Tuesday, September 14, 2010
Creating Custom ADM Templates
Came across a great article which shows how to create custom ADM templates to apply policy settings and reg keys.
Monday, July 12, 2010
Export Mailbox to PST, Exchange 2007
Need to install outlook client on the box you want to run the script on.
EXCTOPST.bat file ---->
@echo off
C:\WINDOWS\system32\windowspowershell\v1.0\powershell.exe -PSConsoleFile "C:\Program Files\Microsoft\bin\exshell.psc1" -command C:\Scripts\user.ps1
pause
C:\WINDOWS\system32\windowspowershell\v1.0\powershell.exe -PSConsoleFile "C:\Program Files\Microsoft\bin\exshell.psc1" -command C:\Scripts\user.ps1
pause
______________________________________________________
user.ps file......
$id = read-host "Enter the username"
$PSTPath = read-host "Enter the pst pathname E:\Temp\"
get-mailbox -identity $id | Export-Mailbox -PSTFolderPath $PSTPath
Write-host -fore Yellow "Check the STATUS MESSAGE to see if successfull or any errors have occured. Then PRESS ANY KEY to Continue"
$PSTPath = read-host "Enter the pst pathname E:\Temp\"
get-mailbox -identity $id | Export-Mailbox -PSTFolderPath $PSTPath
Write-host -fore Yellow "Check the STATUS MESSAGE to see if successfull or any errors have occured. Then PRESS ANY KEY to Continue"
Thursday, July 8, 2010
Wednesday, May 12, 2010
I can ping other PC's but other PCs can ping me??
Check your CISCO VPN client -> Options - Stateful Firewall(Always on).
Thursday, April 29, 2010
"DHCP...." followed by "PXE-E53: No boot filename received"
SYMPTOM
When being started, the PXE client comes up with the PXE copyright message, then displays
DHCP....
After a while, the following error message is displayed:
PXE-E53: No boot filename received
Depending on the PXE client's system setup boot device list configuration, the PC then either stops or tries to boot from the next boot device in the system setup boot device list.
CAUSE
The "PXE-E53" error indicates that the PXE client received a reply to its DHCPDISCOVER message, but the "boot filename" information was missing in this reply.
RESOLUTION
Make sure that the "boot filename" option is present on your DHCP or BOOTP server, and that its value is set to the filename of the boot loader.
When using Microsoft DHCP server, add option 067 (Bootfile Name) to your scope. When using a Unix/Linux based (ISC) DHCP server, use the "filename" parameter for this purpose.
In the context of the BootManage Administrator, the boot loader filename is "pxboot" for PXE clients and "bpboot" for TCP/IP BOOT-PROM clients. So, if you have exclusively PXE clients, set the boot filename option to the value "pxboot". If you have exclusively TCP/IP BOOT-PROM clients, set the boot filename option to the value "bpboot". In a mixed PXE and TCP/IP BOOT-PROM client environment, you must configure your DHCP or BOOTP server so that it provides the PXE clients with the "pxboot" boot loader, and the TCP/IP BOOT-PROM clients with the "bpboot" boot loader.
____ IMPORTANT Thing to note:
We were trying to troubleshoot the above issue with the recommendation above, however, make sure you can see the dhcp server leasing out the ips to the machine you are trying to pxe boot.
Secondly and most important, if they are 64 bit client, run the command below on the server.
WDSUTIL /set-server /architecturediscovery:yesHope you dont have to struggle after that..
Cheers
Saturday, April 24, 2010
Group Membership script
Hi All,
groupPath = getgrouppath(groupName)
if groupPath = "" then
Below script will fetch you the membership details of the AD group you pass it as a parameter.
it Returns SAMACCOUNTNAME...
_________________________________________________________
groupname = Wscript.Arguments(0)
'groupName = inputbox("Please enter the name of the group:")
'dim FileName = Groupname
'groupName = inputbox("Please enter the name of the group:")
'dim FileName = Groupname
if groupName = "" then
wscript.quit
end if
groupPath = getgrouppath(groupName)
if groupPath = "" then
wscript.echo "Unable to find the specified group in the domain"
wscript.quit
end if
set objGroup = getobject(grouppath)
set objFSO = createobject("scripting.filesystemobject")
set objFile = objFSO.createtextfile(groupname)
q = """"
objFile.WriteLine("sAMAccountName")
for each objMember in objGroup.Members
objFile.WriteLine(objmember.samaccountname)
objFile.WriteLine(objmember.samaccountname)
next
'***** Users who's primary group is set to the given group need to be enumerated seperatly.*****
getprimarygroupmembers groupname
objFile.Close
wscript.echo "Completed"
function getGroupPath(byval GroupName)
set cmd=createobject("ADODB.Command")
set cn=createobject("ADODB.Connection")
set rs=createobject("ADODB.Recordset")
cn.open "Provider=ADsDSOObject;"
cmd.commandtext = "SELECT adspath from 'LDAP://" & getnc & _
"' WHERE objectCategory = 'Group' and sAMAccountName = '" & groupname & "'"
cmd.activeconnection = cn
"' WHERE objectCategory = 'Group' and sAMAccountName = '" & groupname & "'"
cmd.activeconnection = cn
set rs = cmd.execute
if rs.bof <> true and rs.eof<>true then
getgrouppath=rs(0)
else
getgrouppath = ""
end if
cn.close
end function
function getNC
set objRoot=getobject("LDAP://RootDSE")
getNC=objRoot.get("defaultNamingContext")
end function
function getPrimaryGroupMembers(byval GroupName)
set cn = createobject("ADODB.Connection")
set cmd = createobject("ADODB.Command")
set rs = createobject("ADODB.Recordset")
cn.open "Provider=ADsDSOObject;"
cmd.activeconnection=cn
'***** Change the Page Size to overcome the 1000 record limitation *****
cmd.properties("page size")=1000
cmd.commandtext = "SELECT PrimaryGroupToken FROM 'LDAP://" & getnc & _
"' WHERE sAMAccountName = '" & GroupName & "'"
"' WHERE sAMAccountName = '" & GroupName & "'"
set rs = cmd.execute
if rs.eof<>true and rs.bof<>true then
PrimaryGroupID = rs(0)
else
Err.Raise 5000, "getPrimaryGroupMembers", "Unable to find PrimaryGroupToken property"
end if
cmd.commandtext = "SELECT samaccountname, sn, givenName FROM 'LDAP://" & getNC & _
"' WHERE PrimaryGroupID = '" & PrimaryGroupID & "'"
"' WHERE PrimaryGroupID = '" & PrimaryGroupID & "'"
set rs = cmd.execute
while rs.eof<>true and rs.bof<>true
objFile.WriteLine(q & rs("samaccountname") & q & "," & q & rs("sn") & q & _
"," & q & rs("givenName") & q)
"," & q & rs("givenName") & q)
rs.movenext
wend
cn.close
end function
______________________________________________xxxxxxxxxxxxxx____________________________________
Tuesday, April 20, 2010
Backup NTFS permissions
Reference : _h_t_t_p_://ochoco.blogspot.com/2009/02/quick-tip-back-up-your-ntfs-security.html
_________Adding a security group to a folder and maintain inheritance_________
C:\Program Files\Support Tools>icacls D:\data$\NTFS_PermTEST /Grant "domainname\
DLGTestGroup":(OI)(CI)F
(Be mindful of security group names... has to be prewindows 2000 name for groups)
__________________________________________________________________________
Subinacl.exe
http://www.microsoft.com/downloads/details.aspx?FamilyID=E8BA3E56-D8FE-4A91-93CF-ED6985E3927B&displaylang=en
Here is example syntax that you can use to proactively back up your NTFS permissions:
Subinacl /noverbose /output=c:\ntfs_perms.txt /subdirectories "Path to the Folder of NTFS permissions we have to Backup"
To backup the permissions of the folder, subfolders and files on folder called Data\IT on the D: drive:
subinacl /noverbose /output=c:\ntfs_perms_TEST.txt /subdirectories D:\data\IT
If you wanted to just backup the NTFS permissions for the entire drive, the command would look like this:
subinacl /noverbose /output=c:\ntfs_D_drive_perms.txt /subdirectories D:\*.*
Most of you will probably not be concerned with backing up down to the file level, and are satisfied with just backing up the permissions at the directory level. Backing up the permissions for just the directories can be achieved with the following syntax:
subinacl /noverbose /output=c:\D_drive_NTFSperms.txt /subdirectories=directoriesonly D:\*.*
The output of the command while have something like this:
Elapsed Time: 00 00:00:00
Done: 5, Modified 5, Failed 0, Syntax errors 0
Last Done : D:\data$\IT\NTFS_PermTEST\TestA\Test_A_2\Inherit_notAllowed
The contents of the file created by subinacl are viewable in any text editor and the output is similar to this:
===================================
+File D:\data$\NTFS_PermTEST\TestA
===================================
/control=0x400
/owner =builtin\administrators
/primary group =domainname\domainname users
/audit ace count =0
/perm. ace count =5
/pace =domainname\A.B Type=0x0 Flags=0x13 AccessMask=0x1301bf
/pace =domainname\domainname admins Type=0x0 Flags=0x13 AccessMask=0x1f01ff
/pace =domainname\gav Type=0x0 Flags=0x13 AccessMask=0x1200a9
/pace =domainname\gsg-information technology Type=0x0 Flags=0x13 AccessMask=0x1f01ff
/pace =domainname\rahul Type=0x0 Flags=0x13 AccessMask=0x1f01ff
===================================
+File D:\data$\NTFS_PermTEST\TestB
===================================
/control=0x400
/owner =builtin\administrators
/primary group =domainname\domainname users
/audit ace count =0
/perm. ace count =5
/pace =domainname\A.B Type=0x0 Flags=0x13 AccessMask=0x1301bf
/pace =domainname\domainname admins Type=0x0 Flags=0x13 AccessMask=0x1f01ff
/pace =domainname\gav Type=0x0 Flags=0x13 AccessMask=0x1200a9
/pace =domainname\gsg-information technology Type=0x0 Flags=0x13 AccessMask=0x1f01ff
/pace =domainname\rahul Type=0x0 Flags=0x13 AccessMask=0x1f01ff
=======================================
To restore the permissions on the drive using the file that you backed them up to:
Subinacl /playfile c:\D_drive_NTFS_perms.txt
_________Adding a security group to a folder and maintain inheritance_________
C:\Program Files\Support Tools>icacls D:\data$\NTFS_PermTEST /Grant "domainname\
DLGTestGroup":(OI)(CI)F
(Be mindful of security group names... has to be prewindows 2000 name for groups)
__________________________________________________________________________
Subinacl.exe
http://www.microsoft.com/downloads/details.aspx?FamilyID=E8BA3E56-D8FE-4A91-93CF-ED6985E3927B&displaylang=en
Here is example syntax that you can use to proactively back up your NTFS permissions:
Subinacl /noverbose /output=c:\ntfs_perms.txt /subdirectories "Path to the Folder of NTFS permissions we have to Backup"
To backup the permissions of the folder, subfolders and files on folder called Data\IT on the D: drive:
subinacl /noverbose /output=c:\ntfs_perms_TEST.txt /subdirectories D:\data\IT
If you wanted to just backup the NTFS permissions for the entire drive, the command would look like this:
subinacl /noverbose /output=c:\ntfs_D_drive_perms.txt /subdirectories D:\*.*
Most of you will probably not be concerned with backing up down to the file level, and are satisfied with just backing up the permissions at the directory level. Backing up the permissions for just the directories can be achieved with the following syntax:
subinacl /noverbose /output=c:\D_drive_NTFSperms.txt /subdirectories=directoriesonly D:\*.*
The output of the command while have something like this:
Elapsed Time: 00 00:00:00
Done: 5, Modified 5, Failed 0, Syntax errors 0
Last Done : D:\data$\IT\NTFS_PermTEST\TestA\Test_A_2\Inherit_notAllowed
The contents of the file created by subinacl are viewable in any text editor and the output is similar to this:
===================================
+File D:\data$\NTFS_PermTEST\TestA
===================================
/control=0x400
/owner =builtin\administrators
/primary group =domainname\domainname users
/audit ace count =0
/perm. ace count =5
/pace =domainname\A.B Type=0x0 Flags=0x13 AccessMask=0x1301bf
/pace =domainname\domainname admins Type=0x0 Flags=0x13 AccessMask=0x1f01ff
/pace =domainname\gav Type=0x0 Flags=0x13 AccessMask=0x1200a9
/pace =domainname\gsg-information technology Type=0x0 Flags=0x13 AccessMask=0x1f01ff
/pace =domainname\rahul Type=0x0 Flags=0x13 AccessMask=0x1f01ff
===================================
+File D:\data$\NTFS_PermTEST\TestB
===================================
/control=0x400
/owner =builtin\administrators
/primary group =domainname\domainname users
/audit ace count =0
/perm. ace count =5
/pace =domainname\A.B Type=0x0 Flags=0x13 AccessMask=0x1301bf
/pace =domainname\domainname admins Type=0x0 Flags=0x13 AccessMask=0x1f01ff
/pace =domainname\gav Type=0x0 Flags=0x13 AccessMask=0x1200a9
/pace =domainname\gsg-information technology Type=0x0 Flags=0x13 AccessMask=0x1f01ff
/pace =domainname\rahul Type=0x0 Flags=0x13 AccessMask=0x1f01ff
=======================================
To restore the permissions on the drive using the file that you backed them up to:
Subinacl /playfile c:\D_drive_NTFS_perms.txt
Subscribe to:
Posts (Atom)