some performance issues in an AD with thousands of users. It doesn’t matter so much for this event really, but don’t forget to consider potential performance issues for the real world.
For instance, if you did have an AD environment that size you could restrict the amount of users returned with:
Get-ADUser -ResultSetSize 500 | Get-Random -Count 20
Also for this event you don’t need to bring back all of the properties of a user, just those you need to export to the report. Use of the Properties parameter would speed up the query in a large environment too.
Get-ADUser -ResultSetSize 500 -Properties Department,Title,LastLogonDate,PasswordLastSet,Enabled,LockedOut
2) Testing for additional commands
Since the AD team were slightly late to the party in terms of PowerShell and typically it was one of the first things people wanted to use PowerShell for, there are a number of different methods for accessing AD via PowerShell. You can use ADSI or .NET, the 3rd party set of cmdlets from Quest or since Windows 2008 R2 the Microsoft AD module.
In terms of this event, any of these approaches really is fine. However, I saw a few different approaches for how to test whether a snapin or module was potentially available for use, for instance checking if a cmdlet was present.
I would test it by checking if the snapin or module was installed on the system. Since Get-PSSnapin returns an error if the snapin doesn’t exist you might want to take two slightly different approaches depending on what you are working with.
try {
$PSSnapin = Get-PSSnapin Quest.Activeroles.ADManagement -Registered -ErrorAction Stop
Add-PSSnapin Quest.Activeroles.ADManagement
}
catch {
"blah blah cloud"
}
or
if ($Module = Get-Module ActiveDirectory -ListAvailable){
Import-Module ActiveDirectory
}
else {
"blah blah cloud"
}