Showing posts with label Powershell. Show all posts
Showing posts with label Powershell. Show all posts

Wednesday, 12 February 2014

Powerhell ile AD sorgulamaları için basit bir script

Bu basit ve küçük PowerShell scriptini el altında bulundurarak Active Directory (AD) nizi hızlıca anahtar kelime kullanarak sorgulayabilirsiniz. Cevap olarak size obje tipi kısıtlaması olmadan bulduklarını döndürecektir. Bu basit halini isterseniz değiştirip daha farklı işler de yaptırabilirsiniz. Derinlemesine aramalardan önce kolayca obje bulma konusunda yardımcı olacağını düşünüyorum.
param(
[Parameter(Mandatory=$true,Position=1)][string]$Query
)
$filter = "anr=$Query"
$dc = "DCSunucunuz:3268"
Get-ADObject -LDAPFilter $filter -Server $dc

Kullanımı


.\Get-Something01.ps1   osxx

Çıktısı









































DistinguishedNameNameObjectClassObjectGUID
CN=Osman SHENER,…Osman SHENERuser2c973a30-4e…
CN=osxxNOT01,OU=…osxxNOT01computer840e9c35-4d…
CN=osxxOSDW7TEST…osxxOSDW7TEST20computerafe1c1fe-41…
CN=osxxPC01,OU=W…osxxDSK01computer3db219e1-44…
CN=osxxVM,OU=San…osxxVMcomputerecefbb2f-44…
Posted by at No comments:
Labels: , ,

Handy Powershell script to query AD for any object

I believe keeping this handy and simple PowerShell script within reach is a good idea to query your Active Directory (AD) quickly with a hint of name. It will return you objects that have your wildcard in it. Quick way find things before digging more.
param(
[Parameter(Mandatory=$true,Position=1)][string]$Query
)
$filter = "anr=$Query"
$dc = "YourDC:3268"
Get-ADObject -LDAPFilter $filter -Server $dc

Usage


.\Get-Something01.ps1   osxx

Output









































DistinguishedNameNameObjectClassObjectGUID
CN=Osman SHENER,…Osman SHENERuser2c973a30-4e…
CN=osxxNOT01,OU=…osxxNOT01computer840e9c35-4d…
CN=osxxOSDW7TEST…osxxOSDW7TEST20computerafe1c1fe-41…
CN=osxxPC01,OU=W…osxxDSK01computer3db219e1-44…
CN=osxxVM,OU=San…osxxVMcomputerecefbb2f-44…
Posted by at No comments:
Labels: , ,

Friday, 29 November 2013

How to install AD DS and create forest via PS?

Here is another small tip to create a new forest on a clean Windows Server 2012 R2, it installs AD DS, DNS and necessary administrative tools, and creates your forest, DNS entries etc.
Import-Module ServerManager
Install-WindowsFeature AD-Domain-Services
Import-Module ADDSDeployment
Install-ADDSForest -DomainName lab.infralib.com -DomainNetbiosName lab -SafeModeAdministratorPassword (ConvertTo-SecureString -String "YourPasswordHere" -AsPlainText -Force) -NoDnsOnNetwork -InstallDns -DomainMode Win2008R2 -ForestMode Win2008R2 -NoRebootOnCompletion -Confirm:$false
Add-WindowsFeature RSAT-AD-Tools
Restart-Computer

Very useful information about AD DS Deployment Cmdlets can be found at http://technet.microsoft.com/en-us/library/hh974720.aspx / http://technet.microsoft.com/en-us/library/hh472162.aspx
Posted by at No comments:
Labels: , , , ,

Thursday, 19 January 2012

WDS Auto-Add ve AD'de Prestaging verilerini temizlemek

WDS Auto-Add veritabanini temizlemek
WDS Auto-Add veritabanindaki onaylanmis bilgisayarlari her 30 gunde bir temizler. Isterseniz bu sureyi WDSUTIL /Set-Server /AutoAddPolicy /RetentionPeriod /Approved:Days komutu ile degistirebilirsiniz.  (http://technet.microsoft.com/en-us/library/cc754289(WS.10).aspx)

Ornegin 7 gune ayarlamak icin :
WDSUTIL /Set-Server /AutoAddPolicy /RetentionPeriod /Approved:7

Eger isterseniz  wdsutil /delete-AutoAddDevices /DeviceType:ApprovedDevices komutu ule tum onaylanmis bilgisayarlari Auto-Add veritabanindan temizleyebilirsiniz.  (http://technet.microsoft.com/en-us/library/cc770832(WS.10).aspx).

Ancak WDS Auto-Add veritabaninda yapilan temizlik Active Directory'deki bilgisayar hesabinda bulunan RemoteInstall/NetBootGUID degerini temizlemez, degeri elle silebilirsiniz.

AD'deki prestaging verilerini temizlemek
Eger prestaged bilgisayarlara ait RemoteInstall/GUID degerlerini Active Directory'den temizlemek isterseniz asagidaki powershell komutlarindan yararlanabilirsiniz. Kendim bu ihtiyacimi giderirken uzerinden gectigim adimlari oldugu gibi paylasiyorum, kavranmasini kolaylastiracagini umuyorum.

Bir bilgisayarin NetbootGUID degerini gormek icin
Get-ADComputer -Identity ComputerName -Properties NetbootGuid

Bir bilgisayarin NetbootGUID degerini temizlemek icin
Set-ADComputer -Identity ComputerName -clear NetbootGUID

Tum bilgisayarlarin NetboodGUID degerlerini gormek icin
Get-ADComputer -Filter {NetbootGUID -like "*"} -Properties NetbootGUID

Tum bilgisayarlarin NetboodGUID degerlerini ek degerlerle listelemek icin
Get-ADComputer -Filter {NetbootGUID -like "*"} -Properties NetbootGUID,created | Format-List -Property name,distinguishedName,created,NetbootGUID

Yaratilma degeri bir haftadan eski ve NetbootGUID degerine sahip tum bilgisayarlari listelemek icin
Get-ADComputer -Filter {NetbootGUID -like "*"} -Properties NetbootGUID,Created | ? {$_.Created -le ((get-date).addDays(-7))} | Format-List -Property name,distinguishedName,created,NetbootGUID

Yaratilma degeri bir haftadan eski ve NetbootGUID degerine sahip tum bilgisayarlara ait NetbootGUID degerini temizlemek
Get-ADComputer -Filter {NetbootGUID -like "*"} -Properties name,NetbootGUID,Created | ? {$_.Created -le ((get-date).addDays(-7))} | Set-ADComputer -clear NetbootGUID

Yaratilma degeri bir haftadan eski ve NetbootGUID degerine sahip tum bilgisayarlara ait NetbootGUID degerini temizlemek (Daha kisa  : Created degerini almamiz yeterli tarih denklemi icin.)
Get-ADComputer -Filter {NetbootGUID -like "*"} -Properties Created | ? {$_.Created -le ((get-date).addDays(-7))} | Set-ADComputer -clear NetbootGUID

Komutlar hakkinda daha fazla bilgi icin
Set-ADComputer : http://technet.microsoft.com/en-us/library/ee617263.aspx
Get-ADComputer : http://technet.microsoft.com/en-us/library/ee617192.aspx
Posted by at No comments:
Labels: , , , , , , ,

Purging WDS database and clearing prestaging values from AD computers

Purging Auto-Add Database in WDS WDS purges approved computers from Auto-Add database every 30 days by default.
You can also change the retention period for approved computers record by running WDSUTIL /Set-Server /AutoAddPolicy /RetentionPeriod /Approved:Days command. (http://technet.microsoft.com/en-us/library/cc754289(WS.10).aspx)

To change the length of time approved computers are held in the Auto-Add database to 7 days.
WDSUTIL /Set-Server /AutoAddPolicy /RetentionPeriod /Approved:7

If you wan't to manually purge approved computers in Auto-Add database you can run wdsutil /delete-AutoAddDevices /DeviceType:ApprovedDevices command, or to delete all (approved, pending, rejected) you can visit this URL (http://technet.microsoft.com/en-us/library/cc770832(WS.10).aspx).

But this process doesn't clear computer's RemoteInstall/NetBootGUID property from Active Directory, so you might need to clear this value in AD.
Clear prestaging data in AD
If you also need to clear RemoteInstall GUID property from all prestaged machines in AD as WDSUtil only clears it's own Auto-Add database, you can use powershell commands below to do that.

  • To see a computer's NetbootGUID
    Get-ADComputer -Identity ComputerName -Properties NetbootGuid


  • To clear a computer's NetbootGUID
    Set-ADComputer -Identity ComputerName -clear NetbootGUID


  • To list all computers have NetboodGUID value
    Get-ADComputer -Filter {NetbootGUID -like "*"} -Properties NetbootGUID


  • To list all computers have NetboodGUID value by formatted output
    Get-ADComputer -Filter {NetbootGUID -like "*"} -Properties NetbootGUID,created | Format-List -Property name,distinguishedName,created,NetbootGUID


  • To list all computers older than a week and have NetboodGUID value by formatted output
    Get-ADComputer -Filter {NetbootGUID -like "*"} -Properties NetbootGUID,Created | ? {$_.Created -le ((get-date).addDays(-7))} | Format-List -Property name,distinguishedName,created,NetbootGUID


  • To clear NetbootGUID from all computers older than a week and have NetbootGUID value
    Get-ADComputer -Filter {NetbootGUID -like "*"} -Properties name,NetbootGUID,Created | ? {$_.Created -le ((get-date).addDays(-7))} | Set-ADComputer -clear NetbootGUID


  • To clear NetbootGUID from all computers older than a week and have NetbootGUID value (Shorter : we only need Created property for date equation)
    Get-ADComputer -Filter {NetbootGUID -like "*"} -Properties Created | ? {$_.Created -le ((get-date).addDays(-7))} | Set-ADComputer -clear NetbootGUID



To get more detail about
Set-ADComputer : http://technet.microsoft.com/en-us/library/ee617263.aspx
Get-ADComputer : http://technet.microsoft.com/en-us/library/ee617192.aspx
Posted by at 1 comment:
Labels: , , , , , , ,
Subscribe to: Posts (Atom)