VertigoRay

Senior IT Support Manager at UNT CAS and has been a professional in IT for over 20 years. He love his family, likes his motorcycle, and figures IT out!

Active Directory – Validate Group SamAccountName

Did a lot of digging to find the details needed so that I can write a Reg Ex to validate an AD Group SamAccountName.  Here’s what I got and I wanted to share … (^[^. ""/[]:|+=;?*][^""/[]:|+=;?*]{1,63})(?(1)|[^.]$) This translates to: Not Starting with a period (.) or a space ( ). This, by design, excludes strings consisting solely of all periods (.) or spaces ( ). Between 1 and 64 characters (inclusive) long. Not including any of these characters: “/[]:|<>+=;?* Not ending in a period (.). If you’re like me, you want justification: http://support.microsoft.com/kb/938447 http://technet.microsoft.com/library/Cc975532 http://technet.microsoft.com/en-us/library/cc776019.aspx http://support.microsoft.com/kb/909264 http://forums.techarena.in/active-directory/1011758.htm I realize the page says 63 characters, but my testing shows 64 to be valid (Win2k8).

PowerShell – Random Color

Just messing around here, but thought others might want to know how to randomly (or intelligently) grab a color.  There’s basically three parts to this process. Get the number of colors. Grab a random color. Apply the color. I’ve done the above three steps in these three lines of code … $max = [System.ConsoleColor].GetFields().Count – 1 $color = [System.ConsoleColor](Get-Random -Min 0 -Max $max) Write-Host -Fore $color ‘lolz’ If you want the one liner version … Write-Host -Fore ([System.ConsoleColor](Get-Random -Min 0 -Max ([System.ConsoleColor].GetFields().Count – 1))) ‘lolz’ Want a list of colors? [System.ConsoleColor].GetFields() | %{$_.Name} The first thing returned value__ is just metadata and won’t be randomly selected in the range we’ve specified.  If we randomly get 0, Black is returned.  If we randomly get 15, White is returned. Note:  As of the time of this writing, .Count-1 from the above code equals 16.  Get-Random’s -Maximum parameter “returns a value that is less than the maximum (not equal).”  Thus, our inclusive range is 0 through 15. Hope this helps others out there.  Cheers!

PowerShell – Search Across Multiple Domains in a Forest

While trying to find a quick answer to search across domains for duplicated user accounts, I came across a blog (sourced) that pointed me in a good direction.  To skip the meat of it, we have a Global Catalog setup on our AD and I found it more useful to target that and search the entire forest, then to attach to each domain individually.  I hope this helps others out there in a similar scenario… https://gist.github.com/VertigoRay/6357248 The above code will return you all Domain User Accounts in the Forest with the SamAccountName of user0123.  If you’re like me, you’ll want to handle the results from FindAll() instead of just dumping it to the pipeline: https://gist.github.com/VertigoRay/6357306 As you can see, I’ve moved the FindAll() method to the foreach conditional for handling. Of course, I’m still dumping the results to pipline, but it’s a nice, clean object that is pre-formatted just the way I want it. I hope this helps others out there!

PowerShell – Pick a Domain Controller

I use a global variable to pick a Domain Controller so that I’m not constantly bouncing back and forth between Domain Controllers when running scripts. This helps to mitigate errors due to replication delays (normally, just a few seconds). For Example, when you’re scripting and try to run Set-ADUser command followed immediately by a Get-ADUser command without specifying the -Server property as the same server for both commands, you may end up setting the change on one server and confirming the change was set (possibly a nano-second later) on a different server. This would lead to your confirmation to return as false. To draw it out a little clearer … take the following command: While ((Get-ADUser $SamAccountName -Properties HomeDrive).HomeDrive -eq $null) { Write-Host "Setting HomeDrive & Home Directory …" Set-ADUser $SamAccountName -HomeDrive "H:" -HomeDirectory "HOME-SERVERHOME$SamAccountName" } Write-Host "Moving on …" Without specifying -Server, the command might result in the following output: Setting HomeDrive & Home Directory … Setting HomeDrive & Home Directory … Setting HomeDrive & Home Directory … Setting HomeDrive & Home Directory … Moving on … If I do specify -Server, as shown: While ((Get-ADUser $SamAccountName -Server $myDC -Properties HomeDrive).HomeDrive -eq $null) { Write-Host "Setting HomeDrive & Home Directory …" Set-ADUser $SamAccountName -Server $myDC -HomeDrive "H:" -HomeDirectory "HOME-SERVERHOME$SamAccountName" } Write-Host "Moving on …" I get the following output, everytime: Setting HomeDrive & Home Directory … Moving on … I set $myDC in my $Profile with a global variable and calling the Set-DC function I’ve written below. [string] $global:myDC = "" Set-myDC Write-Debug "myDC: $myDC" Of course, you could just set the $myDC statically, but what fun is that? Here’s my solution: <# .SYNOPSIS Sets the myDC global variable. .DESCRIPTION Gets a list of domain controllers and takes one from the list. .PARAMETER Return If set, will return the FQDN of a DC, other than the globally set DC, intead of setting it globally. Useful for targetting another DC without changing the globally used DC. .INPUTS .OUTPUTS Sets $global:CASITS_UNTDC discovered FQDN. If -Return is used, $global:myDC is not set and the discovered FQDN is returned as a string. .EXAMPLE Set-myDC .EXAMPLE $myDC = Set-myDC -Return .NOTES .LINK go.vertigion.com/PowerShell-Set-myDC #> function Set-myDC { param( [Parameter( HelpMessage = "If set, will return the result intead of setting globally." )] [switch] $Return ) $DCList = $null while ($DCList -eq $null) { $DCList = Get-ADDomainController -Filter * | Select HostName } if ($Return.isPresent) { $DC = ” while ($DC -eq $myDC) { $DC = $DCList[$(Get-Random -Minimum 0 -Maximum ($DCList | Measure-Object).Count)].HostName } return $DC } else { $global:myDC = $DCList[$(Get-Random -Minimum 0 -Maximum ($DCList | Measure-Object).Count)].HostName } } Hope it helps others out there. Just add the function to your PowerShell Profile or as a Functions in a script to make it available!

iPhone – Task Sync

Most people are aware of this by now, but I thought I’d post a quick follow-up to a previous post of mine … I have an iPhone and love it, except for the fact that it’s very user friendly. What do I mean? I’m more of a technical user. The fact that the iPhone is so easy to use, makes it hard to do slightly more technical stuff. Some trivial email things that frustrate me: No Custom Email Signatures per Account  Solved! No integrated Exchange Task Sync  Solved! Inability to Send As another email account, on the fly.  Solved! The second issue has been solved by Apple with iOS 5.  They simply call it Reminders instead of Tasks.  When setting up your Exchange connection to your company or Gmail, simply turn Reminders, as shown: I know this was a quick write-up, but I felt it was overdue and required for thoroughness.

PowerShell – Return a list Active Computers for a Department/OU

I needed a script that would return a list active computers for a supplied department or OU (basically the same thing in my use case). This is my solution to that. When supplied a list of Dept abbreviation (OU Name), this function will query AD for all enabled user accounts in the Departments OU.  Then it will run the list of users accounts through the Get-CompByUser function.  The list of computers is then run through Get-CompByActivity to return only active computers.  The actual targetted out will simply be a combination of $Dept and $OUBase parameters:  "OU=$Dept,$OUBase".  I’ve populated the PowerShell Comment Doc, so check out the Examples supplied in there for usage. <# .SYNOPSIS Return a list Active Computers for a Department/OU. .DESCRIPTION Will query AD for all enabled User accounts in the Departments OU. Will run the list of Users accounts through the Get-CompByUser function. The list of computers is then run through Get-CompByActivity to return only active computers.

PowerShell – Filter a list Computers by LastLogon Date

I needed a script to filter a list of computers by the number of days since the computer was last logged onto.  This is my solution to that.  When supplied a list of computers, this will return the ones that have been Active (Logged On) within the Last X amount of days.  Where X is supplied as $DaysSinceLastLogon.  I’ve populated the PowerShell Comment Doc, so check out the Examples supplied in there for usage. <# .SYNOPSIS Filter a list Computers by LastLogon Date. .DESCRIPTION When supplied a list of computers, this will return the ones that have been Active (Logged On) within the Last X amount of days. Where X is supplied as $DaysSinceLastLogon. .PARAMETER ComputerNames Object supplied via piped in result from a Get-ADComputer query, or similar. Alias: Name .PARAMETER DaysSinceLastLogon Default: 180. Number of days since Last Logon. Used to justify an Active Computer. .INPUTS System.Object ComputerNames System.Int32 DaysSinceLastLogon .OUTPUTS List of Computer Names. .EXAMPLE Get-ADComputer Computer0123A | Get-CompByUser Active Computers: 1 Total Computers: 1 The Active Computers are:

PowerShell – Get Computers by Last Logged on User via SCCM

I needed a versatile script to query SCCM and return the list of computers associated with that user.  This is my solution to that.  It simply queries SCCM for the list of computer’s whose last logged on user matches the supplied SamAccountName.  I’ve populated the PowerShell Comment Doc, so check out the Examples supplied in there for usage. https://gist.github.com/VertigoRay/6343964 Hope it helps others out there.  Just add the function to your PowerShell Profile or as a Functions in a script to make it available! In case you’re wondering what the reference is to the $_ProgressTotal variable … I that’s a Global Variable that I set when piping large sets into this funtion.  I’ve got an example of it being used in my Get-ActiveCompByDept function. Thanks to Jeffrey B. Murphy (sourced) for the starting point.

PowerShell – Pause Command

I was doing some PowerShelling and needed a Pause command.  Unfortunately, the command isn’t native to PowerShell.  Using a TechNet Tip of the Week article as a starting point, I devised my solution.