DSInternals

3.0

The DSInternals PowerShell Module exposes several internal features of Active Directory.

DISCLAIMER: Features exposed through this module are not supported by Microsoft and it is therefore not intended to be used in production environments. Improper use might cause irreversible damage to domain controllers or negatively impact domain security.

Minimum PowerShell version

3.0

Installation Options

Copy and Paste the following command to install this package using PowerShellGet More Info

Install-Module -Name DSInternals -RequiredVersion 3.0

Copy and Paste the following command to install this package using Microsoft.PowerShell.PSResourceGet More Info

Install-PSResource -Name DSInternals -Version 3.0

You can deploy this package directly to Azure Automation. Note that deploying packages with dependencies will deploy all the dependencies to Azure Automation. Learn More

Manually download the .nupkg file to your system's default download location. Note that the file won't be unpacked, and won't include any dependencies. Learn More

Owners

Copyright

(c) 2015-2018 Michael Grafnetter. All rights reserved.

Package Details

Author(s)

  • Michael Grafnetter

Tags

ActiveDirectory Security

Cmdlets

ConvertTo-NTHash ConvertTo-LMHash Set-SamAccountPasswordHash ConvertFrom-UnicodePassword ConvertTo-UnicodePassword ConvertTo-OrgIdHash ConvertFrom-GPPrefPassword ConvertTo-GPPrefPassword Add-ADDBSidHistory Set-ADDBPrimaryGroup Get-ADDBDomainController Set-ADDBDomainController Get-ADDBSchemaAttribute Remove-ADDBObject Get-ADDBAccount Get-BootKey Get-ADReplAccount ConvertTo-Hex ConvertTo-KerberosKey ConvertFrom-ADManagedPasswordBlob Get-ADDBBackupKey Get-ADReplBackupKey Save-DPAPIBlob Set-ADDBBootKey Test-PasswordQuality Get-ADDBKdsRootKey Get-SamPasswordPolicy Get-ADSIAccount Enable-ADDBAccount Disable-ADDBAccount Get-ADKeyCredential Set-ADDBAccountPassword Set-ADDBAccountPasswordHash

Dependencies

This module has no dependencies.

Release Notes

- Added the Set-ADDBAccountPassword and Set-ADDBAccountPasswordHash for offline password modification.
- The Test-PasswordQuality cmdlet now supports NTLM hash list from haveibeenpwned.com.
- Added the Get-ADKeyCredential for linked credential generation (AKA Windows Hello for Business).
- The Get-ADDBAccount, Get-ADReplAccount and Get-ADSIAccount cmdlets now display linked credentials.
- Databases from Windows Server 2016 can now be read on non-DCs.
- Added the ConvertTo-KerberosKey cmdlet for key generation.
- The Save-DPAPIBlob now generates scripts for mimikatz.
- The Save-DPAPIBlob cmdlet now accepts pipeline input from both Get-ADDBBackupKey and ADDBAccount cmdlets.
- Added Views JohnNTHistory, HashcatNTHistory and NTHashHistory.
- The Get-ADDBDomainController cmdlet now displays domain and forest functional levels.
- The Set-ADDBDomainController cmdlet can now be used to modify backup expiration.
- The Get-ADDBAccount cmdlet now reports progress when retrieving multiple accounts.

FileList

Version History

Version Downloads Last updated
4.14 30,377 4/13/2024
4.13 296,016 12/20/2023
4.12 157,745 10/6/2023
4.11 12,904 10/1/2023
4.10 28,935 9/16/2023
4.9 534,141 2/25/2023
4.8 265,709 12/6/2022
4.7 1,192,460 10/30/2021
4.6 24,385 10/19/2021
4.5 13,452 10/13/2021
4.4.1 236,734 7/18/2020
4.4 6,427 7/3/2020
4.3 52,889 4/2/2020
4.2 3,185 3/18/2020
4.1 13,734 12/12/2019
4.0 694 12/4/2019
3.6.1 6,183 8/10/2019
3.6 1,990 6/27/2019
3.5 2,710 5/10/2019
3.4 601 4/23/2019
3.3 1,681 3/2/2019
3.2.1 1,483 1/4/2019
3.1 165 12/29/2018
3.0 (current version) 2,209 9/29/2018
2.23 2,214 7/7/2018
2.22 7,135 5/1/2017
2.21.2 138 4/19/2017
2.21.1 74 4/14/2017
2.21 259 3/25/2017
2.20 2,412 11/15/2016
2.19 282 10/21/2016
2.18 224 10/2/2016
2.17 145 9/16/2016
2.16.1 131,412 8/8/2016
2.16 70 8/7/2016
2.15 273 6/18/2016
2.14 243 4/30/2016
2.13.1 249 2/25/2016
2.13 63 2/21/2016
2.12 81 2/7/2016
2.11.1 51 2/3/2016
2.10 112 1/14/2016
2.9 72 12/27/2015
2.8 184 10/20/2015
2.7 122 9/30/2015
2.6 65 9/21/2015
2.5 86 9/14/2015
2.4 76 9/5/2015
Show less