Compare-RMActiveDirectoryObject
From PowerGUI Wiki
Compares Active Directory objects.
Contents |
Syntax
Compare-RMActiveDirectoryObject -Backup1 <String> -Backup2 <String> [-BackupPassword1 <SecureString>] [-BackupPassword2 <SecureString>] [-Object <String[]>] [-Recurse] [-Attribute <String[]>] [-ObjectType <String[]>] [-ReportUnchangedAttributes] [-ReportUnchangedObjects] [-SqlLogin <String>] [-SqlPassword <SecureString>] [<CommonParameters>]
Compare-RMActiveDirectoryObject -Backup <String> [-Object <String[]>] [-Recurse] [-Attribute <String[]>] [-ObjectType <String[]>] [-ReportUnchangedAttributes] [-ReportUnchangedObjects] [-UseAgentlessMethod] [-DomainController <String>] [-Credential <PSCredential>] [-User <String>] [-Password <SecureString>] [-BackupPassword <SecureString>] [-SqlLogin <String>] [-SqlPassword <SecureString>] [<CommonParameters>]
Detailed Description
Compares Active Directory objects with their versions held in backups. The Compare-RMActiveDirectoryObject cmdlet prepares data for a report that can be viewed using the Start-RMReportViewer cmdlet.
Related Commands
Parameters
| Name | Description | Required? | Pipeline Input | Default Value |
|---|---|---|---|---|
| Backup1 | Specifies the first backup that contains the AD objects to be compared. Use this parameter if you want to compare AD objects held in backups. The backup specified in this parameter must be registered in the Recovery Manager database. | true | true (ByPropertyName) | |
| Backup2 | Specifies the second backup that contains the AD objects to be compared. Use this parameter if you want to compare AD objects held in backups. The backup specified in this parameter must be registered in the Recovery Manager database. | true | true (ByPropertyName) | |
| BackupPassword1 | Specifies the password to access the first backup, if the backup is password-protected. This is the same password that is set for the backup in the Recovery Manager console. | false | false | |
| BackupPassword2 | Specifies the password to access the second backup, if the backup is password-protected. This is the same password that is set for the backup in the Recovery Manager console. | false | false | |
| Object | Specifies the distinguished names of the objects to be compared. If this parameter is omitted, the compare operation is performed on the root domain container. | false | false | |
| Recurse | Specifies to process child objects.
This parameter applies to - Objects specified in the Object parameter. - Objects in the entire domain if the Object parameter is omitted. | false | false | |
| Attribute | Specifies the LDAP display names for the object attributes to be processed. If this parameter is not specified, all object attributes are processed. This parameter is ignored if the Recurse parameter is omitted. | false | false | |
| ObjectType | Specifies LDAP display names for the child object types to be processed. This parameter is ignored if the Recurse parameter is omitted. | false | false | |
| ReportUnchangedAttributes | Includes the object attributes that have not changed since the time of the specified backup into the operation report. | false | false | |
| ReportUnchangedObjects | Includes the objects that have not changed since the time of the specified backup into the operation report. | false | false | |
| SqlLogin | Specifies the Microsoft SQL Server login account that has sufficient permissions to access the Recovery Manager reports database on the SQL Server. | false | false | |
| SqlPassword | Specifies the password that matches the Microsoft SQL Server login account specified in the SqlLogin parameter. | false | false | |
| Backup | Specifies the backup that contains the AD objects to be compared. Use this parameter if you want to compare AD objects in a backup with their counterparts in Active Directory. | true | true (ByPropertyName) | |
| UseAgentlessMethod | Specifies to use the agentless method to access a domain controller. Use this parameter if you want to compare AD objects in a backup with their counterparts in Active Directory. If this parameter is omitted, the domain controller is accessed by using Restore Agent. This parameter is ignored if you compare AD objects in a backup with their counterparts in another backup. | false | false | |
| DomainController | Specifies the target domain controller to connect to. Use this parameter if you want to compare AD objects in a backup with their counterparts in Active Directory.
If this parameter is omitted or if you use the agent method, the connection is established to the domain controller whose backup you specified in the Backup parameter. This parameter is ignored if - The UseAgentlessMethod parameter is omitted. - You compare AD objects in a backup with their counterparts in another backup. | false | false | |
| Credential | The user name and password of the user account with which you want to connect, in the form of a PSCredential object. Use the Get-Credential cmdlet provided by Windows PowerShell to pass a PSCredential object to this parameter. Use this parameter if you want to compare AD objects in a backup with their counterparts in Active Directory. If this parameter is omitted, the credentials of current user account are used.
This parameter is ignored if you compare AD objects in a backup with their counterparts in another backup. | false | false | |
| User | The user logon name of the account with which you want to connect, in the form Domain\UserName, or in the form of a user principal name. If this parameter is omitted, the user logon name of current user account is used.
This parameter is ignored if you compare AD objects in a backup with their counterparts in another backup. | false | false | |
| Password | The password of the user account with which you want to connect. Use the Read-Host cmdlet provided by Windows PowerShell to pass a SecureString object to this parameter. If this parameter is omitted, the password of current user account is used. Use this parameter only if you specify the User parameter.
This parameter is ignored if you compare AD objects in a backup with their counterparts in another backup. | false | false | |
| BackupPassword | Specifies the password to access a password-protected backup. This is the same password that is set in the computer collection properties in the Recovery Manager console. | false | false |
Notes
The Backup 1 and Backup 2 parameters must specify backups for the same domain controller.
In the DomainController parameter, you must specify the same domain controller whose backup you specified in the Backup parameter.
Examples
Example
$b = (Get-RMBackup –Domain dom1.local | Sort-Object –Property Date)[-1] Compare-RMActiveDirectoryObject –Backup $b.Path –Object "ou=ou1,dc=dom1,dc=local" –Recurse
In this example, the Get-RMBackup cmdlet gets all backups for the dom1.local domain. The Sort-Object cmdlet then sorts backups by their creation date. The most recent backup object from the list is saved in the $b variable. The Compare-RMActiveDirectoryObject cmdlet compares the ou=ou1,dc=dom1,dc=local object and all its children in the backup saved in the $b variable and in Active Directory.
