IT Administration





IT Administration is the processes and best practices for programming and development, and incorporates methodologies for managing activities and projects. Common methodologies include waterfall, prototyping, iterative and incremental development, spiral development, rapid application development, extreme programming and various types of agile methodology. The life-cycle "model" is a more general term for a category of methodologies, and a software development "process" a more specific term to refer to a specific process chosen by a specific organization.


I have been asked to evaluate/review approximately 150 servers on our network, ranging from Server 2008 to Server 2019 list in  a spreadsheet with very limited information.   Just primary roles. (e.g. DC, DNS, RODC, SCCM Distribution Point, File and Print server, etc.)   It also lists Hyper-V, Hyper-V on workstation, etc.  

I don't have the owner information so I can't reach out to each and ask "what is this and what's it for?  The objective is to go through this giant list and label each with a "priority #" to either decommission it, upgrade the existing OS, determining the utilization of each server, apps installed, roles installed, etc.   I then need to be able to share my findings with the rest of my team so we can then determine the effort necessary to migrate, upgrade or decommission the server(s) as we look forward to our newest 2016 functional level infrastructure.  Fro example, there are 14 RODCs at branch sites, but Sites and Services is not configured properly, so that could be a priority #1 (through 5) for us.   How do you experts approach these types of tasks and projects?   What do you break things down to and label it as to what should happen to each server and where it should reside, e..g Azure.

Thanks for any information you can provide.
Dear Experts

while implementing CRM/ERP what exactly meant by  software requirement specification( SRS), what is next step is it functional requirement design and then technical specification, can you please help to understand each of these and which comes first, thanks in advance.
Does someone have a policy statement or can direct me to one for Wifi.  My company has internal wi fit, staff that travels so airports, starbucks, bars (!).  What should be telling them.  So far, we have said avoid any wifi with no password protection is a no. I rush off the plane and check my email and before you know it, I have been on the airport wi fi (no password) for an hour.  Executives pay for access on the plane, is that safe?

I have a column that has listed all OUs of my company. I want to delete everything to the left of OU=Disabled. What excel function/code can i insert to make this happen? Ultimately i want it to look like the bottom 3.

Steve test2,OU=Disabled,OU=Users,OU=Contoso_Users_and_Groups,DC=Contoso,DC=net
Barreca - Consultant\,Sal,OU=Disabled,OU=Users,OU=Contoso_Users_and_Groups,DC=Contoso,DC=net

Open in new window

I am looking to create a script that will take all users from the disabled OU  and remove all AD group memberships minus domain users so that it doesnt throw an error.
Would this work?

$OUpath = "OU=Disabled,OU=Users,OU=Park_Users_and_Groups,DC=park,DC=net"
$disbaledUsers = Get-ADUser -Filter * -SearchBase $OUpath

foreach ($disableduser in $disabledusers)

Remove-ADGroupMember -Identity *


Open in new window

Trying to put together a script that i can run as a daily scheduled task to automate moving Disabled Objects in our OU to the disabled OU.  I put this together but its not working. Can you please help rewrite the script so that it makes sense.

$DisabledUsers = Get-ADUser -Filter * -Property Enabled | Where-Object {$_.Enabled -like “false”}

$DisabledUsers |
Select-Object SamAccountName |
Get-ADUser |
Move-ADObject -TargetPath $TargetOU

Open in new window

I have created a Powershell Script that will search for all Account Managers in our company and then adds then to particular Security Group.

Get-ADUser -Filter {description -eq 'ACCTMGR - Account Manager' -and Enabled -eq $True} | export-csv c:\active_account_managers.csv
Import-CSV c:\active_account_managers.csv -Header SamAccountName | ForEach-Object {Add-AdGroupMember -Identity "Powerbi_All_AM" -members $_.SamAccountName}

Open in new window

How can i then add a line of code to this script that will go out and search ALL account managers who are no longer Active and remove them from the group "Powerbi_All_AM"?

Maybe doing something like this...

#This will both add users who are newly onboarded account managers and remove any that have been offboarded i think
Get-ADUser -Filter {description -eq 'ACCTMGR - Account Manager' -and Enabled -eq $True} | export-csv c:\active_AMs.csv
Import-CSV c:\active_AMs.csv -Header SamAccountName | ForEach-Object {Add-AdGroupMember -Identity "Powerbi_All_DM" -members $_.SamAccountName}

Get-ADUser -Filter {description -eq 'ACCTMGR - Account Manager' -and Enabled -eq $False} | export-csv c:\offboarded_account_managers.csv
Import-CSV C:\offboarded_account_managers.csv -Header SamAccountName | ForEach-Object {Remove-AdGroupMember -Identity "Powerbi_All_AM" -members $_.SamAccountName}

Open in new window

Would that work? And is spaces between both lines of code ok or do they all need to be under each other?
I am trying to put together a PS script that will search my entire user database and find all users who's description match this exactly "ACCTMGR - Account Manager" but filter out all Users who's Enabled Property is True. In other words only search users who are active and not disabled.

I have tried the following script but something is wrong with it. Can anyone help me fix it please.
Get-ADUser -Filter {description -like 'ACCTMGR - Account Manager'} | Where-Object {$_.Enabled -eq True}

Open in new window

Then ultimately i want to take all of these users "Account Managers" and add them a Distribution List
I have a SQL 2014 server that I am trying to configure to send mail via O365.  We just recently moved from an on-prem Exchange 2010 server to O365, and was able to easily send email from SQL2014.  However, now I am unable to send any mail via O365 even though I have all the correct O365 user profile settings.  O365 support indicated the issue pertains to a SQL permissions issue of which I have not been able to locate.

I setup the SQL Mail Profile as follows:

SQL 2014 DB Mail Profile Config  

When I try and send a test email I see the following failure message in DB mail log file:

 SQL 2014 DB Log Failure Message
Hi Experts,

My PC (Win7. Pro) is running very slow at start, it could take up to 15 minutes to have it up and running after I shutdown.
I have checked memory and CPU usage while its restarting and don't see that high numbers, not sure what is causing such,,,
See attached.

For IT audit purposes, what are some of the questions that an auditor should ask
during the audit interview especially for Cyber, IT Infra, End-user computing  audit?

What are some of the open-ended question like "Can you describe your
network architecture", "what's your patch procedure/policy like", "what are
your perimeter & endpoint defenses" ...  <pls add on>.

Presume auditors should start with such open questions first before going
into more targetted questions?

What are some of the more targetted questions?  
Eg: "how long is your backup retention for DB,  logs, ...", "share some of
      the recent patch logs", ...<pls add on> ...
Referring to attached response from MS which says we need to buy Azure licences for
each user that uses inTune.  However, as we're on O365 E3 subscription, isn't inTune
a free bundle (which an MS reseller earlier advised is bundled free) as shown below:

We have presented to the board that we're remediating an audit finding
for remote wiping of mobile phones using iTunes but at this late stage, the
reseller quoted the attached from MS.

On the other hand, link below indicates inTune is being deprecated or I
read it wrongly?
I have a CSV File or Text File for 100s of Users in my environment. I would like to develop a script that would take each UPN on that column and give me back the data in the Attribute "Description" of that object which is where we put the users Title. Can anyone help?

$Users = Get-Content C:\users_upn.txt >>>>Give me back the data in the attribute field " Description" for each user. Write that data to a text or csv file.

I have a list of users but want to add their Titles to that spreadsheet and that data is stored in the "Description" attribute field.

Powershell Script Request. - Bulk Enable Archival (Office 365)

Im trying to setup a script that will do a fore each loop that will take CSV file that has a heading of UserPrincipalName of a list of 100s of F1 Licensed Users. i am trying to enable archival for all those users listed. I tried to get this started. I know that the command to enable archival is the following:

 Enable-Mailbox -Identity $usernames -Archive

So i started by trying to put the scrip together myself but i am kindve stuck. Not sure how to pass the object.

$usernames = Import- csv .... $_.UserPrincipalName

 foreach ($username in $usernames) {
   Enable-Mailbox -Identity $usernames -Archive

Now I'm not 100% sure here that  -identity even takes the UPN, will have to research that. can anyone help?
Let me start by saying we are a hybrid environment and i have been tasked with opening new sites for my company in SharePoint. I am fairly new to sharepoint. I have had no issues following the company SOP for creating new sites on our sharepoint environment for 8 months now without having any issues. All the sudden in the last few sites ive created i have had errors popping up that i have no idea how to fix. I believe we are on Sharepoint Online 2016 but not certain. Please see attached errors. I have tried to recreate several times. I believe this site/page was created before but then closed. I think i have to completely delete the old site but i dont even know how to do that. I went to the provisioning page and thought i deleted the old site then tried to recreate it but still errors out. Can i have help please. I tried using powershell but i think i need the right module loaded to access sharepoint online but was unsuccessful to loading the modules to run (Remove-SPSite -Identity) but get The term 'Remove-SPSite' is not recognized as the name of a cmdlet. Any help would be greatly appreciated.

Is there a way to change this local admin script so that the password is not in clear text but rather a hash or more secure? So for Example if my default local admin password is Welcome1$ and i want to keep it that way but yet not show this in clear text how can i alter this script to change that? I am planning on pushing this script via Intune to all my newly enrolled machines.

$Username = "Admin"
$Password = 'Welcome1'

$group = "Administrators"

$adsi = [ADSI]"WinNT://$env:COMPUTERNAME"
$existing = $adsi.Children | where {$_.SchemaClassName -eq 'user' -and $_.Name -eq $Username }

if ($existing -eq $null) {

    Write-Host "Creating new local user $Username."
    & NET USER $Username $Password /add /y /expires:never
    Write-Host "Adding local user $Username to $group."
    & NET LOCALGROUP $group $Username /add

else {
    Write-Host "Setting password for existing local user $Username."

Write-Host "Ensuring password for $Username never expires."
& WMIC USERACCOUNT WHERE "Domain='$env:ComputerName'AND Name='$usr'" SET PasswordExpires=FALSE

Open in new window

Dear Experts
We are evaluating CCTV surveillance system appox 25 to 30 cameras which should store 03 months of recording hence NVR hard disk capacity we have sized 6 TB.  We have connected this location over MPLS link to the Head office hence we are thinking to look for solution but not sure at camera side or NVR side the recording to happen parallel to NVR and also to NAS device and this NAS device will replicate to another identical NAS device over MPLS link at head office
1.Please help is there any specific type of cameras OR NVR we should consider so that at the same time two places the recording is done one at NVR disks this is going to rotate once in month hence at any given time only last 30 days recording is available.
2.Also simultaneous recording in additional to NVR to store to NAS box for example synology NAS box ( one at site and another one in head office every day replication scheduled to head office)
I have a VPN file that was created by our former IT group and I have no idea how. Its a windows based VPN. We recently implemented Intune in our environment and I am trying to set it up so that it installs the EXE as part of the base software configuration. Problem is i dont know the silent switch. I have tried the a few like .exe /Silent. I have attached the results of TP-VPN.exe /?. Is there a way i can find the silent switch of the VPN or create a powershell script that will just run the VPN even if its not silent. I just need it to install. If i just run the executable the first thing that pops up is a message stating " Do you wish to install Contonso VPN? Wondering how i can bypass that message. If i extract the contents of the exe. I see an executable named cmstp.exe. There also config files that might be able to examine.



I know spicework HelpDesk is free (local version not-cloud), but there is a paid option.  What do I get if I pay for Spiceworks? (more features, like reportings, etc.?)
Recently I posted a question on how to edit the following set of Attributes in AD for bulk users. I was given the following PS Script.

Import-Csv -Path C:\Temp\Attributes.csv | ForEach-Object {
	$user = Get-ADUser -Filter "mail -eq '$($_.mail)'"
	Set-Aduser -Identity $user -Replace @{ 
    extensionAttribute1 = $_.extensionAttribute1
    extensionAttribute2 = $_.extensionAttribute2

Open in new window

It was working but i was trying to tweak it to be able to edit ExtensionAttributes 1-10. And now its no longer working. Its giving me an error.

Get-ADUser : The search filter cannot be recognized
At C:\Users\1083786\OneDrive - Contoso\IT - Powershell\Attribute 
Changer for Group of Users by Email.ps1:2 char:10
+     $user = Get-ADUser -Filter "mail -eq '$($_.mail)'"
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Get-ADUser], ADException
    + FullyQualifiedErrorId : ActiveDirectoryServer:8254,Microsoft.ActiveDirec 
Set-Aduser : replace
At C:\Users\1083786\OneDrive - Contoso Ltd\IT - Powershell\Attribute 
Changer for Group of Users by Email.ps1:3 char:2
+     Set-Aduser -Identity $user -Replace @{
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (CN=Perez\, Isai...ownepark,DC 
   =net:ADUser) [Set-ADUser], ADInvalidOperationException
    + FullyQualifiedErrorId : ActiveDirectoryServer:0,Microsoft.ActiveDirector 

Open in new window

Does anyone know what I am doing wrong? What we are trying to do is import a CSV file that has the following headers:

Mail > ExtensionAttributes1-9

Can someone help me fix this script so that i am able to bulk edit these specific AD Attributes for a Bulk Amount of Users please.
Dear Experts
We have implemented CRM application( web based ).  our customer will login to this and this application for reports and analytics. our customer is in a different country hence they want the news/update on certain products that is in our country, they have asked to provide the solution for them. Our CRM developer says he can integrate certain news channels so that customer can login to CRM and see the news updates, As an IT security point of view I have asked which all websites but he is not sure at the moment which all websites will have to integrate ,
1.      I have informed them we may have to look for different solution instead of CRM application for this until technical approach or detailed tech specs are shared with me. However would like understand is it a right way, is the CRM application using for this is it as right tool
2.       instead should we have to develop a portal and store all the details and share the portal to them.
3.      As CRM has sensitive data integration with new sites will it be recommended , when it comes to integration please suggest the measures to be taken
4.      What solution we need to go for news capturing and store it and share it with customer please suggest .
please help with above , thanks in adance.
I tried earlier to get the needed information on this at:
I didn't quite get what I needed and had to press on.
I now have a couple of IT folks who are set up as Account Operators at least.
But this isn't adequate for them to get the Windows Firewall Rules set up on a new computer.
I've only been able to do that as a Domain Admin - which I don't want to do and don't want THEM to do.

What minimum Membership (or other settings or privileges) do I need to give them to be able to adjust the firewall (and other things in setting up a new workstation?).
Dear Experts
Servers having two PDU's and each power units connected to separate UPS if one UPS goes down server hardware will continue to work with other UPS, have following doubts
Does server hardware consumes power from both the PDU’s all the time equally OR  is there a concept that one PDU will be primary and if this goes down only then secondary PDU becomes active and this will keep the server running. please help me understand. Thanks in advance.
How can we apply ICP Filing for a Chinese Web-site?

For one given web-site, how can we check/validate if it is having ICP Filing or not?
Question regarding gathering hardware ID. I was told that during the setup process of a new machine you can click on Shift F10 on the Regions page to get to the cmd prompt. Once there I typed the command powershell to run that and then set the proper execution policy. Once I get to the point that I install the WindowsAutoPilotInfo Script and run the Get-WindowsAutoPilotInfo.PS1 -OutputFile AutoPilotHWID.CSV I am wondering how do i extract that CSV File from the machine if its still in the middle of setup and i do not at that point have access to windows explorer. I tried to do the following but got credentials errors.
Get-WindowsAutoPilotInfo.PS1 -OutputFile \\ComputerName\HWID\AutoPilotHWID.CSV 

Open in new window

How can i use the -outputfile switch to put the file on a remote machine? On the remote machine I created a folder in the root of C and shared it. Also gave everyone full access to that folder.

IT Administration





IT Administration is the processes and best practices for programming and development, and incorporates methodologies for managing activities and projects. Common methodologies include waterfall, prototyping, iterative and incremental development, spiral development, rapid application development, extreme programming and various types of agile methodology. The life-cycle "model" is a more general term for a category of methodologies, and a software development "process" a more specific term to refer to a specific process chosen by a specific organization.