Alan's Blog

"Yeah. I wrote a script that will do that."

Test Replication – A PowerShell Wrapper for RepAdmin

Posted on December 10th, 2016

Repadmin is a standard tool in an AD admins toolbox, and “showrepl” display the status of replication in your domain. The results of this command are quite verbose, and can make your eyes glaze over in late night troubleshooting.  You can  A number of people have noticed that you can pipe RepAdmin CSV output to the ConvertFrom-CSV cmdlet in PowerShell. I wanted a little more than what others had done. The script below is my effort.  I (naturally) requires repadmin and the Out-Gridview cmdlet.

Tags: , ,
Filed under Active Directory, PowerShell, Scripting, Windows Administration | No Comments »

Remove DNS Host Record and PTR with PowerShell

Posted on December 10th, 2016

You have been asked, “Please remove the host record for these 15 computers, plus their associated PTR records”.  It isn’t a difficult task, but it can be time consuming, especially if you have a large DNS database.  The in-addr.arpa bit can be annoying to do over and over again.  When I first decided to automate this task, I went looking to see who had done something similar before, and found https://rcmtech.wordpress.com/2014/02/26/get-and-delete-dns-a-and-ptr-records-via-powershell/.  My code, Remove-DNSRecord.ps1,  is based on his, and extends it by searching all zones, and by creating and advanced function.  The script relies on the PowerShell DNSServer Module, which is available on Server 2008 and later.

 
Script Text

Tags: , ,
Filed under Active Directory, Windows Administration | No Comments »

Who Added this User to the Domain?

Posted on December 10th, 2016

On of the questions that I am frequently asked is “who created that user”.  In a small shop, the answer should be “me”.  But in a really large environment the answer may not be quite so clear. When an object is created in Active Directory, the owner of the object is the creator of the object. You will see the name of the account as the owner, unless that account is a member of Domain Admins or Enterprise Admins.

I wrote Get-WhoAddedUser.ps1 to quickly look up the owner of a user object. The script takes the distinguished name of the user object as input, because I began with a CSV file of distinguished names. It can be easily modified to take the SamAccountName.

 

Script Text

Filed under Active Directory, PowerShell, Scripting, Security, Windows Administration | No Comments »

Quickly Check Domain Controller Health

Posted on September 5th, 2016

How can you tell whether an Active Directory domain controller is functioning properly?  How do you know whether some over-zealous VLAN ACL is blocking necessary ports?  Testing ICMP, is easy, just ping it.  Testing LDAP response isn’t hard, I wrote a vbScript to do that years ago.  But to complete, we want to check more.  My list of things to check are this:

  • Ping
  • TCP Ports 53,88,135,389,445,464
  • UDP Ports 53,389,464
  • If you are running NetBIOS add 139 TCP and UDP ports 137,138
  • If the DNS port is open run NSLookup to check lookups
  • If LDAP port is open, do a test bind

Since a large enterprise may have a large number of DCs, I wanted to multi-thread the script.  For compatibility, I wanted to be able to run it on PowerShell 3 from a Windows 7 host without admin rights.

What I discovered is that testing TCP ports with PowerShell is pretty easy.  UDP connections, however, turned out to be more difficult.  After about 45 minutes of frustration, I found a great Test-Port function from PowerShell MVP Boe Prox.  It is contained inside the script.

In my view, WorkFlows, introduced in Version 3, are the easiest way to multi-thread in PowerShell, and is a way which does not require special setup or rights on the remote systems. On my system, I see about 4 simultaneous queries using this method.

Test-DCs.ps1 can be edited to choose the testing of whatever ports you require and could easily be changed to test other systems such as web servers, Exchange or SharePoint servers.

Update 10-1-19:  This version has many improvements, including multi-threading and dynamically determining whether query of DNS or GC ports is required.

Script Text

Filed under Active Directory, Alan's Favorites, My Best, PowerShell, Scripting, Windows Administration | No Comments »

WMI Repair — The Old Way is a Bad Way

Posted on June 26th, 2016

This was forwarded to me from one of our Microsoft guys.  I have been using a batch file to fix WMI with this line for years: WMI: Stop hurting yourself by using “for /f %%s in (‘dir /s /b *.mof *.mfl’) do mofcomp %%s”

Filed under SCCM, Windows Administration, WMI | No Comments »

Finding Rarely Used Computers On Your Network

Posted on February 13th, 2016

I support a number of hospitals.  Many of these have very large facilities, where the placement of computers was originally done by a space planner or others trying to make an educated guess about how and where people would be working.  Frequently we find that there are computers which are unused or only rarely used.  Efficient use of the machines requires that you identify these systems and reallocate them to be used where they are needed most.

There are a lot of ways to try to get at this information, for example, working with the information collected by SCCM, but you may not be collecting what is needed.  I wanted to create a multi-threaded script which collected the list of users from AD, pinged the list, then recorded the most recent logon which was not done by the local administrator account.

Get-UnusedComputers.ps1 uses Get-WMIObject to find the local path of each of the user profiles. Because the “lastwritten” attribute is updated when you log on, I sort the files by that date to determine the most recent logon. The results are exported to your desktop in a CSV file.

Script Text

Tags: ,
Filed under PowerShell, Scripting, Windows Administration, WMI | No Comments »

How to Create Single SCCM Bootable Media for both X32 and X64

Posted on February 13th, 2016

My friend, Nick Miller, has gone to work with another company, and is involved in a Windows 7 image standardization project.  He recently told me that he had figured out how to have a single bootable USB WinPE disk to create both 32 bit and 64 bit OS images.  Nick is a smart guy, and he had not found instructions for this anywhere else on the web.  I suggested that he be my first Guest Blogger.


For a long time I have wanted to have a single USB bootable media that will install every Windows OS known to man. This has always eluded me because of the differences between architectures. Recently it bothered me to the point of fixing it.

If you have found this article, you probably already know how to build a WINPE 32 bit bootable media, and I will not bore you with the details. Start by creating a directory for the Windows 7 (32 bit) files. Create another directory for the Windows 7 (64 bit) file. For each OS architecture, create a Unattend.xml and place it inside the corresponding directory. It is important to note that both versions must be identical. For example, if you plan on deploying Windows 7 Professional (64 bit) you will need to start the Windows 7 Professional (32 bit) install process.

Here is where it gets mind numbing. Create a new unattend.xml called SpecialUnattend.xml (link has example file) with the WinPE phase of the x86, and the other 6 phases of the x64. Place this in the Windows 7 (64 bit) directory. Be sure to add the “Microsoft-Windows-Setup\Installimage\OSImage\InstallFrom\Path” in the Unattend.xml to point to the Windows 7 (64 bit) wim. IE. “D:\W764\Sources\Install.wim”. And last but not least, at the bottom of the Unattend.xml file (edited with notepad) make sure that the wim is correctly located when booted to the WinPE OS.

To execute, run the following example. “D:\W732\Sources\Setup.exe /InstallFrom:D:\W764\Sources\Install.wim /unattend:D:\W764\SpecialUnattend.xml”
Do not forget that the target drive will need to be wiped with diskpart.
For more information, feel free to reach out to me at NCSHREK on Hotmail.


Thanks Nick.  I know that other SCCM admins will find this to be very helpful.

Tags: ,
Filed under SCCM, Windows 7, Windows Administration | No Comments »

Get Oldest Windows Event

Posted on February 13th, 2016

Get-OldestEvent.ps1 is a PowerShell advanced function which returns the oldest event from a Windows computer event log, and will help you determine the rollover time for an event log by also returning the age of the record as a time span with the time created. Optionally you can return the entire oldest record with the age as an added member. Age is calculated from the time the script collects the information.  You must, of course, have admin rights to query remote event logs. Running locally requires that PowerShell be run elevated. Because it is an advanced function, it must first be loaded with “dot sourcing”.

Example: Get the time created and age for the oldest event in the Security log of this computer.
Get-OldestEvent

Example: Get the time created and age for the oldest event in the Application log of this computer.
Get-OldestEvent -eLog Application

Example: Get the oldest event from the Security log on MyServerName, plus Age of event.
Get-OldestEvent -ComputerName MyServerName -eLog security -ReturnAll

Script Text

Tags: , ,
Filed under PowerShell, Scripting, Security, Windows Administration | No Comments »

Passwords for Password Resets

Posted on September 7th, 2015

I discovered that my script to generate passwords, RandomPW.vbs, isn’t popular with users because the passwords are random.  I have an even more complicated but unposted PowerShell version with the same issue.

I wanted to create something that was easier for the help desk and users.  Get-TempPW.ps1 is my answer to those objections.  This script is pretty well commented, so I won’t go into details about the code here.   What the script does is get a randomly selected word from the web, capitalizes a random letter within the word, then appends numbers and special characters to the end.  You can set the minimum word length and the number of numbers and special characters with variables within the code.  The default is and eight character word plus a number and special character.  The order of the numbers and special characters are randomized. An example password is “hypeRimmunization4&”.

Script Text

 

Tags: , , ,
Filed under PowerShell, Scripting, Security, Windows Administration | No Comments »

Get the Parent OU for an AD Object

Posted on September 7th, 2015

I have mentioned before that the Charlotte PowerShell User group was frequented by Scripting Guy Ed Wilson, and his wife Teresa. I’m sad to say that they have moved away, but am happy that Brian Wilhite has been running the meetings since.  I mentioned to Brian that I had a cool way to get the parent container of an Active Directory object using ADSI:

The string method is, of course faster. But If the parent object isn’t an OU, try the first method. It always works.

Tags: ,
Filed under Active Directory, PowerShell, Scripting, Windows Administration | No Comments »

Please Note:

All the scripts are saved as .txt files. Newer files have a "View Script" button which will let you save or open a script in notepad. For earlier posts, the easiest way to download with IE is to right click on the link and use "Save Target As". Rename file from Name_ext.txt to Name.ext.

To see a full post after searching, please click on the title.

PowerShell Scripts were written with Version 3 or 4.

https connections are supported.

All new users accounts must be approved, as are comments. Please be patient. It is pretty easy to figure out my email address from the scripts, and you are welcome to contact me that way.

Categories

Bad Behavior has blocked 555 access attempts in the last 7 days.