PowerShell for Windows Admins


November 30, 2012  11:46 AM

Active Directory & testing for user’s existence

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

 

When you are creating a new user you may want to test if a particular name is already is use. The Quest AD cmdlets provide great functionality but one area of confusion is where you are searching for a user by name:

PS> Get-QADUser -Identity "GREEN Dave" | ft -a

Name        Type DN
—-        —- —
GREEN Dave  user CN=GREEN Dave,CN=Users,DC=Manticore,DC=org
GREEN Dave2 user CN=GREEN Dave2,CN=Users,DC=Manticore,DC=org

But I didn’t ask for the second user. The problem is because the Quest cmdlets use s ANR – ambiguous name resolution when searching. This is equivalent to using "GREEN Dave*" in your search. In other words the cmdlets assume you are appending wildcards.

Way round it is to use an LDAP filter

PS> Get-QADUser -LdapFilter ‘(cn=GREEN Dave)’ | ft -a

Name       Type DN
—-       —- —
GREEN Dave user CN=GREEN Dave,CN=Users,DC=Manticore,DC=org

LDAP filters are also available with the Microsoft cmdlets (you can’t use name as a search with the identity parameter with the MS cmdlets)

PS> Get-ADUser -LdapFilter ‘(cn=GREEN Dave)’

DistinguishedName : CN=GREEN Dave,CN=Users,DC=Manticore,DC=org
Enabled           : True
GivenName         : Dave
Name              : GREEN Dave
ObjectClass       : user
ObjectGUID        : 28f0c168-d142-417f-a223-333488cdaa77
SamAccountName    : dgreen
SID               : S-1-5-21-3881460461-1879668979-35955009-6270
Surname           : GREEN
UserPrincipalName : dgreen@manticore.org

All of these alternatives will work

Get-ADUser -LdapFilter ‘(name=GREEN Dave)’
Get-QADUser -LdapFilter ‘(name=GREEN Dave)’
Get-QADUser -LdapFilter ‘(name=green dave)’
Get-ADUser -LdapFilter ‘(name=green dave)’

As an additional bonus with the Microsoft cmdlets you can write the filter using PowerShell syntax

Get-ADUser -Filter {name -eq ‘green dave’}

if you want to unambiguously resolve a name in an AD search – use an LDAP filter

November 28, 2012  10:44 AM

Clearing all telephone information for an AD account

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I had a question through the blog asking how you could clear the telephone, pager and ipphone information from a user account.

Telephone information in AD appears on the General tab telephone and Other..   And on the telephone tab there is home, mobile, pager, fax and ipphone each of which can have a number of Other phone numbers added

I thought it best to write a function that clears all telephone information.  That way you can pick out the bits you need.

function clear-telephoneInfo {            
[CmdletBinding()]            
param (            
 [parameter(ParameterSetName="ByDN")]            
 [string]$dn,            
 [parameter(ParameterSetName="ByName")]            
 [string]$name,            
 [parameter(ParameterSetName="ByName")]            
 [string]$ou            
)            
switch ($psCmdlet.ParameterSetName) {            
 "ByDN"  {$distname = $dn }            
 "ByName"  {$distname = "cn=$name,$ou" }            
 default {Write-Host "Error!!! Should not be here" }            
}            
            
## clear telephone from General tab            
$user = [adsi]"LDAP://$distname"            
$user.TelephoneNumber = ' '            
$user.otherTelephone = ' '            
$user.SetInfo()             
            
## clear Telephone tab            
## Home Phone            
$user = [adsi]"LDAP://$distname"            
$user.homePhone = ' '            
$user.otherHomePhone = ' '            
$user.SetInfo()             
            
## Pager            
$user = [adsi]"LDAP://$distname"            
$user.pager = ' '            
$user.otherPager = ' '            
$user.SetInfo()              
            
## Mobile            
$user = [adsi]"LDAP://$distname"            
$user.mobile = ' '            
$user.otherMobile = ' '            
$user.SetInfo()              
             
## Fax            
$user = [adsi]"LDAP://$distname"            
$user.facsimileTelephoneNumber = ' '            
$user.otherFacsimileTelephoneNumber = ' '            
$user.SetInfo()              
            
## Fax            
$user = [adsi]"LDAP://$distname"            
$user.ipPhone = ' '            
$user.otherIpPhone = ' '            
$user.SetInfo()            
            
## Notes            
$user = [adsi]"LDAP://$distname"            
$user.info = ' '            
$user.SetInfo()              
}

I created two parameter sets – one for the distinguished name (ByDN) and one where the name and OU are supplied.

The $distname parameter is set based on the parameter set.

An ADSI call gets the user; the telephoneNumber and othertelephone attributes are set to blank strings and the SetInfo() is called to write the changes back.

This is repeated for the other types of phone number and the Notes field on the telephone tab

I broke it up like this to make it easier to pick and choose what you need.  It would be possible to add more parameters to only pick off a particular type of phone number


November 26, 2012  2:27 PM

UK PowerShell group – December 2012

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Last meeting of 2012 – PowerShell jobs and scheduled tasks

 


When: Tuesday, Dec 4, 2012 7:30 PM (GMT)


Where:

*~*~*~*~*~*~*~*~*~*

PowerShell jobs provide the ability to perform long running background tasks. With the introduction of cmdlets to schedule tasks the possibilities increase

Notes


Richard Siddaway has invited you to attend an online meeting using Live Meeting.
Join the meeting.
Audio Information
Computer Audio
To use computer audio, you need speakers and microphone, or a headset.
First Time Users:
To save time before the meeting, check your system to make sure it is ready to use Microsoft Office Live Meeting.
Troubleshooting
Unable to join the meeting? Follow these steps:

  1. Copy this address and paste it into your web browser:
    https://www.livemeeting.com/cc/usergroups/join
  2. Copy and paste the required information:
    Meeting ID: KRSN4M
    Entry Code: s`xS<XHp2
    Location: https://www.livemeeting.com/cc/usergroups

If you still cannot enter the meeting, contact support

Notice
Microsoft Office Live Meeting can be used to record meetings. By participating in this meeting, you agree that your communications may be monitored or recorded at any time during the meeting.


November 25, 2012  5:51 AM

Powershell Resources

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I’ve reorganised the slide packs and recordings for the UK PowerShell group. You can find them here

https://skydrive.live.com/?cid=43cfa46a74cf3e96!cid=43CFA46A74CF3E96&id=43CFA46A74CF3E96%2139273

Three folders:

  • Events – slides from events I’ve spoken at
  • Scripts
  • UK PowerShell Group
  •        Meeting Recordings – includes slide packs
  •        Slide packs – from older meetings where the recording isn’t available

Enjoy


November 20, 2012  4:44 PM

Introduction to PowerShell workflows

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The recording, slides and demo scripts from tonights session are available at

https://skydrive.live.com/#cid=43CFA46A74CF3E96&id=43CFA46A74CF3E96%2140260


November 19, 2012  3:56 PM

Workflow session reminder

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The re-scheduled UK PowerShell group session on workflows will happen tomorrow. Details from

http://msmvps.com/blogs/richardsiddaway/archive/2012/11/14/powershell-group-session.aspx


November 19, 2012  12:27 PM

Kindle Fire quirk

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Quick report of an oddity that I discovered with the Kindle Fire.  If you copy an ebook in mobi format onto the Fire you can read it with no problem.  If you select remove from device when you have finished reading the book it disappears from the list on books on the device. The file isn’t deleted though – you need to do that manually.

I’ve been using the Fire for a few weeks now and its an excellent travelling machine.


November 14, 2012  2:54 PM

PowerShell Group Session

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I seem to have fixed my audio problems so I’m re-scheduling the session


When: Tuesday, Nov 20, 2012 7:30 PM (GMT)


Where:

*~*~*~*~*~*~*~*~*~*

Workflows are one of the big things in PowerShell v3. This session provides an introduction and overview of this must know technology

Notes


Richard Siddaway has invited you to attend an online meeting using Live Meeting.
Join the meeting.
Audio Information
Computer Audio
To use computer audio, you need speakers and microphone, or a headset.
First Time Users:
To save time before the meeting, check your system to make sure it is ready to use Microsoft Office Live Meeting.
Troubleshooting
Unable to join the meeting? Follow these steps:

  1. Copy this address and paste it into your web browser:
    https://www.livemeeting.com/cc/usergroups/join
  2. Copy and paste the required information:
    Meeting ID: 4KTZN9
    Entry Code: 3G~mgr.P9
    Location: https://www.livemeeting.com/cc/usergroups

If you still cannot enter the meeting, contact support

Notice
Microsoft Office Live Meeting can be used to record meetings. By participating in this meeting, you agree that your communications may be monitored or recorded at any time during the meeting.


November 13, 2012  2:04 PM

Apologies for meeting failure

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Apologies to all who tried to attend the Live Meeting tonight – I had audio problems that I couldn’t resolve.

I’ll reschedule the session when I’ve fixed the problem


November 12, 2012  2:37 PM

UK PowerShell Group–13 November

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Quick reminder of tomorrow’s session

http://msmvps.com/blogs/richardsiddaway/archive/2012/10/20/uk-powershell-group-november-2012.aspx


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: