PowerShell: Adding Active Directory Module

Windows environments often are controlled by Active Directory; hence, it is useful to include this onto your local machine as well as PowerShell scripts to perform operations on Active Directory.

function addModuleActiveDirectory{
    if(!(get-module activedirectory -ea SilentlyContinue)){
        Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
        $wuRegistryHive="REGISTRY::HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU"
        $wuKey="UseWUServer"
        
        # Detect whether WSUS is being used and bypass if necessary
        $isWsusOn=(Get-ItemProperty -Path $wuRegistryHive -Name $wuKey -EA SilentlyContinue)."$wuKey"
        if($isWsusOn){ # Turn OFF WSUS settings
            Set-ItemProperty -Path $wuRegistryHive -Name $wuKey -Value 0;
            Restart-Service wuauserv;
            } 
        
            $osType=switch ((Get-CimInstance -ClassName Win32_OperatingSystem).ProductType){
            1 {'client'}
            2 {'domaincontroller'}
            3 {'memberserver'}
            }
        $windowsVersion=[System.Environment]::OSVersion.Version
        $releaseId=(Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion").ReleaseId
        $windowsReleaseName=(Get-WmiObject -class Win32_OperatingSystem).Caption
        write-host "$windowsReleaseName with release ID $releaseId detected."
        if($osType -ne 'client'){
            # source: https://en.wikipedia.org/wiki/List_of_Microsoft_Windows_versions
            if($windowsVersion -ge [version]'6.2'){
                # If Windows Server 2012 or Newer            
                Install-WindowsFeature RSAT-AD-PowerShell
            }elseif($windowsVersion -ge [version]'6.1'){
                # The Active Directory module for Windows PowerShell first appeared on Windows Server 2008 R2.
                # It is automatically installed on the Windows Server along with ADDS role
                Import-Module ServerManager
                Add-WindowsFeature -Name "RSAT-AD-PowerShell" –IncludeAllSubFeature
            }else{
                write-warning 'This legacy machine requires a manual install of Administrative Tools pack (Adminpak.msi).'
            }
        }elseif($windowsVersion -ge [version]'6.1'){
            # Accounting for Client OS variants
            if($releaseId -ge 1809){
                Add-WindowsCapability -Online -Name Rsat.ActiveDirectory.DS-LDS.Tools~~~~0.0.1.0
            }else{
                Get-WindowsCapability -Name Rsat.ActiveDirectory* –Online|Add-WindowsCapability –Online
            }            
        }else{
            write-warning 'This legacy machine requires a manual install of Administrative Tools pack (Adminpak.msi).'
        }
        
        if($isWsusOn){ # Turn ON WSUS settings
            Set-ItemProperty -Path $wuRegistryHive -Name $wuKey -Value 1;
            Restart-Service wuauserv;
            } 
     }
    if (get-module activedirectory -ea SilentlyContinue){
        Import-Module ActiveDirectory
        return $true
    }else{
        return $false
    }
}
# Outdated code:

# includeActiveDirectoryModule.ps1
# Required: run in the context of a local administrator (to install)

Function includeActiveDirectoryModule{
if (!(get-module -Name "ActiveDirectory") -or !(get-command dsquery) ){
$osType=switch ((Get-CimInstance -ClassName Win32_OperatingSystem).ProductType){
1 {'client'}
2 {'domaincontroller'}
3 {'memberserver'}
}
try{
Install-WindowsFeature ActiveDirectory -ErrorAction Stop | out-null;
Import-Module ActiveDirectory -ErrorAction Stop | out-null;
Add-WindowsFeature RSAT-AD-PowerShell | out-null;
return $true;
}catch{
$rsatFailoverClusterInstalled=(Get-WindowsCapability -name Rsat.ActiveDirectory* -online).State;
$wuRegistryHive="REGISTRY::HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU"
$wuKey="UseWUServer"
$currentWu = Get-ItemProperty -Path $wuRegistryHive -Name $wuKey -ErrorAction SilentlyContinue | select -ExpandProperty UseWUServer
if($currentWu){
Set-ItemProperty -Path $wuRegistryHive -Name $wuKey -Value 0;
Restart-Service wuauserv;
}
if($osType -eq 'memberserver'){
Install-WindowsFeature -Name "RSAT"
}elseif ('client'){
Get-WindowsCapability -Name Rsat.ActiveDirectory* –Online|Add-WindowsCapability –Online
}
if($currentWu){
Set-ItemProperty -Path $wuRegistryHive -Name $wuKey -Value $currentWu;
Restart-Service wuauserv;
}
try {Import-Module ActiveDirectory}catch{
return $false;
};
}
}else{
write-host "ActiveDirectory Module is available on this computer.";
return $true;
}

}
includeActiveDirectoryModule;

Leave a Reply

Your email address will not be published. Required fields are marked *