Etikett: Powershell

Publicerat

Migrate DHCP

Just a quick reminder on how to quickly move a Microsoft DHCP server.

Export with
netsh dhcp server export backup.txt

Import on new server with
netsh dhcp server import

dont forgett to ”Authorize” correct server.

Powershell way 🙂

DHCP Migration/Move to new Microsoft Server

Run this on the destination server..

#

$SourceServer = ”vdc01.byggkon.local”
$Sourceip =”192.168.52.10″
$DestServer =”vdc02″
$Destip =”192.168.52.11″

$WorkDir = ”c:\DHCPMigration”
if (-not (test-path $workdir)) {md $workdir}

Export config from old server

Export-DhcpServer -ComputerName $SourceServer -File ”$Workdir\SourceDHCPScopeData.xml” -Force

Stop OLD DHCP Server – decommision

Stop-Service -InputObject $(Get-service -ComputerName $SourceServer -Name DHCPServer) #Stop service on Source
set-service -InputObject $(Get-service -ComputerName $SourceServer -Name DHCPServer) -StartupType disabled #Disable Service on Source
Remove-DhcpServerInDC -DnsName $SourceServer -IPAddress $Sourceip # Deauthorize in AD

Importera den nya

Import-DhcpServer -ComputerName $DestServer -File ”$Workdir\SourceDHCPScopeData.xml” -BackupPath $workdir
Add-DhcpServerInDC -DnsName $DestServer # Authorize scope

Get-DhcpServerInDC

Publicerat

Add to PS1 File Context Menu in Windows 10 for editing in ISE elevated

I wanted to get into ISE elevated directly from the shell by just rightclicking the *.ps1 file and then choose to edit …

I realy couldnt find anywone that had made this available public 100% working… so here it is… my verison…

Create a regfile of the below and run it or edit the registry directly…

Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Microsoft.PowerShellScript.1\Shell\Edit(Elevated)]
    @="Redigera (eleverat)"
    "HasLUAShield"=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Microsoft.PowerShellScript.1\Shell\Edit(Elevated)\Command]
    @="c:\\windows\\system32\\windowsPowerShell\\v1.0\\powershell.exe -command \"& {start-process -Filepath \"c:\\windows\\system32\\windowsPowerShell\\v1.0\\\\powershell_ise.exe -Verb RunAS %1\"}"

Result

Publicerat

RDGateway

RD-Gateway

Install RD Gateway with Powershell fast.. (2012R2)
Certs needs to be fixed and firewall ports needs to be opened and Nated … 443…

# Add Windows Role/Feature
Add-WindowsFeature -Name RDS-gateway -IncludeAllSubFeature -IncludeManagementTools

#verifiy that the module is present … and Load it…
Get-Module remotedesktopservices
import-module remotedesktopservices

 

# Create AD Security Group – Is created in Defalut ”users” container.
new-adgroup -Name ”RD-GW-Users” -Groupscope Global
Add-ADGroupMember ”RD-GW-Users” -member ”Domain Admins”
# Get Domain we are running in.. (Just to get things dynamic)
$dom=get-addomain | Select Name # $dom.name give us the domain name from now on..

#change dir into rds provider
cd RDS:
# Create new Connection Authorization Policy (CAP)
New-Item -Path ”RDS:\GatewayServer\CAP” -Name ”Allow RD-GW-Users” -UserGroups ”RD-GW-Users@$($dom.name)” -AuthMethod 1
# Create new Resource Authorization Policy
New-Item -Path ”RDS:\GatewayServer\RAP” -Name ”Allow Connections To Everywhere” -UserGroups ”RD-GW-Users@$($dom.name)” -ComputerGroupType 2

Publicerat

Clear out Exchange settings in AD

I certanly dont recommend this but this is what worked ….


$User = ""
$Users = ""
$Users=Get-ADUser -filter * | select SamAccountName

foreach ($User in $Users)
{
set-ADUser -identity $User.SamAccountName -clear legacyExchangeDN
set-ADUser -identity $User.SamAccountName -clear mailNickname
set-ADUser -identity $User.SamAccountName -clear msExchHomeServerName
set-ADUser -identity $User.SamAccountName -clear msExchMailboxGuid
set-ADUser -identity $User.SamAccountName -clear msExchMailBoxSecurityDescriptor
set-ADUser -identity $User.SamAccountName -clear msExchPoliciesIncluded
set-ADUser -identity $User.SamAccountName -clear msExchRBACPolicyLink
set-ADUser -identity $User.SamAccountName -clear msExchRecipientDisplayType
set-ADUser -identity $User.SamAccountName -clear msExchRecipientTypeDetails
set-ADUser -identity $User.SamAccountName -clear msExchTextMessagingState
set-ADUser -identity $User.SamAccountName -clear msExchUMDtmfMap
set-ADUser -identity $User.SamAccountName -clear msExchUserAccountControl
set-ADUser -identity $User.SamAccountName -clear msExchUserCulture
set-ADUser -identity $User.SamAccountName -clear msExchVersion
set-ADUser -identity $User.SamAccountName -clear proxyAddresses
set-ADUser -identity $User.SamAccountName -clear showInAddressBook
}

Publicerat

Hantera AD grupper m.m. med Powershell

import-module activedirectory
Get-ADUser -Filter {(Enabled -eq $true)} -searchbase ”ou=RDS,dc=HR,dc=local”
get-adgroupMember ”RDS_Monitor_Users” -recursive | select-object Name

 

Publicerat

Cause 100% CPU load with Powershell

Powershell script to cause high cpu load (100%!)

foreach ($loopnumber in 1..2147483647) {$result=1;foreach ($number in 1..2147483647) {$result = $result * $number};$result}

Publicerat

Powershell – Get logedinuser

Powershell script som kolalr vilken user som är inloggad på en remote maskin… nice to have

$Computer = Read-Host ”Enter computername you want to check logedin user at”
Get-WmiObject Win32_LoggedOnUser -ComputerName $Computer | Select Antecedent -Unique

Publicerat

2012 R2 – UPD

Collection of things regardsin RDS and Profile disk.. 2012R2

Redirekta övriga mappar som vanligt till användarens profil/userfiles med GP.

dock tas inte allt med då…
Tex start-menyn (New UI)

Fixa detta med följande

add#1

 

 

 

 

 

 

 

 

 

 

add#2

 

 

 
Powershell script för att identifiera sid idn GetUser.ps1
Kör scriptet från sharet….

 

 

Publicerat

Find service start/run accounts

A powershell script that finds all services , filters som out depsending on start account…

$host_name = ”.”
# Addera här de tjänstekonton man vill filtrera bort
$accounts = ”NT Authority\\LocalService”,”NT AUTHORITY\\NetworkService”,”LocalSystem”
$Accountsfilter=”Select * from Win32_Service WHERE ”+ (($accounts | foreach-object { ”NOT StartName=’$_'” }) -join ’ AND ’)
Get-WmiObject -query $Accountsfilter | ft Name, DisplayName,Startmode,StartName

Publicerat

Active Directory Roles (FSMO) – Detect/ Transfer Server rules…

Powershell way to transfer all roles fast…


cls
Import-Module activedirectory
Get-ADDomain | Select-Object InfrastructureMaster, RIDMaster, PDCEmulator
Get-ADForest | Format-Table SchemaMaster,DomainNamingMaster, GlobalCatalogs
Get-ADDomainController -Filter * | Select-Object Name, Domain, Forest, OperationMasterRoles |Where-Object {$_.OperationMasterRoles} | Format-Table -AutoSize

exit
Move-ADDirectoryServerOperationMasterRole -Identity "vdc02" -OperationMasterRole DomainNamingMaster,PDCEmulator,RIDMaster,SchemaMaster,InfrastructureMaster

ALt #2
$Domain = get-addomain
$forest=Get-ADForest $domain.name
write-host "Forest-Sites:`t`t`t"$forest.Sites
write-host "Domain:`t`t`t`t`t"$domain.name
write-host "FMSO:"
write-host "DomainNamingMaster:`t`t"($forest).DomainNamingMaster
write-host "SchemaMaster:`t`t`t"($Forest).SchemaMaster
write-host "InfrastructureMaster: `t"($Domain).InfrastructureMaster
write-host "PDCEmulator:`t`t`t"($Domain).PDCEmulator
write-host "RIDMaster:`t`t`t`t"($Domain).RIDMaster

exit
#Move-ADDirectoryServerOperationMasterRole -Identity "vdc02" -OperationMasterRole DomainNamingMaster,PDCEmulator,RIDMaster,SchemaMaster,InfrastructureMaster