PowerShell Script to find all AD users who have the “cannot change password” box checked in a specific OU

PowerShell Script to find all AD users who have the “cannot change password” box checked in a specific OU

# script to find all AD users who have the “cannot change password” box checked in a specific OU

# Windows Server 2016

# Powershell

Get-ADUser -Filter * -Properties CannotChangePassword -SearchBase “OU=specificOU,DC=TEST,DC=com” | where { $_.CannotChangePassword -eq “true” } | Format-Table Name, DistinguishedName

 

Robocopy. Copy Move Files Older or Newer than X number of days

Script options

  • Move only files under 60days old
  • Move files older than 60days
  • Move files back
  • Move files older than 182 is number of days (6 months roughly)
  • Move only files under 60days old

Parameters

  • /MAXAGE:n :: MAXimum file AGE – exclude files older than n days/date.
  • /MINAGE:n :: MINimum file AGE – exclude files newer than n days/date.
  • /copyall /s  :: copys all sub folders and moves files to the folders
  • /mov Moves files, and deletes them from the source after they are copied.
  • /move Moves files and directories, and deletes them from the source after they are copied.  (note the MOVE option will fail if any files are open and locked)

Examples:
Move only files under 60days old
robocopy c:\temp c:\temparchive /mov /MAXAGE:60 /copyall /s >c:\temp\FileUnder60daysMoved.txt

Move only files under 60days old back 
robocopy c:\temparchive c:\temp /mov /MAXAGE:60 /copyall /s >c:\temp\FileUnder60daysMovedReturned.txt

Move files older than 60days
robocopy c:\temp c:\temparchive /mov /MINAGE:60 /copyall /s >c:\temp\FilesOver60daysMoved.txt

Move files older than 60days back
robocopy c:\temparchive c:\temp /mov /MINAGE:60 /copyall /s >c:\temp\FilesOver60daysMovedreturned.txt

182 number of days (6 months roughly)
robocopy c:\temp c:\temparchive /mov /MINAGE:182 /copyall /s >c:\temp\FilesOver182daysMoved.txt

Deletes the original directories after moving
robocopy c:\temp c:\temparchive /move /MINAGE:60 /copyall /s >c:\temp\FilesOver60daysMoved.txt

Microsoft examples in more detail
https://social.technet.microsoft.com/wiki/contents/articles/1073.robocopy-and-a-few-examples.aspx#Move_files_over_14_days_old

Automating File-Based Backups of vCenter Server…

Automating File-Based Backups of vCenter Server Appliance

Automating File-Based Backups of vCenter Server…

Did you know the vCenter Server Appliance (VCSA) has file-based backup options? This ability was actually released in vSphere 6.5. However, there was one feature in particular that was missing: a scheduler. I’m happy to say that as part of vSphere 6.7, the VCSA received a backup scheduler! Recently, my teammate, Emad Younis released a […] The post Automating File-Based Backups of vCenter Server Appliance appeared first on VMware PowerCLI Blog .


VMware Social Media Advocacy

WSUS – GPO and Windows 10 / Server 2016 Registry Settings

You create a WSUS GPO and apply it to the Computers.

Now how do you validate its working

Open the registry and browse to :
computer\HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate

 

The GPO for WSUS should populate the registry with following values

WUServer …updates server
WUStatusServer…update
UpdateServicesURLAlternate

These values should match the GPO settings for WSUS.

WSUS and Windows 10 – Clients not checking in or checking in and then disappearing

Clients not checking in or checking in and then disappearing

Cloned images – SUSCLIENTID is not reset with Sysprep!!!

This needs to be done if your creating a template for Windows 2016 and Windows 10 in a virtual environment.

So if you have deployed servers from template already, do the following fix. Or if you realised before deployment, just delete the reg keys before converting the virtual machine to a template.

Solutions / Fix

Stop Windows Update service

 

Open up regedit

Browse to  : computer\hklm\software\microsoft\windows\currentversion\windowsupdate

Delete susclientID
Delete susclientidvalid

Start Windows Update service

Open up command prompt as admin on the effected Window 2016 or Window 10 client, if the image has already been deployed

type

c:\windows\system32\UsoClient.exe RefreshSettings

The clients should then check in and create a new SusClientId and SusClientIdValidation

 

WSUS and Windows 10 Clients – UsoClient.exe

So, you deploy a GPO to Window 10 clients, but your in a hurry to get the clients to check in…

As a SysAdmin for many years I would log on to a client, open command prompt and type :

wuauclt /detectnow  (Windows 7 / Windows Server 2008/2012 clients)

 

In Windows 10 you will notice that it doesn’t do anything and doesn’t show you anything. (As shown above)

(confirmed on https://blogs.technet.microsoft.com/yongrhee/2017/11/09/wuauclt-detectnow-in-windows-10-and-windows-server-2016/)

An example of “Whats New” in Windows 10, and Windows Server 2016 To check or scan “Windows Update” from the command prompt :
CMD (Run As Administrator)
c:\windows\system32\

UsoClient.exe startscan

And there is more switches….

  1. StartScan – Used To Start Scan
  2. StartDownload – Used to Start Download of Patches
  3. StartInstall – Used to Install Downloaded Patches
  4. RefreshSettings  – Refresh Settings if any changes were made
  5. StartInteractiveScan  – May ask for user input and/or open dialogues to show progress or report errors
  6. RestartDevice – Restart device to finish installation of updates
  7. ScanInstallWait – Combined Scan Download Install
  8. ResumeUpdate – Resume Update Installation On Boot

Create an ISO file with PowerShell post by Ben Liebowitz

Recently I came across this post. As a VMware admin, you often want to create an ISO as a quick method to copy files or installation files to a VM.

Ben Liebowitz shows how to create an ISO of large files with PowerShell. For the full post use the link below

http://thelowercasew.com/create-an-iso-file-with-powershell

All credit to  for this script

This is a copy of function to use incase the link above fails :

function itself:

 


#Get-Help About-Classesfunction New-IsoFile
{
<# .Synopsis Creates a new .iso file .Description The New-IsoFile cmdlet creates a new .iso file containing content from chosen folders .Example New-IsoFile “c:\tools”,”c:Downloads\utils” This command creates a .iso file in $env:temp folder (default location) that contains c:\tools and c:\downloads\utils folders. The folders themselves are included at the root of the .iso image. .Example New-IsoFile -FromClipboard -Verbose Before running this command, select and copy (Ctrl-C) files/folders in Explorer first. .Example dir c:\WinPE | New-IsoFile -Path c:\temp\WinPE.iso -BootFile “${env:ProgramFiles(x86)}\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\Oscdimg\efisys.bin” -Media DVDPLUSR -Title “WinPE” This command creates a bootable .iso file containing the content from c:\WinPE folder, but the folder itself isn’t included. Boot file etfsboot.com can be found in Windows ADK. Refer to IMAPI_MEDIA_PHYSICAL_TYPE enumeration for possible media types: http://msdn.microsoft.com/en-us/library/windows/desktop/aa366217(v=vs.85).aspx .Notes NAME: New-IsoFile AUTHOR: Chris Wu LASTEDIT: 03/23/2016 14:46:50 #>

[CmdletBinding(DefaultParameterSetName=’Source’)]Param(
[parameter(Position=1,Mandatory=$true,ValueFromPipeline=$true, ParameterSetName=’Source’)]$Source,
[parameter(Position=2)][string]$Path = “$env:temp\$((Get-Date).ToString(‘yyyyMMdd-HHmmss.ffff’)).iso”,
[ValidateScript({Test-Path -LiteralPath $_ -PathType Leaf})][string]$BootFile = $null,
[ValidateSet(‘CDR’,’CDRW’,’DVDRAM’,’DVDPLUSR’,’DVDPLUSRW’,’DVDPLUSR_DUALLAYER’,’DVDDASHR’,’DVDDASHRW’,’DVDDASHR_DUALLAYER’,’DISK’,’DVDPLUSRW_DUALLAYER’,’BDR’,’BDRE’)][string] $Media = ‘DVDPLUSRW_DUALLAYER’,
[string]$Title = (Get-Date).ToString(“yyyyMMdd-HHmmss.ffff”),
[switch]$Force,
[parameter(ParameterSetName=’Clipboard’)][switch]$FromClipboard
)

Begin {
($cp = new-object System.CodeDom.Compiler.CompilerParameters).CompilerOptions = ‘/unsafe’
if (!(‘ISOFile’ -as [type])) {
Add-Type -CompilerParameters $cp -TypeDefinition @’
public class ISOFile
{
public unsafe static void Create(string Path, object Stream, int BlockSize, int TotalBlocks)
{
int bytes = 0;
byte[] buf = new byte[BlockSize];
var ptr = (System.IntPtr)(&bytes);
var o = System.IO.File.OpenWrite(Path);
var i = Stream as System.Runtime.InteropServices.ComTypes.IStream;

if (o != null) {
while (TotalBlocks– > 0) {
i.Read(buf, BlockSize, ptr); o.Write(buf, 0, bytes);
}
o.Flush(); o.Close();
}
}
}
‘@
}

if ($BootFile) {
if(‘BDR’,’BDRE’ -contains $Media) { Write-Warning “Bootable image doesn’t seem to work with media type $Media” }
($Stream = New-Object -ComObject ADODB.Stream -Property @{Type=1}).Open() # adFileTypeBinary
$Stream.LoadFromFile((Get-Item -LiteralPath $BootFile).Fullname)
($Boot = New-Object -ComObject IMAPI2FS.BootOptions).AssignBootImage($Stream)
}

$MediaType = @(‘UNKNOWN’,’CDROM’,’CDR’,’CDRW’,’DVDROM’,’DVDRAM’,’DVDPLUSR’,’DVDPLUSRW’,’DVDPLUSR_DUALLAYER’,’DVDDASHR’,’DVDDASHRW’,’DVDDASHR_DUALLAYER’,’DISK’,’DVDPLUSRW_DUALLAYER’,’HDDVDROM’,’HDDVDR’,’HDDVDRAM’,’BDROM’,’BDR’,’BDRE’)

Write-Verbose -Message “Selected media type is $Media with value $($MediaType.IndexOf($Media))”
($Image = New-Object -com IMAPI2FS.MsftFileSystemImage -Property @{VolumeName=$Title}).ChooseImageDefaultsForMediaType($MediaType.IndexOf($Media))

if (!($Target = New-Item -Path $Path -ItemType File -Force:$Force -ErrorAction SilentlyContinue)) { Write-Error -Message “Cannot create file $Path. Use -Force parameter to overwrite if the target file already exists.”; break }
}

Process {
if($FromClipboard) {
if($PSVersionTable.PSVersion.Major -lt 5) { Write-Error -Message ‘The -FromClipboard parameter is only supported on PowerShell v5 or higher’; break }
$Source = Get-Clipboard -Format FileDropList
}

foreach($item in $Source) {
if($item -isnot [System.IO.FileInfo] -and $item -isnot [System.IO.DirectoryInfo]) {
$item = Get-Item -LiteralPath $item
}

if($item) {
Write-Verbose -Message “Adding item to the target image: $($item.FullName)”
try { $Image.Root.AddTree($item.FullName, $true) } catch { Write-Error -Message ($_.Exception.Message.Trim() + ‘ Try a different media type.’) }
}
}
}

End {
if ($Boot) { $Image.BootImageOptions=$Boot }
$Result = $Image.CreateResultImage()
[ISOFile]::Create($Target.FullName,$Result.ImageStream,$Result.BlockSize,$Result.TotalBlocks)
Write-Verbose -Message “Target image ($($Target.FullName)) has been created”
$Target
}
}


Ben goes on to share how he was able to create a variable for the source data, and use get-childitem to get that location and pipe that to creating the ISO. See below:


$source_dir = “Z:\Install\App123”
get-childitem “$source_dir” | New-ISOFile -path e:\iso\app123.iso

 

List Computer Object in an Active Directory OU using PowerShell

How to get a list of computer objects in an active directory OU ( tested against Windows 2016 Active Directory )

A quick PowerShell script using Get-ADComputer  command, a wild card filter and a search base pointing to a specific OU

 

First import modules for active directory in powershell

 

Copy and edit the script below:

## cmd

## dsquery computer -name servername (server name in the OU to get the OU path)

#Example lists domain controller in test.com

#Export list of names to CSV

Get-ADComputer -Filter * -SearchBase “OU=Domain Controllers,DC=test,DC=com” | Select Name | export-csv C:\temp\DCs.csv

 

( Like the post click and advert of interest to give us support)

Trend Micro OfficeScan 11 XG – Executables and Logs

The following is a list of key executables and a description of there task or roles when working with Trend Micro OfficeScan 11 XG. This is not a complete list.

Executable Task or Role
AUTOPCC.exe UNC based agent deployment program
CNTAoSMGR.exe OfficeScan agent plugin manager
DBSERVER.exe Interface to OfficeScan DB
iCRCSERVICE.exe Smart Scan functionality, File reputation and Web reputation
NTRTSCAN.exe Scanning, collects logs & requests for malware info
OFCSERVICE.exe Central Management for OfficeScan
OSCEINTEGRATIONSERVICE.exe Interface to Active Directory
SQLTxFr.exe Migrating OfficeScan HTTP DB to SQL
SVRSVCSETUP.exe GetInfo, Uninstall, Install OfficeScan server
SVRTUNE.exe Adjust setting, such as increase time to download for Updated Agents
TMBMSRV.exe Prevent unauthorised change to the registry
TMLISTEN.exe Server – Agent comms
TMPFW.exe Firewall
TMPROXY.exe Sending and recieveing HTTP/HTTPS traffic
TMVS.exe Vulnerabity scanner with option to deploy agent

 

The following is a list of key logs and a description of there task or roles when working with Trend Micro OfficeScan 11 XG. This is not a complete list.

Log Decription
OFCNT.log Client / Agent port info / Install info
OFCMAS.log OfficeScan server install info
OFCDEBUG.log OfficeScan debugging log
TMUDUMP.txt Update errors

 

Please note, this info may be incorrect. These are study notes and not official material. Comments are my own.

This site is funded by advert clicks. If you found this post useful, please click on an ad of interest.

VMworld 2018 registration is open! Take…

Any of my contacts going to VMworld 2018? Registration is open with early-bird rates

VMworld 2018 registration is open! Take…

No matter what path you’re on, you’ll discover the technology, learn the trends, and meet the people that are shaping the future of digital business and taking IT to the next level. Welcome to a world where it all begins with you. Welcome to VMworld 2018.


VMware Social Media Advocacy