Adding permissions on printers using powershell

2009/10/20 Stijn Vermoesen Leave a comment

I needed to add a group of users to the ACL of all our printers. As we currently have about 100 printers; I looked if I could use powershell for this.
Currently on Windows server 2008 there are no built in cmdlets to administrate printers. But I did find a useful powershell script with everything I needed.

I ended up with only executing one line of code to add the group to all the printers.

Get-printer printserver | add-printerpermission -user “domain\groupname” -AceType Allow -accessmask ManagePrinters

The script can be found here, I’m posting the google translation link as my Russian isn’t that good;-)

Categories: PowerShell, Scripting

Split CSV to TXT

2009/10/08 Koen Vermoesen Leave a comment

Question: How to split a csv file in one txt file per line? The first column in the CSV provides the name for the TXT-file and the second one the contents.

SetLocal EnableDelayedExpansion
for /f %%i in (inp.csv) do set var=%%i& set name=!var:~0,6!& set phone=!var:~7,4!& echo !phone!>>!name!.txt
EndLocal
Categories: Scripting Tags:

AD Recycle Bin

2009/09/24 Stijn Vermoesen Leave a comment

I just came across a post by Jonathan Medd over at simple-talk.com about the new Active Directory recycle bin in Windows Server 2008 R2.

It’s definitely worth the read.

Categories: Active Directory, PowerShell

Terminal server 2008: Access denied error and eventlog not starting

2009/09/18 Stijn Vermoesen Leave a comment

On our teminal server 2008 farm we had some serious problems the last couple of days. Whenever users tried to login they got a “Access Denied” error. Only administrator accounts were able to log in. Additionally the eventlog, the McAfee services and some other services weren’t started automatically.
It was even not possible to start the eventlog manually.

We saw this issue on all our Terminal servers once they were joined to the domain. We finally nailed down the cause of these problems to be an group policy who configures the language settings.

Apparently this GPO changed also the language settings for the local system account. Which caused these services not to start anymore.

Pieter Wigleven posted already about a similar problem he had with Hyper-V and how he fixed it.

Update: Microsoft released a hotfix for this problem: KB951430.

Categories: Uncategorized

E2K7 SP2 Released

2009/08/27 Koen Vermoesen Leave a comment

Microsoft announced the release of Exchange Server 2007 SP2 the day before yesterday. Interested people can find the release notes here, the corresponding Technet Page here and the actual bits here.

Categories: Messaging

MS E2K10 RC available!

2009/08/18 Koen Vermoesen Leave a comment

This morning in my mailbox:

Microsoft Exchange Server 2010 Release Candidate is now available.
As a participant in the Microsoft Exchange Server 2010 Beta experience, we invite you to download the new Exchange Server 2010 Release Candidate version. Now you can evaluate the release candidate product to simplify your IT environment and give you more control.

Resources delivered right when you need them.

You will have access to resources that will help you optimize your evaluation of Microsoft Exchange Server 2010 RC. Get started now to take advantage of the wealth of resources. Download Microsoft Exchange Server 2010 RC today.

Sincerely,
Your TechNet Team

More details on E2K10 can be found on the Evaluation Center.

Categories: Messaging Tags:

Asus Eee PC 1005HA

2009/08/03 Koen Vermoesen 6 comments

Update 2009-10-23: Windows 7 drivers now available!

Finally jumped on the netbook hype. I wanted a portable device to use with my Garmin GPS. I have more than one computer at home but they are either not portable or not really my property. On top of that the software (and especially the maps) that I use with this device are rather annoying/time consuming to install because of the copyright protection. Hence I needed some dedicated hardware because I got tired of reinstalling this stuff all the time.

Additionally, it might also serve as an image tank when going on holiday. Last but not least the extended battery capacity might come in handy for note taking during some events. Taking notes on a sheet of paper and typing them over in the evening is rather time consuming.

I spent some time looking around on the internet. Most netbooks have very similar specs because of the limitations imposed by Microsft and Intel on this platform. In the end I decided to go with the newest incarnation of Asus’ Eee PC; the Asus Eee PC 1005HA.

Specs

  • 1005HA-WHI027X-BE
  • 10′ WSVGA (1024×600 px)
  • Intel Atom N280 Processor (1.66GHz, 32Bit, no virtualization support)
  • Windows XP
  • Bluetooth
  • WiFi 802.11n
  • 1024MB DDR2
  • 160GB HDD
  • 6 cells 5600mAh
  • White

Hardware

For my intended purpose I have a couple of specific needs:

  • USB ports are required for connecting the GPS (Garmin GPSMap60C) and HRM (Polar S720i). Additionally I also a USB KVM switch at home that I’d like to use with the netbook. The more the better, but three will do ;-)
  • VGA connector to connect my oldskool 19″ CRT Monitor (1600×1200) via the KVM mentioned above. Intel restricts the maximum resolution that can be used together with their atom processors. An external monitor allows me to get around that disadvantage (at home at least).
  • Storage. I need at least 50Gb of hard disk space for the OS and all op the map images. This particular model does not have and SSD but a regular 160Gb hard disk which is more than sufficient.
  • Memory. The maximum amount of memory a manufacturer can but in a netbook is another restriction imposed on the netbook platform. This time it’s Microsoft that only wants to provide XP “netbook” licenses for system with max 1Gb of RAM. Some subnotebooks, like the 1005HA, offer the possibility to upgrade the memory afterwards.
  • A last requirement is perhaps a little les important than the other ones. When I attended the TechDays event in March I was frustrated because I couldn’t use my laptop for note taking because it only lasts for 2 or 3 hours and then needs to be recharged. Basically I started looking for a model that could be used an entire business day (while using standby/hibernation during lunch and breaks). The advertised battery capacity is 10,5 hours for this Eee pc . Alltough these numbers are measured in ideal circumstances, but even if it’s only 7 or 8 hours it is still a lot more than any normal laptop. Note: XP shows 12h09 remaining after charging the little computer for the first time.

OS

I was considering 3 options for the OS on my Netbook. First of all I really wanted to give Ubuntu Netbook Remix (UNR) a try. Ubuntu 9.10 “Karmic Koala” alpha 3 seems to support all of the hardware (including network interfaces) in the 1005HA out of the box according to the interwebs. Unfortunately none of the applications I intend to run on this machine have a native Linux version. I would basically need to run all of them via Wine, Mono or inside a VM. That doesn’t make a lot of sense.

So I’m left with two more options; either keep the default XP SP3 install (there’s nothing wrong with that) or upgrade to Windows 7. Hardware support from W7 RC onwards seems to be perfect. So I decided to upgrade to the RTM version right from the start. Some first hand experience with Microsofts newest client operating system always comes in handy

>>> enter first blue screen on Windows Server 2008 R2 here :-( <<<

Tweaks

  • Remove all of the “XP” and “Atom inside” badges
  • Change partitioning scheme; 25Gb System partition and use the remainder for a data partition (removed recovery & bootbooster partitions)
  • Installed Windows 7 RTM from scratch using an external USB DVD drive
  • Disable all the eyecandy & adjust system properties for best performance (except for the “show thumnails instead of icons option)
  • Upgrade to 2Gb mem
  • disable webcam + bluetooth in the BIOS

Software

Here’s a quick overview of the applications I aim to install on my newest gadget. Some of these have online alternatives that are at least as good as the packages below but I want to be able to use the entire kit offline.

Photographs

package contents comparing with a pack of A4 comparing with a pack of A4 comparing with a pack of A4 comparing with a 15 & 17 inch notebook protective shields to remove badges to remove clean at last Eee 1005HA with Logitech VX NAnoGarmin GPSMap60C & Polar S720i Decompressing the XP image building the recovery partition starting Windows XP for the first time Wizard Default desktopUpgrading to 2Gb RAM Upgrade to Windows 7 RTM completed Mapsource displaying OpenStreetMap maps

Some more photographs on further disassembly of this netbook can be found here.

Conclusion

Pro

  • Wireless N (single channel; 150Mbps theoretical maximum)
  • Battery
  • Portability (size + weight)

Con

  • Glossy display & casing => fingerprints & reflections
  • Limited resolution & memory
  • Not powerful enough to watch heavily compressed movies (eg. YouTube HD or the *.mov files from my digicam), otherwise it would serve as a nice portable media player

Links

Categories: Hardware Tags: , ,

Toertocht Borchtlombeek

2009/07/27 Koen Vermoesen Leave a comment

Nogal vroeg moeten opstaan om een accute hongeraanval van onze jongste te stillen met een fles. Uiteindelijk weer in slaap gesukkeld om me vervolgens te overslapen.

7h33. Ik trek één oog open. F*ck, afspraak om 8h00 halen wordt moeilijk. Probeer een karig ontbijt te nuttigen terwijl ik in mijn koerskostuum kruip. Fiets nog vantussen de janboel in de garage peuteren. De nodige elektronica monteren. (Eens een nerd, altijd een …) Uiteindelijk een kwartier te laat en al buiten adem aan de nachtwinkel. Zie in de verte broertje zijn GSM al bovenhalen om te vragen waar ik uithang.

Via de goeie baan naar Borchtlombeek. Voor het eerst in zowat 2 jaar neem ik nog eens deel aan een toertocht. Comeback in de bike scene?

Het is niet zo heel erg druk. We cruisen op ons gemak langs veld en bos en worden af en toe voorbijgestoken door een "snelle’. Ik vind het prachtig bike-weer; Stralend blauwe hemel, hartverwarmende zomerzon met een koele bries op de achtergrond. Het parcours is zeker niet het meest uitdagende dat ik in mijn carrière al gezien heb maar daar kan ik met mijn huidig conditiepeil ook niet veel gaan doen. Langs de andere kant verveel ik me zeker niet. Er is genoeg offroad en sporadisch een technische spielerei. Mijn compagnon begint ondertussen hinder van het stijgende kwik te ondervinden en houdt het tussen de 2 bevoorradingen voor bekeken.

Er valt weinig op de bepijling aan te merken toch sta ook ik al eens halverwege een oprit voor ik me realiseer dat ik een onooglijk klein kerkwegje links/rechts gemist heb.

Na de 2° bevoorrading dwaal ik in gezelschap van een tweetal Meerbeekse Bikers verder om bijna in de eigen achtertuin aan te belanden. De laatste km’s uit de grote lus bevatten ook de grootste hoogteverschillen zodat de beentjes tot in de finale op temperatuur blijven.

Geen bekenden te bespeuren op het terras dus pik na aankomst maar opnieuw in op het parcours en maak de jump naar mijn favoriete canicross-rondje. Pal op het middaguur al thuis met een 60-tal kilometer op de teller.

‘s avonds nog een dik uurtje gaan fietsen het ganse gezin en wederom veel succes geoogst met de fietskar en haar inhoud. Samen met het looptochtje met de hond op zaterdagavond een toffe afsluiter van de congé.

Categories: Cycling Tags:

Bulk Creating Active Directory groups

2009/07/15 Stijn Vermoesen 2 comments

One of my colleagues gave me a list of AD groups for the sharepoint environment he’s confguring. Instead of creating them manually I used the Quest ActiveRoles management shell.

import-csv ‘SecurityGroups.csv’ | foreach {
New-QADGroup -Parent $_.ParentContainer -Name $_.Name -sAM $_.Name -GroupScope $_.GroupScope -GroupType $_.GroupType
}

This script imports a .csv file to create the security groups. The .csv file contains the OU distinguished name, the group Name, the group type (security or distribution) and finally the scope (Domain Local, Global or Universal).

It looks like this:

Parentcontainer,Name,Grouptype,GroupScope
“OU=Sharepoint,DC=domain,DC=local”,SecurityGroup01,Security,DomainLocal

Categories: Active Directory, PowerShell, Quest Tags: ,

ADFind Oneliners

2009/06/29 Koen Vermoesen 1 comment

I’m very fond of the powerful AdFind command line utility from joeware.net. Here’s a little list I’m keeping for my own reference:

Find the user behind a GUID:

adfind -binenc -gc -s subtree -b dc=test,dc=com -f "objectGUID={{GUID:????????-????-????-????-????????????}}" displayName

Likewise, you can use the same tool to find the e-mail address of a certain user:

adfind -gc -b dc=???,dc=??? -nodn -nolabel -f "sAMAccountName=??????" mail

The command above is actually part of script, so I used the “-nodn” and “-nolabel” parameters to have the tool only return the e-mail address. You obviously need to replace the question marks with something meaningful in the examples above.

List all distribution groups:

adfind -csv -nodn -f "(&(objectcategory=group)(mail=*))" displayname

List all contacts:

adfind -csv -nodn -f "(&(&(& (mailnickname=*) (| (&(objectCategory=person)(objectClass=contact)) ))))" displayname

List all mailbox-enabled users:

adfind -csv -nodn -f "(&(&(& (mailnickname=*) (| (&(objectCategory=person)(objectClass=user)(|(homeMDB=*)(msExchHomeServerName=*))) ))))" displayname

Run a query against another domain:

adfind -h %servername% -u %domain%\%username% -up %password% -csv -nodn -f "displayname=John Doe" displayname

List all the members of a DL (and optionally use the resulting dn to retrieve some more readable information):

adfind -list -f "DisplayName=%displayname%" member
adfind -list -f "DisplayName=%displayname%" member | adfind -csv -nodn mailnickname displayname mail

Report on the usage of Extension Attributes:

adfind -csv -nodn -f "(|(ExtensionAttribute1=*)(ExtensionAttribute2=*)(ExtensionAttribute3=*)(ExtensionAttribute4=*)(ExtensionAttribute5=*)(ExtensionAttribute6=*)(ExtensionAttribute7=*)(ExtensionAttribute8=*)(ExtensionAttribute9=*)(ExtensionAttribute10=*)(ExtensionAttribute11=*)(ExtensionAttribute12=*)(ExtensionAttribute13=*)(ExtensionAttribute14=*)(ExtensionAttribute15=*))" displayname ExtensionAttribute1 ExtensionAttribute2 ExtensionAttribute3 ExtensionAttribute4 ExtensionAttribute5 ExtensionAttribute6 ExtensionAttribute7 ExtensionAttribute8 ExtensionAttribute9 ExtensionAttribute10 ExtensionAttribute11 ExtensionAttribute12 ExtensionAttribute13 ExtensionAttribute14 ExtensionAttribute15

Count the number of mailboxes on an exchange server:

adfind -c -f "msExchHomeServerName=/o=EMS/ou=First Administrative Group/cn=Configuration/cn=Servers/cn=%servername%"

Imagine you’re working as a consultant/contractor for a large organisation and you want to know the end date of you contract:

adfind -tdcs -f "samaccountname=%UserName%" accountExpires

The “tdcs” parameter converts the time in a human readable format.

Somebody called you on your mobile phone and you want to know who:

adfind -list -f "telephoneNumber=*%extension%" displayname

More info

Categories: Active Directory, Scripting Tags: ,