Today we’ll show you how to install and use the Windows PowerShell Active Directory Module. You can use the cmdlets of this module to retrieve information and manage Active Directory. This module in the server OS is installed as a separate feature. On the desktop OS (Windows 10, 8.1, 7) the module is included in the Remote Server Administration Tools (RSAT). RSAT includes all the necessary management tools, command line utilities and Windows PowerShell modules for Windows servers and AD manage. You must download RSAT package for your version of the OS from the Microsoft website (how to install RSAT in Windows 10).
Active Directory Module for Windows PowerShell
The Active Directory module for Windows PowerShell first appeared in Windows Server 2008 R2. It is automatically installed on the domain controller. To use the PowerShell cmdlets from the Active Directory module, at least one controller with Windows Server 2008 R2 or higher must exist in your domain. If your network has only DCs with Windows Server 2003 or 2008, you must download and install the Active Directory Management Gateway Service. The PowerShell cmdlets from the Active Directory module interact with the web service that is part of the domain controller with the ADDS role or ADMGS.
You can install the Active Directory module for Windows PowerShell not only on the domain controller, but also on any Windows server or workstation.
In Windows Server 2016/Windows Server 2012 R2, you can install the Active Directory module for Windows PowerShell from the Server Manager graphical console using the Add Roles and Features Wizard. It is enough to start the wizard and at the stage of selecting features you need to select the item Remote Server Administration Tools > Role Administration Tools > AD DS and AD LDS Tools > Active Directory module for Windows PowerShell.
This module can also be installed using PowerShell. Open the PowerShell console as an administrator and run the following commands:
Import-Module ServerManager Add-WindowsFeature -Name "RSAT-AD-PowerShell" –IncludeAllSubFeature
In Windows 10, Windows 8.1, and Windows 7, to install the RSAT-AD-PowerShell module, you must first install the appropriate version of RSAT, then you need to enable the module (Control Panel > Programs > Turn Windows Features On or Off > Remote Server Administration Tools > Role Administration Tools > AD DS and AD LDS Tools > Active Directory module for Windows PowerShell).
Or using PowerShell:
Enable-WindowsOptionalFeature -Online -FeatureName RSATClient-Roles-AD-Powershell
Importing PowerShell Active Directory Module on Windows
In Windows 7 and Windows Server 2008 R2 with PowerShell 2.0 installed, to start using the Active Directory module, you need to import it into the PowerShell session with the command:
import-module activedirectory
In addition, you can export the module from a remote computer or server and import it into your PowerShell session:
$S = New-PSSession -ComputerName MyDomainController Export-PSsession -Session $S -Module ActiveDirectory -OutputModule RemoteAD Remove-PSSession -Session $S Import-Module RemoteAD
On Windows Server 2012 R2/2016 and Windows 8.1/Windows 10, the module is imported into the session automatically.
If the computer is included in the domain, by default a separate disk is created with the name AD:. You can go to this disk using the CD command and use the familiar commands of working with the file system to navigate this disk. The paths are in X500 format.
PS C:\> cd AD: PS AD:\> PS AD:\> dir PS AD:\> cd "DC=contoso,DC=com" PS AD:\> dir
You can display the list of available cmdlets for working with Active Directory as follows:
Get-Command -Module ActiveDirectory
Different versions of Windows (RSAT) have different number of cmdlets available:
- Windows Server 2008 R2 — 76 cmdlets
- Windows Server 2012 — 135 cmdlets
- Windows Server 2012 R2/2016 — 147 cmdlets
So now you can use the PowerShell cmdlets to manage and query Active Directory.
