All the scripts are saved as .txt files. Newer files have a "View Script" button which will let you save or open a script in notepad. For earlier posts, the easiest way to download with IE is to right click on the link and use "Save Target As". Rename file from Name_ext.txt to Name.ext.
To see a full post after searching, please click on the title.
PowerShell Scripts were written with Version 3 or 4.
https connections are supported.
All new users accounts must be approved, as are comments. Please be patient. It is pretty easy to figure out my email address from the scripts, and you are welcome to contact me that way.
Top Posts & Pages
- Remove DNS Host Record and PTR with PowerShell
- Create Import file for Remote Desktop Connection Manager 2.7
- Get the Parent OU for an AD Object
- Fixing SCCM 1603 Errors
- Get User's Email Address from SmartCard with PowerShell
- Export and Import Delegated OU Permissions with PowerShell
- Export DNS Server Records with PowerShell
- Convert System.DirectoryServices.SearchResult to a PSObject
- PowerShell:Start RDP After Reboot
- Auditing Active Directory Permissions with Powershell
Category Archives: Security
The security for user account objects in an OU may drift over time. User accounts moved within the domain will retain delegations previously made, and user accounts created after schema extensions won’t have the same security as user accounts created … Continue reading
There are some delegations of permissions within Active Directory which cannot be made without extra effort. Some properties are flagged as hidden in a file called Dssec.dat, in %windir%\System32 on computers with the Active Directory Users and Computers (ADUC) MMC. … Continue reading
Sometimes, I get some interesting questions from other teams within my organization. Read-RDPCert.ps1 addresses a request to read the SSL certificates from a list of remote hosts. This is based on the code and following comments at https://blogs.technet.microsoft.com/parallel_universe_-_ms_tech_blog/2014/06/26/reading-a-certificate-off-a-remote-ssl-server-for-troubleshooting-with-powershell/.
Over time, Active Directory delegations tend to accumulate and drift from the standards in the enterprise. Removing the delegations for a user or group can be slow, especially if you do it manually. Microsoft has a good article about this process, but … Continue reading
Fix-HomeDrivePerms.ps1 is a PowerShell script which attempts to reset folder security when the permissions are really hosed. It uses a take ownership function, Set-Owner, by Boe Prox, instead of takeown.exe, but does shell out to iCacls.exe. I wrote this to … Continue reading
This simple batch file resets the inheritance on users folders and then grants them “modify” using the builtin icacls.exe. This script does not address issues which require you to take ownership — I will post one that does that soon. … Continue reading
On of the questions that I am frequently asked is “who created that user”. In a small shop, the answer should be “me”. But in a really large environment the answer may not be quite so clear. When an object … Continue reading
Get-OldestEvent.ps1 is a PowerShell advanced function which returns the oldest event from a Windows computer event log, and will help you determine the rollover time for an event log by also returning the age of the record as a time … Continue reading
I discovered that my script to generate passwords, RandomPW.vbs, isn’t popular with users because the passwords are random. I have an even more complicated but unposted PowerShell version with the same issue. I wanted to create something that was easier … Continue reading
Active Directory permissions aren’t easy to audit. It is a lot easier to delegate permissions to a user or a group than it is to figure out later who has what rights on what containers and organizational units. I have … Continue reading