Appendix 2: PowerShell Setup- Active Directory

Prerequisites for Active Directory on client machine

1. PowerShell Version 5 and above.
   
2. Active Directory role installed on Server Manager on targeted server
   
3. ‘ActiveDirectory’ module on localhost and AD server
   
4. Sufficient Privileges for Active Directory Server
   

Set PowerShell Execution Policy

1. Open PowerShell command prompt in Run As Administrator mode
   

(Go to Start-> Search PowerShell -> Right Click on Windows PowerShell -> Click Run as Administrator option)

2. Change execution policy of computer to allow running PowerShell scripts by using below: 
   

command: Set-ExecutionPolicy unrestricted –Force

3. Check if execution policy is changed by using below command:
   

command: Get-ExecutionPolicy

Updating PowerShell Version

https://www.microsoft.com/en-us/download/details.aspx?id=54616

System requirements:

WMF 5.1 requires Microsoft .NET Framework 4.5 or above. You can install Microsoft .NET Framework 4.5 or above by following the instructions at Installing the .NET Framework.

Use a 64-bit version of Windows. Support for the 32-bit version the Microsoft Azure Active Directory Module for Windows PowerShell was discontinued in October, 2014.

Need to restart machine once “Windows Management Framework 5.1 “installation is completed.

Command:   $PSVersionTable

Expected output:

Name                           Value                                                                                                                     

----                           -----                                                                                                                     

PSVersion                      5.1.14409.1005

PSEdition                      Desktop                                                                                     

PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}                                                                                                   

BuildVersion                   10.0.14409.1005

CLRVersion                     4.0.30319.42000

WSManStackVersion              3.0                                                                                                                       

PSRemotingProtocolVersion      2.3                                                                                                                       

SerializationVersion           1.1.0.1                                                                                                                   

 

Modules required for Active Directory Plugins:

Module name: ActiveDirectory

Use below command to check available modules via powershell(Open powershell with run as Administrator mode) :

command: Get-Module -ListAvailable -Name ActiveDirectory

Expected output:

     Directory: C:\Windows\system32\WindowsPowerShell\v1.0\Modules

ModuleType Version    Name                                ExportedCommands                                                                                                   

---------- -------    ----                                ----------------                                                                                                   

Manifest   1.0.0.0    ActiveDirectory                     {Get-ADRootDSE, New-ADObject, Rename-ADObject, Move-ADObject...}                                                   

 

In normal Windows Desktop OS Active Directory module needs to be installed and setup. In case of Windows Server OS Active Directory module can be setup using Add features in Server Manger. 

In the following sections we describe Active Directory module setup on both Windows Desktop OS and Windows Server OS

Install Active Directory Module on Windows Desktop OS

If Active Directory module is not already installed on Windows Desktop OS following are the steps for Active Directory module installation and setup.

Prerequisites

You can use the following versions of Windows:

1. Windows 10, Windows 8.1, Windows 8 or Windows 7 Service Pack 1 (SP1)
   

Step 1: Install required software

     

1. Requires Microsoft .NET Framework 4.5 or above. You can install Microsoft .NET Framework 4.5 or above by following the instructions at Installing the .NET Framework.
   
2. Download and install RSAT (Remote Server Administration Tools) for supported windows version by referring below locations:
   

Note: Need to restart machine once RSAT is installed

Download locations for RSAT: 

1. Remote Server Administration Tools for Windows 10
2. Remote Server Administration Tools (RSAT) for Windows 8.1
3. Remote Server Administration Tools (RSAT) for Windows 8
4. Remote Server Administration Tools (RSAT) for Windows 7 with SP1 (both x86 and x64)
5. Remote Server Administration Tools (RSAT) for Windows Vista 32-bit (x86)
6. Remote Server Administration Tools (RSAT) for Windows Vista 64-bit (x64)

Step 2: Enable Tools

You must enable the tools that you want to use by using Control Panel. To do this, click Start, click Control Panel, click Programs and Features, and then click Turn Windows features on or off. (See the following figure.)

In the RSAT releases for Windows 10, Windows 8.1, and Windows 8, tools are again all enabled by default. You can open Turn Windows features on or off to disable tools that you don't want to use. In RSAT for Windows 10, Windows 8.1, and Windows 8, you access GUI-based tools on the Tools menu from within the Server Manager console.

To install Active Directory on Windows Vista and Windows 7, click on Remote Server Administration Tools, click on Role Administration Tools, check the AD DS and AD LDS Tools option and click on OK. 

Install ActiveDirectory Module on Windows Server OS

Prerequisites

You can use the following versions of Windows:

Step 1: Install required software

Note: These steps are required once on your computer, not every time you connect. 

1. Requires Microsoft .NET Framework 4.5 or above. You can install Microsoft .NET Framework 4.5 or above by following the instructions at Installing the .NET Framework.
   

Step 2: Enable Tools

If you have to install management tools on Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012 R2 for specific roles or features that are running on remote servers, you don't have to install additional software. Start the Add Features Wizard in Windows Server 2008 or Windows Server 2008 R2 or the Add Roles and Features Wizard in Windows Server 2012 and later versions. Then, on the Select Features page, expand Remote Server Administration Tools, and then select the tools that you want to install. Complete the wizard to install your management tools. (See the following screen shot.)

Step 3: Confirm Module Availability

Use below command to check available modules via powershell(Open powershell with run as Administrator mode)  :

command: Get-Module -ListAvailable -Name ActiveDirectory

Expected output:

Directory: C:\Windows\system32\WindowsPowerShell\v1.0\Modules ModuleType Version    Name                                ExportedCommands                                                                                                    ---------- -------    ----                                ----------------                                                                                                    Manifest   1.0.0.0    ActiveDirectory                     {Get-ADRootDSE, New-ADObject, Rename-ADObject, Move-ADObject...}