Wednesday, September 28, 2011

Powershell OU Management

I like this post hence pasting it as is from the site
http://dmitrysotnikov.wordpress.com/2007/05/04/ou-management-with-powershell/

Get the list of OUs:
PS C:> Get-QADObject -Type OrganizationalUnit  

Name               Type               DN
----               ----               --
Domain Controllers organizationalUnit OU=Domain Controllers,DC=ps64,DC=local
Microsoft Excha... organizationalUnit OU=Microsoft Exchange Security Groups,DC=ps64,DC=local

Create New OU in domain root:
PS C:\> New-QADObject -Type organizationalUnit -Name TestOU -ParentContainer ps64.local/
Name               Type               DN
----               ----               --
TestOU             organizationalUnit OU=TestOU,DC=ps64,DC=local

Create 5 test users in the new OU:
PS C:> 1..5 | ForEach { New-QADUser -ParentContainer ps64.local/TestOU -Name ("TestUser" + $_)}
Name               Type               DN
----               ----               --
TestUser1          user               CN=TestUser1,OU=TestOU,DC=ps64,DC=local
TestUser2          user               CN=TestUser2,OU=TestOU,DC=ps64,DC=local
TestUser3          user               CN=TestUser3,OU=TestOU,DC=ps64,DC=local
TestUser4          user               CN=TestUser4,OU=TestOU,DC=ps64,DC=local
TestUser5          user               CN=TestUser5,OU=TestOU,DC=ps64,DC=local

Get a list of users in an OU (and all nested OUs):
PS C:\> Get-QADUser -SearchRoot ps64.local/TestOU
Name               Type               DN
----               ----               --
TestUser1          user               CN=TestUser1,OU=TestOU,DC=ps64,DC=local
TestUser2          user               CN=TestUser2,OU=TestOU,DC=ps64,DC=local
TestUser3          user               CN=TestUser3,OU=TestOU,DC=ps64,DC=local
TestUser4          user               CN=TestUser4,OU=TestOU,DC=ps64,DC=local
TestUser5          user               CN=TestUser5,OU=TestOU,DC=ps64,DC=local

Get only users placed directly in the OU (and not in sub-OUs):
PS C:\> Get-QADUser -SearchRoot ps64.local/TestOU -SearchScope OneLevel
Name               Type               DN
----               ----               --
TestUser1          user               CN=TestUser1,OU=TestOU,DC=ps64,DC=local
TestUser2          user               CN=TestUser2,OU=TestOU,DC=ps64,DC=local
TestUser3          user               CN=TestUser3,OU=TestOU,DC=ps64,DC=local
TestUser4          user               CN=TestUser4,OU=TestOU,DC=ps64,DC=local
TestUser5          user               CN=TestUser5,OU=TestOU,DC=ps64,DC=local

Modify all users from an OU:
PS C:\> Get-QADUser -SearchRoot ps64.local/TestOU | Set-QADUser -City TestCity
PS C:> Get-QADUser -SearchRoot ps64.local/TestOU | Format-Table Name, City
Name                                                City
----                                                ----
TestUser1                                           TestCity
TestUser2                                           TestCity
TestUser3                                           TestCity
TestUser4                                           TestCity
TestUser5                                           TestCity

Get statistics on the number of objects in each OU:
PS C:\> Get-QADObject -Type organizationalUnit | foreach { Write-Host $_.Name: (Get-QADObject -SearchRoot $_.DN).Count}
Domain Controllers : 5
Microsoft Exchange Security Groups : 6
TestOU : 6


Get the list of AD objects by OU:
PS C:\> Get-QADObject -Type organizationalUnit | foreach { Write-Host ([char]10) $_.Name ([char]10); Get-QADObject -SearchRoot $_.DN }
Domain Controllers  

Name               Type               DN
----               ----               --
Domain Controllers organizationalUnit OU=Domain Controllers,DC=ps64,DC=local
SPB9880            computer           CN=SPB9880,OU=Domain Controllers,DC=ps64,DC=local
RID Set            rIDSet             CN=RID Set,CN=SPB9880,OU=Domain Controllers,DC=ps64,DC=local
NTFRS Subscript... nTFRSSubscriptions CN=NTFRS Subscriptions,CN=SPB9880,OU=Domain Controllers,DC=ps64,DC=local
Domain System V... nTFRSSubscriber    CN=Domain System Volume (SYSVOL share),CN=NTFRS Subscriptions,CN=SPB9880,OU=Do...  

Microsoft Exchange Security Groups  

Microsoft Excha... organizationalUnit OU=Microsoft Exchange Security Groups,DC=ps64,DC=local
Exchange Servers   group              CN=Exchange Servers,OU=Microsoft Exchange Security Groups,DC=ps64,DC=local
Exchange Organi... group              CN=Exchange Organization Administrators,OU=Microsoft Exchange Security Groups,...
Exchange Recipi... group              CN=Exchange Recipient Administrators,OU=Microsoft Exchange Security Groups,DC=...
Exchange View-O... group              CN=Exchange View-Only Administrators,OU=Microsoft Exchange Security Groups,DC=...
ExchangeLegacyI... group              CN=ExchangeLegacyInterop,OU=Microsoft Exchange Security Groups,DC=ps64,DC=local  

TestOU  

TestOU             organizationalUnit OU=TestOU,DC=ps64,DC=local
TestUser1          user               CN=TestUser1,OU=TestOU,DC=ps64,DC=local
TestUser2          user               CN=TestUser2,OU=TestOU,DC=ps64,DC=local
TestUser3          user               CN=TestUser3,OU=TestOU,DC=ps64,DC=local
TestUser4          user               CN=TestUser4,OU=TestOU,DC=ps64,DC=local
TestUser5          user               CN=TestUser5,OU=TestOU,DC

Friday, July 8, 2011

Powershell - List All Folders and Subfolders

dir -recurse | Where-Object { $_.PSIsContainer } | ForEach-Object { $_.FullName }
First, you list everything from your current location. To filter out only folders, we then filter for PSIsContainer, a property that is always true for folders. Finally, we output each folders' full path.

From: http://powershell.com/cs/blogs/tips/archive/2009/07/22/list-all-folders-and-subfolders.aspx

Thursday, July 7, 2011

Powershell to get ACLs for folders and subfolders

I have been searching this for long time. Now i have found out

 dir -recurse | Where-Object { $_.PSIsContainer } | Get-Acl

dir -recurse - Is to get all folders and subfolders
$_.PSIsContainer  - Is to check whether the object is a directory or a file
Get-ACL - to get ACLs for folders

Tuesday, June 14, 2011

Dsquery to find a email address in AD

dsquery * domainroot -filter "((proxyaddresses=*domain.com))" -scope subtree -attr displayname

* - to Find any object class user,group etc
domainroot - Where to search 
-filter - What to search
-scope - At what level base or subtree it has to search
-attr - what attributes needs to be displayed with the filtered results


Monday, June 13, 2011

Enumerate members of a group directly from Active directory custom search

This command will be useful particulerly if you are migrating large number of users to an other exchange server. Add all the members to migrate to this group and enumerate using the below command from dsa.msc, add Homemdb members column. There are other ways (Scripting, powershell etc) but i find this easier.


(ObjectClass=User)(
ObjectCategory=Person)(memberOf=CN=TestGroup,OU=Test-Service Acct,dc=,dc=,dc=com)

Dont forget to fill in the DC names :)

Sunday, October 17, 2010

Powershell - Get windows service status on a remote computer

Command to get the remote server service status through powershell is listed below

Get-service  -computername "Servername" -displayname "servicename"

Saturday, October 16, 2010

Powershell to get server uptime

I dont remember from which site i got the below script but it is very useful in my day to day admin life

$wmi=Get-WmiObject -class Win32_OperatingSystem -computer "Computername"
$LBTime=$wmi.ConvertToDateTime($wmi.Lastbootuptime)
[TimeSpan]$uptime=New-TimeSpan $LBTime $(get-date)
Write-host $server “Uptime: ” $uptime.days “Days” $uptime.hours “Hours” $uptime.minutes “Minutes” $uptime.seconds “Seconds”

Get-WmiObject -class Win32_OperatingSystem
This will invoke the Operating System wmi object


ConvertToDateTime
Will convert the output to human readable form


[TimeSpan]$uptime=New-TimeSpan $LBTime $(get-date)
This will compare the output time with the current time and store the result to the string as object

Powershell - Search a string inside a text file

Get-Content cmd let will allow reading content from a text file and the following piped cmdlet can be used to search a string inside the text file given as input


(Get-Content "Full path of the text file") | ? {$_ -match 'searchstring''}

Uninstalling Previous Versions of PowerShell

Uninstalling Previous Versions of PowerShell
PowerShell v1 RTM shipped as updates to the OS. Therefore, it will show up only in the updates section. To look for previous versions, do the following:
 On Windows XP/Server 2003:
·         Go to Add/Remove Programs
·         Select Show Updates
·         Look for any of the following KB numbers which indicate earlier versions of PowerShell
o   KB926139 – Windows PowerShell v1.0 RTM – English Language Version
o   KB926140 – Windows PowerShell v1.0 RTM – Localized Installation Package
o   KB926141 – Windows PowerShell v1.0 RTM – MUI pack
o   KB925228 – Windows PowerShell v1.0 RC2
·         Versions of V1 prior to RC2 are MSI based installations and they will appear as Windows PowerShell in the programs list
·         Uninstall the previous version that's installed
On Windows Vista:
·         Go to Programs and Features
·         Click on View Installed Updates
·         Look for any of the following KB numbers which indicate earlier versions of PowerShell
o   KB928439 – Windows PowerShell 1.0 RTM
o   KB923569 – Windows PowerShell 1.0 RC2
·         Version of V1 prior to RC2 are MSI based installations and they will appear as Windows PowerShell in the installed programs list
·         Uninstall the previous version that's installed
On Windows Server 2008:
·         Launch Server Manager
·         Go to Features
·         Click on Uninstall Features. This brings up a list of installed features to choose from
·         Select Windows PowerShell and uninstall