Blog Feed: Active Directory Blog

Blog Feed: Bilingual blog for System Administrators

Join Now
Already a Member? Log In to Your Account
Home My Account Directories    
Blog Directory
Web Directory
Articles Directory
Search
Users

Home > Blog Directory > Newest Posts > Blog Feed: Active Directory Blog

Powershell: Compact the Active Directory database

Published on 2012-06-28 07:59:52

http://blogs.metcorpconsulting.com/tech/?p=177 http://blogs.technet.com/b/heyscriptingguy/archive/2009/11/02/hey-scripting-guy-november-1-2009.aspx

Powershell: Enable ActiveSync for users member of an AD group

Published on 2012-04-19 15:56:38

We will describe in this post how to enable the mobile access to your mail system for only some employees. Only users who belong to the LDAP389-ACTIVESYNC will be able to use the ActiveSync protocol and set up their mailbox on their smartphone. This authorization will be managed by a Powershell script launched by a [...]

Powershell: VMWare and physical Windows server inventory

Published on 2012-03-22 05:16:37

We will describe in this post how to make an inventory of your physical and VMWare virtual machines running Windows Server. For each virtual machine, we will also retrieve on which physical host the server is running. If you have a VMWare virtualized environment this script can be useful to help you decide which type [...]

Windows 8: Install and configure ADCS

Published on 2012-01-26 05:36:10

We will describe in this post how to install ADCS on Windows 8 Developer Preview, and how to configure your PKI with Powershell. Firstly we will install the ADCS role with Server Manager: Select “Role-based installation or Feature-based installation” and click next. We now need to select the server on which you will install the [...]

Windows 8: Manage Active Directory replication topology with powershell

Published on 2012-01-11 04:54:58

I finally managed to free some time to install my first Windows 8 Developer Preview domain controllers in a test lab (thanks Vmdude). In this ldap389.local domain I installed two RWDCs named ldap389-pdce and ldap389-dc2, each one located in their own AD site. For the DC’s promotion you can read this two part post (here [...]

Powershell: Export firewall rules on your TMG servers

Published on 2012-01-04 10:44:10

In order to manage TMG with powershell you need to use the FPC.root COM object. For more details you can read this article. The purpose of this script is to export for each TMG server the Firewall Policies in XML format: In order to perform a connection on each TMG server we invoke the ConnectToConfigurationStorageServer [...]

OWA published with a TMG array member of a domain located in the DMZ

Published on 2011-12-19 06:57:06

We will describe in this post how to set up Threat Management Gateway in a domain located in the perimeter network (DMZ) in order to publish your Outlook Web Access external URL and ensure a secure SSL connection. The OWA site is installed on the CAS servers of your Exchange infrastructure. The internal URL, registered [...]

Powershell: Blackberry and Activesync mobile devices inventory

Published on 2011-11-21 11:10:52

When you setup a corporate Exchange mail system users can access their mailbox on most mobile devices (iPhone, Android, Windows Phone…) through the ActiveSync protocol. For blackberry owners to access your mail system, you need to setup a BES infrastructure. The purpose of this Powershell script is to make an inventory of all the mobile [...]

Powershell: Compare WSUS target groups

Published on 2011-11-04 14:45:47

This script compares the updates approved between two WSUS target groups. It can ben useful when you want to get the differences between a test and a production group, you can read this Group Policy Central article to get more details on how to set up a WSUS test group using GPO (chapter Implement a WSUS [...]

@ldap389 :-)

Published on 2011-11-01 15:17:20

A quick word to tell you that I (finally) signed up on twitter. You will also find @ldap389 latest tweets on the blog’s sidebar (Twitter Updates widget), it replaces the old “Latest AD news” sidebar.

ADDS 2008 migration: Before migrating to windows 8 server…

Published on 2011-09-23 18:14:51

You can’t wait to install Windows server 8 developer preview in order to test it in the event of a future deployment… But you might want to finish your migration to ADDS 2008R2 before thinking about all that Bellow is a tab showing some client compatibility issues and the important steps when migrating your domain [...]

Sign an Excel macro with a certificate issued by your enterprise PKI

Published on 2011-09-08 09:56:03

This article describes how to digitally sign an Excel VBA project with a certificate issued by your ADCS PKI. You can use the same method to sign any Office VBA project but in this post we will focus on Excel. For an introduction on how to sign Office macros you can read these KB and [...]

GPO: Loopback processing and Group Policy Preferences

Published on 2011-08-23 03:50:03

In this post we talk about loopback processing of group policy and what interesting new feature is available when combining with Group Policy Preferences. If you need a detailed explanation on how loopback processing of group policy works I suggest you read this 4sysops two part blog post (part 1, part 2). When using loopback [...]

Powershell: WSUS clients inventory

Published on 2011-05-31 05:42:00

In this post we will describe how to make a WSUS clients inventory, we will search for the computers in your domain which are not able to receive MS security updates because they are not supported any more or because there is a misconfinguration on t

Powershell: Enterprise CA, Create SAN certificates for IIS7 servers

Published on 2011-04-29 12:10:53

We will show in this post how to create a SAN certificate for IIS 7 using an Enterprise PKI. This kind of certificate permits you to host multiple SSL sites on a single server. To achieve this with a powershell script we will use the PSRemoting and t

The WinRM client cannot complete the operation within the time specified.

Published on 2011-04-14 10:59:21

After configuring WinRM on a Windows 2008R2 server we launched the following command in order to test the installation: winrm id -r:%machinename% Unfortunately we had this error message: WSManFault Message = The WinRM client cannot complete the opera

Powershell: Use GPO to configure firewall settings

Published on 2011-03-30 10:08:50

In this post we will set up firewall rules using Group Policy Objects under Windows 2008 Server. When you install a windows role or feature the installer will configure firewall rules automatically upon installation. Some third party installers recon

Windows 2008 Event Collector: XP and 2003 clients

Published on 2011-03-02 09:37:00

In this post we will describe how to configure a Windows 2008 Event Collector server to process events forwarded from Windows XP and Windows 2003 clients. The event forwarding system (aka syslog) relies on WinRM, there are two versions of the WinRM s

User account migration: Domain users primary group

Published on 2011-02-07 17:09:23

After an AD domain migration, some user accounts migrated in the target domain were not membres of the domain users group. In order to identify those accounts we used the following ActiveRoles Management Shell command: Get-QADUser -NotMemberof 'ldap3

Adprep 2008 troubleshooting

Published on 2011-01-31 13:54:50

In this post we will describe some issues we had when extending the schema for Active 2008 or 2008R2. The steps to prepare the schema for AD 2008 are described in this askDS post. adprep /domainprep /gpprep command line: Insufficient access rights: W

MSExchange ActiveSync EventID 1053

Published on 2011-01-17 13:36:20

In this article we will fix a problem we had with Exchange 2010 when synchronising mail on a mobile device using ActiveSync. When attempting the synchronisation we had the following error message (Source MSExchange ActiveSync, ID 1053) on the CAS ser

AD schema extension: Exchange 2010

Published on 2011-01-10 11:46:10

In this post we will troubleshoot a problem you can encounter when you are extending the Active Directory schema for Exchange 2010. You can read this technet article for the steps to prepare the AD schema for Exchange 2010. We encountered some proble

Powershell: Edit GPO security settings

Published on 2011-01-06 11:21:09

In order to edit GPO permissions with Powershell you can use the Set-GPPermissions CmdLet shipped with the RSAT (import-module grouppolicy). This Cmdlet does not have a replace permission option, nor does it let you set up a deny ACE on a GPO. In t

Powershell: AD replication

Published on 2010-11-19 15:43:27

Repadmin monitors the replication in your Active Directory Forest, you can read this AskDs post about this tool. The command line “repadmin /replsum” helps you retrieve the global forest replication status. The data retrieved for a given

Powershell: Search setting in GPOs

Published on 2010-09-17 08:10:23

In this article we will describe how to search for a GPO matching several settings with Powershell. In this post and this one Lindsay Harris describes how to achieve this by exporting GPO reports in XML format and parsing the output. The principal ad

Domain Controller certificates: Kerberos Authentication template

Published on 2010-09-06 13:26:35

When you install Windows 2008 Certification Authority a new domain controller certificate template named Kerberos Authentication is available. It replaces the Domain Controller Authentication template. If you need more information about the new certi

GPO WMI filtering: KB2286198 workaround

Published on 2010-08-07 12:50:41

You might already know that Windows 2000 and XP SP2 are not supported by MS since the 13th of july 2010. As a consequence you cannot install new security patches released by MS on these platforms. A critical security vulnerability MS10-46 is correcte

Powershell: restore AD object with group membership

Published on 2010-08-05 13:03:18

The purpose of this article is to show how to restore deleted objects with their group membership using Powershell. In order to achieve this you will need to set up a lag site in your domain. If your domain functional level is Windows 2008R2 and you

GPMC hangs connected to one domain controller

Published on 2010-07-26 06:20:41

I will describe in this post an incident we had in our production environment and the different troubleshooting steps to resolve this issue. When we launched a GPMC, the console froze when we clicked on an OU in order to display the Policy Objects li

© 2006-2013 OnToplist.com, All Rights Reserved
Online Marketing