Skip to main content

UPDATED: AD Sites, Subnets, and Sitelinks Powershell Module

UPDATED: now supports Quest tools see v0.92 update for details

It's been a while since I have put anything on here, as noted by a few of my colleagues. I have been busy developing various ideas in PowerShell, and generally pulling together all the scripts, functions, features, techniques etc that I have learnt over the past few years.  This, and raising an ever growning young family!

It has been a very exciting journey which is far from over, but I suppose I have come to a point where I feel I have something useful to give back.

In my quest to automate AD management (one of the ideas I have been working on), I found that there isn't much in the way of Site / Subnet / Site link management in PowerShell. True, these are just objects in AD and can be referenced by get-ADobject or by the [ADSI] shortcut, or even the quest AD management tools, but formatting the configuration naming context with sub OU's is a pain - if you actually know that this is where sites and services is stored in the first place!

A while back I found the new-xadsite and new-xadsubnet blog posts which, in the end, have inspired this AADSites module. Please note that I have included a couple of the validation functions from new-xadsubnet and accredited them accordingly.


The module - my first PowerShell Module - is now in beta (version 0.9). I have tested to the nth degree, but being so close to the subject makes it very difficult to have a completely holistic view of all the options out there. I invite anyone to try it out (in a dev environment first), to see if these functions could help manage your environment and to see what else you would like included.

It is designed to easily create and manage AD Sites, AD subnets and AD Site links within PowerShell. As it is based around the MS AD PowerShell module, it is intended to follow the rules and syntax. For example, when you use new-adobject you have a "-name" parameter whereas get-adobject uses an "-identity" parameter.

At present, this module requires the MS AD Management pack. This in itself requires a DC in the Domain that has ADMGS installed (installed by default on a Windows 2008 R2 DC), and a win 7 or 2008 R2 box to run the commands on. If, reading this you are now feeling deflated in the fact that you would like to try this module out but know that there is no way you are going to convince the "owner" of your AD environment to install ADMGS just so you can test "some download", then shout at me in the comments and I will look at doing a new version using the quest tools or ADSI. Also, there are plenty of free VM downloads these days to build up a lab forest on a capable PC - that is incidentally where the entire of this module has been developed.

Installation and use
Download the zip file and extract to your modules folder. This can be found by running "explorer $pshome\modules" from a PowerShell console. To use, run "import-module AADSites"

Command list and Help
To retrieve the list of commands and get help, as with all PowerShell functions and cmdlets use the built in get-command and get-help.

Get-command -module AADSites -type function will list all the commands from the module

Get-help get-AADSite -full will display the full help file

Included functions

The below is a list of the functions available :


I will be adding the help files for each command to this blog in due course.

Download the module here




Popular posts from this blog

PowerShell 3 behavioural change

It's taken me way too long to get into PowerShell 3, I guess opportunity hasn't shown it's self until now and so, here, my V3 journey begins.

I was asked to debug a script that would run fine in PS v2 and not in v3.  The issue was a that a variable length was being checked and was failing in v3.  This is why...

In v2 if a variable is undefined, this test returns false

PS C:\windows\system32> $var.length -eq 0

In v3 the same test returns true....

PS C:\windows\system32> $var.length -eq 0

Not a biggie, but as in this case, a script has broken so something to consider!



Enable Powershell Remoting (WinRM) via Group Policy

I have been doing some testing on enabling WinRM via group policy, being that WinRM is the service that Powershell v2 sets up it remoting capabilities. Here are the GPO settings that you need to configure WinRM ....

set the winrm service to auto start

Computer Configuration \ Policies \ Windows Settings \ Security Settings \ System Services

Windows Remote Management (WS-Management)  set Startup Mode to Automatic

start the service

incorporated in to the above - you may need a restart.

create a winrm listener

Computer Configuration / Policies / Administrative Templates / Windows Components / Windows Remote Management (WinRM) / WinRM Service / Allow automatic configuration of listeners

IPv4 filter: *

* is listen on all addresses, or if you only want a particular IP address to respond use an iprange eg - don't forget that this IP range has to be valid for all hosts that fall in the scope of the GPO you are creating.  You can use -, - …

compare-object in Powershell - comparing mulitple values

I'm starting to use compare-object more and more, and one thing I noticed, is that you can compare 2 objects based on multiple attributes. here is how it is constructed...
Compare-Object -ReferenceObject $object1 -DifferenceObject $object2 -Property a,b,c,d,eIf a,b,c and d are the same, but e is different, compare object will return a difference. In the following example, I use "-eq $null" as a check because by default compare-object returns $null if the objects are the same.
#create an array of objects to check against

$collection = @()
foreach ($entry in ("aaaaa","bbbbb","ccccc","ddddd")){
   $store = "" | select "a","b","c","d","e"
   $store.a = $entry*1
   $store.b = $entry*2
   $store.c = $entry*3
   $store.d = $entry*4
   $store.e = $entry*5
   $collection += $store

#create an object similar to those in the array
$object = "" | select "a","b…