Musings on the splendour of PowerShell Browse by Tags - PoSh Chap - Site Home - TechNet Blogs

PoSh Chap

Musings on the splendour of PowerShell

Browse by Tags

Related Posts
  • Blog Post: One-liner: Use Get-ADObject to Find Authorised DHCP Servers

    The DHCP PowerShell module has the Get-DhcpServerInDC cmdlet to show you the DHCP servers that have been authorised in Active Directory. This cmdlet was introduced with Windows Server 2012 and v3 of PowerShell. What if you don't have access to the above? What if you want to impress your PoSh...
  • Blog Post: Security Focus: sIDHistory / sID Filtering Sanity Check - Part 1 - aka Post #100!

    100 posts! Who’d have thought it? I started out wanting to evangelise PowerShell. 100 posts later, that desire is as strong as ever! Along the way, it seems that I have helped some folks out, made others laugh, confused some, talked about PoSh chickens... and had a jolly good time of it, too! ...
  • Blog Post: Find Server Objects Without NTDS Settings

    Two for the price of one this week! Well, two ways to achieve the same outcome. You know, that's one of the many things I love about PowerShell - the numerous ways to arrive at the same result. This one came from a chat I had with my esteemed colleague, Ali Sajjad. What's the context...
  • Blog Post: One-Liner: List Deleted Objects

    Short and sweet this week. Just like this one-liner. Get-ADObject -Filter * -SearchBase "CN=Deleted Objects,DC=fabrikam,DC=com" -IncludeDeletedObjects You can change the search base to a different partition if you want to inspect deleted objects from there. TTFN
  • Blog Post: Are your Active Directory Partitions Backed Up?

    Ever used repadmin /showbackup to check Active Directory backup status? If not, here's what is does: Right then. It reads the DSASignature attribute from each partition. Actually, it reads replication metadata for the DSASignature attribute which tells us when it was last updated. Let's...
  • Blog Post: Get Active Directory Accounts Created in the Last N Days (featuring -xor)

    A customer asked me to demonstrate how you can check for user or computer accounts recently added to a domain. The result was this function: Get-ADNewlyCreatedAccount The function has the following parameters and switches: $Domain ... the target domain $WithinDays ... the number...
  • Blog Post: msDS-parentdistname vs. parentGUID

    Last week I wrote about mirroring an OU structure, from a source domain to a test domain, with the help of a couple of PowerShell scripts. The first script had to capture the distinguished name of the parent object of each OU found in the source domain. This would allow me to make sure that an equivalent...
  • Blog Post: Use PowerShell to Find Active Directory Forest Conflict Objects

    Quite often there's conflict amongst the PoSh progeny. Usually, the most belligerent sibling gets sent to their bedroom. In Active Directory, when there's a sibling name conflict the Relative Distinguished Name of the losing sibling is 'mangled', i.e. you'll see 'CNF:<guid>'...
  • Blog Post: Strict Replication Consistency On New Domain Controllers

    Last time out I talked about Content Freshness and likened it to Strict Replication Consistency . This time out... more on Strict Replication Consistency (SRC)... For those folks with forests that have been around since Windows Server 2000, there's a check you can perform with PowerShell to see...
  • Blog Post: One-Liner: Active Directory Protected Objects

    This week I was asked how to get a list of Active Directory protected objects with PowerShell. Protected objects can't be deleted as they are critical to the health of Active Directory. The easiest way I could think of is to use Get-ADObject with a specific LDAP filter. Get-ADObject -LDAPFilter...
  • Blog Post: Prepopulate Passwords to RODCs with PowerShell

    Hello! The sun is shining, spring has sprung and it's nearly the weekend... life is sweet! Today, I'm going to talk about using the AD Replication cmdlets, introduced with Windows Server 2012, to prepopulate passwords to your RODCs. No more repadmin, no more DSA.msc... just pure, unadulterated...
  • Blog Post: To and Fro, Back and Forward Links

    I seem to have acquired a post sack. It has the initials NP on it... Hmmm, what's inside? This one looks interesting... "...Dear, Sir, How can I use PowerShell to check that a backlink is populated for an object in AD? Yours, faithfully, Mr Johnny Face..." ...
  • Blog Post: One-Liner: Active Directory Schema Version

    Rules rule! What's a directory service without schema? This week I was asked about the Active Directory schema version for Windows Server 2012 R2. Here’s how to get hold of it with PowerShell: Get-ADObject ( Get-ADRootDSE ) . schemaNamingContext -Property objectVersion ...