Adsi » Tag » www.kreslavsky.com

Rename all Domain Local Administrator Username Via Script

Posted on March 20th, 2009 in Active Directory, Microsoft, Scripts, Server 2008, Vista by Gil Kreslavsky

Use this PowerShell script to rename Local Administrator Account on a list of remote machines.

#$erroractionpreference = “SilentlyContinue”
$a = New-Object -comobject Excel.Application
$a.visible = $True
$b = $a.Workbooks.Add()
$c = $b.Worksheets.Item(1)
$c.Cells.Item(1,1) = “Machine Name”
$c.Cells.Item(1,2) = “Account Renamed”
$c.Cells.Item(1,3) = “Report Time Stamp”
$d = $c.UsedRange
$d.Interior.ColorIndex = 19
$d.Font.ColorIndex = 11
$d.Font.Bold = $True
$intRow = 2
foreach ($strComputer in get-content C:\MachineList.Txt)
{
$c.Cells.Item($intRow,1) = $strComputer.ToUpper()
# Using .NET method to ping test the servers
$ping = new-object System.Net.NetworkInformation.Ping
$Reply = $ping.send($strComputer)
if($Reply.status -eq “success”)
{
$admin=[adsi](“WinNT://” + $strComputer + “/administrator, user”)
#This is the one line change
$admin.psbase.rename(“whatever”)
$pwage = $admin.passwordage
If($pwage -ne $null)
{
$c.Cells.Item($intRow,2).Interior.ColorIndex = 4
$c.Cells.Item($intRow,2) = “Yes”
}
Else
{
$c.Cells.Item($intRow,2).Interior.ColorIndex = 3
$c.Cells.Item($intRow,2) = “No”
}
}
Else
{
$c.Cells.Item($intRow,2).Interior.ColorIndex = 3
$c.Cells.Item($intRow,2) = “Not Pingable”
}
$c.Cells.Item($intRow,3) = Get-Date
$Reply = “”
$pwage = “”
$intRow = $intRow + 1
}
$d.EntireColumn.AutoFit()
cls

Source:http://myitforum.com/cs2/blogs/yli628/

Leave a comment... (2)

Find user group membership Powershell script

Posted on March 20th, 2009 in Active Directory, Microsoft, Scripts, Server 2008, Vista, Windows 7 by Gil Kreslavsky

Use this script to check user group membership in Windows Domain Active Directory

$root=([adsi]“”).distinguishedName
$ou=[adsi](“LDAP://ou=x,ou=y,ou=z,”+$root)

# fill with user CN “Common Name”
$user=$ou.psbase.children.find(“cn=tartetCN “)
$groups = $user.memberof
foreach($group in $groups)
{
$strGroup = $group.split(‘,’)[0]
$strGroup = $strGroup.split(‘=’)[1]
$strGroup
}

Leave a comment... (0)

MMC Shortcuts – Management Tools

Posted on January 29th, 2009 in Microsoft, Server 2003, Server 2008, Vista, Windows XP by Gil Kreslavsky

adsiedit.msc ADSI Edit
sidewalk.msc SID Security Manager
certmgr.msc Certificates
ciadv.msc Indexing Service
compmgmt.msc Computer Management
devmgmt.msc Device Manager
dfrg.msc Disk Defragmenter
diskmgmt.msc Disk Management
eventvwr.msc Event Viewer
fsmgmt.msc Shared Folders
gpedit.msc Group Policy
lusrmgr.msc Local Users and Groups
ntmsmgr.msc Removable Storage
ntmsoprq.msc Removable Storage Operator Requests
perfmon.msc Performance
rsop.msc Resultant Set of Policy
secpol.msc Local Security Settings
services.msc Services
wmimgmt.msc Windows Management Infrastructure (WMI)
comexp.msc Component Services

Leave a comment... (0)

Add custom field to ADUC- Employee ID

Posted on November 23rd, 2008 in Active Directory, Microsoft by Gil Kreslavsky

How to add Employee ID to Active Directory Users and Computers

1. Open ADSI Edit
2. Expand the CN=Configuration node and go to CN=DisplaySpecifiers, CN=409. Select the 409 node in the left hand pane.
3.In the right-hand pane, select the CN=user-Display object. Right click and select Properties.
4.Select the adminContextMenu attribute and click Edit.
5. We now need to add the value that will be used to create the additional menu item and direct it to the employeeID.vbs script. The syntax is very important. Be sure to include the comma at the beginning and after the menu name (Employee-ID). Add the following syntax to the Value to Add: line:
,&Employee-ID,\\servername\sharename\employeeID.vbs (your VBS file must be stored on shared location in order to allow all domain controllers to access it)
6.Change the servername and sharename items to reflect your current environment and then click Add.
7.Click OK to accept the changes and close ADSI Edit.
8.Allow some time for replication to populate the changes throughout the directory.
9.Open ADUC and select a user. Right click on the user and notice the new menu item now available.
10. Select Employee-ID to launch the script from within the ADUC. From here we can either enter a new value for the employeeID attribute for the user or hit Cancel to leave the current value intact. (Note: If no value is present in the field, then the attribute value is empty for that user.)

VBSscript – just copy and paste in notepad, than save as employeeID.vbs and copy to shared folder.

Dim objEmployeeID
Dim objSelectedUser
Dim strNewEmployeeID
Set objEmployeeID = Wscript.Arguments
Set objSelectedUser = GetObject(objEmployeeID(0))
strNewEmployeeID = InputBox(“Employee ID: ” & objSelectedUser.employeeID & vbCRLF _
& vbCRLF _
& “To enter a new Employee ID number,” _
& ” type it into the text box” _
& ” below and click OK.”)
if strNewEmployeeID <> “” Then
objSelectedUser.Put “employeeID”,strNewEmployeeID
end if
objSelectedUser.SetInfo
WScript.Quit
When you right click on user in ADUC you will see new field (EmployeeID)

Leave a comment... (12)

Exchange 2003 Event log ID:8206 with 0×80150856 Error

Posted on July 9th, 2008 in Excahnge 2003, Microsoft, Outlook 2002 XP, Outlook 2003 by Gil Kreslavsky

It happens after SP 2 Installation.
Users started to receive meetings directly to their calendars without accepting .
I used Microsoft ExBPA in order to see if there is any problem and discovered that The site-wide public folder database for administrative group ‘Group Name’ has been deleted. .
And followed MS Instruction on how to recreate folder back.

Open an Active Directory editor, such as ADSI Edit.
Locate the public folder information store you want to designate as the Site Folder Server, by expanding the following nodes in the Configuration container:CN=Configuration,DC=<DomainName>,DC=com, CN=Services, CN=Microsoft Exchange, CN=<OrganizationName>, CN=Administrative Groups, CN=<AdministrativeGroupName> CN=Servers, CN=<ServerName>, CN=InformationStore, CN=<StorageGroupName>
Locate the public folder information store you want to designate as the Site Folder Server, by expanding the following nodes in the Configuration container:
In the right pane, right-click CN=<PublicFolderStoreName>, and then click Properties.
In the Attributes field, scroll down and select the distinguishedName attribute.
Click Edit, and then copy the entire attribute to the Clipboard.Expand the Configuration container, and then expand CN=Configuration,CN=<DomainName>,CN=com, CN=Services, CN=Microsoft Exchange, CN=<OrganizationName>, CN=Administrative Groups
Right-click the administrative group you want to modify, and then click Properties.
In the Attributes field, scroll down and select the siteFolderServer attribute.
Click Edit, and then paste the value for the distinguishedName attribute into the Value field.
Double-check the contents of the Value field to ensure the paste was performed correctly, and then click OK to save the change.
Click OK to close the Administrative Group properties.
Exit the Active Directory editor and restart the Microsoft Exchange Server Information Store service on all Exchange Server computers in the site for the change to take effect.

The full article http://technet.microsoft.com/en-us/library/aa996485.aspx

Additional resources:

http://support.microsoft.com/kb/943721

Leave a comment... (0)

www.kreslavsky.com

Categories

I Like

Recent Comments

Archives