I had a request recently to provide an inactive user report for the past 60 days. Basically, find out which accounts have not logged in for the past 60 days so action can be taken against them. The request was for a multi domain forest which queries every domain controller and gets the latest lastlogon…
Tag: AD
Force Replication of all Domain Controllers on all Sites
If you want to replicate all Domain Controllers, then you have to start replication on each of them separately. This may take a while. To save time there is an easier way to force replication on all Domain Controllers of all Active Directory Sites. Log on to one of your Domain Controllers. Start Windows PowerShell…
The Lazy Way To Do Active Directory Inventory
From time to time admins have to run an inventory of what is running in the AD environment. This is a good practice for audits, inventory, removing decommissioned servers, or any other good reason. The details that are required are like when was computer/ server created, when was it last logged into, what is the…
Cleaning up Office365 Groups Mess
Office 365 Groups are a shared workspace for email, conversations, files, and events where group members can collectively get stuff done. It compliments the introduction of Microsoft Teams. The main thing to keep in mind is that this feature is still evolving. Why is it important to control Office 365 Group creation? This feature is…
Migrate Office365 Photos to AD
Many of my customers have Office365 and have been using Skype for Business for sometime now. It is likely that your organization users have uploaded their profile picture. Now only if there was a way to sync those pictures back to your AD – so it looks neat & nice. There is a way!
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 |
#MigrateOffice365PhotosToAD.ps1 function Get-Office365Photo($EmailAddress,$Credential) { $wc = New-Object System.Net.WebClient $wc.credentials = $Credential # Build the URL that'll return the jpeg of the user's photo $url = "https://outlook.office365.com/ews/exchange.asmx/s/GetUserPhoto?email=$EmailAddress&size=HR96x96" # Build a path to export it to (.\[email protected]) $outPath = "$pwd\$EmailAddress.jpg" try { # Download the image and save it to the current directory $wc.DownloadFile($url,$outPath) return $outPath } catch { throw $_ } } function Upload-ADPhoto($Username,$FilePath) { # Import the photo into a variable as a byte array $photo = [byte[]](Get-Content $FilePath -Encoding byte) # Replace the current value of thumbnailPhoto with the byte array from above Set-ADUser $Username -Replace @{ThumbnailPhoto=$photo} } # Get the credential to allow us to download the images $Cred = Get-Credential -Message "Please enter your Office 365 Credentials" # Get every mail-enabled AD user $users = Get-ADUser -ldapfilter '(mail=*)' -properties mail # For each of the mail-enabled users... foreach ($user in $users) { try { # Download the photo $photoPath = Get-Office365Photo -EmailAddress $user.mail -Credential $Cred # Upload the photo Upload-ADPhoto -Username $user -FilePath $photoPath } catch { Write-Warning "Unable to update image for $($user.mail)" } } |
…
Bulk removal of Password Never Expires checkbox in AD
No one intends this but it is a problem that sooner or later you will be come across in your system administrator career. I’ve see this resolved many different ways, but I like to narrow it down to a particular OU. Depending on your case you may want to clean this across the board in…