Kieran Jacobsen

Kieran Jacobsen

He/Him. Microsoft MVP and GitKraken Ambassador. 🌏 Poshsecurity.com. 🏳‍🌈 Gay. 🐱 Cat owner.

Quest Active Directory CmdLets and Distribution Groups

All sysadmins will at soem point be required to clean up/report on Microsoft Exchange distribution groups within their organisation. Below are some notes I made as I was working on them recently.

Note: All of these use the Quest AD Cmdlets

I had a array of groups that had been passed to me ($groups), I wanted to add to that array the name of the user who manages that group, before passing the variable on to other things:

Function Get-ManagedbyName {
[cmdletbinding()]           

Param (
     [Parameter(Position=0, Mandatory=$True, ValueFromPipeline=$True, `
            HelpMessage="You must specify a QAD group object")]
     [Quest.ActiveRoles.ArsPowerShellSnapIn.Data.ArsGroupObject]$group
    )           

Begin {
    Write-Verbose "Starting function"
}           

Process {
    $managedby = $group.managedby
    $managedname = ""
    if (($managedby -eq "") -or ($managedby -eq $null)) {
        $managedname =  ""
    } else {
        $managedname = (get-qaduser $managedby).name
    }
    $group | Add-Member -MemberType NoteProperty -Name "ManagedbyName" `
          -Value $managedname -passthru
}           

End {
    Write-Verbose "Ending function"
}           

An example of using this would be

$groups= <get your group>

$groups| Get-ManagedbyName

A cmdlet to hide groups from the global address list:

Function hide-distributionlist {
[cmdletbinding()]           

Param (
     [Parameter(Position=0, Mandatory=$True, ValueFromPipeline=$True,
     HelpMessage="You must specify a list of groups")]
     [System.string[]]$groups
    )

Begin {
    Write-Verbose "Starting hide-distributionlists"
}           

Process {
    foreach ($group in $groups)
    {
       #move the group to:
       Move-QADObject $group -newparentcontainer "OU=disabled mailing groups, `
            OU=disabled users,OU=CSAU,DC=sunqld,DC=com,DC=au"
       #hide from addresslist
       set-qadgroup $group -objectattributes @{MSExchHideFromAddressLists=$true}
   }
}           
End {
    Write-Verbose "Ending hide-distributionlists"
}           

}

Encrypting a string using certificates and PowerShell

WiB - Web Server In A Box