DSInternals/Documentation/PowerShell
Michael Grafnetter 29023071a0 Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
..
Add-ADDBSidHistory.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
ConvertFrom-ADManagedPasswordBlob.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
ConvertFrom-GPPrefPassword.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
ConvertFrom-UnicodePassword.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
ConvertTo-GPPrefPassword.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
ConvertTo-Hex.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
ConvertTo-KerberosKey.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
ConvertTo-LMHash.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
ConvertTo-NTHash.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
ConvertTo-OrgIdHash.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
ConvertTo-UnicodePassword.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
DSInternals.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Disable-ADDBAccount.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Enable-ADDBAccount.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Get-ADDBAccount.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Get-ADDBBackupKey.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Get-ADDBDomainController.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Get-ADDBKdsRootKey.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Get-ADDBSchemaAttribute.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Get-ADKeyCredential.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Get-ADReplAccount.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Get-ADReplBackupKey.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Get-ADSIAccount.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Get-BootKey.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Get-LsaPolicyInformation.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Get-SamPasswordPolicy.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Readme.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Remove-ADDBObject.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Save-DPAPIBlob.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Set-ADDBAccountPassword.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Set-ADDBAccountPasswordHash.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Set-ADDBBootKey.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Set-ADDBDomainController.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Set-ADDBPrimaryGroup.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Set-LsaPolicyInformation.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Set-SamAccountPasswordHash.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
Test-PasswordQuality.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00
about_DSInternals.md Documentation (Work in progress) 2018-10-14 14:10:18 +02:00

Readme.md

Module Name Module Guid Download Help Link Help Version Locale
DSInternals 766b3ad8-eb78-48e6-84bd-61b31d96b53e 1.0 en-US

DSInternals Module

Description

The DSInternals PowerShell Module exposes several internal and undocumented features of Active Directory.

DSInternals Cmdlets

Add-ADDBSidHistory

Adds one or more values to the sIDHistory attribute of an object in a ntds.dit file.

ConvertFrom-ADManagedPasswordBlob

Decodes the value of the msDS-ManagedPassword attribute of a Group Managed Service Account.

ConvertFrom-GPPrefPassword

Decodes a password from the format used by Group Policy Preferences.

ConvertFrom-UnicodePassword

Decodes a password from the format used in unattend.xml files.

ConvertTo-GPPrefPassword

Converts a password to the format used by Group Policy Preferences.

ConvertTo-Hex

Helper cmdlet that converts binary input to hexadecimal string.

ConvertTo-KerberosKey

{{Fill in the Synopsis}}

ConvertTo-LMHash

Calculates LM hash of a given password.

ConvertTo-NTHash

Calculates NT hash of a given password.

ConvertTo-OrgIdHash

Calculates OrgId hash of a given password. Used by Azure Active Directory Sync.

ConvertTo-UnicodePassword

Converts a password to the format used in unattend.xml or *.ldif files.

Disable-ADDBAccount

Disables an Active Directory account in an offline ntds.dit file.

Enable-ADDBAccount

Enables an Active Directory account in an offline ntds.dit file.

Get-ADDBAccount

Reads one or more accounts from a ntds.dit file, including secret attributes.

Get-ADDBBackupKey

Reads the DPAPI backup keys from a ntds.dit file.

Get-ADDBDomainController

Reads information about the originating DC from a ntds.dit file, including domain name, domain SID, DC name and DC site.

Get-ADDBKdsRootKey

Reads KDS Root Keys from a ntds.dit. file. Can be used to aid DPAPI-NG decryption, e.g. SID-protected PFX files.

Get-ADDBSchemaAttribute

Reads AD schema from a ntds.dit file, including datatable column names.

Get-ADKeyCredential

{{Fill in the Synopsis}}

Get-ADReplAccount

Reads one or more accounts through the DRSR protocol, including secret attributes.

Get-ADReplBackupKey

Reads the DPAPI backup keys through the DRSR protocol.

Get-ADSIAccount

{{Fill in the Synopsis}}

Get-BootKey

Reads the BootKey/SysKey from an offline SYSTEM registry hive.

Get-LsaPolicyInformation

{{Fill in the Synopsis}}

Get-SamPasswordPolicy

Queries Active Directory for the default password policy.

Remove-ADDBObject

Physically removes specified object from a ntds.dit file, making it semantically inconsistent. Highly experimental!

Save-DPAPIBlob

Saves the output of the Get-ADReplBackupKey and Get-ADDBBackupKey cmdlets to a file.

Set-ADDBAccountPassword

{{Fill in the Synopsis}}

Set-ADDBAccountPasswordHash

{{Fill in the Synopsis}}

Set-ADDBBootKey

Re-encrypts a ntds.dit with a new BootKey. Highly experimental!

Set-ADDBDomainController

Writes information about the DC to a ntds.dit file, including the highest commited USN and database epoch.

Set-ADDBPrimaryGroup

Modifies the primaryGroupId attribute of an object to a ntds.dit file.

Set-LsaPolicyInformation

{{Fill in the Synopsis}}

Set-SamAccountPasswordHash

Sets NT and LM hashes of an account through the SAMR protocol.

Test-PasswordQuality

Performs AD audit, including checks for weak, duplicate, default and empty passwords.