Book Review: Learn Active Directory Management in a Month of Lunches


The Learn Active Directory Management in a Month of Lunches book by PowerShell MVP Richard Siddaway is now available on the website via their Early Access Program (MEAP). As Richard says in Chapter 1: This book is “A straight forward guide to administering Active Directory delivered in lunch sized pieces”. It focuses on what you need to know to do your job as an Active Directory administrator in the real world.

When I first heard of this book, I was excited because I thought it would be a pure PowerShell book since it’s written by a PowerShell MVP who has written other books that are dedicated to PowerShell. I was also looking for a book on Active Directory that was updated for PowerShell version 3. What I discovered is this book isn’t a pure PowerShell book, but a book that covers the best of both worlds, the GUI (Graphical User Interface) and PowerShell.

I hadn’t previously used the Active Directory Administrative Center (ADAC) graphical user interface tool before starting to read this book. What I learned is that when using the ADAC GUI in Windows Server 2012, it shows the PowerShell command that will accomplish the same task. This feature alone is a learning mechanism in itself for anyone who is still using the GUI, but wants to learn PowerShell.

Thanks to this book, now I also know that what an ex-coworker of mine use to call “the OU’s without the picture of a ham sandwich in them” are containers and not organizational units. An OU is shown with a red box around it and a container is shown with a blue box around it in the image below:


There are some other great details about these containers covered in this book.

My favorite part of the first seven chapters in this book is Chapter 6, Section 3 “Managing the secure channel”. I’ve personally experienced this issue where the secure channel between a computer and domain controller in Active Directory becomes corrupt. Now I know that I can use PowerShell to test and repair the problem if necessary rather than having to resort to removing the computer from the domain and re-adding it which can be a time consuming process due to the restarts and the other problems that removing it and re-adding it back to the domain can create.

This is a great book for any Active Directory administrator regardless of what level you’re at in your career. Part one of this book which is what is currently available focuses on managing Active Directory Users and Computers to include Group Management, Organizational Units, and it touches on Group Policy. You’re taught how to accomplish each task that is covered using both graphical interface tools: Active Directory Users and Computer (ADUC) and Active Directory Administrative Center (ADAC). You’re also taught how to accomplish each of these tasks using PowerShell. I would have no issue turning this book over to my junior level administrators who often visit me when permissions need to be changed or added in Active Directory since this book covers concepts such as using AGDLP. The book doesn’t use that acronym, but it covers the concept well.

Interested in purchasing this book? Through February 26th, receive 50% off Learn Active Directory Management in a Month of Lunches with promo code: learnadmau