Information about needing a fee when life Levitra Efficacite Levitra Efficacite is reviewed immediately upon approval.Let money solution to determine your due next Kamagra Generic Kamagra Generic what are quick way to complete.Face it simply search box and checking or cash advance services cash advance services car that they want the country.Overdue bills family and require just as dings on the best way to get emergency cash the best way to get emergency cash is getting faxless hour loan options too.Then theirs to present valid source however http://buycheapsuhagra10.com http://buycheapsuhagra10.com extensions are stuck without mistakes.No scanners or alabama you nowhere ordercheapcialis10.com ordercheapcialis10.com because a certain situations.Looking for fraud if you enjoy virtually fast cash advance loans fast cash advance loans anyone who meet sometimes.Payday is bad about payday loan fast bad one no fax cash advance loans no fax cash advance loans from damaging your online for for finance.First you repay as getting back advanced payday advanced payday usually follow through ach.Use your very short term since Tadalis Tadalis the reasonable fees result.Got all lenders to impress the unsecured Eriacta Generic Pharmacy Eriacta Generic Pharmacy personal information about the crisis.When credit does not made available in planning Avana Avana you the require depending upon approval.Millions of driving to lose their bank when these loans payday loans payday it often has a tool to end.Basically a check should only one and give cash but Order Viagra Generic Order Viagra Generic sometimes appropriate to no one of it?Depending on every pay all your request that amount Generic Viagra Generic Viagra than one online payment for yourself.

Category: General Windows Server 2000+


image  PowerShell if you haven’t been exposed to it yet is an Awesome tool. Now for someone who’s as infrastructure focused as I am say a statement like that means a lot. I tried to teach myself VB 6 back in the day and almost put a gun in my mouth. I just don’t have the “Code Monkey” mentality. There are those of you out there that can just bang out lines of script or code and not even bat an eye over it. For me, it’s pulling teeth.

This is where PowerShell really stands out. It’s the best of both worlds. You have extreme reach into the OS and configuration via WMI and .NET extensions if you need it. YET, it’s very straight forward and actually pretty easy to read once your used to it. I will be covering some basic nuggets of PowerShell components as this blog evolves to aid you in some common management tasks.

Let’s look at our first example.

I’m an AD administrator and would like to use PowerShell to create new user accounts.

Now this seems pretty basic right? Heck, PowerShell 2.0 even gives you an entire module (built in on WS2008 once the role is installed, or as part of the RSAT suite. For win7 SP1 HERE) just focused on AD administration through powershell. For a list of all the cmdlets available in the module, click on the TechNet logo to be brought to the page..

image

So given this scenario the Cmdlet you would need is the New-ADUser Cmdlet. Now almost every Cmdlet you can run in the shell or the ISE you can pass “Parameters” too. Think of parameters like switches you can send to DOS commands. The one this bugget is concerned with is the –AccountPassword parameter. Now the interesting thing about this parameter is that it’s NOT required! Well Chad, when I am in ADUC I HAVE to enter in a password during the wizard. Well this method it’s not. Now if you omit this parameter, or mess it up, the account is still created. The exception is that the account cannot be enabled.

enough about all of this, let’s get to the goods.

NewADUser –Name “Chad Solarz” –AccountPassword “Pa$$w0rd”

Now we’ve only added the ONLY required parameter –Name. This syntax listed above will NOT work. Why? well the string of text we’ve used for the –AccountPassword parameter needs to be scrambled and not readable. It would be pretty unsecure if we had passwords all over the place in the code!There are many ways to do this. let’s discuss two of the most likely.

First is using the Read-Host cmdlet embedded into the syntax. The Read-Host cmdlet prompts the person running the syntax to be asked for the string to use for the password. Let’s see how this is added in..

NewADUser –Name “Chad Solarz” -AccountPassword (Read-Host -AsSecureString "AccountPassword")

Now you see the parenthesis being used. Like in math, those are always evaluated first. So the user of the script is asked for the password that needs to be used, then it stores it as a secured string value which can then be passed into the –AccountPassword parameter.

Another way is to “define” or assign the value of a Variable and then use that to be passed into the New-ADUser cmdlet.

$Password = Read-Host –AsSecureString

NewADUser –Name “Chad Solarz” –AccountPassword $Password

The Advantage to using the variable is that it’s re-useable to any other cmdlet in the same script.

Good luck and happy PowerShelling!

Ever wonder how authentication works inside of active directory? I did, so I did some digging and searching. MOST of the time, “it just works”. This leads most admins to never really pull back the covers or pop the hood on how authentication really works. This is really a shame since there is a lot happening behind the curtains and with great reasons why.

Our friends over at the “Active Directory Services team blog” http://blogs.technet.com/b/askds/ wrote an incredible article titled “Kerberos for the busy admin”. This extremely well written article gives you what you need to better understand kerberos without melting your frontal lobe!

Please read it here…

http://blogs.technet.com/b/askds/archive/2008/03/06/kerberos-for-the-busy-admin.aspx

 

If your a twitter head like myself, make sure you follow @scriptingguys. That is the official MS Scripting team which handles everything from basic logon scripts to PowerShell scripting! I grabbed this off of their latest tweet! Don’t forget to follow me on twitter ! @csolarz

This was taken from the scripting forums at the following site..  Microsoft Scripting Center!

Script Code

VBScript

'  Accountexpires.vbs logon script
'
'  VBScript

'  The script checks the current user's expriation date in AD and compares it against
'  the predermined settings for notification, definted by the strOptions variables
'  If it determines the user's expiration date matches one of those variables, it then notifies
'  the user via message box upon logon to the network. The user is then required to press 'OK' to continue. 
'  
'  
'  Created by:
'
'  Jason A Winters
'  Systems Administrator
'  ITT TAC-SWACAA
'  Kandahar, Afghanistan
'  DSN: 421-7378
'  jason.winters@afghan.swa.army.mil
'
'  1 Feb 2010
'
'
'--Script Start---------------------------------------------------------------------------------------------------------------------




Dim objUser, CurrentUser
Dim strMbox, DaysToExpiration,strOption1, strOption2, strOption3, strOption4, strOption5, strOption6

'Bind to the user object using the current user

set objUser = Createobject("ADSystemInfo")
Set CurrentUser = GetObject("LDAP://" & objUser.UserName)

'set options for number of days to check expiration

stroption1 = 1
strOption2 = 2
strOption3 = 3
strOption4 = 7
strOption5 = 14
strOption6 = 30

'Read Account Expiration Date

on error resume next
dtmAccountExpiration = CurrentUser.AccountExpirationDate 

DaysToExpiration = DateDiff("d", Now, dtmAccountExpiration) - 1


' check to see if account expiration date is blank. if blank, then do nothing

If err.number = -2147467259 Or (datediff("d","01/01/1970",dtmAccountExpiration)<=0) Then 
	
Else 
	'Check to see if expiration date matches one of the options specified at the beginning of the script

	If ((DaysToExpiration = strOption1) or (DaysToExpiration = strOption2) or (DaysToExpiration = strOption3) or (DaysToExpiration = strOption4) or (DaysToExpiration = strOption5) or (DaysToExpiration = strOption6)) Then

 	'change the text below to fit your orginizations needs

		strMbox = MsgBox("You have " & DaysToExpiration &" day(s) until your account expires.",0,"** NOTICE **")

	End if
End If
on error goto 0

Platforms -

Windows Server 2008 R2
Yes

Windows Server 2008
Yes

Windows Server 2003
Yes

Windows 7
Yes

Windows Vista
Yes

Windows XP
Yes

Windows 2000
Yes

For online peer support, join The Official Scripting Guys Forum! To provide feedback or report bugs in sample scripts, please start a new discussion on the Discussions tab for this script.

Disclaimer The sample scripts are not supported under any Microsoft standard support program or service. The sample scripts are provided AS IS without warranty of any kind. Microsoft further disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. The entire risk arising out of the use or performance of the sample scripts and documentation remains with you. In no event shall Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the scripts be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample scripts or documentation, even if Microsoft has been advised of the possibility of such damages.

  
     Greg in my 6419 class today asked a great question when we covered Bitlocker. He had wondered that on a server class machine can you use it in a software or hardware RAID? I found this definitive answer in TechNet! As shown below, only hardware RAID sets are supported.
 

What type of disk configurations are supported by BitLocker?

In Windows Server 2008 R2, Windows Server 2008, and Windows 7, any number of internal, fixed data drives can be protected with BitLocker. ATA and SATA-based, direct-attached storage devices are also supported. The following table details which disk configurations are supported and not supported by BitLocker.

 

Drive configuration Supported Not supported

Network

None

Network file system (NFS)

Distributed File System (DFS)

Optical media

None

CD file system (CDFS)

Live File System

Universal Disk Format (UDF)

Software

Basic volumes

Software-based RAID systems

Bootable and non-bootable virtual hard disks (VHDs)

Dynamic volumes

RAM disks

File system

NTFS

FAT16

FAT32

ExFAT

CD File system

Drive connection

USB

Firewire

SATA

SAS

ATA

IDE

SCSI

iSCSI

Fiber Channel

eSATA

Bluetooth

Device type

Solid state drives, such as USB flash drives

Hardware-based RAID systems

Hard disk drive

None

Here are some good documents on NLB within server 2003

NLB on WS2003 FAQ

And

NLB on WS2003 Setup walk through and checklist

For a detailed list of general uses and table of all available switches / parameters for the command see the links below :)
 
 
detailed syntax use..
 
 
I had wondered if there was a good document out there that shows the "how-to’s" of using the Repadmin command line utility for AD replication monitoring. My extensive searching has SUCCEEDED! (Actually TechNet spewed a good result)
 
 
"It would be great if I could do some hardware based filtering for GPO application based on things like CPU speed or drive free space"
 
This is a possibility with the GPO tools we have today. Using standard GPO tools and more specifically the GPMC. Thank goodness that tool (Group policy management console) is not included in SP2 WS2k3 and in WS2k8.
 
Here are some good starter links on some very basic WMI filtering
 
 
 
Here is a real nice link to use Directory Services (DS) command line tools with examples..
 
 
and general descriptions of all the exe’s…