Author: andrewgdean

Brain Dump of useful things

This page serves as a placeholder for the little gems and useful things I have gathered over the years.

#Run This to activate Quest tools:
Add-PSSnapin Quest.ActiveRoles.ADManagement

#Get User account names and search with attributes examples
get-qaduser -SizeLimit 0 | select-object SamAccountName | Export-Csv c:\temp\UserDumpDept20161019.csv

get-qaduser -SizeLimit 0 -Department ‘Unit 1’ | select-object firstname, lastname, Title, AccountIsDisabled, Manager | Export-Csv c:\temp\Unit1.csv -notype

get-qaduser -SizeLimit 0 | select-object firstname, lastname, Title, AccountIsDisabled, Manager | Export-Csv c:\temp\IsDisabled.csv -notype

get-qaduser -SizeLimit 0 -Disabled | select-object firstname, lastname, SamAccountName, Title, AccountIsDisabled, LastLogonTimestamp, Manager | Export-Csv c:\ps\output\IsDisabled.csv -notype

get-qaduser -SizeLimit 0 | select-object DisplayName, SamAccountName,AccountIsDisabled, ParentContainer | Export-Csv c:\output\UserDump.csv

get-qaduser UserX | select-object usermustchangepassword

#Example of using a for each loop and streamlined 
$users=get-content c:\temp\users.txt
foreach ($user in $users)
{get-qaduser $user | NTAccountName, Department| fl}

#Get members of a group
Get-QADGroupmember PrivilegedGroup | select-object NTAccountName, Department | Export-Csv c:\temp\output.csv
#Get All Computer Names
Get-QADComputer -SizeLimit 0 | select-object Name, ComputerRole, OperatingSystem, passwordlastset | Export-Csv c:\temp\ADCOmputerNameDump_20160802.csv

#Inactive AD Object Checks
Get-QADUser -Inactive
Get-QADUser -NotLoggedOnFor 30
Get-QADUser -ExpiredFor 30
Get-QADComputer -Inactive
Get-QADComputer -InactiveFor 60

#search for users with an attribute
Get-QADUser -ldapFilter ‘(physicalDeliveryOfficeName=*NSW*)’|export-csv c:\temp\board.csv
Get-QADUser -LastName ‘smith’ | select-object mail | fl

#Get RSOP from a remote computer
Get-GPResultantSetOfPolicy -user Contoso\Daniel -computer Windows8computer -ReportType Html -Path D:\rsop.html

#Task 1: Reset a User Password, save this into a PS1 file
$user=read-host “Enter Username”
$new=Read-Host “Enter the new password” -AsSecureString
Set-ADAccountPassword $user -NewPassword $new
Set-ADUser $user -ChangePasswordAtLogon $True

#Task 5: Find Empty Groups
get-adgroup -filter * | where {-Not ($_ | get-adgroupmember)} | Select Name

#Task 8: Find Obsolete computer objects
get-adcomputer -filter “Passwordlastset -lt ‘1/1/2012′” -properties *| Select name,passwordlastset

#Task 9: Find computers by Operating system
Get-ADComputer -Filter * -Properties OperatingSystem |Select OperatingSystem -unique | Sort OperatingSystem

# MS greg like tool findstr.exe
findstr /r “^4[0-9]{12}(?:[0-9]{3})?$”

#Get a file count
(Get-ChildItem -path “\\TestServer\c$”).count
#Or
(Get-ChildItem -path “\\TestServer\c$” -Recurse).count
#Get folder sizes
Get-ChildItem | Where-Object { $_.PSIsContainer } | ForEach-Object { $_.Name + “: ” + “{0:N2}” -f ((Get-ChildItem $_ -Recurse | Measure-Object Length -Sum -ErrorAction SilentlyContinue).Sum / 1MB) + ” MB” }
#MS EXCEL
Convert Gb MB KB to bytes
=IF(ISERROR(FIND(“M”,A1))=FALSE,VALUE(LEFT(A1,FIND(” “,A1)-1))/1000,IF(ISERROR(FIND(“K”,A1))=FALSE,VALUE(LEFT(A1,FIND(” “,A1)-1))/1000000,VALUE(LEFT(A1,FIND(” “,A1)-1))))
#get security logs copy
xcopy \\computername\c$\Windows\System32\winevt\Logs\security.evtx D:\temp\security.evt

#merge text files into one file, useful for merging log files
copy *.txt newfile.txt

#MS Excel check for dups formula;
=IF(COUNTIF(A:A,A2)=1,”Yes”,”No”)
=IF(COUNTIF(M:M,C2)=1,”Yes”,”No”)
#get free disk space report
gwmi win32_logicaldisk | Format-Table DeviceId, MediaType,Size, {$_.FreeSpace /1GB}

#Get computers in an OU
Get-Qadcomputer -SizeLimit 0 -SearchRoot “contoso.com/Resources/Servers/File Servers” | fl

#Add user to a group
add-qadgroupmember -identity “CN=secgroup1,OU=Groups,OU=Resources,DC=Contoso,DC=com” -member “cn=Username,ou=users,dc=domain,dc=com”

#Removing User from a group
Remove-qadgroupmember -identity “CN=secgroup1,OU=Groups,OU=Resources,DC=Contoso,DC=com” -member “cn=Username,ou=users,dc=domain,dc=com”

More to come in part two!