Problem:
I had the need to test multiple ports on multiple servers and didn't want to do each one manually. Typing telnet multiple times get old real quick not to mention the potential for fat fingering the keyboard.
I had the need to test multiple ports on multiple servers and didn't want to do each one manually. Typing telnet multiple times get old real quick not to mention the potential for fat fingering the keyboard.
A lot of licensing is based on the number of CPU sockets and or cores assigned to a system. See below for methods on making the proper determination
I can't tell you how many times I have had to reach out and touch multiple servers to add a service account to one of the systems local groups. This can be a time consuming endeavor when you get above a few machines.
This post lists the code needed to add a user to the local administrators group of a remote system.
To use the script, change the following;
That's all you need.
The script makes an ADSI connection to the server
$AdminGroup = [ADSI]"WinNT://$s/Administrators,group"
The script then loads the user AD object.
$User = [ADSI]"WinNT://$DomainName/$UserName,user"
And finally the script attempts to add the user to the local administrators group.
Note that each of the commands is wrapped in a try/catch block which outputs an error indicating where the problem occurs.
$servers = gc "PATH_TO_SERVER_LIST" $DomainName = "DOMAIN_NAME" $UserName = "USER_TO_ADD" foreach($s in $servers){ $s try{ $AdminGroup = [ADSI]"WinNT://$s/Administrators,group" } catch{ write-warning "Failed to connect to [$s]" } try{ $User = [ADSI]"WinNT://$DomainName/$UserName,user" } catch{ write-warning "Failed to obtain record for [$DomainName] [$UserName]" } try{ $AdminGroup.Add($User.Path) } catch{ write-warning "Failed to add user [$DomainName\\$UserName] to [$s]" } }
Note: You can select the group by changing the word Administrators in the connection line to the group to which you want to add the user.
For example, to use the local users group instead of administrators, the line would be;
You can use the snippet below to list all of the systems in an organizational unit, OU, and below. The output lists the name of the server and the os version.
Several years ago, I was tasked with putting together a script to output a list of all users and groups on a server. Additionally, management wanted to know the membership of the local groups. If the groups contained other groups, the contents of those groups should be listed as well. Continue reading Use ADSI and Powershell to Monitor Group Access
If you deal with any private data, you may have a need to securely delete the file to ensure the data is non recoverable. Continue reading Secure File Deletion using Sdelete and Powershell
Hello all,
I am sure I am not the only one that has been working on something only to get weird error messages about access denied, only to realize that my password had expired.
Everyone runs into the problem eventually where they need to delete folders based on age. The script discussed in this post does exactly that. It checks the passed folder, or the default if no folder is specified and if there are any folders under it that are more than X days old, the folder and it's contents are removed.
To understand where a script like this may be useful, see our article, Error 0x00000002 when Adding a printer.
Continue reading Delete Folders older than X days Recursively
I recently had users begin reporting issues where their citrix session printers were not being presented. The ultimate problem was that on the server, out of site of the user, an error 0x00000002 was being issued.
WannaCry WannaCrypt, and other ransomware sotware takes advantange of the SMB protocol version 1, and probably version2, but that is up for debate.
The script below can be used to;
Continue reading WannaCry — Disable SMB1 to Prevent Ransomware