1. Windows Server “Longhorn” RDP Airlift

2. Managing AD with PowerShell; Creating custom administrative consoles Dmitry Sotnikov CTO, Windows Management Quest Software

3. Agenda Windows PowerShell Command line for Active Directory Longhorn-specific functionality PowerShell in the Enterprise PowerGUI

4. Why PowerShell? Command-line & scripting has never been Windows strong side Microsoft platforms have multiple not unified command-line and scripting interfaces: cmd VBScript COM VBA WMI ADSI Various command-line utilities.NET Command-line is an afterthought

5. Windows PowerShell Next generation shell that is: As interactive and composable as BASH/KSH As programmatic as Perl/Ruby As production oriented as AS400 CL/VMS DCL Allows access to data stores as easy to access as filesystems Slide shamelessly borrowed from a presentation by Jeffrey Snover

6. Platform Availability Exchange 2007 Systems Center Operations Manager 2007 Windows XP, 2003, Vista IIS 7 Systems Center Virtual Machine Manager Active Directory All other applications in the Universe

7. How It Works filtering, etc. Get-Something Do-Something Collection of objects

8. PowerShell for AD Options ADSI Community Provider AD cmdlets

9. Command-Line for AD

10. Windows Server 2008 AD Server Core Read-Only Domain Controller Granular password policies

11. Server Core Headless installation option Bad news: no way to install PowerShell on the server Good news: you can use AD cmdlets remotely

12. Read-Only Domain Controller “Gets” happen on RODC “Sets” get automatically forwarded to full DCs Get-QADUser Set-QADUser

13. Granular Password Policies Can be associated with users or groups Multiple can be linked - one wins PowerShell is the way to manage them: New-QADPasswordSettingsObject Get-QADPasswordSettingsObject Add-QADPasswordSettingsObjectAppliesTo Remove- QADPasswordSettingsObjectAppliesTo Get-QADObjectAttributes Msds-ResultantPSo

14. Longhorn-specific PowerShell features

15. Enterprise Requirements Auditing Rules Roles Policies Approval workflows

16. Quest ActiveRoles Server Active Directory or ADAM Windows PowerShell Roles Policies Applications Databases Home Folders Exchange Mailboxes Virtual Schema Approval Workflow -proxy switch Provisioning and Management for Active Directory, ADAM and beyond… CMDLETS work directly with Active Directory or via the ActiveRoles Server proxy Automated User & Group Management ActiveRoles Domain Controller Quest ActiveRoles Server

17. Name: Robert Bobel Title: Product Manager Group: Active Directory

18. Is UI World Much Better? Every platform has its own administrative UI Once you go beyond simple one object operations you need scripting Tools are static: once a year a vendor releases what it thinks people need

19. PowerGUI – PowerShell GUI and Community Easy and extensible by community administrative console Enables easy learning of PowerShell Gives flexibility and might of PowerShell in familiar user interface PowerShell AD Exchange SharePoint Virtual Server Operations Manager PowerGUI

21. Links AD cmdlets Quest ActiveRoles Server PowerGUI Dmitry’s PowerBlog

22. © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.