ShellSpells
  • 🧙‍♂️Welcome!
    • ShellSpells
    • FAQs
    • License & Disclaimer
  • 🐧Linux
    • System Ops
      • Transcripts
      • Help
      • System Info
        • Date/Time
        • System Details
        • Patches & Updates
        • Init System Identification
        • Hostname / Host ID
        • Variables
        • Hardware & Resources
      • Filesystem
        • Traverse & Enumerate
        • Drives & Partitions
        • Shares
        • Packages
        • Connected Devices
        • Kernel Modules (Drivers)
      • Users & Groups
        • Enumerate
        • Modify
      • Network
        • Enumerate
        • Modify
      • Scheduled Jobs
        • Enumerate
        • Modify
      • Processes
        • Enumerate
        • Modify
        • Custom Script and Shared Object
        • Process I/O Redirection
      • Services
        • Enumerate
        • Modify
        • Create a Service
      • Startup/Boot Scripts
        • Enumerate
        • Modify
      • Security
        • Antivirus
        • Firewall
        • SSH Keys
      • History & Logs
        • History
        • Logs
    • File Ops
      • Search
        • Filename
        • Content
        • Users (Owners)
        • Time
        • Size
        • Permission
        • Hidden Files
        • Inode
        • Find + Exec
        • Notes
      • Enumerate Metadata
      • Modify Metadata
      • Read Content
      • Modify Content
      • Extract Content
      • Sort / Compare / Count
      • Move
      • Copy
      • Execute
      • Hash
      • Encode/Decode
      • Compress/Decompress
      • Working With Weird Filenames
    • Terminal Ops
      • Keyboard Shortcuts
      • Tmux Shortcuts
  • 🪟Windows
    • System Ops
      • Transcripts
      • Help
      • System Info
        • One-liners
        • Date/Time
        • System Details
        • Hotfixes
        • Domain or Workgroup
        • Data Execution Prevention
        • Variables
        • Hardware & Resources
      • Filesystem
        • Traverse & Enumerate
        • Drives & Partitions
        • Installed Software
        • Drivers
        • Shares
      • Registry
        • Enumerate
        • Modify
        • Forensically Relevant Keys
      • Users & Groups
        • Enumerate
        • Modify
      • Network
        • Enumerate
        • Modify
      • Scheduled Tasks
      • Processes
        • Enumerate
        • Modify
      • Services
        • Enumerate
        • Modify
      • Autorun / Startup
        • Enumerate
        • Modify
      • Security
        • Permissions
          • Enumerate
          • Page
        • Antivirus
        • Firewall
          • Enumerate
          • Modify
        • Audit Policies
        • Remoting
          • Enumerate
          • Modify
          • Registry Locations
        • Stored Credentials
      • Remote Command Execution
      • Active Directory
        • Enumerate
        • Modify
      • History & Logs
        • History
        • Logs
      • PowerShell Config
      • Scripting
      • WMIC Notes
    • File Ops
      • Search
        • Filename
        • Time
        • Size
        • Permissions
        • Attributes
        • Wildcarding
      • Enumerate Metadata
        • One Liners
        • Users (Owners)
        • Timestamps
        • Size
        • Permissions
        • Attributes
      • Modify Metadata
        • Change Owner
        • Timestamps
        • Size
        • Attributes
      • Read Content
      • Modify Content
        • Overwrite
        • Insert
        • Append
        • Replace / Remove
        • Convert Case
        • Alternate Data Streams
      • Extract Content
      • Sort / Compare / Count
        • Sort
        • Count
        • Compare
      • Move
      • Copy
      • Execute
      • Hash
      • Encode/Decode
      • Compress/Decompress
      • Working With Weird Filenames
      • Output Formatting / Filtering
      • File Formatting
      • Operators
  • ⛓️Network
    • Traffic Manipulation
      • iptables
        • Option List
        • General Commands
        • Filter Tables
        • NAT
        • Mangle
        • Filter for SSH Traffic (Example)
      • nftables
    • Packet Capture
      • Syntax
      • TCPDump Examples
    • Packet Analysis
      • Wireshark
  • 🚗Maneuver
    • SSH
    • Control Sockets
    • RDP
    • Windows Port Proxy
  • 🛩️Data Transfer
    • SCP
    • FTP
    • Netcat
      • Netcat Relays
    • Server Interactions
    • Alternate Methods
  • 🪄REGEX
    • Examples
Powered by GitBook
On this page
  • Commands
  • Guest Account
  • Add Objects
  • Users
  • Groups
  • Computer
  • OU
  • Printer
  • Share
  • DNS Record
  • Certificates
  • Modify Objects
  • Users
  • Groups
  • Delete Objects
  • Users
  • Group from the "Groups" Organizational Unit
  • Deleting an Organizational Unit (OU)
  • Computer Object
  • Contact Object
  • Printer Object
  • Security Group
  • Distribution Group
  • Application Object
  • Exchange Mailbox

Was this helpful?

  1. Windows
  2. System Ops
  3. Active Directory

Modify

Commands

dsmod user

Modifies properties of a user account.

dsmod group

Modifies properties of a group.

dsmod computer

Modifies properties of a computer object.

dsadd

Adds objects to Active Directory, such as users, groups, or organizational units.

dsmod

Modifies properties of Active Directory objects.

dsrm

Removes Active Directory objects.

dsquery

Queries Active Directory for objects that match specified criteria.

ldifde

Imports and exports data to and from Active Directory using LDIF (LDAP Data Interchange Format).

csvde

Imports and exports data to and from Active Directory using CSV (Comma-Separated Values) files.

ntdsutil

A command-line utility for managing various aspects of Active Directory, including metadata cleanup and database maintenance.

adprep

Used for preparing a forest and domain for the introduction of a new version of Windows Server.

netdom

A tool for managing computer accounts, trust relationships, and joining or disjoining computers from domains.

Set-ADUser

Modifying user account properties in Active Directory.

Set-ADGroup

Modifying group properties in Active Directory.

Set-ADComputer

Modifying computer object properties in Active Directory.

New-ADUser

Creating new user accounts in Active Directory.

New-ADGroup

Creating new groups in Active Directory.

New-ADOrganizationalUnit

Creating new organizational units in Active Directory.

Remove-ADObject

Removing Active Directory objects.

Move-ADObject

Moving Active Directory objects between organizational units.

Enable-ADAccount

Enabling disabled user accounts.

Disable-ADAccount

Disabling user accounts.

Add-ADGroupMember

Adding members to groups in Active Directory.

Remove-ADGroupMember

Removing members from groups in Active Directory.

Add-ADPrincipalGroupMembership

Adding users to groups in Active Directory.

Remove-ADPrincipalGroupMembership

Removing users from groups in Active Directory.

Guest Account

Enable guest account:

Enable-ADaccount -Identity guest

Set guest account password. Blank password:

set-adaccountpassword -identity guest

Add guest to "Domain Admins group":

Add ADGroupMember -Identity "Domain Admins" -Members guest

If guest password was set:

get-aduser -filter Distinguishedname

Create account with no password

New-ADUser -Name "bad guy" -Passwordnotrequired 1 -path  "copy from get-aduser"

Set the password:

set-adaccountpassword -identity "bad guy"

Enable account:

Enable-ADaccount -Identity "bad guy"

Add to "Domain Admins group":

Add ADGroupMember -Identity "Domain Admins" -Members "bad guy"

Remove from "Domain Admins group":

remove-aduser -identity "domain admins" -members "bad guy"

Disable guest account:

disable-adaccount -identity guest

Add Objects

Users

Add User and set properties:

dsadd user "CN=NewUser,OU=Users,DC=example,DC=com" -samid <SAMacctName -upn NewUser@example.com -fn <firstname> -ln <lastname> -display "<DisplayName>" -pwd Password123

"CN=NewUser,OU=Users,DC=example,DC=com" specifies the distinguished name (DN) of the new user.

-samid NewUser sets the SamAccountName for the user.

-upn NewUser@example.com sets the User Principal Name (UPN) for the user.

-fn [firstname] specifies the first name of the user.

-ln [lastname] specifies the last name of the user.

-display "[DisplayName]" sets the display name for the user.

-pwd Password123 specifies the initial password for the user.

Adding a User Using Command Prompt (CMD):

net user NewUser Password123 /add /domain

Adding a User Using PowerShell (New-ADUser cmdlet from RSAT):

New-ADUser -Name "NewUser" -AccountPassword (ConvertTo-SecureString "Password123" -AsPlainText -Force) -Enabled $true -PasswordNeverExpires $true

Adding a User Using PowerShell (Add-ADUser cmdlet from RSAT):

Add-ADUser -Name "NewUser" -AccountPassword (ConvertTo-SecureString "Password123" -AsPlainText -Force) -Enabled $true -PasswordNeverExpires $true

Adding a User Using Get-CimInstance (PowerShell WMI):

powershell
$UserClass = [WMIClass]("\\Domain\root\directory\LDAP").CreateInstance()
$UserClass.FullName = "CN=NewUser,CN=Users,DC=example,DC=com"
$UserClass.SamAccountName = "NewUser"
$UserClass.UserPrincipalName = "NewUser@example.com"
$UserClass.SetPassword("Password123")
$UserClass.Put()

Add user using WMIC:

wmic /namespace:\\root\directory\ldap path ds_user call createuser "CN=NewUser,CN=Users,DC=example,DC=com","Password123"

Groups

Add new group:

dsadd group "CN=NewGroup,OU=Groups,DC=example,DC=com"

Adding a Group Using PowerShell (New-ADGroup cmdlet from RSAT):

New-ADGroup -Name "NewGroup"

Add Member:

dsmod group "CN=HRGroup,OU=Groups,DC=example,DC=com" -addmbr "CN=John Doe,OU=Users,DC=example,DC=com"

Computer

Adding a Computer Using Command Prompt (CMD):

net computer NewComputer /add /domain

Adding a Computer Using PowerShell (Add-ADComputer cmdlet from RSAT):

Add-ADComputer -Name "NewComputer"

OU

Adding an Organizational Unit (OU) Using PowerShell (New-ADOrganizationalUnit cmdlet from RSAT):

New-ADOrganizationalUnit -Name "NewOU"

Printer

Adding a Printer Using PowerShell (Add-Printer cmdlet):

powershell
Add-Printer -Name "NewPrinter" -PortName "IP_192.168.1.100" -DriverName "HP Universal Print Driver" -Shared $true

Share

Adding a Shared Folder Using PowerShell (New-SmbShare cmdlet):

New-SmbShare -Name "SharedFolder" -Path "C:\SharedFolder" -FullAccess "Domain\NewUser"

DNS Record

Adding a DNS Record Using PowerShell (Add-DnsServerResourceRecordA cmdlet):

Add-DnsServerResourceRecordA -ZoneName "example.com" -Name "NewHost" -IPv4Address "192.168.1.100" -AllowUpdateAny

Certificates

Adding a Certificate Using PowerShell (Import-PfxCertificate cmdlet):

Import-PfxCertificate -FilePath "C:\NewCertificate.pfx" -CertStoreLocation "Cert:\LocalMachine\My"

Modify Objects

Users

Change User Password:

dsmod user "CN=John Doe,OU=Users,DC=example,DC=com" -pwd Password123

Change User description:

dsmod user "CN=Jane Smith,OU=Users,DC=example,DC=com" -desc "New Description"

Groups

Change Description:

dsmod group "CN=SalesGroup,OU=Groups,DC=example,DC=com" -desc "New Description"

Delete Objects

Users

User from the "Users" Container:

dsrm "CN=John Doe,OU=Users,DC=example,DC=com"

Group from the "Groups" Organizational Unit

dsrm "CN=ObsoleteGroup,OU=Groups,DC=example,DC=com"

Deleting an Organizational Unit (OU)

dsrm "OU=ObsoleteOU,DC=example,DC=com"

Computer Object

dsrm "CN=Workstation123,OU=Computers,DC=example,DC=com"

Contact Object

dsrm "CN=ContactPerson,OU=Contacts,DC=example,DC=com"

Printer Object

dsrm "CN=PrinterX,OU=Printers,DC=example,DC=com"

Security Group

dsrm "CN=SecurityGroup,OU=Groups,DC=example,DC=com"

Distribution Group

dsrm "CN=DistributionGroup,OU=Groups,DC=example,DC=com"

Application Object

dsrm "CN=AppServer,OU=Servers,DC=example,DC=com"

Exchange Mailbox

dsrm "CN=MailboxUser,OU=Users,DC=example,DC=com"
PreviousEnumerateNextHistory & Logs

Last updated 1 year ago

Was this helpful?

🪟