PowerShell

PowerShell: Unlock Active Directory Users Account

Use:

 

  • Listing account lockouts in Active Directory
  • Unlocking locked out accounts

# Open PowerShell or PowerShell ISE with an account with rights to unlock accounts
# Import the Actice Directory Module to PowerShell
#
Import-Module ActiveDirectory
#
# Run the Search-ADAccount command to search for accounts that are locked out
# Accounts locked out will be displayed
#
Search-ADAccount -LockedOut
#
#
# To unlock multiple {All} accounts the following command can be used
Search-ADAccount -LockedOut | Unlock-ADAccount
#

This could be useful if you wanted to somehow send an email to a ticket system so that you log and create IT tickets of account lockouts. A good way for your IT staff to track those types of activities that they do spend time on.

 

PowerCLI: HowTo Remove Floppy Drive From {All} Powered Off VM`s

The following simple script will iterate though your vCenter environment and remove the floppy disk from VMware guest machines that are in a powered off state.

Script text: I used Windows PowerShell ISE

Set-ExecutionPolicy RemoteSigned #may require running as administrator
Import-Module VMware.VimAutomation.Core
Connect-VIServer -Server ‘your.server.here’

$off = Get-VM | where {$_.powerstate -eq “PoweredOff”}
$floppy = Get-FloppyDrive -VM $off
Remove-FloppyDrive -Floppy $floppy -Confirm:$false

Purpose:

The purpose of removing the floppy is to remove potential attack channels to the guest VM itself. It has also been noted that removing such devices will save kernel resources.

Ref: https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-600D24C8-0F77-4D96-B273-A30F256B29D4.html

 

How to Remove Users From the Office 365 Deleted Users

And… its time to purge those 365 deleted users. Although we can wait for the retention policy to do it for us. I wanted to do this “now”.

I had wrote the following steps in the past and thought I would share here.

[Press Start]

To delete the account for one or more users

Sign in to Office 365 with your work or school account.

Go to the Office 365 admin center.

Go to Users > Active Users.

Choose the names of the users that you want to delete, and then select DELETE Delete.

In the confirmation box, select Yes.

Done!

[Pause]

Well, not so fast. The deleted users is not fully gone yet. It takes 30 days after you have deleted the user for it to purge from Office 365. However there is a way to do this faster

[Press Start]

Connect to Exchange Online using the Windows Azure Powershell module.

To connect you enter the following cmdlet’s:

  1. Store your credetials (this is stored in memory): $msolcred = get-credential
  2. Connection to Office 365: connect-msolservice -credential $msolcred

Once connected you can issue the following command to list deleted users:

get-msoluser –returndeletedusers -maxresults 100

To remove a deleted user permanently:

remove-msoluser –userprincipalname UID@UPN.com -RemoveFromRecyclebin

If you had multiple users, the following cmdlet would work to remove all deleted users recycle bin:

get-msoluser –returndeletedusers -maxresults 100 | remove-msoluser -removefromrecyclebin -force

That’s it… Your done. Good Luck

Original Post of mine can be found here

VMware vCenter 6 Phantom Snapshots

I’ve been using vCenter 6 for a while now and noticed an odd issue pertaining to snapshots. It seems that all guest show a “revert to current snapshot” state even if a snapshot does not actually exist.

However viewing under the Snapshot Manger… shows no existing snapshots associated with the virtual machine guests.

I’ve noticed this this issue does not exist when using the vSphere Web Client.

These symptoms have been confirmed by VMware official in the following KB: https://kb.vmware.com/kb/2111363

For now there are no resolution steps…

Symptom Recap:

  • There are no snapshots on virtual machine(s).
  • Virtual machines show Revert to current snapshot (right-click on the virtual machine > Snapshot > Revert to current snapshot) enabled in vSphere Client when connected to the vCenter Server 6.0.
  • When viewing the Snapshot Manager (right-click on the virtual machine > Snapshot > Snapshot Manager) for the virtual machine in the vSphere Client, there are no snapshots present.
  • Directly logging into the ESXi host using the vSphere Client shows the Revert to current snapshot grayed out.
  • Creating and deleting a snapshot does not resolve this issue.
  • In the vSphere Web Client Revert to current snapshot appears grayed out.

Work around: 

  1. Ignore the vSphere Client results and use the vSphere Web Client
  2. Use PowerCli to display snapshots.

Example command I like to use:

 

Check Bitlocker Encryption Status, Simple PowerShell Method

If you have enabled Bitlocker encryption on your Windows client and wondering how far along you are in the initial encryption process this quick PowerShell command will help you.

Steps

  1. The first step is to turn on BitLocker
  2. Next, Right click PowerShell and select Run as Administrator
  3. Issue the following command: manage-bde -status c: to show the status of volume c: on your client.  You can omit the volume letter to list all attached volumes.

  4. Issue the above command again will show you the progression of your drive encrypted status.  When completed you will notice that the Protection Status will be set to On
    For more info on BitLocker Drive Encryption

Using Get-SPWebTemplate to list available site templates in SharePoint 2013

In this tech-short we will go over a simple yet effective way to list out the available site templates in SharePoint 2013.

Using the New-SPSite PowerShell cmdlet allows you to specify the name of a template to use. In my case I was unaware of the name of available templates in my SharePoint installation.  Using the Get-SPWebTemplate command to produce a list for me.

Steps

  1. Open the SharePoint 2013 Management Shell
  2. The the following command: Get-SPWebTemplate | Sort-Object “Name”

The results are a list Templates which could be used in this environment.

 

If you wanted to do the same with PowerShell locally or remote the following steps can be taken.

Open PowerShell and issue the following commands:

  1. New-PSSession -ComputerName SharePoint
  2. Add-PSSnapin Microsoft.SharePoint.Powershell
  3. Get-SPWebTemplate | Sort-Object “Name”

Remove Wireless Profiles in Windows 10

Similar to my previous post ‘Windows 8: Remove Old Wireless Network Profiles‘ the following are steps which can be preformed in both the command prompt or PowerShell prompt.

Task: Clean up all wireless profiles in Windows 10

Requirements:

  • PowerShell or Command Prompt
  • Elevated Privileges

Steps:

  1. Open, a PowerShell prompt or Command prompt as Administrator
  2. Enter netsh wlan show profiles to show all wireless profiles

  3. Enter netsh wlan delete profile name=”ProfileName” to delete a particular profile by name

     
  4. Or enter  netsh wlan delete profile name=”*” to remove all saved profiles

For more info on managing wireless networks on Windows 8, 8.1, 10 check out the following: Manage wireless network profiles

 

I hope you enjoyed this short post, thanks for visiting – jermal

 

Tech Short: Using PowerShell to join Computer to AD Domain

Working on a server installation I decided to use a simple yet effective power-shell command to join a Windows Server 2012/R2 system to our domain.

For the sake of brevity lets just show you.

Requirements:

  • Admin access to the computer/server you are joining to the domain along with permissions in the AD domain to join machines
  • Connected to the network where the domain is accessible
  • Obtain an network ip address along with dns that can resolve the domain you are joining
  • PowerShell

Steps:

  1. Launch PowerShell as an Administrator
  2. Issue the following command example: Add-Computer -DomainName <domain name> -Restart

You will be prompt for a username and password at this point. Enter in the correct credentials and soon after a restart will occur.

When you resume from the restart you can now log in on this workstation/server with domain credentials.

Additional info can be found on Technet

I hope you enjoyed this short, thanks for visiting – jermal

Tech Short: PowerShell: Networking Diagnostics

Listen ‘tracert’ its not you, its me…  I am not ending my long term relationship with the diagnostic tools which I have used for many years now.  I am just exploring others, and in doing so going on a “break”.

I recently starting using PowerShell more often and wondered is there a tool which can do what ‘tracert‘ does and maybe more.

This is where the PowerShell command  Test-NetConnection comes into the picture.

It does many of the functions of tracert which an out-put which at this point I favor far more.

Here are some examples:

Here is an example of using Test-NetConnection to test connectivity to jermsmit.com

ComputerName : jermsmit.com
RemoteAddress : 184.168.16.1
InterfaceAlias : Wi-Fi
SourceAddress : 1.2.3.150
PingSucceeded : True
PingReplyDetails (RTT) : 80 ms

 

Same test as above using the –TraceRoute flag return the list of hosts on the path to the specified target jermsmit.com

ComputerName : jermsmit.com
RemoteAddress : 184.168.16.1
InterfaceAlias : Wi-Fi
SourceAddress : 1.2.3.150
PingSucceeded : True
PingReplyDetails (RTT) : 82 ms
TraceRoute :
1..2.3.150
96.120.75.45
68.86.221.197
68.86.209.165
68.86.90.21
68.86.85.53
68.86.85.25
68.86.83.82
173.167.58.134
184.168.0.69
184.168.0.69
97.74.255.129
184.168.16.1

As you can see form the examples its a very useful tool in PowerShell, also giving you information about which network interface you are testing from.

What I have also found out is there is an alias for  Test-NetConnection. To use this all you need to do is simply type ‘tnr‘ following by the command syntax.

For more info on using Test-NetConnection type: Help Test-NetConnection in the PowerShell command prompt – Results may looking similar to what I have shown below:

 

 

 

 I hope you enjoyed this techshort, thanks for visiting – jermal

 

Disable Windows Firewall Server Core

Server Core now installed and what is the first command I choose to run in PowerShell

Its a command to disable all firewall profiles: