The Windows command line below allows you to mount multiple drives by only prompting user to enter the username and password once. Before another user tries to mount the drives, the script will first unmount the previous mounted drives.
@echo ##############################################
@echo ##### Mount Drive Script by Andres Cheah #####
@echo ##############################################
@echo ##### #####
@echo ## ##
@echo # #
@echo off
net use x: /delete
net use z: /delete
set /p id=Please enter your username: %=%
set /p password=Please enter your password: %=%
net use x: \\fileserver1\Home %password% /user:domain1\%id%
net use z: \\100.18.30.2\Class %password% /user:domain2\%id%
Pause
Wednesday 20 November 2013
Microsoft: Add All the Disabled Users to A Distribution Group in Active Directory
The Powershell script below allows you to add all the disabled users to a distribution group for easy account management.
$group = (Get-ADGroup 'DistributionGroup_1').DistinguishedName
$users = Get-ADUser -Filter {(Enabled -eq $false) -and (-not (memberof -eq $group))} -SearchBase "OU=Test,OU=TestTest,DC=gh,DC=local"
foreach ($user in $users) {
Get-ADPrincipalGroupMembership -Identity $user | % {Remove-ADPrincipalGroupMembership -Identity $user -MemberOf $_}
Add-ADPrincipalGroupMembership -identity $user -Memberof "Domain Users","DistributionGroup_1"
}
$group = (Get-ADGroup 'DistributionGroup_1').DistinguishedName
$users = Get-ADUser -Filter {(Enabled -eq $false) -and (-not (memberof -eq $group))} -SearchBase "OU=Test,OU=TestTest,DC=gh,DC=local"
foreach ($user in $users) {
Get-ADPrincipalGroupMembership -Identity $user | % {Remove-ADPrincipalGroupMembership -Identity $user -MemberOf $_}
Add-ADPrincipalGroupMembership -identity $user -Memberof "Domain Users","DistributionGroup_1"
}
Microsoft: Disable User's Account, Remove All The Membership and Add The User to A Distribution Group in Active Directory
The Powershell script below allows you to disable an user's account, remove all his/her membership and add him/her to a distribution group for easy account management. This script helps when an user checks out from a company / resign.
# User Disable Script
# Author: Andres Cheah
# NOTE: This script allows you to disable an user's account, remove all his/her membership and add him/her to DisableMailbox group.
#
Import-Module ActiveDirectory
add-PSSnapin quest.activeroles.admanagement -ErrorAction SilentlyContinue -WarningAction SilentlyContinue
function Get-DNC
{
Param (
$RDSE
)
$DomainDNC = $RDSE.defaultNamingContext
Return $DomainDNC
}
$NC = (Get-DNC([adsi]("LDAP://RootDSE")))
function get-dn ($SAMName)
{
$root = [ADSI]''
$searcher = new-object System.DirectoryServices.DirectorySearcher($root)
$searcher.filter = "(&(objectClass=user)(sAMAccountName= $SAMName))"
$user = $searcher.findall()
if ($user.count -gt 1)
{
$count = 0
foreach($i in $user)
{
write-host $count ": " $i.path
$count = $count + 1
}
$selection = Read-Host "Please select item: "
return $user[$selection].path
}
else
{
return $user[0].path
}
}
function programEX(){
CLS
Write-Host "******************************************************"
Write-Host "* User Disable Script"
Write-Host "* Author: Andres Cheah"
Write-Host "* NOTE: This script allows you to disable an user's"
Write-Host "* account, remove all his/her membership and add"
Write-Host "* him/her to DisableMailbox group."
Write-Host "******************************************************"
Write-Host ""
[console]::ForegroundColor = "yellow"
[console]::BackgroundColor= "black"
$Name = Read-Host "Please enter the username you wish to disable"
[console]::ResetColor()
$status = "disable"
$path = get-dn $Name
"'" + $path + "'"
$QADPath = Get-QADUser -Identity $Name
if ($status -match "disable")
{
# Disable the account
$account=[ADSI]$path
$account.psbase.invokeset("AccountDisabled", "True")
$account.setinfo()
}
[console]::ForegroundColor = "cyan"
[console]::BackgroundColor= "black"
$Reason = Read-Host "Please enter a description"
[console]::ResetColor()
Set-QADUser -Identity $Name -Description "$Reason"
Get-ADPrincipalGroupMembership -Identity $Name | % {Remove-ADPrincipalGroupMembership -Identity $Name -MemberOf $_}
Add-ADPrincipalGroupMembership -identity $Name -Memberof "Domain Users","DisableMailbox"
Write-Host ""
Write-Host "The user has been disabled and moved." -ForegroundColor "Red"
Write-Host ""
$Choice = Read-Host "Would you like to disable another account? [y]"
If ($Choice.ToLower() -eq "y"){
programEX
}else{
exit
}
}
programEX
# User Disable Script
# Author: Andres Cheah
# NOTE: This script allows you to disable an user's account, remove all his/her membership and add him/her to DisableMailbox group.
#
Import-Module ActiveDirectory
add-PSSnapin quest.activeroles.admanagement -ErrorAction SilentlyContinue -WarningAction SilentlyContinue
function Get-DNC
{
Param (
$RDSE
)
$DomainDNC = $RDSE.defaultNamingContext
Return $DomainDNC
}
$NC = (Get-DNC([adsi]("LDAP://RootDSE")))
function get-dn ($SAMName)
{
$root = [ADSI]''
$searcher = new-object System.DirectoryServices.DirectorySearcher($root)
$searcher.filter = "(&(objectClass=user)(sAMAccountName= $SAMName))"
$user = $searcher.findall()
if ($user.count -gt 1)
{
$count = 0
foreach($i in $user)
{
write-host $count ": " $i.path
$count = $count + 1
}
$selection = Read-Host "Please select item: "
return $user[$selection].path
}
else
{
return $user[0].path
}
}
function programEX(){
CLS
Write-Host "******************************************************"
Write-Host "* User Disable Script"
Write-Host "* Author: Andres Cheah"
Write-Host "* NOTE: This script allows you to disable an user's"
Write-Host "* account, remove all his/her membership and add"
Write-Host "* him/her to DisableMailbox group."
Write-Host "******************************************************"
Write-Host ""
[console]::ForegroundColor = "yellow"
[console]::BackgroundColor= "black"
$Name = Read-Host "Please enter the username you wish to disable"
[console]::ResetColor()
$status = "disable"
$path = get-dn $Name
"'" + $path + "'"
$QADPath = Get-QADUser -Identity $Name
if ($status -match "disable")
{
# Disable the account
$account=[ADSI]$path
$account.psbase.invokeset("AccountDisabled", "True")
$account.setinfo()
}
[console]::ForegroundColor = "cyan"
[console]::BackgroundColor= "black"
$Reason = Read-Host "Please enter a description"
[console]::ResetColor()
Set-QADUser -Identity $Name -Description "$Reason"
Get-ADPrincipalGroupMembership -Identity $Name | % {Remove-ADPrincipalGroupMembership -Identity $Name -MemberOf $_}
Add-ADPrincipalGroupMembership -identity $Name -Memberof "Domain Users","DisableMailbox"
Write-Host ""
Write-Host "The user has been disabled and moved." -ForegroundColor "Red"
Write-Host ""
$Choice = Read-Host "Would you like to disable another account? [y]"
If ($Choice.ToLower() -eq "y"){
programEX
}else{
exit
}
}
programEX
Monday 11 November 2013
Cisco: Configure SNMPv3 on Cisco Catalyst Switches
Configuring SNMPv3 on Cisco Catalyst switches is pretty simple and is much preferred over v1 or v2. SNMPv3 has three big benefits:
1. Authentication — we can be assured that the message originated from a valid source
2. Integrity — we can be assured that a packet has not been modified in transit
3. Encryption — no more plain-text SNMP data flying around our network
First off, we need to decide what hosts should be allowed to query our switch using SNMP. In my case, this is a single host with the IP address 192.19.20.100. We’ll create a new access control list (ACL) on the switch to restrict access to SNMP.
2960# conf t
Enter configuration commands, one per line. End with CNTL/Z.
2960(config)# ip access-list standard SNMP
2960(config-std-nacl)# permit host 192.19.20.100
2960(config-std-nacl)# deny any log
2960(config-std-nacl)# exit
Next, I create a group named "public". Then, I’ll create a user named “testtest” with randomly generated authentication and privacy passwords (used for authentication and encryption). We’ll use the HMAC SHA algorithm for authentication and 128-bit AES encryption. In addition, we’ll associate the “SNMP” ACL that we created earlier with this user.
2960(config)# snmp-server group public v3 auth
2960(config)# snmp-server user testtest public v3 auth sha 6546512165132 priv des 8798456146156 access SNMP
Exit global configuration mode and save the config.
2960(config)# exit
2960# copy run start
Reference:
1. Configuring SNMP
1. Authentication — we can be assured that the message originated from a valid source
2. Integrity — we can be assured that a packet has not been modified in transit
3. Encryption — no more plain-text SNMP data flying around our network
First off, we need to decide what hosts should be allowed to query our switch using SNMP. In my case, this is a single host with the IP address 192.19.20.100. We’ll create a new access control list (ACL) on the switch to restrict access to SNMP.
2960# conf t
Enter configuration commands, one per line. End with CNTL/Z.
2960(config)# ip access-list standard SNMP
2960(config-std-nacl)# permit host 192.19.20.100
2960(config-std-nacl)# deny any log
2960(config-std-nacl)# exit
Next, I create a group named "public". Then, I’ll create a user named “testtest” with randomly generated authentication and privacy passwords (used for authentication and encryption). We’ll use the HMAC SHA algorithm for authentication and 128-bit AES encryption. In addition, we’ll associate the “SNMP” ACL that we created earlier with this user.
2960(config)# snmp-server group public v3 auth
2960(config)# snmp-server user testtest public v3 auth sha 6546512165132 priv des 8798456146156 access SNMP
Exit global configuration mode and save the config.
2960(config)# exit
2960# copy run start
Reference:
1. Configuring SNMP
Microsoft: Sending Email Attachment Problem with iDevices in Microsoft Exchange 2010
Problem:
Send an attachment (photo for example), and initially there's always an error popping up, "Sending this message failed". Go to outbox, hit refresh, and it sends. (9 out of 10 times). ActiveSync logging doesn't reveal anything.
Solution:
When you use certificate authentication you have to set the uploadReadAheadSize in the IIS metabase to your max email size, the default is 48KB so nearly any attachment cannot be sent/forwarded.
With the following command you can change the value (in this case 21MB):
C:\Windows\System32\inetsrv\appcmd.exe set config -section:system.webServer/serverRuntime /uploadReadAheadSize:"21504000" /commit:apphost
C:\Windows\System32\inetsrv\appcmd.exe set config "Default Web Site" -section:system.webServer/serverRuntime /uploadReadAheadSize:"2150400" /commit:apphost
After this restart the IISAdmin service to affect the change.
Reference:
1. iPhone sending attachment problems
http://social.technet.microsoft.com/Forums/exchange/en-US/52f58b47-b95e-4f44-bb4e-6bd8b1b4eb94/iphone-sending-attachment-problems
Send an attachment (photo for example), and initially there's always an error popping up, "Sending this message failed". Go to outbox, hit refresh, and it sends. (9 out of 10 times). ActiveSync logging doesn't reveal anything.
Solution:
When you use certificate authentication you have to set the uploadReadAheadSize in the IIS metabase to your max email size, the default is 48KB so nearly any attachment cannot be sent/forwarded.
With the following command you can change the value (in this case 21MB):
C:\Windows\System32\inetsrv\appcmd.exe set config -section:system.webServer/serverRuntime /uploadReadAheadSize:"21504000" /commit:apphost
C:\Windows\System32\inetsrv\appcmd.exe set config "Default Web Site" -section:system.webServer/serverRuntime /uploadReadAheadSize:"2150400" /commit:apphost
After this restart the IISAdmin service to affect the change.
Reference:
1. iPhone sending attachment problems
http://social.technet.microsoft.com/Forums/exchange/en-US/52f58b47-b95e-4f44-bb4e-6bd8b1b4eb94/iphone-sending-attachment-problems
Friday 1 November 2013
VMware: VMware Certified Associate - Data Center Virtualization ( VCA-DCV )
I have just passed my VMware Certified Associate - Data Center Virtualization ( VCA-DCV ) exam. You will be able to answer all the questions after you have gone through the VMware Data Center Virtualization Fundamentals training provided by VMware.
After passed this exam, I am currently a VCP, VCA-DCV, VCA-Cloud and VCA-WM certified engineer.
References:
1. VMware Certified Associate - Data Center Virtualization ( VCA-DCV )
http://mylearn.vmware.com/mgrReg/plan.cfm?plan=41162&ui=www_cert
2. VMware Data Center Virtualization Fundamentals
http://mylearn.vmware.com/mgrReg/courses.cfm?ui=www_edu&a=det&id_course=189018
VMware: VMware Certified Associate - Workforce Mobility ( VCA-WM )
I have just passed my VMware Certified Associate - Workforce Mobility ( VCA-WM ) exam. You will be able to answer all the questions after you have gone through the VMware Workforce Mobility Fundamentals training provided by VMware.
References:
1. VMware Certified Associate - Workforce Mobility ( VCA-WM )
http://mylearn.vmware.com/mgrReg/plan.cfm?plan=41164&ui=www_cert
2. VMware Workforce Mobility Fundamentals
http://mylearn.vmware.com/mgrReg/courses.cfm?ui=www_edu&a=det&id_course=189020
VMware: VMware Certified Associate - Cloud ( VCA-Cloud )
I have just passed my VMware Certified Associate - Cloud ( VCA-Cloud ) exam. It is a quite challenging exam. However, you will be able to answer all the questions after you have gone through the VMware Cloud Fundamentals training provided by VMware.
References:
1. VMware Certified Associate - Cloud (VCA-Cloud)
http://mylearn.vmware.com/mgrReg/plan.cfm?plan=41165&ui=www_cert
2. VMware Cloud Fundamentals
http://mylearn.vmware.com/mgrReg/courses.cfm?ui=www_edu&a=det&id_course=189017
Subscribe to:
Posts (Atom)