{"id":2640,"date":"2013-10-29T00:01:00","date_gmt":"2013-10-29T00:01:00","guid":{"rendered":"https:\/\/blogs.technet.microsoft.com\/heyscriptingguy\/2013\/10\/29\/building-a-demo-active-directory-part-2\/"},"modified":"2013-10-29T00:01:00","modified_gmt":"2013-10-29T00:01:00","slug":"building-a-demo-active-directory-part-2","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/scripting\/building-a-demo-active-directory-part-2\/","title":{"rendered":"Building a Demo Active Directory: Part 2"},"content":{"rendered":"

Summary<\/strong>: Build Windows PowerShell variables to design an organizational unit structure.\n\"Hey, Hey, Scripting Guy!\nCan Windows PowerShell provide a consistent way to build a demo structure in Active Directory that includes organizational units and security groups?\n—RL\n\"Hey, Hello RL,\nHonorary Scripting Guy, Sean Kearney here, filling in for our good friend, Ed.\nWelcome to Part 2 of this series. To catch up, read Building a Demo Active Directory: Part 1<\/a>.\nWe absolutely can use Windows PowerShell in this way. A good friend of mine, Rick Claus from Microsoft, asked me this very same question. “Hey, Sean,” our good friend piped up after removing his Tilley. “I have to build demo environments all the time, and I would like an easier way to build the structure. I don’t suppose you know of a way to do this in Windows PowerShell, do you?”\nOf course, the minute he said, “PowerShell,” the answer was, “Yes, of course, O Green Hatted one, you can!”\nSo our first challenge is to decide what our structure will look like. As a demo environment, we probably need a decent and simple structure…maybe a main unit, some offices, and a division in each office.<\/p>\n

Contoso.local<\/p>\n

            Offices<\/p>\n

                        Seattle<\/p>\n

                                    Accounting<\/p>\n

                                    HR<\/p>\n

                                    IT<\/p>\n

                                    Exec<\/p>\n

                        Ottawa<\/p>\n

                                    Accounting<\/p>\n

                                    HR<\/p>\n

                                    IT<\/p>\n

                                    Exec<\/p>\n

                        New Orleans<\/p>\n

                                    Accounting<\/p>\n

                                    HR<\/p>\n

                                    IT<\/p>\n

                                    Exec\nThen within each division, we might want a security group. For our demo environment, we can build a simple set of names, such as:<\/p>\n

NewOrleans-Accounting<\/p>\n

Ottawa-IT<\/p>\n

Seattle–HR\nFirst we’re going to name our Base OU. In this example, we’re simply going to call it “Offices”, but you can choose any name you like. I’d recommend something that actually makes sense. Calling your Base OU “FlyingWombats” might not make very much sense. But to each, his or her own…<\/p>\n

$BaseOU=”Offices”\nNow we’re going to name six cities that will sit as children under this OU:<\/p>\n

$CityOU=”Tokyo”,”Redmond”,”Ottawa”,”Madrid”,”New Orleans”,”Queensland”\nNow we’ll define the four divisions. Of course, it could be more, but we’re going to keep this quiet simple:<\/p>\n

$DivisionOU=”Sales”,”Marketing”,”HR”,”Finance”\nSo if you’re thinking out loud, I’ll bet you’re guessing, “Oh, this looks like an easy answer!” Well, really it is!\nSo today we’ll be using the cmdlet in Active Directory called New-ADOrganizationalUnit<\/strong>. This will allow us to populate the OU’s in our Active Directory demo environment.\nTo work with these cmdlets properly, we need to supply the distinguished name for the path in many cases. So first let’s define that. Our main root, of course, will be our domain name:<\/p>\n

$Domain=”DC=Contoso,DC=local”\nNow we’ll define the path for our company OU where all the offices will exist:<\/p>\n

$CompanyPath=”OU=$BaseOU,”+$Domain\nNow that all the prep work is set up, what shall we do? Let’s build a simple loop structure to build it up! First create the base organizational unit:<\/p>\n

NEW-ADOrganizationalUnit -name $BaseOU -path $Domain\nNext we’ll step through our list of cities and create some OU’s based on them. Let’s also remember that we’ll be targeting the main CompanyPath<\/strong> as our starting point:<\/p>\n

# Gather through list of Cities<\/p>\n

Foreach ($City in $CityOU)<\/p>\n

 {<\/p>\n

 # Create OU for City<\/p>\n

 NEW-ADOrganizationalUnit -path $CompanyPath -name $City\nSo far, so good? Next we’ll step through our list of divisions and populate them. We need to adjust the path to incorporate each city as part of the path for the division:<\/p>\n

 # Gather through list of Divisions<\/p>\n

 Foreach($Division in $DivisionOU)<\/p>\n

 <\/p>\n

 {<\/p>\n

            # Create Division within City<\/p>\n

            NEW-ADOrganizationalUnit -path “OU=$City,$CompanyPath” -name $Division<\/p>\n

 }<\/p>\n

}\nWith this loop completed, we now have a rudimentary structure that we can populate. But did I mention security groups? Why yes, I did. And that’s for another story tomorrow.\nI invite you to follow the Scripting Guys on Twitter<\/a> and Facebook<\/a>. If you have any questions, send email to scripter@microsoft.com<\/a>, or post your questions on the Official Scripting Guys Forum<\/a>. See you tomorrow. Until then, peace.\nSean Kearney<\/strong>, Honorary Scripting Guy and Windows PowerShell MVP <\/p>\n","protected":false},"excerpt":{"rendered":"

Summary: Build Windows PowerShell variables to design an organizational unit structure.  Hey, Scripting Guy! Can Windows PowerShell provide a consistent way to build a demo structure in Active Directory that includes organizational units and security groups? —RL  Hello RL, Honorary Scripting Guy, Sean Kearney here, filling in for our good friend, Ed. Welcome to Part […]<\/p>\n","protected":false},"author":596,"featured_media":87096,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[7,56,3,154,45],"class_list":["post-2640","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-scripting","tag-active-directory","tag-guest-blogger","tag-scripting-guy","tag-sean-kearney","tag-windows-powershell"],"acf":[],"blog_post_summary":"

Summary: Build Windows PowerShell variables to design an organizational unit structure.  Hey, Scripting Guy! Can Windows PowerShell provide a consistent way to build a demo structure in Active Directory that includes organizational units and security groups? —RL  Hello RL, Honorary Scripting Guy, Sean Kearney here, filling in for our good friend, Ed. Welcome to Part […]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/posts\/2640","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/users\/596"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/comments?post=2640"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/posts\/2640\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/media\/87096"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/media?parent=2640"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/categories?post=2640"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/tags?post=2640"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}