header image

Active Directory Cookbook 4th Ed

Posted by: | August 12, 2013 | No Comment |

The Active Directory Cookbook (O’Reilly ISBN: 978-1-449-36142-6) has been a constant resource for me since the first edition covering Windows 2003. I plundered the book for a lot of my early forays in scripting AD. The cookbook supplied answers using as many as possible of the GUI tools, command line tools and scripts.

In those days VBscript was the language we had to use though a couple of scripts in other languages crept into the book. The third edition, covering Windows 2008, finally brought PowerShell into the book.  VBScript was still the predominant scripting language. The GUI and command line tools are still present. The PowerShell scripts were written using either the Quest AD cmdlets or by scripting using the .NET classes and the [adsi] & [adsisearcher] accelerators.

The fourth edition covers Windows 2012. PowerShell is now the standard scripting language – using the Microsoft cmdlets where possible and the approperiate .NET classes to fill in the gaps. VBscript is more or less removed. The command line tools and the GUI options still remain.

The book runs to 830 pages and which is a decrease from the third edition but it appears that is mainly due to the removal of the wordy VBSript examples.

The book covers the whole range of AD activity – users, groups, OUs, domain & forests, trusts, domain controllers, computers, GPO, schema, sites, replication, dns (the new DNS cmdlets in Windows 2012 are show cased), security, logging, backup, ADLS, ADFS, Exchange 2013 and FIM.

With over 465 recipes in the cookbook it covers most of the situations you are likely to meet.

A few minor cautions are needed. Firstly, the individual recipes are just that individual. If you want to create a user – you get an example.  If you want to add a user to a group – you get an example.  If you want to create a user and add to a group you need to work out how to combine the two scripts.

Secondly, the PowerShell examples aren’t always as good as they could be. They work and will get the job done but don’t always conform to best practice.

Thirdly, you need to learn PowerShell somewhere else.  This book won’t teach you and to be fair it doesn’t and shouldn’t try. The cookbook is a domain specific resource.

For the next edition I would recommend dropping the command line tools where there is a PowerShell option. Those tools will eventually disappear. Use PowerShell so you can integrate all of your Windows automation work.

This is a book that I still refer to – even if its just to check some odd AD related fact – and expect to continue to refer to as long as I’m automating AD administration tasks. I can’t recommend this book enough. Get yourself a copy – you won’t regret it.

under: Books, PowerShell and Active Directory, Windows Server 2012