Tag Archive: Powershell

Nov 30

Using PowerShell to access Windows Event Logs

Recently, I have worked on a PowerShell script to parse Windows Security logs for specific events. Here are some useful resources: How to Improve the Performance of a PowerShell Event Log Query Hey, Scripting Guy! How Can I Read from Windows Event Logs with Windows PowerShell 2.0? Using Get-WinEvent –FilterXml to process Windows Events  

Google+FacebookEmailPrintShare

Aug 26

Removing an Orphan (inactive) Active Directory Domain

Removing an Orphan (inactive) Active Directory Domain One of my customers has a forest with several domains, one of which hasn’t been used in a while (call it domain “RedShirt”). The 2 Domain Controllers in the domain, “RedShirt” both tombstoned. Yes, I know, how does that happen? ALWAYS monitor your environment. Since the domain hasn’t …

Continue reading »

Google+FacebookEmailPrintShare

Aug 24

Powershell Code: Check Time on all Domain DCs

I recently had to check all DCs to ensure they had consistent time and were properly synchronizing time. Here’s the code (set $DomainControllers to be the list of DCs): 12345678910111213141516################################### # Check Domain Time Configuration # ################################### Write-Verbose "Check Domain Time Configuration `r" ForEach ($DC in $DomainControllers) { ## OPEN ForEach DC in DomainControllers $ADTimeCheck …

Continue reading »

Google+FacebookEmailPrintShare

Jul 24

PowerShell: ADSI and Case Sensitivity

In developing a custom PowerShell script which leveraged ADSI, I noticed that the script wasn’t working properly. Here’s a sample block of the script which uses ADSI to get changes made to ExtensionAttribute11 as part of an Active Directory Convergence test script: 1234$ADSITarget = [ADSI]"LDAP://$DC" $Searcher = New-Object DirectoryServices.DirectorySearcher($ADSITarget,"(sAMAccountName=$ConvergenceObject)") $ConvergenceObjectData = ($Searcher.FindOne()).properties $ConvergenceObjectDataValue = (($Searcher.FindOne()).properties).ExtensionAttribute11 …

Continue reading »

Google+FacebookEmailPrintShare

Jul 17

PowerShell Commandlet: Get-ChildItem

The PowerShell cmdlet Get-ChildItem (alias Dir) is extremely useful for enumerating directory structures (local and network file systems as well as Active Directory). Get a list of all subdirectories: Get-ChildItem $Dir | where { $_.PSIsContainer } Get a list of all files of type “xml” in a location and return the full path with file …

Continue reading »

Google+FacebookEmailPrintShare

May 01

PowerShell and Ambiguous Name Resolution (ANR) Search in Active Directory

I was recently asked how to find a user when you have data that may be the SamAccountName or in another attribute. My first thought was leveraging Ambiguous Name Resolution (ANR) Search in Active Directory. ANR enables you to find a user when you have some information about a user, but don’t know exactly to …

Continue reading »

Google+FacebookEmailPrintShare

Apr 17

Using PowerShell to search Group Policy XML Reports

I recently found this blog article called Using PowerShell to search Group Policy XML Reports which covers a method for extracting settings from a GPO XML report. Fascinating stuff! Read all about it here.  

Google+FacebookEmailPrintShare

Mar 18

PowerShell v3 Active Directory Commandlets

Powershell version 2.0 introduced Active Directory commandlets (76 total) a tremendous improvement over the manual ADSI coding necessary with Powershell version 1.0. Powershell version 3.0 has 135 commandlets, adding 59 new commandlets covering AD Central Access Policy, AD Replication, AD Claims, and more. Here’s the list of all Active Directory commandlets in Powershell v3: Add-ADCentralAccessPolicyMember  …

Continue reading »

Google+FacebookEmailPrintShare

Aug 15

Windows 2012 RID Management

While “1 Billon RIDs should be enough for anyone,” there are scenarios where a domain could run out of RIDs. This is a “very bad thing” since every security principal requires a RID for creation (Domain SID + RID = security principal SID).  One can check the number of RIDs remaining in a domain through …

Continue reading »

Google+FacebookEmailPrintShare

Jun 06

Powershell Code: Find Non-Optimal AD Site Configuration

There are a lot of ways Active Directory sites can be configured (and mis-configured). Sometimes, one component is deleted without cleaning up the other. This script identifies a number of non-optimal site configurations. Here’s what it does: Get AD Site List Get List of AD Subnets Discover Subnets without sites Discover Subnets not configured as …

Continue reading »

Google+FacebookEmailPrintShare

Older posts «