Get Multiple Users SamAccount from a Security Group of Active Directory using Powershell

Hi..Today will discuss about small powershell command with that we will get multiple user's Samaccount (Accountname/Logonname/Useraccount), other attributes.

Open your powershell ( windows 2008 server, R2 etc..)

Start -> RUN -> type powershell then type below command to Load the module.

Import-Module ActiveDirectory

or you can directly open the from Start -> Administrative Tools -> then click on the Active Directory Module
for Windows PowerShell  this is will load the Module and Powershell command propmt will open.

Now type below command to get the SamAccount of a Sercurity group

Get-ADGroupmember -Identity "Distinguished Name of the Group" | export-csv -path c:\users\XXXX\desktop\filename.csv -notypeinfo
Example:: domain name is bbntechinfo.com
Group name is : DBA Users
Ou name is : Health
So Distinuguished name of the group is :   "CN=DBA Users,OU=Health,DC=bbntechinfo,DC=com"
if you want to see the Distinuguished name of group

Go to

Start -> Administrative Tools -> Active Directory Users and Computers

Click on Action -> Find   now put the group name and click on Find now once you found the group in search results

right click on the group and properties then click on object you will see the path (Canonical name of object) of the group now go to that path and find the
group now right click  then again click on Attribute Editor in the list of attributes you will see distinguishedName select and click on edit button below
you will see the distinguishedname of that group as Value.

command would be

Get-ADGroupmember -Identity "CN=DBA Users,OU=Health,DC=bbntechinfo,DC=com" | export-csv -path c:\users\XXXX\desktop\filename.csv -notypeinfo

Once you hit enter you will get the file on your desktop with name filename.csv path your wish you can where ever you want to save the file.
now open the file you will see below columns.

Make sure that you should be a domain Admin group of that domain other wise you will not able to run the command, or run as Administrator.

distinguishedName, Name, objectClass, ObjectGUID, SamAccountName  and SID. keep what ever you want and remove other columans.

Let me know if you face any issue with above command. 

Repadmin /replicate command to trigger immediate replication

Repadmin /replicate:
Monitoring replication is vital part of managing your Active Directory network because many AD issues can be prevented by monitoring replication activity on your network. Windows Server 2008 provides a number of tools that allow problem discovery, diagnosis and resolution. In addition to the directory sere event log available in the Event Viewer, Windows Server 2008 provides several additional monitoring tools that are installed when you add the AD Domain Services role to a 2008 server. The tool discussed here formerly part of the Support Tools available on the Windows Server 2003 CD, but are now supported natively within the Windows Server 2008 operating system.

Repadmin:
Repadmin is command-line tool used for the following:

-Triggers the immediate replication of the specified directory partition to a destination domain controller from a source domain controller.
-To view the replication topology from the perspective of each domain controller. This aids in understanding how information is transferred, ultimately assisting in the isolation of replication problems.
-To manually create a replication topology if site link bridging is disabled because the network is not fully routed.
-To force replication between domain controllers when you need updates to occur immediately without waiting for the next replication cycle.
-To view the replication metadata, which is the combination of the actual data and the up-t-date vector r USN information. This is helpful in determining the most up-to-date information prior t seizing an operations master role.

The replicate command tests replication success after you remove suspected fault conditions without waiting for the replication schedule to open.

You can refer to the source or destination domain controller in any of the following ways:

    By its single-label host name
    By its fully qualified host name

 By the globally unique identifier (GUID) that is assigned to the NTDS Settings object for the domain controller. You can obtain the GUID for the directory system agent (DSA) object from the header of the output of the following command: 

repadmin /showrepl <name of domain controller>

Case-1.
Following example replicates the contoso naming context from source-dc1 to dest-dc2
Suppose Domain is contoso.com below is example...

repadmin /replicate dest-dc1 source-dc2 dc=contoso,dc=com

Example : repadmin /replicate dc1 dc2 dc=contoso,dc=com

Case-2,
Suppose your domain is ad.microsoft.com

dc1 in chicago site and dc2 in newyork site. then command would be

repadmin /replicate dc1 dc2 dc=microsoft,dc=com
If your getting any active directory partition related replication error then you should provide after dc2..

Case:3
Suppose If your getting some replication errors between two dcs resides in different sites and you knew that some partition not replicated then follow the below example command lines.

Suppose your domain is ad.microsoft.com and partition name are

Domain----------> Dc=ad,Dc=microsoft,Dc=com
Configuration----> CN=configuration,DC=ad,DC=microsoft,DC=com
schema----------> CN=schema,CN=cofiguration,DC=ad,Dc=microsoft,DC=com

dc1 in Chicago site and dc2 in new york site. then command would be

repadmin /replicate dc1 dc2  dc=microsoft,dc=com    this command for replicate between two DCs and two sites  ----command  should be successful.

repadmin /replicate dc1 dc2 dc=ad,dc=microsoft,dc=com this command is for replicate domain partition between two DCs and dcs are located in single site or different sites..
----command should be successful.

repadmin /replicate dc1 dc2 CN=Configuration, DC=ad,DC=microsoft,DC=com   this command is for replicate configuration partition between two DCs and dcs are located in single site or different sites..
----command should be successful.

repadmin /replicate dc1 dc2 CN=schema,CN=Configuration,DC=ad,DC=microsoft,DC=com   this command is for replicate schema partition between two DCs and dcs are located in single site or different sites..
----command should be successful.
The following is an example of the syntax to show all replication partners for DC1 in the Microsoft.com domain:
Repadmin /showreps DC1.Microsoft.com

There are several switches for repadmin command line tool. Type repadmin /? this is help command  you can see more switches. Guys I hope your clear about Repadmin command line tool, I will discuss more switches related to repadmin command in future… Let me know if you have any questions in the comment sections.