Loading...

Change all users to an alternate domain suffix

In Active Directory users and computers, right click Queries> New. Give it a name, click “define query”. Stay on the “Users” tab. Select “Is not” and type an invalid name like testtesttest. Click ok, ok. It should return a result with all users whose name is <<not>> testtesttest. Select all, right click> Properties. Go to Account tab> check “UPN Suffix” and change it to the appropriate suffix. That’s it! There are PowerShell methods to do this too but when handling hundreds of user accounts, you have to be absolutely careful in PowerShell. There are solutions online that work fine that I am not going to post here. This is purely for the GUI. Good luck!

Exchange and AD Powershell Useful Commands

I’ve had a few odd issues & tasks with Exchange 2010 and AD recently and wanted to take a moment to document them as well as the command used to resolve the issue:

The following command was useful to resolve an issue of multiple copies of the same shared mailbox showing where only one would allow access and the other copies would only fail to open.

Add-MailboxPermission -Identity <shared mailbox alias> -User <your mailbox alias> -AccessRights FullAccess -InheritanceType All -Automapping $false

The following will find all active user accounts whose Password Never Expires attribute is set to true formatted in a nice table of username and the value. Value is not really necessary because it should only return true, but everyone loves a sanity check right?

get-aduser -filter * -properties Name, PasswordNeverExpires | where { $_.passwordNeverExpires -eq "true" } | where {$_.enabled -eq "true"} | Format-Table -Property Name, PasswordNeverExpires -AutoSize

Delete Excess User Profiles

You Will Need:

Mix it all together:

What I like to do is copy delprof2.exe to the Windows folder. Then you can run it directly from command prompt. However, I like to create a scheduled task to run it if any user logs on. You want to set “When running the task, use the following user account:” to Administrators. Run with highest privileges and run with the switch /q which means it will silently delete all profiles according to the criteria you specified. This should actually help out with security because if another user logs into the computer, it will run this utility which will delete your profile when they login. On top of this, you have a scheduled task set to run each day with Ccleaner which wipes free space at the end of your shift. Double bonus if it goes undetected.

Switches

   /l   List only, do not delete (what-if mode)
   /u   Unattended (no confirmation)
   /q   Quiet (no output and no confirmation)
   /p   Prompt for confirmation before deleting each profile
   /r   Delete local caches of roaming profiles only, not local profiles
   /c   Delete on remote computer instead of local machine
   /d   Delete only profiles not used in x days
   /ntuserini
        When determining profile age for /d, use the file NTUSER.INI
        instead of NTUSER.DAT for age calculation
   /ed  Exclude profile directories whose name matches this pattern
        Wildcard characters * and ? can be used in the pattern
        May be used more than once and can be combined with /id
   /id  Include only profile directories whose name matches this pattern
        Wildcard characters * and ? can be used in the pattern
        May be used more than once and can be combined with /ed
   /i   Ignore errors, continue deleting
delprof2.exe -c:192.168.175.129 -p 

enter image description here

Source: http://superuser.com/questions/643417/delete-user-profile-from-command-line-windows-7

Router Giving IPv6 Addresses

I recently ran into an issue where my router was giving off the following IPv6 addressses (or so I thought). I ran an ipconfig /all in command prompt which shows all adapters and their configurations. The LAN port was showing both an IPv4 and IPv6 address. The IP address was 192.168.137.1 and the IPv6 was an IPv6 address (being too lazy to type it out). Here is what the DNS configurations showed for that adapter:

fec0:0:0:0:ffff::1%1
fec0:0:0:0:ffff::2%1
fec0:0:0:0:ffff::3%1

It dawned on me at one point or another that 192.168.137.1 is the address that is given when you are Sharing a Network Connection. I do this often because I have a wireless access point in one room and a (usually) offline network in another room. When I want to have internet connection on that network, I use my laptop to share the connection to my LAN port and therefore I have internet access. Because this was on, my computer was acting as a DHCP server and wasn’t allowing incoming connections. I shut that off and everything worked fine afterward.

Space Use Scanner (Free Utility)

Is your hard drive full and you have no idea why? I use this little utility called Space Use Scanner. You can download it here: www.steffengerlach.de. It shows you a graphical chart of your hard drive. You can actually click any portion of the graph to see more details about what in that folder is using so much space. [This actually points out hiberfil.sys (Hibernation file and system info) and pagefile.sys (virtual memory stored on hard disk) as taking up a lot of space most of the time.]

Image

The screenshot is from: http://www.steffengerlach.de/. I did not make the screenshot above. Please visit the site to download the freeware.

Task Scheduler Error: Specified Account Does Not Exist

A message similar to the one above showed up one day when I was editing a scheduled task. I did a quick Google which did not help out very much, and ended up learning on my own that the task was set to be run by the following user: MyComputer1\user. Since then, I changed the name of my computer to: MyComputer2\user. So to fix it, I just opened up the scheduled task and changed the user it should be run by to the same user and it automatically updated the computer name as it needed to.