MVP - Most Valuable Professional
rss

Just can't get enough of IT

This blog is about mostly anything in IT. But the primary focuses are Microsoft Technologies like Exchange, Office 365, Azure and Cloud Security.

Sometimes you might be interested in gathering a list of all computer from an Active Directory domain in preparation for migration.

You can gather a list of all computer objects using the following command.

# Fetch a sorted list of all computer objects
Get-ADComputer -Filter * -Property * | Sort-Object Name 

 

The wildcard used with the Property parameter fetches all available attributes for a computer object. Check the available attributes in the result set to identify the attributes you are interested in.

# Example output for the first computer object gathered from Active Directory
(Get-ADComputer -Filter * -Property * | Sort-Object Name)[0]

AccountExpirationDate                : 
accountExpires                       : 9223372036854775807
AccountLockoutTime                   : 
AccountNotDelegated                  : False
AllowReversiblePasswordEncryption    : False
BadLogonCount                        : 0
badPasswordTime                      : 0
badPwdCount                          : 0
CannotChangePassword                 : False
CanonicalName                        : DOMAIN.local/Computers/COMPUTER01
Certificates                         : {}
CN                                   : COMPUTER01
codePage                             : 0
CompoundIdentitySupported            : {False}
countryCode                          : 0
Created                              : 9/2/2013 3:01:13 PM
createTimeStamp                      : 9/2/2013 3:01:13 PM
Deleted                              : 
Description                          : 
DisplayName                          : 
DistinguishedName                    : CN=COMPUTER01,CN=Computers,DC=DOMAIN,DC=local
DNSHostName                          : COMPUTER01.DOMAIN.local
DoesNotRequirePreAuth                : False
dSCorePropagationData                : {12/31/1600 7:00:00 PM}
Enabled                              : True
HomedirRequired                      : False
HomePage                             : 
instanceType                         : 4
IPv4Address                          : 
IPv6Address                          : 
isCriticalSystemObject               : False
isDeleted                            : 
KerberosEncryptionType               : {RC4, AES128, AES256}
LastBadPasswordAttempt               : 
LastKnownParent                      : 
lastLogoff                           : 0
lastLogon                            : 130942520427754509
LastLogonDate                        : 12/10/2015 3:02:53 PM
lastLogonTimestamp                   : 130942513734007331
localPolicyFlags                     : 0
Location                             : 
LockedOut                            : False
logonCount                           : 194
ManagedBy                            : 
MemberOf                             : {}
MNSLogonAccount                      : False
Modified                             : 12/10/2015 3:02:53 PM
modifyTimeStamp                      : 12/10/2015 3:02:53 PM
msDS-SupportedEncryptionTypes        : 28
msDS-User-Account-Control-Computed   : 0
Name                                 : COMPUTER01
nTSecurityDescriptor                 : System.DirectoryServices.ActiveDirectorySecurity
ObjectCategory                       : CN=Computer,CN=Schema,CN=Configuration,DC=DOMAIN,DC=local
ObjectClass                          : computer
ObjectGUID                           : da59afcc-e00a-430b-9cbc-01adeed568f3
objectSid                            : S-1-5-21-3143343262-845931634-422089675-1179
OperatingSystem                      : Windows 7 Professional
OperatingSystemHotfix                : 
OperatingSystemServicePack           : Service Pack 1
OperatingSystemVersion               : 6.1 (7601)
PasswordExpired                      : False
PasswordLastSet                      : 12/2/2014 7:21:09 AM
PasswordNeverExpires                 : False
PasswordNotRequired                  : False
PrimaryGroup                         : CN=Domain Computers,CN=Users,DC=DOMAIN,DC=local
primaryGroupID                       : 515
PrincipalsAllowedToDelegateToAccount : {}
ProtectedFromAccidentalDeletion      : False
pwdLastSet                           : 130619964697110685
SamAccountName                       : COMPUTER01$
sAMAccountType                       : 805306369
sDRightsEffective                    : 15
ServiceAccount                       : {}
servicePrincipalName                 : {RestrictedKrbHost/COMPUTER01, HOST/COMPUTER01, 
                                       RestrictedKrbHost/COMPUTER01.DOMAIN.local, HOST/COMPUTER01.DOMAIN.local}
ServicePrincipalNames                : {RestrictedKrbHost/COMPUTER01, HOST/COMPUTER01, 
                                       RestrictedKrbHost/COMPUTER01.DOMAIN.local, HOST/COMPUTER01.DOMAIN.local}
SID                                  : S-1-5-21-3143343262-845931634-422089675-1179
SIDHistory                           : {}
TrustedForDelegation                 : False
TrustedToAuthForDelegation           : False
UseDESKeyOnly                        : False
userAccountControl                   : 4096
userCertificate                      : {}
UserPrincipalName                    : 
uSNChanged                           : 1721509
uSNCreated                           : 45981
whenChanged                          : 12/10/2015 3:02:53 PM
whenCreated                          : 9/2/2013 3:01:13 PM

 

As a next step, you gather the selected information and 

# Fetch data for an operating system overview, sorted by property Name only
Get-ADComputer -Filter * -Property * | Sort-Object Name | Select Name,OperatingSystem,OperatingSystemServicePack,OperatingSystemVersion 

# Fetch data for an operating system overview, sorted by property OperatingSystem first, then Name 
Get-ADComputer -Filter * -Property * | Sort-Object OperatingSystem,Name | Select Name,OperatingSystem,OperatingSystemServicePack,OperatingSystemVersion 

 

You can export the gathered information to a comma separated file easily using the Export-Csv cmdlet.

# Export the gathered and sorted information to a CSV file using a semicolon as the delimiter
# Adjust the file path for the CSV file to fit your environment
Get-ADComputer -Filter * -Property * | Sort-Object OperatingSystem,Name | Select Name,OperatingSystem,OperatingSystemServicePack,OperatingSystemVersion | Export-Csv -Path C:\SCRIPTS\ComputerOverview.csv -NoClobber -NoTypeInformation -Delimiter ';' 

 

Link

 

Enjoy!

Read More »

Exchange Server 2013Exchange Server 2016The PowerShell script New-RoomMailbox has been updated and release v1.2 has been published to GitHub and TechNet Gallery.

The script now creates a third mail-enabled security group to limit the set of users which are allowed to book the resource. The group itself is created (prepared) only, but not assigned to the room resource.

Additionally, the default language (locale) is configured. This prohibits the "Set locale" - dialogue when accessing the room mailbox using Outlook on the Web. 

Read more here: https://www.granikos.eu/en/justcantgetenough/PostId/337/create-a-new-room-mailbox-with-security-groups

Enjoy Exchange.

Read More »

Exchange Server 2010Exchange Server 2013Exchange Server 2016PowerShellDescription

This script reads the Exchange schema version from the Active Directory schema partition.

The Exchange organization name is fetched from Active Directory automatically.
  
The script fetches at forest level:

  • objectVersion of MESO Container
  • rangeUpper of ms-Exch-Schema-Version-Pt 
  • msExchProductId of Exchange Organization container
  • objectVersion of Exchange Organization container

The script fetches at domain level:

  • objectVersion of MESO Container

 

Examples

Code Samples

# Fetch all version information in the Active Directory forest
.\Get-ExchangeServerVersionInfo.ps1

Sample Output:

PS D:\Scripts> .\Get-ExchangeServerVersionInfo.ps1

Exchange Server Schema and Object Information for forest [VARUNA.ROOT]
Exchange Organization Name        : VARUNA-GROUP
Active Directory Schema rangeUpper: 15332

Working on VARUNA.ROOT
MESO Container objectVersion           : 13236
Exchange Configuration msExchProductId : 15.01.1466.003
Exchange Configuration objectVersion   : 16213

Working on VARUNAGROUP.DE
MESO Container objectVersion           : 13236

Version History

  • 1.0, Initial community release

Links

Follow

 

Enjoy Exchange Server!

Read More »

Exchange Server 2010Exchange Server 2013Exchange Server 2016PowerShellDescription

When migrating to new version of Exchange Servers you must move your internal SMTP relay endpoints. This can be a challeging tasks as application owners mostly ignore your requests for such changes. 

You can use the information provided in the receive connector log files to identify remote clients (MTAs / MTUs) connecting to the legacy infrastructure. The assumption is that protocol logging is enabled. You can easily active protocol logging across all receive connector fo a single server using the following EMS PowerShell one-liner:

Get-ReceiveConnector -Server EX01 | Set-ReceiveConnector -ProtocolLoggingLevel Verbose

The scripts searches the log files for the connection's EHLO response which containes the remote name or remote IP-address of the system connecting to the receive connector.

You can either search

  • Legacy Exchange Servers (aka Exchange Server 2010)
  • Modern Exchane Servers 
    • Frontend Transport
      or
    • Backend Transport (aka Hub Transport)

For more information read the readme.md file at Github.

Note

You need to adjust the log file path to suit your IT infrastructure. A next releas will contain a more automatic solution.

Examples

# Search legacy Exchange servers SMTP receive log files for the last 4 days and save search results in a single CSV file

.\Get-RemoteSmtpServers.ps1 -Servers SRV01,SRV02 -LegacyExchange -AddDays -4 -ToCsv

Version History

  • 1.0, Initial community release 
  • 1.1, Fixed Issue #2

Links

Follow

 

Read More »

Exchange Server 2010Description

When you want to migrate your legacy public folders from Exchange 2010 to modern public folders in Exchange Online you must prepare the public folder names for migration.

Public folder names are not allowd to contain the following:

  • Backslash "\"
  • Forward slash "/"
  • Leading or trailing spaces

The script Fix-PublicFolderNames.ps1 fixes the public folder names in preparation for migration to modern public folders.

Examples

# EXAMPLE
# Rename and trim public folders found on Server MYPFSERVER

.\Fix-PublicFolderNames -PublicFolderServer MYPFSERVER

Version History

  • 1.0, Initial community release

Links

Follow

Read More »