﻿TOPIC
    about_DSInternals

SHORT DESCRIPTION
    The DSInternals PowerShell Module exposes several internal
	and undocumented features of Active Directory.

LONG DESCRIPTION
	
	LIST OF CMDLETS

	Offline operations with the Active Directory database

		Get-ADDBAccount
		---------------
		
		Reads one or more accounts from a ntds.dit file, including secret attributes.
		
		Enable-ADDBAccount
		------------------

		Enables an Active Directory account in an offline ntds.dit file.

		Disable-ADDBAccount
		-------------------

		Disables an Active Directory account in an offline ntds.dit file.

		Get-BootKey
		-----------
		
		Reads the BootKey/SysKey from an offline SYSTEM registry hive.

		Set-ADDBBootKey
		---------------

		Re-encrypts a ntds.dit with a new BootKey. Highly experimental!
		
		Get-ADDBBackupKey
		-----------------

		Reads the DPAPI backup keys from a ntds.dit file.

		Get-ADDBKdsRootKey
		------------------

		Reads KDS Root Keys from a ntds.dit. file. Can be used to aid DPAPI-NG decryption,
		e.g. SID-protected PFX files.
		
		Add-ADDBSidHistory
		------------------
		
		Adds one or more values to the sIDHistory attribute of an object in a ntds.dit file.
		
		Set-ADDBPrimaryGroup
		--------------------
		
		Modifies the primaryGroupId attribute of an object to a ntds.dit file.
		
		Get-ADDBDomainController
		------------------------
		
		Reads information about the originating DC from a ntds.dit file,
		including domain name, domain SID, DC name and DC site.
		
		Set-ADDBDomainController
		------------------------

		Writes information about the DC to a ntds.dit file,
		including the highest commited USN and database epoch.
		
		Get-ADDBSchemaAttribute
		-----------------------
		
		Reads AD schema from a ntds.dit file, including datatable column names.
		
		Remove-ADDBObject
		-----------------
		
		Physically removes specified object from a ntds.dit file,
		making it semantically inconsistent. Highly experimental!
	
	Online operations with Active Directory database
		
		Get-ADReplAccount
		-----------------
		
		Reads one or more accounts through the DRSR protocol, including secret attributes.

		Get-ADReplBackupKey
		-------------------
		
		Reads the DPAPI backup keys through the DRSR protocol.
		
		Set-SamAccountPasswordHash
		--------------------------
		
		Sets NT and LM hashes of an account through the SAMR protocol.

	Hash calculation
		
		ConvertTo-NTHash
		----------------
		
		Calculates NT hash of a given password.

		ConvertTo-NTHashDictionary
		--------------------------
		
		Creates a hash->password dictionary for use with the Test-PasswordQuality cmdlet.
		
		ConvertTo-LMHash
		----------------
		
		Calculates LM hash of a given password.
		
		ConvertTo-OrgIdHash
		-------------------
		
		Calculates OrgId hash of a given password. Used by Azure Active Directory Sync.

	Password decryption
		
		ConvertFrom-GPPrefPassword
		--------------------------
		
		Decodes a password from the format used by Group Policy Preferences.
		
		ConvertTo-GPPrefPassword
		------------------------
		
		Converts a password to the format used by Group Policy Preferences.
		
		ConvertFrom-UnattendXmlPassword
		-------------------------------

		Decodes a password from the format used in unattend.xml files.
		
		ConvertTo-UnicodePassword
		-------------------------

		Converts a password to the format used in unattend.xml or *.ldif files.

		ConvertFrom-ADManagedPasswordBlob
		---------------------------------

		Decodes the value of the msDS-ManagedPassword attribute of a Group Managed Service Account.

	Misc
		
		Test-PasswordQuality
		--------------------
		
		Performs AD audit, including checks for weak, duplicate, default and empty passwords.
		
		Save-DPAPIBlob
		--------------
		
		Saves the output of the Get-ADReplBackupKey and Get-ADDBBackupKey cmdlets to a file.

		Get-SamPasswordPolicy
		---------------------

		Queries Active Directory for the default password policy.

		ConvertTo-Hex
		-------------
		
		Helper cmdlet that converts binary input to hexadecimal string.

SEE ALSO
	about_ActiveDirectory