Manning Deal of the Day 19 July 2016
Published July 18, 2016Deal of the Day July 19: Half off my book Learn Active Directory Management in a Month of Lunches. Use code dotd071916au at http://bit.ly/2a8jroO
For more information on Manning’s Deal of the Day see - https://www.manning.com/dotd.
Time to stock up your book collection?
Published July 12, 2014Manning are offering 40% off everything – print & ebooks – www.manning.com. They have a very extensive set of PowerShell books – now would be the time to add to your collection
Rename a user account to the display name
Published June 11, 2014I had a question left on my blog about renaming all of the user accounts in an OU had their name changed to match the display name. I started by creating a few dummy accounts:
PS s> Get-ADUser -Filter * -SearchBase "OU=Test,DC=Sphinx,DC=org" -Properties DisplayName | Format-Table DisplayName, Name -AutoSize
DisplayName Name
----------- ----
Green Fred Fred Green
Green Jo Jo Green
Green Dave Dave Green
In the case of the first account the goal is to change the Name to match the display name.
One thing to be aware of with AD names – NEVER, NEVER, NEVER and I mean NEVER use a comma between the first and last parts of the name.
So
CN=Fred Green,OU=Test,DC=sphinx,DC=org
is good
CN=Green Fred,OU=Test,DC=sphinx,DC=org
is good
CN=Green, Fred,OU=Test,DC=sphinx,DC=org
is BAD, BAD, BAD.
The reason is that the comma is a delimiter between the parts of the distinguished name. LDAP doesn’t expect a comma between parts of an element so it errors. You have to escape the comma so its treated as a literal character. I can guarantee that you will forget. Been there, done that & designed the T-Shirt.
Don’t use commas – its fair simpler and you’ll have less errors.
The only option to rename an object is to use Rename-ADObject
PS > Get-ADUser -Filter * -SearchBase "OU=Test,DC=Sphinx,DC=org" -Properties DisplayName | foreach {Rename-ADObject -Identity $_.DistinguishedName -NewName $_.Displayname -PassThru}
You’ll get a display showing the new names.
If you want to check run the original test
PS > Get-ADUser -Filter * -SearchBase "OU=Test,DC=Sphinx,DC=org" -Properties DisplayName | Format-Table DisplayName, Name -AutoSize
DisplayName Name
----------- ----
Green Fred Green Fred
Green Jo Green Jo
Green Dave Green Dave
Job done
Learn Active Directory Management in a MoL on offer
Published March 16, 2014Learn Active Directory Management in a MoL is 43% off through April 3, 2014 with code pbradm at www.manning.com/siddaway3/
Automatically create folder for home drive
Published February 28, 2014In this post http://richardspowershellblog.wordpress.com/2013/10/28/setting-ad-attributes-from-a-csv-file/
I showed how to modify the user’s home folder setting in Active Directory.
A comment was recently left asking about automatically creating the folder on the fileserver and creating the share that is associated with it.
This isn’t a simple exercise – you will need a script to:
You can create the folder using New-Item
New-Item -Path c:\test -Name anyolduser -Type Directory
You can share it
$max = [uint32]5
$type = [uint32]0
Invoke-CimMethod -ClassName Win32_Share -MethodName Create -Arguments @{Name='anyolduser'; Path='c:\test\anyolduser';
Type=$type; MaximumAllowed=$max; Description='anyolduser - homedrive'}
And then you have to set share and NTFS permissions according to your organization’s policies
Learn AD Management in a Month of Lunches–ebook available
Published February 27, 2014The ebook – PDF format - for Learn AD Management in a Month of Lunches has been published - http://www.manning.com/siddaway3/
If you bought the ebook as part of your MEAP you should be able to down load it – you’ll get or have got an email with the link. The printed version is at the printers and will be available on 12 March.
If you want the ebook in Kindle or epub versiosn they will be available 20 March.
Enjoy.
LastLogoff timestamp
Published December 23, 2013I was recently asked if there was any way to fill in the LastLogoff timestamp
The short answer is no. The values in the attributes related to logons are maintained by Active Directory during the logon process.
I wouldn’t want them to be programmable as that as would create a potential loop hole in my logging process.
As far as I can tell LastLogoff isn’t currently used in Active Directory though if you have access to the Exchange cmdlets you could use Get-mailboxStatistics to discover logon and loggoff times to the mailbox which would be close
A new version of ADMT
Published December 16, 2013A new version of the AD Migration Tool (ADMT) has been announced - http://blogs.technet.com/b/askds/archive/2013/12/13/an-update-for-admt-and-a-few-other-things-too.aspx
While not ready for download just yet at least we know its in the pipeline and supports the newer versions of Windows
Final MEAP for AD Lunches
Published December 11, 2013The final MEAP for AD Management in a Month of Lunches has been released. The book is on a half price offer today so still time for a Christmas bargain if you’re quick
December 11–Deal of the Day AD Month of Lunches
Published December 10, 2013Deal of the Day December 11:
Half off my book Learn Active Directory Management in a Month of Lunches.
Use code dotd1211au at www.manning.com/siddaway3/
Also available:
Learn SQL Server Administration in a Month of Lunches (www.manning.com/jones5/)
Learn SCCM 2012 in a Month of Lunches (www.manning.com/bannan/)