In a previous article we showed how to use the Set-ADComputer command in a GPO login script to store the current user information in the properties of each AD computer object. One of the remarks was that this requires the installation of RSAT with Active Directory for Windows PowerShell on all users’ computers, which may take some time. I decided to try it and see if PowerShell cmdlets could be used for the ActiveDirectory module without installing RSAT on the users computers. And I did it!
Suppose we have a server with Windows Server 2012 R2 with RSAT and RSAT-AD-PowerShell installed. Our job is to copy the RSAT-AD PowerShell files to the user’s workstation and import them to run the various cmdlets of the AD module. I deliberately use a computer with Windows 10 LTSC (based on version 1809) as a workstation to show that earlier versions of RSAT-AD-PowerShell are supported by newer versions of the operating system.
First copy all files in the module AD from Windows Server 2012 R2 to Windows 10. Create the C:PSADPoSh folder and copy all contents of C:WindowsSystem32WindowsPowerShellv1.0ModulesActiveDirectory into it.
Then copy the following files from the C:WindowsWinSxS folder:
- Microsoft.ActiveDirectory.Management.dll
- Microsoft.ActiveDirectory.resources.dll
You can find these libraries by browsing the WinSxS folder. In my example, the full paths in Windows Server 2012 R2 were as follows.
C:WindowsWinSxSamd64_microsoft.activedory.management_31bf3856ad364e35_6.3.9600.16503_none_09aa35cd49da6068Microsoft.ActiveDirectory.Management.dllC:WindowsWinSxSamd64_microsoft.activedir..anagement.resources_31bf3856ad364e35_6.3.9600.16384_en-us_efcf68718a71bcMicrosoft.ActiveDirectory.resources.dll module files .
Then copy the folder C:PSADPoSh (in my case it was about 1.3 MB) to a Windows 10 computer on which the RSAT AD module for Windows PowerShell is not installed.
Let’s try importing the Active Directory module copied in the current PowerShell session:
Import module C: PSADPoShMicrosoft.ActiveDirectory.Management.dllImport Module C: PSADPoShMicrosoft.ActiveDirectory.resources.dll
The module has been imported successfully and you can use any command in the AD module to manage and retrieve information from your AD domain (e.g. Get-ADUser, Get-ADComputer, etc.).
If the error is unable to connect to the server. This could be because the server doesn’t exist, doesn’t work, or because Active Directory Web Services doesn’t work. Make sure that Active Directory Web Services (ADWS) is running on the nearest domain controller and that TCP port 9389 is not blocked by a firewall.
You can find a CD with the ADWS role in your domain using the :
Get-ADDomainController -Discover -ADWS Service
You can test the availability of the ADWS service with the Test-NetConnection command:
Test-NetConnection DC01 – Port 9389
To execute commands on a specific domain controller, use the -Server :
Get-ADUser John.Smith -server dc01.contoso.com
You can use the PowerShell AD module commands until you exit the PowerShell session. You can use a GPO to copy AD module files to all computers in the domain.
Related Tags:
adsisearcher,powershell install dns management tools,install rsat from fod iso,rsat tools,get-aduser,adsisearcher error,import-module activedirectory,powershell ad module download windows 7,install rsat windows 10,active directory powershell scripts,powershell import ad session,powershell 7 active directory,dsacls dcsync,import-module activedirectory not found,powershell active directory module windows 10,powershell query active directory without module,powershell copy active directory module,install-module activedirectory,powershell activedirectory module without rsat,how to open active directory module for windows powershell,use powershell active directory cmdlets without installing any software,active directory module for windows powershell server 2016
