Domain Admins password last set

A recent question on the forums asked about getting the date a password was last set and the password never expires status for the domain admins group

This is one way of doing it

 

Get-ADGroupMember -Identity ‘Domain Admins’ |
foreach {
Get-ADUser -Identity $psitem.samAccountName -Properties PasswordLastSet, PasswordNeverExpires |
select Name, PasswordLastSet, PasswordNeverExpires
}

 

Get the group and for each member get the aduser information and select the properties to display.

 

Get-ADGroupMember and Get-AdUser work together on the pipeline so you can also do this:

 

Get-ADGroupMember -Identity ‘Domain Admins’ |
Get-ADUser -Properties PasswordLastSet, PasswordNeverExpires |
select Name, PasswordLastSet, PasswordNeverExpires

LEAP SECOND 2015 – 2000 Networks impacted and quickly recovered

This link in Network World documents impacts caused by adding an additional second to the day and systems using the Network Time Protocol going out sync.  However, this year more advanced preparation kept vast majority of networks running smoothly throughout the transition.

http://www.networkworld.com/article/2942994/leap-second-causes-internet-hiccup-particularly-in-brazil.html

The addition of a leap second to world clocks on Wednesday caused some networks to crash although most quickly recovered.  Some 2,000 networks stopped working just after midnight Coordinated Universal Time (UTC), said Doug Madory, director of Internet analysis with Dyn, a company studies global Internet traffic flows.

Nearly 50 percent of those networks were in Brazil, which may indicate that ISPs use a common type of router that may not have been prepared for the leap second, he said.  Most of the networks quickly recovered, which may have required just a reboot of a router, Madory said.

The Internet’s global routing table, a distributed database of networks and how they connect, contains more than 500,000 networks, so the problems affected less than a half a percent, Madory said. The last leap second, added in 2012, caused problems for Linux systems such as slowdowns or CPU freezes. This time around, however, many companies looked to avoid issues with better preparation.

Becas Microsoft DPE 2015-2016

Ha llegado el verano y como ya empieza a ser una tradición, también el proceso de selección de las becas técnicas de DPE en Microsoft España.

Para los que no conocéis DPE, es el departamento de Microsoft que se encarga de transmitir pasión por la tecnología. Trabajamos para que estudiantes técnicos, programadores y administradores de sistemas de toda España conozcan las últimas novedades en programación, devops, cloud, bigdata, IoT… y puedan sacarle el máximo provecho a través de la plataforma y herramientas de Microsoft.

Para conseguirlo participamos en todo tipo de comunidades técnicas, organizamos eventos, webcasts, publicamos tutoriales, programamos pruebas de concepto y ayudamos a solucionar las dudas técnicas que puedan surgir.

 

http://blogs.msdn.com/b/esmsdn/archive/2015/06/30/becas-microsoft-dpe-2015-2016.aspx

 

Windows 10 – New LOGIN screen introduced in build 10159

Microsoft continues to add a few more innovations and special features for the forthcoming “GOLD” copy that will debut on July 29th

http://www.pcworld.com/article/2942892/microsoft-releases-its-second-windows-10-build-in-two-days.html

Microsoft surprised testers of Windows 10 on Tuesday by launching build 10159 of its forthcoming operating system, just a day after the last update. Gabe Aul, an engineering general manager at Microsoft who serves as the public face of the Windows Insider Program, announced in a blog post that the company released the new build to testers in the program’s Fast ring.

Unlike yesterday’s build 10158, the latest build doesn’t bring that many new features. Instead, wrote Aul, it’s packed with more than 300 bug fixes, along with a mysterious “very interesting change.”  According to a report by Neowin, the change in question is a redesign of the login screen that puts a user’s photo front and center in a translucent pane over their desktop picture. It’s a marked difference from the previous iteration of the login screen, which placed a user’s photo to one side of their name, Microsoft account email and password field.

LEAP SECOND 2015 – Technical impacts of adjusting time on JUNE 30, 2015

Companies around the world used innovative & interesting solutions to work around timing differences associated with adding an extra second to the official atomic clock.

http://www.channelnewsasia.com/news/singapore/leap-second-clocks-to/1952442.html

Leap second: Clocks to read 07:59:60 on Wednesday

The phenomenon, which is implemented every few years, prevents days from getting longer as the Earth’s rotation continually slows down due to factors such as the moon’s gravitational pull and earthquakes. The phenomenon, called a “leap second”, takes place every few years, where an additional second is inserted to the atomic clock, or UTC (Coordinated Universal Time).

During the last leap second on Jun 30, 2012, more than 400 Qantas flights were delayed when the airline’s check-in system crashed, while websites such as Reddit, Mozilla and LinkedIn experienced glitches because the systems could not cope with the extra time.  This year, the leap second insertion is especially crucial to Asia as it takes place during working hours, unlike the early Sunday morning three years ago.

“In the past, leap seconds happened during weekends (and) holidays, so people were not working. … This year, (the leap second) is expected to affect more financial sectors because it’s during (trading) time,” said Dr Liu Yan Ying, a metrologist at the National Metrology Centre of the Agency for Science, Technology and Research (A*STAR). The centre oversees the national measurement standards in Singapore.

Removal instructions for Great Find

What is Great Find?

The Malwarebytes research team has determined that Great Find is a browser hijacker. These so-called “hijackers” manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements.

https://forums.malwarebytes.org/index.php?/topic/169923-removal-instructions-for-great-find/

Removal instructions for WikiBrowser

What is WikiBrowser?

The Malwarebytes research team has determined that WikiBrowser is a browser hijacker. These so-called “hijackers” manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one hijacks the shortcuts to your other browsers.

https://forums.malwarebytes.org/index.php?/topic/169879-removal-instructions-for-wikibrowser/

How to Manage Optional Features in Windows 10

This tutorial will show you how to add or remove optional features for all users in Windows 10.

Read more…

Removing HomeDrive and HomeFolder settings

 

Back in this post https://richardspowershellblog.wordpress.com/wp-admin/post.php?post=2343&action=edit I showed how to set the users home directory and home drive.

 

I was recently asked how to remove entries from those attributes.

 

The easiest way is to use the –Clear parameter with set-AdUser

 

Set-ADUser -Identity gdreen -Clear HomeDrive, HomeDirectory

How to Add or Remove Home Button in Microsoft Edge in Windows 10

Microsoft has announced the new name for its next-generation web browser in Windows 10. Ditching the Project Spartan development codename, the browser will now be known as Microsoft Edge.

Microsoft Edge is a new web browser added in Windows 10, and will be available across the Windows 10 device family. It is fast, compatible, and built for the modern Web.

Microsoft Edge includes a home button that you can add or remove from the toolbar. When you click/tap on the home button, it will take you the site you specify when turned on.

This tutorial will show you how to add or remove a home button that opens a home page you set in Microsoft Edge for your account in Windows 10.

Read more…

CIM filters

I was looking up Win32_SystemDriver on the MSDN site and noticed there was some PowerShell example code

 

Get-WmiObject -Class Win32_SystemDriver |
Where-Object -FilterScript {$_.State -eq "Running"} |
Where-Object -FilterScript {$_.StartMode -eq "Manual"} |
Format-Table -Property Name,DisplayName

 

A better way to write this would be:

Get-WmiObject -Class Win32_SystemDriver -Filter "State=’Running’ AND StartMode=’Manual’" | Format-Table -Property Name, DisplayName –AutoSize

 

or

 

Get-CimInstance -ClassName Win32_SystemDriver -Filter "State=’Running’ AND StartMode=’Manual’" | Format-Table -Property Name, DisplayName -AutoSize

 

Do the filtering in the CIM call – especially if you’re running this against a number of remote machines. That way you limit the network traffic you’re returning

Facebook – Improved Mobile photo editor in development

Facebook will be improving photo upload capabilities in the coming months as documented in article below

http://www.pcmag.com/article2/0,2817,2486942,00.asp

Facebook is about to make it a lot easier for users to spruce up their photos before posting them to the social network. According to TechCrunch, Zuckerberg and Co. appear to be testing a new Snapchat-like photo uploader for the Facebook iOS app, which will let you jazz up your photos with text, filters, and stickers.

Facebook iOS photo edit toolsJust select a photo like you normally would and you’ll see a vertical line swipe across the image. From here, you can swipe right to select a different filter. At this point, Facebook’s selection of filters is small. There’s Auto, which will just correct the color; Vintage for a sepia look; Spring to brighten it up; Summer to give your image a golden tone; Fall for a more orangey look; Winter for a more muted, moody look; and Snow for black and white.

Parsing ipconfig /displaydns with regular expressions

In yesterdays post I used a series of split operations to parse the strings produced by ipconfig /displaydns

 

Regular expressions should give a more power full way to perform this task. Not being a big fan of regular expressions I tend not to use them but for the sake of experimentation I thought I’d try and figure out a set of regex to use.

 

This is as far as I’ve got

 

$props = [ordered]@{
  RecordName = ""
  RecordType = ""
  Section    = ""
  TimeToLive = 0
  DataLength = 0
  Data       = ""
}

$recs = @()

$cache = ipconfig /displaydns
for($i=0; $i -le ($cache.Count -1); $i++) {
if ($cache[$i] -like ‘*Record Name*’){
    $rec = New-Object -TypeName psobject -Property $props
    $rec.RecordName = $cache[$i] -replace "(s*w*){2}(s.){5}(s:s)", ""
    $rec.Section = $cache[$i+4] -replace "s*w*(s.){7}(s:s)", ""
    $rec.TimeToLive = $cache[$i+2] -replace "(s*w*){3}s(s.){4}(s:s)", ""
    $rec.DataLength = $cache[$i+3] -replace "(s*w*){2}(s.){5}(s:s)", ""
   
    $irec = ($cache[$i+5] -split ": ")
    $rec.RecordType = ($irec[0].TrimStart() -split ‘ ‘)[0]
    $rec.Data = $irec[1]

    $recs += $rec
}
else {
    continue
}
}

$recs | Format-Table –AutoSize

 

I still need to work out how to process the data and record type using regular expressions

How to Put Your Computer to Sleep in Windows 10

Sleep uses very little power, your PC starts up faster, and you’re instantly back to where you left off. You don’t have to worry that you’ll lose your work because of your battery draining because Windows automatically saves all your work and turns off the PC if the battery is too low. Use sleep when you’re going to be away from your PC for just a little while – like when you’re taking a coffee break.

For a lot of PCs (especially laptops and tablets), your PC goes to sleep when you close your lid or press the power button.

This tutorial will show you different ways on how to put your local Windows 10 PC to sleep.

Read more…

Fix for People App crashing in Win 8.1 after latest update

 

Microsoft updated the Mail, Calendar and People App in the Windows Store on June 26. After that update, a number of people, including myself, found that the app would open but then “crash” immediately. It still would be running in the background, but would not display the default screen. I saw this on 4 Windows 8.1 computers. I checked the 2 computers running Windows 8.1 that had not yet been updated with the latest revision of the app and they worked fine. I upgraded to the new App release on one of these two computers, and as expected, the crashing behavior started.

After reading the initial complaints that started appearing in the Microsoft Forums http://answers.microsoft.com/en-us/windows/forum/windows8_1-winapps/windows-store-app-update-breaks-people-app/cd14abd2-1bc5-40d8-9e09-a51c66bfea2a I started digging into this. My hunch, reinforced by my logs and the log from another user, was that something in the social media integration function was  causing the issue.

I found that link to control which social media accounts were linked to my Microsoft ID: https://profile.live.com/cid-27a6342ef735cc0f/Services/?view=manage 

It turns out that the Twitter integration was causing the issue for me. After removing the Twitter integration, the App functions as it should and displays properly.

after removing all social media

 

And yes, the Facebook Connect piece is now deprecated, but that was not causing the crashes.

I’m not 100% convinced that Microsoft has escalated the issue to the team that owns the app.

SHAREPOINT SATURDAY – LOS ANGELES 2015 – ASK THE EXPERTS

image

 

ONLY 41 DAYS UNTIL WE GET TO HANG OUT WITH FRIENDS AND ASK THE EXPERTS

 

Ivan

Removal instructions for LotteryStream

What is LotteryStream?

The Malwarebytes research team has determined that LotteryStream is a browser hijacker. These so-called “hijackers” manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements.
LotteryStream is a Mindspark/Ask toolbar.

https://forums.malwarebytes.org/index.php?/topic/169865-removal-instructions-for-lotterystream/

Patching Exchange

When updating Exchange servers remember that since 2010 era they no longer automatically MU down.

To know what the latest and greatest is – check out this post:

http://blogs.technet.com/b/rmilne/archive/2013/10/29/how-to-check-exchange-2010-ru-version.aspx

For an oneoff clicking on help-about is probably the easiest.

Then compare it to this list here:  https://technet.microsoft.com/library/hh135098.aspx?f=255&MSPPError=-2147217396

Then keep in mind for Exchange 2010 if you do any PCI/TLS tweaking that you need to be on  update rollup 9 as noted here:

SMTP is not transported over TLS 1.1 or TLS 1.2 protocol in an Exchange Server 2010 environment:
https://support.microsoft.com/en-us/kb/3029667

Parsing ipconfig /displaydns

 

A recent question on the forum asked how you could get the contents on Windows 7 machines and earlier.

On later machines – Windows 8 and above -  its easy because you can use Get-DnsClientCache from the DnsClient module. This module is based on CIM classes that aren’t present on Windows 7 and earlier systems.

 

You can use ipconfig /displaydns to display the data but it looks like this

Record Name . . . . . : ns-nw.noaa.gov
Record Type . . . . . : 1
Time To Live  . . . . : 81966
Data Length . . . . . : 4
Section . . . . . . . : Additional
A (Host) Record . . . : 161.55.32.2

 

so you need to parse the strings into a format that you can work with. 

 

This is one solution

 

$props = [ordered]@{
  RecordName = ""
  RecordType = ""
  Section    = ""
  TimeToLive = 0
  DataLength = 0
  Data       = ""
}

$recs = @()

$cache = ipconfig /displaydns
for($i=0; $i -le ($cache.Count -1); $i++) {
if ($cache[$i] -like ‘*Record Name*’){
    $rec = New-Object -TypeName psobject -Property $props
    $rec.RecordName = ($cache[$i] -split -split ": ")[1]
    $rec.Section = ($cache[$i+4] -split -split ": ")[1]
    $rec.TimeToLive = ($cache[$i+2] -split -split ": ")[1]
    $rec.DataLength = ($cache[$i+3] -split -split ": ")[1]
   
    $irec = ($cache[$i+5] -split ": ")
    $rec.RecordType = ($irec[0].TrimStart() -split ‘ ‘)[0]
    $rec.Data = $irec[1]

    $recs += $rec
}
else {
    continue
}
}

$recs | Format-Table –AutoSize

Create an ordered hash table of output properties and an empty array to hold the results.

 

Get the output of  ipconfig /displaydns into $cache which will be an array of strings

Loop through $cache

 

if the record is like *Record Name*’ then process that record and the next five records to give the results.  The actual data record is split twice to give the record type and the data – otherwise you’ll have to translate the numeric values in the Record Type line.

 

The results are put into an object which is added to the output array.

 

Continue looping through $cache until you meet the next line with a Record Name or end of file.

 

Finally display the results.

 

This works but is messy – I’m going to investigate alternatives

Removal instructions for CinemaPlus_1.3dV11.06

What is CinemaPlus_1.3dV11.06?

The Malwarebytes research team has determined that CinemaPlus_1.3dV11.06 is a browser hijacker. These so-called “hijackers” manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements.

https://forums.malwarebytes.org/index.php?/topic/169843-removal-instructions-for-cinemaplus-13dv1106/

Recent Comments

Archives