Category Microsoft Server 2016

List Computers in Specific OU which are Enabled and Output to CSV

# Out puts computer accounts including status Enabled True or False
# Targets a specific OU
# Lists computer names

# OU Variable to set
$OU_HotWiredUK_location = “OU=Computers,OU=HotWiredHQ,OU=UK,DC=test,DC=com”

# Out put CSV to c:\scripts\…
Get-ADComputer -Properties * -Filter * -SearchBase $OU_HotWiredUK_location | Select Enabled, Name, DistinguishedName | export-csv C:\Scripts\OU_HotWiredUK_location.csv

Files Older Than 3 Months Combined Total File Size

A requirement to identify the total file size of all files not used in the last 3 months.

This was the solution

#Run as administrator
#You need to have permission of the files or folders 

$date = (Get-Date).AddMonths(-3)

dir C:\temp -Recurse | ?{$_.lastwritetime -lt $date -and !$_.PsIsContainer} | Measure-Object -Property Length -Sum

# oneliner

dir C:\temp -Recurse -Force -ErrorAction SilentlyContinue | `

    ?{$_.lastwritetime -lt (Get-Date).AddMonths(-6)} | Measure-Object -Property Length -Sum -ErrorAction SilentlyContinue

 

# resulting data will be in bytes. To convert them to gigabytes, you may do this:

$files = dir C:\temp -Recurse -Force -ErrorAction SilentlyContinue | `

    ?{$_.lastwritetime -lt (Get-Date).AddMonths(-6)} | Measure-Object -Property Length -Sum -ErrorAction SilentlyContinue

($files.sum / 1gb).ToString(“F02”)

# F02 determines how much digits will appears after comma. In my case – 2 digits.

 

dir C:\temp -Recurse | ?{$_.psiscontainer} | %{

    Write-Host current folder is $_.fullname;

    dir $_.fullname | measure-object -property Length -sum -ErrorAction SilentlyContinue

} >c:\temp\file sizes

Credit to the  Original post script this is based on

vSphere ESXi 6.7 Unable to talk between subnets between hosts

Configuration was :

ESXi 6.7 – vSphere handling all the port groups tagged with VLANs

Firewall – CISCO ASA

 

Problem : New ESXi 6.7 hosts. A virtual machine if on the same host and vSwitch could communicate no problem. However if a virtual machince was communincating with another virtual machine on another host on a different, subnet they were unable to communicate between subnets and hosts. Both virtual machines could ping their local gateways. Firewall, CISCO ASA was just dropping all packets and showing the following error

Error on the Firewall when capturing ping traffic “No source port  on ping “Error (Type 8, Code 0), Denied ICMP type=8, code=0”

 

Solution

Sometimes its the simple tick box on the Firewall / ASA config

“Enable traffic between two or more interfaces which are configured with the same security levels”

All traffic started communicating and the virtual machines could talk between the subnets as per the rules on the Firewall.

Task : Output A List Of Home Drive Paths Configured In Active Directory

#DSQuery

dsquery user -name “*” -limit 0 | dsget user -samid -hmdir -hmdrv -profile >c:\temp\usersV2.txt

 

#PowerShell # More flexibility # Includes the state of the computer account (Enable or Disabled)

Get-ADUser -Filter * -Property Name,CanonicalName,CN,DisplayName,DistinguishedName,HomeDirectory, HomeDrive,SamAccountName,UserPrincipalName | export-csv -path (Join-Path $pwd HomeDrive.csv) -encoding ascii -NoTypeInformation

List all users in the domain and email addresses

 import-module activedirectory

#List all users in the domain

# Display Name and Email Address

get-aduser -Filter *  -SearchBase “dc=Test,dc=com” -Properties Displayname,emailaddress | select displayname ,emailaddress | Export-Csv C:\temp\users_and_email.csv   

 

Troubleshooting Windows Updates and WSUS

Troubleshooting Windows Updates #Windows 10 #Windows 2016

Windows Update Log

PowerShell command to check the Windows Update log

Get-WindowsUpdateLog

 

Check Registry Keys

Run command prompt as adminitrator and paste these query registry keys in to see what your client has set for Windows Updates.

reg query HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /s

reg query HKLM\SOFTWARE\Microsoft\PolicyManager\current\device\Update

reg query HKLM\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings

 

Check CBS Log

Find the Component-Based Servicing log here.

C:\Windows\Logs\CBS

PowerShell Script to find all AD users who have the “cannot change password” box checked in a specific OU

# script to find all AD users who have the “cannot change password” box checked in a specific OU

# Windows Server 2016

# Powershell

Get-ADUser -Filter * -Properties CannotChangePassword -SearchBase “OU=specificOU,DC=TEST,DC=com” | where { $_.CannotChangePassword -eq “true” } | Format-Table Name, DistinguishedName