locked
Unable to run Powershell scripts on AD DC Server 2008 R2 RRS feed

  • Question

  • I have been troubleshooting a problem with being unable to load the Active Directory module in Powershell on a Server 2008 R2 SP2 (x64) that is also an active directory domain controller.

    So far I am reading I must have Active Directory Web Services running to run Powershell scripts. The ADWS service is not installed. The server was promoted using DCPromo.exe and has the following roles: Schema, Naming Master, PDC, RID and Infrastructure.

    Additional reading indicates I should install Active Directory Management Gateway Service. When I try to install this download, it fails, and my research indicates the problem is .NET Framework 3.5 SP1 needs a hot fix roll up applied first.

    However, MS does not make this update rollup readily available. So now I am stuck as to what to do at this point.

    Any suggestions as to a resolution greatly appreciated.


    Tuesday, July 14, 2015 11:52 AM

All replies

  • Hi,

    Windows Server 2008 R2 domain controllers have a built-in service called the Active Directory Web Services. And Active Directory Management Gateway Service is the implementation of that service that can be installed on Windows Server 2003 and Windows Server 2008.

    May I know when you try to import the AD module, did you run the powershell as Administrator?

    Also, what error messaage you got when you failed to import the module?

    Looking farward to your feedback.

    Best Regards,

    Elaine


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, July 16, 2015 9:36 AM
  • Hello,

    First my apologies because this server is on a stand alone network not connected to the internet so I have to hand transcribe information from it.

    I did try to run the script as an administrator and it still fails. I also can run this same script (query of users that have not logged on over 30 days) on a Server 2003 AD DC with no issues.

    The error messages returned are as follows:

    <===========

    Import-Module: The specified module 'Active Directory' was not loaded because no valid module file was found in any module directory

    Get-ADDomainController: The term 'Get-ADDomainController is not recognized as the name of a cmdlet, function, script file or operable program

    Get-ADUser: The term 'Get-ADUser' is not recognized as the name of a cmdlet, function, script file or operable program

    ============>

    Thank you for your assistance with this very much.

    Thursday, July 16, 2015 1:49 PM
  • Hi,

    Would you please check what's the output when you run Get-Module –ListAvailable on your powershell?

    Best Regards,

    Elaine


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, July 27, 2015 8:10 AM
  • Hello,

    This server is not direct connected to the internet so I have to transfer by hand the output (we also cannot run thumb drives on it). The output of Get-Module -ListAvailable:

    ====================

    Directory: C:\Windows\system32\WindowsPowerShell\v1.0\Modules

    Manifest    BitsTransfer
    Manifest    CIMCmdlets
    Script    ISE
    Manifest    Microsoft.Powershell.Diagnostics
    Manifest    Microsoft.Powershell.Host
    Manifest    Microsoft.Powershell.Management
    Manifest    Microsoft.Powershell.Security
    Manifest    Microsoft.Powershell.Utility
    Manifest    Microsoft.WSman.Management
    Script    PSDiagnostics
    Binary    PSScheduledJob
    Manifest    PSWorkflow
    Manifest    PSWorkflowUtility

    Directory:  U:\Program files\Modules

    Manifest    BEMCLI

    Directory:  U:\Program files\Modules\Powershell3

    Manifest    BEMCLI
    Manifest    BEMCLI

    =========================

    Thanks for your help.

    Monday, July 27, 2015 6:09 PM
  • Hi,

    Thanks for your feedback. From the above output,I can't see the Active Directory module in the avaliable modules.

    Normally, Windows Server 2008 R2 automatically installs the Active Directory Module for Windows PowerShell and Active Directory Administrative Center when you add the Active Directory Domain Services (AD DS) or Active Directory Lightweight Directory Services (AD LDS) role. When you promote the server to an AD DS domain controller or create an AD LDS instance, the system then installs and activates Active Directory Web Services, which is everything you need to manage Active Directory using Windows PowerShell on that computer.

    Would you please help to confirm that the server installed the Active Directory Domain Services ( ADDS) successfully? And also please check the below path if the Active directory folder exists:

    %Windir%\System32\WindowsPowerShell\v1.0\Modules

    Best Regards,

    Elaine


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, July 28, 2015 2:20 AM
  • Hi there,

    Active Directory Domain Services shows as a running service. Is that sufficient to determine it is installed correctly? The server has the following roles: Schema, Naming Master, PDC, RID and Infrastructure. It is properly synchronizing with another Windows 2003 AD DC on our network.

    The folder C:\Windows\System32\WindowsPowerShell\v1.0\Modules does exist but does not contain an ActiveDirectory folder, only the same shown when showing Get-Module -ListAvailable.

    Thank you again for your help.

    Tuesday, July 28, 2015 10:42 AM
  • Hi,

    Would you please check if the Active directory Web service also running well on your DC? If the service is running well, you should be ready to install the AD PowerShell module. 

    Besides, you can also go to the Administrative Tools and check if the ''Active Directory Module for Windows PowerShell'' exist. If so, you can right click it and run as administrator.

    Best Regards,

    Elaine


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, July 29, 2015 9:19 AM
  • Hello,

    I am unable to see Active Directory Web Services on this particular server, and that was one of the error log outputs from a Powershell script we tried to run that called the Active Directory module.

    I'm not sure why Active Directory Web Services did not install when the server was promoted to DC using dcpromo.exe, because all documentation indicates it should have.

    It has both .Net Framework 3.5 SP1 and .Net Framework 4.5

    I also installed Remote Administration tools hoping that might activate something, but no such luck.

    Also I did not see any option under Administrative Tools to activate the Active Directory Module for Windows Powershell.

    Any thoughts as to what I'm missing?

    Thank you.

    Wednesday, July 29, 2015 11:14 AM
  • Additional update:

    This server shows both .Net Framework 3.5 SP1 and .Net Framework 4.5 installed under Control Panel > Programs and Features but if you open Server Manager, only .Net Framework 3.0 shows installed under Installed Features.

    This is odd, because it appears the Server Manager is not recognizing the fact a version of .Net Framework is installed which is required to run Active Directory Web Services.

    Any idea how to make Server Manager recognize .Net Framework 3.5 SP1?

    Thursday, July 30, 2015 11:17 AM