29023071a0 | ||
---|---|---|
.. | ||
Add-ADDBSidHistory.md | ||
ConvertFrom-ADManagedPasswordBlob.md | ||
ConvertFrom-GPPrefPassword.md | ||
ConvertFrom-UnicodePassword.md | ||
ConvertTo-GPPrefPassword.md | ||
ConvertTo-Hex.md | ||
ConvertTo-KerberosKey.md | ||
ConvertTo-LMHash.md | ||
ConvertTo-NTHash.md | ||
ConvertTo-OrgIdHash.md | ||
ConvertTo-UnicodePassword.md | ||
DSInternals.md | ||
Disable-ADDBAccount.md | ||
Enable-ADDBAccount.md | ||
Get-ADDBAccount.md | ||
Get-ADDBBackupKey.md | ||
Get-ADDBDomainController.md | ||
Get-ADDBKdsRootKey.md | ||
Get-ADDBSchemaAttribute.md | ||
Get-ADKeyCredential.md | ||
Get-ADReplAccount.md | ||
Get-ADReplBackupKey.md | ||
Get-ADSIAccount.md | ||
Get-BootKey.md | ||
Get-LsaPolicyInformation.md | ||
Get-SamPasswordPolicy.md | ||
Readme.md | ||
Remove-ADDBObject.md | ||
Save-DPAPIBlob.md | ||
Set-ADDBAccountPassword.md | ||
Set-ADDBAccountPasswordHash.md | ||
Set-ADDBBootKey.md | ||
Set-ADDBDomainController.md | ||
Set-ADDBPrimaryGroup.md | ||
Set-LsaPolicyInformation.md | ||
Set-SamAccountPasswordHash.md | ||
Test-PasswordQuality.md | ||
about_DSInternals.md |
Readme.md
Module Name | Module Guid | Download Help Link | Help Version | Locale |
---|---|---|---|---|
DSInternals | 766b3ad8-eb78-48e6-84bd-61b31d96b53e | 1.0 | en-US |
DSInternals Module
Description
The DSInternals PowerShell Module exposes several internal and undocumented features of Active Directory.
DSInternals Cmdlets
Add-ADDBSidHistory
Adds one or more values to the sIDHistory attribute of an object in a ntds.dit file.
ConvertFrom-ADManagedPasswordBlob
Decodes the value of the msDS-ManagedPassword attribute of a Group Managed Service Account.
ConvertFrom-GPPrefPassword
Decodes a password from the format used by Group Policy Preferences.
ConvertFrom-UnicodePassword
Decodes a password from the format used in unattend.xml files.
ConvertTo-GPPrefPassword
Converts a password to the format used by Group Policy Preferences.
ConvertTo-Hex
Helper cmdlet that converts binary input to hexadecimal string.
ConvertTo-KerberosKey
{{Fill in the Synopsis}}
ConvertTo-LMHash
Calculates LM hash of a given password.
ConvertTo-NTHash
Calculates NT hash of a given password.
ConvertTo-OrgIdHash
Calculates OrgId hash of a given password. Used by Azure Active Directory Sync.
ConvertTo-UnicodePassword
Converts a password to the format used in unattend.xml or *.ldif files.
Disable-ADDBAccount
Disables an Active Directory account in an offline ntds.dit file.
Enable-ADDBAccount
Enables an Active Directory account in an offline ntds.dit file.
Get-ADDBAccount
Reads one or more accounts from a ntds.dit file, including secret attributes.
Get-ADDBBackupKey
Reads the DPAPI backup keys from a ntds.dit file.
Get-ADDBDomainController
Reads information about the originating DC from a ntds.dit file, including domain name, domain SID, DC name and DC site.
Get-ADDBKdsRootKey
Reads KDS Root Keys from a ntds.dit. file. Can be used to aid DPAPI-NG decryption, e.g. SID-protected PFX files.
Get-ADDBSchemaAttribute
Reads AD schema from a ntds.dit file, including datatable column names.
Get-ADKeyCredential
{{Fill in the Synopsis}}
Get-ADReplAccount
Reads one or more accounts through the DRSR protocol, including secret attributes.
Get-ADReplBackupKey
Reads the DPAPI backup keys through the DRSR protocol.
Get-ADSIAccount
{{Fill in the Synopsis}}
Get-BootKey
Reads the BootKey/SysKey from an offline SYSTEM registry hive.
Get-LsaPolicyInformation
{{Fill in the Synopsis}}
Get-SamPasswordPolicy
Queries Active Directory for the default password policy.
Remove-ADDBObject
Physically removes specified object from a ntds.dit file, making it semantically inconsistent. Highly experimental!
Save-DPAPIBlob
Saves the output of the Get-ADReplBackupKey and Get-ADDBBackupKey cmdlets to a file.
Set-ADDBAccountPassword
{{Fill in the Synopsis}}
Set-ADDBAccountPasswordHash
{{Fill in the Synopsis}}
Set-ADDBBootKey
Re-encrypts a ntds.dit with a new BootKey. Highly experimental!
Set-ADDBDomainController
Writes information about the DC to a ntds.dit file, including the highest commited USN and database epoch.
Set-ADDBPrimaryGroup
Modifies the primaryGroupId attribute of an object to a ntds.dit file.
Set-LsaPolicyInformation
{{Fill in the Synopsis}}
Set-SamAccountPasswordHash
Sets NT and LM hashes of an account through the SAMR protocol.
Test-PasswordQuality
Performs AD audit, including checks for weak, duplicate, default and empty passwords.