Dalle & DXter

How to list all XP computers

By Fredrik Wall

Todays onliner will show all Windows XP computers
in a whole Active Directory.

Get-QADComputer -SizeLimit 0 -Osname "*xp*" | Select-Object Name, description, path

This can be nice If you want to migrate to Windows 7.

And if you want to show all Windows Server 2008

or Windows Server 2003 machines you just change –OSName to 2008 or 2003.

You need to have Quest AD cmdlets installed and you need to Add it first.

Add-PSSnapin Quest.ActiveRoles.ADManagement

If you want to import all information to excel you can

export It to a csv file with

| Export-Csv c:\scripts\test.txt

Get-ClientSiteName

By Fredrik Wall

This is another function that I use in
Active Directory scripting.

I use it when I want to create computer names
with the syntax SitenameComputertypeNumbers.

 

The function can be found here.

 

The story continues

By Fredrik Wall

Hi,

I sat down thinking a little bit today.
And then It strikes me that the Lab AD was not finished
and that It was not done by best practice.

So I will do the structure from this document from Microsoft,
Best Practice Active Directory Design for Managing Windows Networks.

And then we need to:

1. Create groups
2. Computers
3. OU Information

Then I think we are where we should be.

 

Lab AD with 5000 users

By Fredrik Wall

The script is not 100% finished as It is posted now in pieces.
I will be adding some check for existing users etc.

BUT I did test it last night with 5000 accounts and It did well.

Okay, I got a few error and some accounts didn’t go from disabled
to enabled. But that was like 5 out of 5000 with almost no
error handling and no check for existing users

I came up with some new ideas as well last night.

So I will add 1 or 2 articles after the script is posted.
Articles on how to make GUI for this with Windows.Forms.

 

Create Lab AD – Part 6

By Fredrik Wall

How to create and set user information.

It’s time to create and set our user information.
The information we want for this setup is:

1. First name
2. Last name
3. Display name
4. Description
5. Telephone number
6. E-Mail
7. Web page
8. User principal name
9. SAMAccount name
10. Department
11. Company

To create AD users with this information, we just do like this:

    # Creating the User
    $objOU = new-object DirectoryServices.DirectoryEntry("LDAP://OU=$myLabOUs,OU=$labOU," + $labDomain)
    $objUser = $objOU.Create("user", "cn=$FirstName $LastName")
    $objUser.Put("sAMAccountName", $userSAM)
    $objUser.Put("userPrincipalName",$userPrincipalName)
    $objUser.Put("displayName",$displayName)
    $objUser.put("mail", $userEmail)
    $objUser.put("department", $myLabOUs)
    $objUser.put("company","Power Admin Corp")
    $objUser.put("employeeNumber", $userNumber)
    $objUser.put("telephoneNumber", $userTele)
    $objUser.put("wWWHomePage", "http://www.poweradmin.se/blog")

    $objUser.SetInfo()
    Write-Host "Created - " $firstName $lastName "($userSAM) in" $mylabOUs 

    $objUser.Put("givenName", $firstName)
    $objUser.Put("sn", $lastName)
    $objUser.Put("description", $userDescription)
    $objUser.SetInfo()

    # Password
    $objUser.psbase.invoke("setpassword", "myH@rdP@ssw0rd99!")
    $objUser.SetInfo()

    # Enable the account
    $objUser.psbase.invokeset('accountdisabled', $false)
    $objUser.SetInfo()

    # Change password at next login
    $objUser.PwdLastSet = 0
    $objUser.Setinfo()

This was all for this article series.

Now we have a script to create lots of accounts.

Later on I will also post error handling and more.

I will post a whitepaper on this in a couple of days.

Create Lab AD – Part 5 (Changed)

By Fredrik Wall

I have been doing some changes to the last part.

All of my scripts are under constantly changes.

So before I post the next part of the script I

want to post this change.

I have been doing some changes to the $labDomain.

Now, by default you don’t need to do change anything.

It uses your users default domain and will use It all

the way.

# Name of the AD
# Default is the domain where your user are.
# Change $labDomain if you want to change this.
# $labDomain = "dc=poweradmin,dc=local"
$activeLabDomain = new-object DirectoryServices.DirectoryEntry
$labDomain = $activeLabDomain.distinguishedName

# Creating the "root" Lab OU
$search = [System.DirectoryServices.DirectorySearcher]"[ADSI]LDAP://$labDomain"
$search.Filter = "(&(name=$labOU)(objectCategory=organizationalunit))"
$result = $search.FindOne()

if ($result -eq $null) {
    $labADSIDomain = [ADSI]"LDAP://$labDomain"
    $objOU = $labADSIDomain.Create("OrganizationalUnit", "ou=" + $labOU)
    $objOU.SetInfo()
    Write-Host $labOU "created"
}
else
{
    Write-Host $labOU "exists"
}

# Creating all OUs in the Lab OU
$labDomainOU = [ADSI]"LDAP://ou=$labOU,$labDomain"
foreach ($labUnit in $labOUs) {
    $search = [System.DirectoryServices.DirectorySearcher]$labDomainOU
    $search.Filter = "(&(name=$labUnit)(objectCategory=organizationalunit))"
    $result = $search.FindOne()
    if ($result -eq $null) {
        $objOU = $labDomainOU.Create("OrganizationalUnit", "ou=" + $labUnit)
        $objOU.SetInfo()

        Write-Host $labUnit "created"
    }
    else
    {
        Write-Host $labUnit "exists"
    }

}

Create Lab AD – part 5

By Fredrik Wall

It’s time to take our information and create the AD.
First of all we need to setup the lab structure in our AD.
I use my lab active directory named poweradmin.local

# Name of the AD
$labDomain = [ADSI]"LDAP://dc=poweradmin,dc=local"

And then we need to decide what our Lab OU “root” should be called.

 

# LAB OU

$labOU = "Lab OU"

And then we put all of our OUs that we need.

# OUs to create

$labOUs = "Finance","IT","Marketing","Operations","Service","Customer Support"

Now It’s time to create the “root” lab OU.

First of all we check If it exists and It doesn’t we create it.

 
# Creating the "root" Lab OU

$search = [System.DirectoryServices.DirectorySearcher]$labDomain

$search.Filter= "(&(name=$labOU)(objectCategory=organizationalunit))"

$result = $search.FindOne()

if ($result -eq $null) {

   $objOU = $labDomain.Create("OrganizationalUnit","ou=" + $labOU)

   $objOU.SetInfo()

   Write-Host $labOU "created"

}

else

{

   Write-Host $labOU "exists"

}

When we have the “root” OU setup It’s time to create the rest.

# Creating all OUs in the Lab OU

$labDomainOU = [ADSI]"LDAP://ou=$labOU,dc=poweradmin,dc=local"

foreach ($labUnit in $labOUs) {

   $search = [System.DirectoryServices.DirectorySearcher]$labDomainOU

   $search.Filter= "(&(name=$labUnit)(objectCategory=organizationalunit))"

   $result = $search.FindOne()

   if ($result -eq $null) {

       $objOU = $labDomainOU.Create("OrganizationalUnit","ou=" + $labUnit)

       $objOU.SetInfo()

       Write-Host $labUnit "created"

    }

   else

    {

       Write-Host $labUnit "exists"

    }

}

It should look like this if you used the same OUs as I did.

In the next part we will create the users.

 

Create Lab AD – part 4

By Fredrik Wall

We have:

1. Real names
2. User Names (samAccountNames) with employee numbers
3. OU names
4. Country Names

If you have missed them, look in my older posts about
Create Lab AD.

In this part we will do:
Mail addresses

Telephone numbers

User Description

We will start with the mail addresses.

$myUserCountry = $userCountry | Get-Random

    switch ($myUserCountry)
    {
        'Sweden' {$userCoutryCode = "se"}
        'Denmark' {$userCoutryCode = "dk"}
        'Finland' {$userCoutryCode = "fi"}
        'Norway' {$userCoutryCode = "no"}
        default {$userCoutryCode = "local"}
    }

$userEmail = $userFirstName + "." + $userLastName + "@poweradmin." + $userCoutryCode

This will give us mail addresses like:

fredrik.wall@poweradmin.se

fredrik.wall@poweradmin.local

 

The domain name of your AD can easily be put there automatically.

 

For the telephone numbers I will use this little code.

$userLastTele = Get-Random -Minimum 1000 -Maximum 9999

$userTele = "+468440 " + $userLastTele
    

It will give us numbers like +4684402022 and +4684409988

The last thing I need before It’s time to do the add to AD part is the User description.

$userDescription = $firstName + " " + $lastName + " at " + $mylabOUs + " in " + $myUserCountry

This will give us this output:

Hadar Möller at Marketing in Norway

Peter Klint at Operations in Finland

Ylva Sten at Service in Sweden

So now we can put this together with

$firstName + " " + $lastName + " - " + $userSAM + " - " + $userEmail + " - " + $mylabOUs +

" - " + $userTele + " - " + $myUserCountry + " - " + $userDescription

and get

Hadar Möller – hamo63343 – hadar.moller@poweradmin.no – Marketing – +468440 5244 -

Norway – Hadar Möller at Marketing in Norway

Peter Klint – pekl78132 – peter.klint@poweradmin.fi – Operations – +468440 1661 – Fi

nland – Peter Klint at Operations in Finland

Ylva Sten – ylst53520 – ylva.sten@poweradmin.se – Service – +468440 7002 – Sweden –

Ylva Sten at Service in Sweden

 

Next post will be a start on the way to add these users to the AD

 

Create Lab AD – part 3

By Fredrik Wall

We have:

1. Real names
2. User Names (samAccountNames) with employee numbers

In this part we will do stuff for the Lab OUs and we will also pick Country
for the users.

We will not create anything until we have what we need in information.

$labOUs = "Finance","IT","Marketing","Operations","Service","Customer Support"

$mylabOUs = $labOUs | Get-Random

The output will be one of the OUs in the $labOUs.

Finance

IT

Marketing

Need more OU names, just add yours.

Now It’s time to do the same way to make some countries for the users.

$userCountry = "Sweden", "Norway", "Denmark", "Finland"

$myUserCountry = $userCountry | Get-Random

Create Lab AD (continue)

By Fredrik Wall

In my last post I did show you how to take names
from the internet to make “real” names.

I know that these are Swedish names and I will post
2 similar functions with US names later on.

Now when we have the names we want to make
usernames (samAccountName) of them as well.

So, first of all we need to clean the names from special
characters and other letter that we don’t want to use.
(All of the –creplace should be on the same line)

$userFirstName = $firstName -creplace('å','a')

-creplace('ä','a') -creplace('ö','o')

-creplace('Å','A') -creplace('Ä','A')

-creplace('Ö','O')  -creplace('ü','u')

-creplace('Ü','U') -creplace('é','e')

-creplace('É','E')

And then we want to only use lower letters.

$userFirstName = $userFirstName.ToLower()

And then we want to take the first 2 letters in the first name.

$userShortFirstName = $userFirstName.Substring(0,2)

For the last name we will do the same thing.

$userLastName = $lastName -creplace(‘å‘,‘a‘)

-creplace(‘ä‘,‘a‘)   -creplace(‘ö‘,‘o‘)

-creplace(‘Å‘,‘A‘)  -creplace(‘Ä‘,‘A‘)

-creplace(‘Ö‘,‘O‘)  -creplace(‘ü‘,‘u‘)

-creplace(‘Ü‘,‘U‘)  -creplace(‘é‘,‘e‘)

-creplace(‘É‘,‘E‘)

$userLastName = $userLastName.ToLower()

$userShortLastName = $userLastName.Substring(0,$lettersUNamelName)

And we like to be able to create lots of accounts so we need to add
numbers to our samAccountNames.

So we do like this

$userNumber = Get-Random -Minimum 10000 -Maximum 99999

And then we put It all together like this

$userSAM = $userShortFirstName + $userShortLastName + $userNumber
    

The output of this will be something like

frwa12997

asv34432

teol98231

If you want more possible users, then you can higher the
-Maximum number. And if you want less numbers you can lower
the –Minimum and –Maximum numbers.

Technorati Tags: PowerShell,Active Directory,Lab