powershell – Mohammed Wasay

Get Inactive Users Report for the past 60 days in a multi domain environment

February 18, 2020September 18, 2022

I had a request recently to provide an inactive user report for the past 60 days. Basically, find out which accounts have not logged in for the past 60 days so action can be taken against them. The request was for a multi domain forest which queries every domain controller and gets the latest lastlogon…

Convert a Dynamic IP to Static

October 18, 2018September 18, 2022

Working on a project where on some servers the DHCP assigned addresses needs to be converted to static. Since there is always more than one…I needed to script it. Here is a quick way to do it via PowerShell. Hope this helps!

Force Replication of all Domain Controllers on all Sites

September 14, 2018September 18, 2022

If you want to replicate all Domain Controllers, then you have to start replication on each of them separately. This may take a while. To save time there is an easier way to force replication on all Domain Controllers of all Active Directory Sites. Log on to one of your Domain Controllers. Start Windows PowerShell…

Deploying the SCCM Client with VMware Client Windows Guest Customization

April 19, 2018

Since SCCM is our configuration management tool of choice, the SCCM client needs to get installed on all of our newly provisioned VMs. I created a service account that only has read permission to theÂ \\sccmserver\sms_sitecode\clientÂ share on the SCCM server. The client is installed from this location to ensure that we are always using the latest…

Provisioning a New Office 365 User and Mailbox from Exchange Hybrid via PowerShell

September 18, 2017

Working with many Office365 clients, I receive queries on how to go about provisioning users and mailboxes for an Exchange hybrid deployment. To begin with, letâ€™s assume aÂ couple things. We have a Windows 2012 R2 member server with Azure AD Connect (AAD Connect) version 1.1.105.00 (or newer) and the Azure AD Module for PowerShell installed;…

Add Alternate Email Address or Recovery Email Address for Office365 Administrator

September 6, 2017

In Office365, depending on the admin role of an account you may want to add an alternate email address for password recovery. This is a basically a self-service password reset for Administrators of Office365. Quick way to do this is with PowerShell:

#Connect to Office365
Import-Module MSOnline
Connect-MsolService
$O365Cred = Get-Credential
$O365Session = New-PSSession â€“ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $O365Cred -Authentication Basic -AllowRedirection
Import-PSSession $O365Session

#Check if the user has an Alternate Email Address (Recovery Address)
Get-MsolUser -UserPrincipalName mwasay@domain.com | select -ExpandProperty AlternateEmailaddresses

#Check if the user has an Alternate Email Address (Recovery Address)
Set-MsolUser -UserPrincipalName mwasay@domain.com -AlternateEmailAddresses mwasay@domain2.com

1

2

3

4

5

6

7

8

9

10

11

12

#Connect to Office365

Import-Module MSOnline

Connect-MsolService

$O365Cred = Get-Credential

$O365Session = New-PSSession â€“ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $O365Cred -Authentication Basic -AllowRedirection

Import-PSSession $O365Session

#Check if the user has an Alternate Email Address (Recovery Address)

Get-MsolUser -UserPrincipalName mwasay@domain.com | select -ExpandProperty AlternateEmailaddresses

#Check if the user has an Alternate Email Address (Recovery Address)

Set-MsolUser -UserPrincipalName mwasay@domain.com -AlternateEmailAddresses mwasay@domain2.com

If this setting is unset for an administrator, Office365 gives you a…

Map a network drive using PowerShell

August 16, 2017

Make sure you are using the latest version of PowerShell. On Windows 8/10 run it as administrator and type the following:

New-PSDrive â€“Name â€œZâ€ â€“PSProvider FileSystem â€“Root â€œ\\fileserver01\shareâ€ â€“Persist

1	New-PSDrive â€“Name â€œZâ€ â€“PSProvider FileSystem â€“Root â€œ\\fileserver01\shareâ€ â€“Persist

Where: Z – is the Drive Letter Within ” ” is the path of the network share that will be presented as the root of the drive letter Z The -Persist parameter so…

Guide to migrate FRS to DFSR

June 21, 2017June 11, 2021

For most users this article only applies if you have Window 2003/ 2003 R2 Domain Controller in your enviornment that you are planning to get rid off. Pretty soon I hope! 😉 SYSVOL is a folder shared by domain controller to hold its logon scripts, group policies and other items related to AD. All the…

The Lazy Way To Do Active Directory Inventory

June 14, 2017April 28, 2020

From time to time admins have to run an inventory of what is running in the AD environment. This is a good practice for audits, inventory, removing decommissioned servers, or any other good reason. The details that are required are like when was computer/ server created, when was it last logged into, what is the…

Lists all users last logon time

May 8, 2017

As administrators we often want to check whichÂ usersÂ have not logged in for quite a while, or what accounts recently accessed a system, etc. The following script list all users and their last logon time. With the lastloggeduser.csv we can get fancy with excel to find differences based on age and more.

$([ADSI]"WinNT://$env:COMPUTERNAME").Children | where {$_.SchemaClassName -eq 'user'} | select @{l='name';e={$_.name}},@{l='LastLogin';e={$_.lastlogin}} | export-csv C:\scripts\lastloggedusers.csv

1	$([ADSI]"WinNT://$env:COMPUTERNAME").Children \| where {$_.SchemaClassName -eq 'user'} \| select @{l='name';e={$_.name}},@{l='LastLogin';e={$_.lastlogin}} \| export-csv C:\scripts\lastloggedusers.csv