Browsing "General"

Some quick command line tools for AD

1. To quickly list all the groups in your domain, with members, run this command:

dsquery group -limit 0 | dsget group -members –expand

2. To find all users whose accounts are set to have a non-expiring password, run this command:

dsquery * domainroot -filter “(&(objectcategory=person)(objectclass=user)(lockoutTime=*))” -limit 0

3. To list all the FSMO role holders in your forest, run this command:

netdom query fsmo

Read more »

How can I kill RDP sessions from the command line?

If you have hung RDP sessions on a server that you want to kill without rebooting it, run the following:

regsvr32 query.dll [enter] You only have to do this the first time.

query session /server:servername [enter]

reset session # /server:servername [enter]

Apr 11, 2014 - Exchange, General    No Comments

How to reset the Search Index in Exchange 2010 Search

Exchange 2010 has a built in search feature which allows you to quickly search for emails in your mailbox using Outlook (when Online), OWA, Exchange ActiveSync etc. Exchange 2010 search indexes items as soon as they are received by the Mailbox Database. So if you’ve just transitioned from Exchange 2003 to 2010, Exchange may not index items brought over from the Exchange 2003 server to the Exchange 2010 server. You may find that users using Exchange search may have issues searching for items that were in their mailbox before the transition. For example, you will not be able to find a pre-transition item using instant search but will be able to find them using ‘Advanced Find’ in Outlook.

To fix this issue, you will have to reset the search index to force the Exchange Search service to index all items in the Mailbox Database including items that were moved to the database from Exchange 2003.

To reset the search index, open up the Exchange Management Shell navigate to %PROGRAMFILES%\Microsoft\Exchange Server\V14\Scripts and then run the following command:

.\ResetSearchIndex.ps1 -force -all

You should see output that resembles the following:

WARNING: Waiting for service 'Microsoft Exchange Search Indexer (MSExchangeSearch)' to finish stopping...
MSExchangeSearch service stopped
Deleting catalog for Mailbox Database
removing: <location of catalogue>

MSExchangeSearch service Started

To verify that the rebuilding of the index has completed do the following:

  1. Add this counter to Perfmon: MSExchange Search Indices\Full Crawl Mode Status. This counter will be 0 before running ResetSearchIndex, go to 1 during the full crawl and then back to 0 after ResetSearchIndex completes.
  2. You will receive MSExchange Search Indexer Event ID 109 when the full crawl begins.
  3. You will receive MSExchange Search Indexer Event ID 110 when the full crawl ends.

You should now be able to search for pre-transition items using Exchange searc

 

Mar 3, 2014 - General    No Comments

How can I remotely enable Remote Desktop to connect to a remote PC

Occasionally you need to get something done on a remote computer (or a clients computer) but the computer doesn’t have an easy way for you to connect to it. Luckily, if you have admin rights to the remote computer, you can still connect without needing to turn on remote desktop before hand. To do that you will just need to download a little tool called PsExec (Available here). PsExec is a Microsoft tool part of their PsTools, the beauty of it is that it is portable and can be run from anywhere.

Once you have PsExec download you just need to open a command prompt and browse to the folder with psexec.exe. Once the command prompt is open, type in this command and it will enable remote desktop on the machine you specify.

psexec \\xxxxxxxxxxx reg add “hklm\system\currentcontrolset\control\terminal server” /f /v fDenyTSConnections /t REG_DWORD /d 0

Make sure you replace xxxxxxxxxxx with the computer you are trying to control remotely. Once this command has run you should now be able to connect with the Remote Desktop client (mstsc.exe) to the remote computer.

Why can I not access administrative shares from Windows 7 or Windows 8 ?

Someone asked me about this recently. They had a Windows 8 laptop and a Windows 7 desktop and no matter what they tried, they were unable to access the C$ on either the laptop or the desktop.

They were 100% sure they were using the correct credentials but for whatever  reason, Windows would not accept their login when trying to map a drive (\\desktopname\c$)

The issue is related to UAC and how that restricts remote connections. This has been the case since Vista and the same issue (feature :)  is still in Windows 8.

The issue only applies to local accounts and not domain accounts.

The quick fix is to just disable UAC but if you want to keep that running but still allow admin share access, do the following:

To disable UAC remote restrictions, follow these steps:

  1. Click Start, click Run, type regedit, and then press ENTER.
  2. Locate and then click the following registry subkey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
    Windows\CurrentVersion\Policies\System
  3. If the LocalAccountTokenFilterPolicy registry entry does not exist, follow these steps:
  4. On the Edit menu, point to New, and then click DWORD Value.
  5. Type LocalAccountTokenFilterPolicy, and then press ENTER.
  6. Right-click LocalAccountTokenFilterPolicy, and then click Modify.
  7. In the Value data box, type 1, and then click OK.
  8. Exit Registry Editor.

The LocalAccountTokenFilterPolicy registry entry in the registry can have a value of 0 or of 1. These values change the behavior of the registry entry to the behavior that is described in the following table.

Value Description
0 This value builds a filtered token. This is the default value. The administrator credentials are removed.
1 This value builds an elevated token.

 

How can I suspend a VM on VMware workstation via Powershell ?

As there is no API for Powershell in VMware worksation, we need to use the built-in tool called ‘vmrun.exe”

This utility can be used to control virtual machines and allows the following operations: start (power on), stop (power off), reset (reboot), suspend (but allow local work to resume), pause (without interrupting), and unpause (continue)

=====Suspend your VMs======

cd “C:\Program Files (x86)\VMware\VMware Workstation”

$RunningVMs = .\vmrun list | select-object -skip 1

Foreach ($RunningVM in $RunningVMs)
{
“Suspending $RunningVM…”
.\vmrun suspend “$RunningVM”
}

 

====Resume your VMs ====

cd “C:\Program Files (x86)\VMware\VMware Workstation”

$SuspendedVMs = gci -Include *.vmx -Recurse -Path C:\VMs

Foreach ($SuspendedVM in $SuspendedVMs)
{
.\vmrun start “$SuspendedVM”
}

Jul 1, 2013 - Exchange, General    No Comments

How can I stop Outlook 2010 from automatically mapping all my full-access mailboxes ?

In Exchange 2010 Service Pack 1 (SP1) Exchange introduced a feature that allows Outlook 2007 and Outlook 2010 clients to automatically map to any mailbox to which a user has Full Access permissions. If a user is granted Full Access permissions to another user’s mailbox or to a shared mailbox, Outlook automatically loads all mailboxes to which the user has full access.

This is a great time saver for help-desks, as in the past they had to constantly advise users how to add additional mailboxes to their profiles.

However, if you do have full access to a large number of shared / team mailboxes, this can cause performance issues with Outlook, especially during boot up.

In Exchange 2010 SP1, there was no way to turn this feature off. However, in Exchange 2010 SP2, you can use the Shell to disable this feature:

Add-MailboxPermission -Identity BillG -User ‘Ali Butt’ -AccessRight FullAccess -InheritanceType All -Automapping $false


This example grants me full access permission to BillG mailbox and disables the auto-mapping feature.


May 19, 2013 - General, Hyper-V, Networking, VMWare    No Comments

How can I remove hidden network adapters from my Hyper-V / VMware Windows Virtual Machine

When using Windows based virtual machines, especially those deployed from templates, you may occasionally receive the notification “The IP address XXX.XXX.XXX.XXX you have entered for this network adapter is already assigned to another adapter”

This issue occurs if a network adapter with the same IP address is in the Windows registry but is hidden in the Device Manager (My Computer > Properties > Hardware > Device Manager). This hidden adapter is called a ghosted network adapte

This can easily be removed by opening the command prompt with administrative access and typing the following command:

set devmgr_show_nonpresent_devices=1
start devmgmt.msc

This will start the Device Manager. It is important to start the Device Manager from the same command prompt, since it will lose the setting to show the non present devices. If you open the Device Manager from the Control panel, the hidden devices will not show.

When the Device Manager loads, from the File menu, expand the View and select the Show Hidden Devices option. This will enable and show any old un-used devices in the window. From here, expand the Network Adapters node and you can right click on the devices which are extra and delete them accordingly.

I have seen this issue on both VMware created machines and Hyper-V

 

Apr 28, 2013 - General, Powershell, Scripting    1 Comment

How can I create / name a folder with today’s date?

This is very handy if you are using scripts to generate daily logs and would like to put them in a folder with the current date. You can, of course, tweak the commands to suit your requirements:

 

for /F “tokens=1-4 delims=/ ” %%A in (‘date /t’) do (
set DateDay=%%A
set DateMonth=%%B
set DateYear=%%C
)

set CurrentDate=%DateDay%-%DateMonth%-%DateYear%

md %CurrentDate%

This will give you a newly created folder with today’s date, in the format of DD-MM-YY

Why does my Windows 2008 server keep loosing its gateway IP?

I have come across this issue and it seems most common in virtual machines. The fix I found is:

  1. Logon to the server (using ILO or virtual console)
  2. NIC settings (and write down all settings)
  3. Open a CMD prompt with elevated permissions (“Run as Administrator”)
  4. Run the command:
    netsh int ip reset
  5. Reboot the server
  6. Logon again
  7. Set the correct NIC settings
  8. Reboot the server
Related Posts Plugin for WordPress, Blogger...
Pages:1234567...24»