How to Install Active Directory Powershell Module and Import. A prerequisite for every Windows PowerShell Active Directory (AD) task and command is to import the PowerShell Active Directory module. This commonly used module allows administrators to query and change Active Directory with PowerShell.
This article will dive into installing the PowerShell Active Directory module on a workstation or server with a Windows operating system. We will then cover how to connect to AD with PowerShell and the various ways we can authenticate to AD by importing the Active Directory module.
Before we begin, we should first be aware of the Remote Server Administration Tools or the RSAT package. If we use a machine, workstation, or server variant of Windows, we will need to install the RSAT package. The RSAT package is used for managing Windows operating system installed machines remotely.
One example of a component where the RSAT package is a prerequisite is the PowerShell Active Directory Module. When we run active directory commands, without RSAT, we will get the thrown error “The term Get-AD is unrecognized as the name of a function, cmdlet, script file, or operable program”. So we must first install the prerequisites before proceeding.
Installing RSAT on a Workstation
To install the RSAT package on our workstation, we must first determine the Windows Build currently running in our workstation. To check the build of Windows 10 that is installed on our machine, follow these steps:
First, right-click the Start menu and select Run. Alternatively, you can press Ctrl+R.
2. Once the Run window appears, type winver and hit the Enter key or press OK
3. A new window will appear that should display the Windows 10 build that is installed.
Now that we have determined our Windows Build version, we can proceed to choose the proper way of installing the RSAT package in our workstation.
Installing the RSAT Package on Windows 10 Build 1809 or Later
Starting October 2018, the RSAT package is readily available as a Feature on Demand on every Education, Enterprise, and Professional edition of Windows 10. To get RSAT running, tap the Windows key, type manage optional features in the search box and select Manage Optional Features from the menu.
The settings app will list all the optional features installed on our Windows 10 machine.
Click the + button of the Add a feature menu and scroll down through the list for the RSAT tools and add them. Alternatively, we can also install the RSAT package through PowerShell with the following command below:
If we are running an earlier version of Windows 10, we can still install RSAT, but the sequence of steps is different.
If we have an earlier build of Windows 10 (for example, if we have automatic updates turned off), we will need to install RSAT manually by downloading it from the Microsoft website. Here is how to download the RSAT suite:
These steps will install the RSAT package and integrate Active Directory Users and Computers into Windows Server, ready for us to use. However, we can also use PowerShell to install the RSAT package on the server with the following commands below:
RSAT installations will usually run smoothly with no issues, but there are occasional problems sometimes. For example, the RSAT installer uses Windows Update to install and integrate RSAT into Windows. Therefore, if we have Windows Firewall turned off, it may not work correctly.
If we have installed RSAT and it does not show up or will not install correctly, turn on Windows Firewall in the Services window, perform the installation, and turn it off again. Many Windows Update-related installations commonly cause this issue. If we have other Windows Update-related issues, check here for some common issues and solutions.
PowerShell will likely auto-import the module when installed. But if we would like to ensure it loads correctly, we can also use the Import-Module command. To import the Windows PowerShell Active Directory module, run Import-Module ActiveDirectory.
Import-Module ActiveDirectory
If the module is installed correctly, we will receive no errors when running the syntax above.
Connecting and Authenticating
Once the Active Directory module is set up, we can use the Active Directory PowerShell cmdlets. Next, we will discuss connecting to a specific Domain Controller or DC in the article’s next section.
Connecting to an AD DC
The AD cmdlets will find a DC for us by default. However, if we need to connect to a different domain controller, we can use the Server parameter. PowerShell will attempt to find a DC to connect to by default if the Server parameter has not been supplied. The DC is determined by trying the following:
Use the Server property of the objects passed in on the pipeline.
If in use, use the server associated with the AD PowerShell provider drive.
Use the domain of the client’s computer.
We can connect to a specific domain controller by providing a value for the Server parameter. We can specify several different Active Directory Domain Services objects in various formats, such as:
FQDN or NETBIOS name of the domain such as test.com.
FQDN or NETBIOS name of the server acting as the DC, such as server.test.com.
A fully-qualified domain controller and an open LDAP port such as server.domain.com:3268.
By default, the AD PowerShell cmdlets will use a two-step process for determining the user account when connecting to an Active Directory.
Use the credentials associated with the drive if the command is run from the PowerShell AD Provider.
Utilizing the credentials of the logged-on user.
The Credential parameter allows us to pass in a PSCredential object. For example, if we provide a username, the command line will prompt us for a password, and PowerShell will use these credentials. We can see an example below of using the Get-ADUser cmdlet using an alternate credential.
We also have two possible authentication types. These types are Basic and Negotiate as the default parameter. Basic authentication is only possible provided our connection is an SSL connection.
Install Active Directory PowerShell Module Conclusion
Importing the Windows PowerShell Active Directory module is a straightforward and standard process. We must first install the Remote Server Administration Tools as a prerequisite. Then, using the instructions provided in this article, we should be able to import the AD module and use Active Directory commands accordingly.
Windows Server and VMware SME. Powershell Guru. Currently working with Fortune 500 companies responsible for participating in 3rd level systems support across the enterprise. Acting as a Windows Server engineer and VMware Specialist.
00votes
Article Rating
Subscribe
Login and comment with
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.
DisagreeAgree
Login and comment with
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.