Powershell

20K

Solutions

8K

Contributors

Windows PowerShell is a task automation and configuration management framework from Microsoft, consisting of a command-line shell and associated scripting language built on the .NET Framework. PowerShell provides full access to the Component Object Model (COM) and Windows Management Instrumentation (WMI), enabling administrators to perform administrative tasks on both local and remote Windows systems as well as WS-Management and Common Information Model (CIM) enabling management of remote Linux systems and network devices.

Share tech news, updates, or what's on your mind.

Sign up to Post

Via various tools, systems and automated alerts I generate thousands of emails per day. Using a common method to send these emails makes it easier to standardize these messages. One key feature of these email methods is stylized emails. This article shows how to use this library with Powershell.
0
Why Diversity in Tech Matters
LVL 19
Why Diversity in Tech Matters

Kesha Williams, certified professional and software developer, explores the imbalance of diversity in the world of technology -- especially when it comes to hiring women. She showcases ways she's making a difference through the Colors of STEM program.

How to list Disconnected Exchange Mailboxes
A quick way to list all disconnected Exchange mailboxes (disabled and softdeleted) sorted by database, via powershell
0
I had to put together a security group that conformed to Microsoft's requirements for Active Directory domain server use between an EC2 instance on AWS and domain servers in our private WAN. I was surprised there was no script for this and decided to put one together.
0
This article details my method of auditing computers by querying WMI class, serializing it to JSON and saving it is a central location, ready to be deserialized again and pulled into a report
4
LVL 13

Expert Comment

by:Senior IT System Engineer
Yes, I already have it on my workstation:

PS C:\> $PSVersionTable

Name                           Value
----                           -----
PSVersion                      5.1.17134.590
PSEdition                      Desktop
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}
BuildVersion                   10.0.17134.590
CLRVersion                     4.0.30319.42000
WSManStackVersion              3.0
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1

Open in new window


is it because some of my Domain Controllers are on Windows Server 2012 R2?
0
LVL 56

Author Comment

by:Shaun Vermaak
It runs remotely so you need PS 5 on DC
1
Distribution List's Last Usage Time Stamp
In an exchange messaging organizations there is always a need for having a way to report on the Distribution Group Infrastructure's usage (at least based on my experience).
0
The "Local Administrator Password Solution" (LAPS) provides a centralized storage of secrets/passwords in Active Directory (AD). On the other hand, KeePass is an open source password manager. This Powershell script generates a KeePass XML file from a LAPS enabled Active Directory, ready for import.
4
LVL 13

Expert Comment

by:Senior IT System Engineer
This is so cool.
Thank you for sharing this great script Shaun.
0
LVL 56

Author Comment

by:Shaun Vermaak
Thank you Senior IT System Engineer, appreciate the feedback!
1
Restore Exchange Mailbox
Restore Mailbox items in Exchange 2010 with Baditemlimit and Accept large Database parameter of New-MailboxRestoreRequest to move and fix corrupt mailbox items. Also, use an automated solution to Restore Exchange Mailbox of 2010 Environment to another Exchange environment.
0
export exchange mailbox to pst 2013
Looking for a solution to export mailbox to PST in Exchange 2016, 2013 in Bulk? Then, try both manual, PowerShell Commands, and an automated Exchange Export Tool to migrate Exchange mailboxes to Outlook PST in Batch.
0
Export Exchange Calendar to PST
Export Calendar to PST From Exchange 2016, 2013, 2010 to Move Specific Appointment and meeting details with Date Range Command to extract details only from Live Exchange Environment. Also, Export Exchange Calendar to PST using Powershell Command and Exchange Admin Center.
0
This article documents the process of assigning different password policies based on user account password strength. The result of this script is that all the users that are using weak passwords are forced to have a password policy on them that allows their passwords to be valid for fewer days.
6
LVL 13

Expert Comment

by:Senior IT System Engineer
Hi Shaun,

Can the DSInternals module be installed in another computer without RSAT installed?
Because I wanted to run the scheduled task for this report to send out email alert, not from the Domain Controller.
0
LVL 56

Author Comment

by:Shaun Vermaak
Yes, it can :)

Just remember that you do not need DA. Configure an account with replicate directory access an use that in your scheduled task
0
Expert Spotlight: Joe Anderson (DatabaseMX)
LVL 19
Expert Spotlight: Joe Anderson (DatabaseMX)

We’ve posted a new Expert Spotlight!  Joe Anderson (DatabaseMX) has been on Experts Exchange since 2006. Learn more about this database architect, guitar aficionado, and Microsoft MVP.

Archiving data from file servers is essential in preventing stale data from clogging up space and old folders overcomplicating the structure.
0
This article shows a process of synchronizing password from on Active Directory domain to another, even if in another forest
7
LVL 6

Expert Comment

by:Vikas Bhat
Thankyou so much. I will give this a try. Meanwhile I also made sure that the users exists on both side.
0
LVL 6

Expert Comment

by:Vikas Bhat
Hello Shaun. Thankyou for all your help. After testing I finally found that the script was working properly and also handling the
if ($Null -ne $domain1User -and $Null -ne $domain2User) but it didn't clear the old values of $domain1User and $domain2User in the for loop.

I have now corrected it by adding below in the for loop.
    $domain1User = $Null
    $domain2User = $Null

Below is the updated script that works properly now even when users are not present on both sides.

Install-Module -Name DSInternals -Confirm:$false -Force

# Create your credentials with these commands
# $credential = Get-Credential;
# $credential | Export-CliXml -Path 'C:\Temp\cred.xml';

# Configure Domain 1
$domain1NetBIOS                     = 'Domain1';
$domain1FQDN                        = 'Domain1.com';
$domain1DN                          = 'DC=Domain1,DC=com';
$domain1Credential                  = Import-CliXml -Path 'C:\Temp\Domain1.xml';
$domain1Hashes                      = Get-ADReplAccount -All -NamingContext $domain1DN -Server $domain1FQDN -Credential $domain1Credential;

# Configure Domain 2
$domain2NetBIOS                     = 'Domain2';
# $domain2FQDN                        = 'Domain2.com';  
$domain2DN                          = 'DC=Domain2,DC=com';
$domain2Credential                  = Import-CliXml -Path 'C:\Temp\Domain2.xml';
$domain2Hashes                      = Get-ADReplAccount -All -NamingContext $domain2DN -Server $domain2FQDN -Credential $domain2Credential;

# The group of users to sync passwords for
$syncGroup                          = 'SG-PasswordSync';

# Loop through these users
$users = Get-ADGroupMember $syncGroup -server $domain1FQDN -Credential $domain1Credential;
foreach ($user in $users)
{	
	$domain1User = $Null
    $domain2User = $Null
    # Get user object in both domain 1 and 2
    $domain1User = Get-ADUser -Identity $user.SamAccountName -Properties "pwdLastSet" -Server $domain1FQDN -Credential $domain1Credential;
    $domain2User = Get-ADUser -Identity $user.SamAccountName -Properties "pwdLastSet" -Server $domain2FQDN -Credential $domain2Credential;

    # Only continue if both users exists
    if ($Null -ne $domain1User -and $Null -ne $domain2User)
    {
        # Get the current user's hashes in both domain 1 and 2
        $currentDomain1UserHash = $domain1Hashes | Where-Object {$_.saMAccountName -eq $user.SamAccountName};
        $currentDomain2UserHash = $domain2Hashes | Where-Object {$_.saMAccountName -eq $user.SamAccountName};

        # Get the current user's NT Hash in both domain 1 and 2
        $currentDomain1UserNTHash = ([System.BitConverter]::ToString($currentDomain1UserHash.NTHash) -replace '-','').ToLower();
        $currentDomain2UserNTHash = ([System.BitConverter]::ToString($currentDomain2UserHash.NTHash) -replace '-','').ToLower();

        # Check if hashes are different AKA the account password is out-of-sync
        if ($currentDomain1UserNTHash -ne $currentDomain2UserNTHash)
        {
            # Get user object in both domain 1 and 2
            $domain1User = Get-ADUser -Identity $user.SamAccountName -Properties "pwdLastSet" -Server $domain1FQDN -Credential $domain1Credential;
            $domain2User = Get-ADUser -Identity $user.SamAccountName -Properties "pwdLastSet" -Server $domain2FQDN -Credential $domain2Credential;

            # Domain 1 password is more recent
            if ($domain1User.pwdLastSet -gt $domain2User.pwdLastSet)
            {
                Write-Host "Sync user '$($user.SamAccountName)' password from domain 1 to domain 2";
                Set-SamAccountPasswordHash -SamAccountName $user.SamAccountName -Domain $domain2NetBIOS -NTHash $currentDomain1UserNTHash -Server $domain2FQDN -Credential $domain2Credential;
            }
            # Domain 2 password is more recent
            elseif ($domain2User.pwdLastSet -gt $domain1User.pwdLastSet)
            {
                Write-Host "Sync user '$($user.SamAccountName)' password from domain 2 to domain 1";
                Set-SamAccountPasswordHash -SamAccountName $user.SamAccountName -Domain $domain1NetBIOS -NTHash $currentDomain2UserNTHash -Server $domain1FQDN -Credential $domain1Credential;
            }
        }
        else
        {
            Write-Host "User '$($user.SamAccountName)' passwords are the same, no need to sync";
        }
    }
}

Open in new window

1
Starting with Windows 2012 change for network interfaces (adding, replacing, ...) requires to uninstall and reinstall RRAS to apply those changes - purging the current RRAS setup. The following script shows how to add new interfaces without having to reinstall RRAS.
1
PowerShell Commands to Restore Exchange 2007 Mailbox -
The most critical task of Exchange Administrators is to prepare for situations where the unprecedented failure of database impacts the accessibility and reliability of Exchange database. These preparations should include pre-defined responses to unexpected failures and service disruptions.
0
Streamlining User Account Off-boarding - Powershell (AD, Exchange, Helpdesk Ticket) -
We are working on a streamlining our off-boarding and on-boarding process. With this, comes account management. Our problem is that we have multiple different accounts with different vendors and accounts were being left stale.
1
Recover Exchange Database
Recover Deleted Emails from Exchange 2016/13/10/07 version via a Powershell command. Use Search-Mailbox to search and retrieve emails from the target folder with the date and string filter.
0
Recover Exchange Mailbox
Now Preview Exchange Mailbox size and Change Database File size with Powershell commands. Follow Commands in Exchange Management Shell Items Counts, Storage quotas. GUI Exchange Admin Center / Control Panel can be used do Change Exchange mailboxes size.
0
Repair Exchange Database
Check Mailbox Corruption in Exchange for the proper working of Exchange Server. Use IsInteg Or New-MailboxRepairRequest for regular health auditing and to check Integrity of Exchange Database(.edb) file. Repair corruption in EDB file via Eseutil Powershell commands in MS Exchange 2013/10/07 versions
2
Connect Multiple vCenters together with PowerCLI with secure password as String
This article is divided into two sections. 1) First describes how you can connect to server / service / device with Username and secure password in powershell. 2) Second part is to use secure credentials and connect to vCenters which are in Linked Mode or isolated environment.
0
Become a Certified Penetration Testing Engineer
LVL 19
Become a Certified Penetration Testing Engineer

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

What is Archiving? Archiving in Exchange Online (called In-Place Archiving) provides users with additional mailbox storage space.
0
WAP (Web Application Proxy) provides reverse proxy functionality for web applications in the corporate network which allows users on most devices to access internal web applications from external networks.
0
In migration, Powershell can be a very crucial tool to achieve success and finalize projects within deadline or even fix issues. X500 or Legacy Exchange DN Attribute can cause lots of issue during the migration
1
In a Cross Forest, the steps to migrate users are quite complicated and even in the official articles of Technet there is no clear recommendation on which approach to take .. From an experience, I mention and simplify which way to go and how to use Powershell to make your life easy in such projects.
1
Excel allows various different methods to link Excel files to each other. This includes relative paths, mapped drives (or the local drive) and UNC paths. UNC paths are the least robust of the three.
2

Expert Comment

by:Fanie Prinsloo
Confirmed.  The process works like a dream and saved us days of work trying to update the links manually within the files
1
LVL 56

Author Comment

by:Shaun Vermaak
Thank you Fanie
0
In an Exchange Crossforest migration, the distribution groups can be a very complex operation that would cause loss of time, lots of issues and continued headaches if not solved in a timely manner. I had to do a similar project so I created a script to ease this process.
0

Powershell

20K

Solutions

8K

Contributors

Windows PowerShell is a task automation and configuration management framework from Microsoft, consisting of a command-line shell and associated scripting language built on the .NET Framework. PowerShell provides full access to the Component Object Model (COM) and Windows Management Instrumentation (WMI), enabling administrators to perform administrative tasks on both local and remote Windows systems as well as WS-Management and Common Information Model (CIM) enabling management of remote Linux systems and network devices.