Find All OUs with Users, Groups, or Contacts
Recently I found myself involved with a new company helping them with an Active Directory migration. Their plan is to converge separate forests into one new forest. Since I was new to the environment I wanted to really get a better understanding of what I was dealing with. With this I opened my trusty PowerShell script editor and began working out a few scripts to help understand these new environments.
When dealing with an Active Directory migration you really want to get a true grasp of where all of the important objects are, to me important objects are Users (including service accounts), Contacts, and Groups. Over time Active Directory Domains can become quite messy and convoluted ending up with numerous OUs which really have no true purpose any longer, yet no one deleted them. The script below helps you traverse through the muck and find the truly important OUs based on the important objects I’ve defined.
The script below does the following:
- Connects to the Active Directory domain(s) you specify
- Queries for all OrganizationalUnits within that domain
- Queries for all AD Objects within each OrganizationalUnit
- Creates 3 variables based on the query stated in step 3. ($users, $groups, $contacts)
- Defines the output data for each OU
- Counts the number of Users, Contacts, or Groups within the current OU
- Adds the content to the arrayed variable of $output
- After rolling through all OUs and all Domains the $output file is exported in CSV format to $OutFile defined in the params.
function Get-OUWithObjects { <# .SYNOPSIS Function to get all OUs that contain Users, Groups, or Contacts. .DESCRIPTION This function requires Quest ActiveRoles AD Management to be installed. The purpose of this script is to go out and find any and all OrganizationalUnits which contain Users, Groups, or Contacts. It performs a count on each type of object and prints them to a CSV File. This is a useful tool for any Admin getting ready to perform an Active Directory migration in order to better understand the existing environment. This script does not require and special privelages in order to run as you're only reading from Active Directory. .PARAMETER Domains This allows you to input as many domains as you'd like to scan against. (ex. -Domains "domain1","domain2","domain3" ) .PARAMETER OutFile This specifies the directory path and file name for the CSV output. (ex. -Outfile c:\temp.csv) .NOTES Name: Get-OUWithObjects.ps1 Author: Josh Schofield DateCreated: 12/28/2012 .LINK http://www.JSchofield22.wordpress.com .EXAMPLE Get-OUWithObjects -Domains "Domain1","Domain2" -OutFile "C:\temp\test.csv" #> param( [Parameter(Mandatory=$true)] $Domains, [Parameter(Mandatory=$true)] [string]$OutFile ) if ((Get-PSSnapin -Registered| where {$_.name -eq "quest.activeroles.admanagement"}) -eq $null){Write-Error "Quest.ActiveRoles.ADManagement NOT Installed"} else { Get-PSSnapin -Registered| where {$_.name -eq "quest.activeroles.admanagement"} | Add-PSSnapin | Out-Null if ((test-path $OutFile) -eq "True"){del $OutFile} $output = @() foreach ($domain in $domains) { Connect-QADService $domain Get-QADObject -Type "organizationalunit" -IncludedProperties name,type,parentcontainer,dn -SizeLimit 0| %{ $ouname = $_.name $parentcontainer = $_.parentcontainer $adobjects = get-qadobject -SearchRoot $_.dn -SearchScope OneLevel -IncludedProperties type,name -SizeLimit 0 | where {(($_.type -eq "contact") -or ($_.type -eq "user") -or ($_.type -eq "group"))} $users = $adobjects | where {$_.type -eq "user"} $groups = $adobjects | where {$_.type -eq "group"} $contacts = $adobjects | where {$_.type -eq "contact"} $results = "" | Select Domain, Name, UserCount, GroupCount, ContactCount, ParentContainer $results.Domain = $domain $results.Name = $ouname $results.ParentContainer = $parentcontainer if ($users -ne $null) { $results.UserCount = $users.count } #End of User Check if ($groups -ne $null) { $results.GroupCount = $groups.count } #End of User Check if ($contacts -ne $null) { $results.ContactCount = $contacts.count } #End of User Check $output += $results Clear-Variable $results -ErrorAction SilentlyContinue Clear-Variable $ouname -ErrorAction SilentlyContinue Clear-Variable $parentcontainer -ErrorAction SilentlyContinue $adobjects = $null $users = $null $groups = $null $contacts = $null } #End of Get QADObject OU } $output | Export-Csv $OutFile -NoTypeInformation }}
Increase Exchange 2010 OWA Signature Field
Register Src=”~/Customize/MessageFormat.ascx” TagName=”MF” TagPrefix=”ecp”
Register Src=”~/Customize/MessageOptions.ascx” TagName=”MO” TagPrefix=”ecp”
Register Src=”~/Customize/ReadReceipts.ascx” TagName=”RR” TagPrefix=”ecp”
Register Src=”~/Customize/ReadingPane.ascx” TagName=”RP” TagPrefix=”ecp”
Register Src=”~/Customize/Conversations.ascx” TagName=”CS” TagPrefix=”ecp”
Ping Multiple Hosts with PowerShell and Return Useful Information
A lot of our time in IT is spent making sure systems are up and running. Most times our first test when troubleshooting an issue is to perform a PING command. For that reason I have created the script below which in essence just performs the Test-Connection cmdlet. This script only provides me the useful information that I want from the cmdlet, both onscreen and in a csv file.
If you want to get really fancy you could perform a get-qadcomputer command and pipe the output to a CSV file. Then use that CSV file as the input file for the script below. If you did this you would be able to know which machines in your domain can respond to a PING response.
########################################################################### # # NAME: Ping-Host.ps1 # # AUTHOR: Joshua Schofield # # COMMENT: If using a CSV file, you must have a column named DNSName in order for script to complete. # # EXAMPLE: c:\scripts\ping-host.ps1 -sourcefile c:\scripts\csv\servers.csv -oufile c:\scripts\logs\logfile.csv # # VERSION HISTORY: 1 # # VERSION DATE: 8/21/2012 # # VERSION COMMENTS: Tested and Validated # # ########################################################################### param ( [Parameter(Mandatory = $true)] $SourceFile, [Parameter(Mandatory = $true)] $OutFile ) Function Ping-Hosts { param ($server) $test = Test-Connection $server -Count 1 -Quiet -ErrorAction SilentlyContinue $ip = Test-Connection $server -Count 1 | select ipv4address -ErrorAction SilentlyContinue $ip = $ip.IPV4Address if ($test.ToString() -like "true") { Write-Host "$server $ip is pingable" -ForegroundColor green Write-Output "$server,$ip,yes" | Out-File $OutFile -Append } else { Write-Host "$server not pingable" -ForegroundColor Red Write-Output "$server,$ip,no" | Out-File $OutFile -Append } $test = $null $name = $null $server = $null $ip = $null } $filetype = $SourceFile.split(".")[1] Write-Output "ServerName,IP,RespondsToPING" | Out-File $OutFile -force if ($filetype -eq "txt"){ gc $sourcefile | % { ping-hosts $_ } } Elseif ($filetype -eq "csv"){ Import-Csv $sourcefile | % { ping-hosts $_.dnsname } } else{ Write-Host "Filetype: $filetype not recognized. Filetype must be .csv or .txt . Please try again." -ForegroundColor DarkRed -BackgroundColor White }
Connect to Multiple vCenter Servers with Password File
I’ve been getting tired lately of having to use the “get-credential” cmdlet in Powershell when I want to connect to various items. Thanks fully after some research I came across a cmdlet that is provided as part of the PowerCLI Toolkit. Thanks to Chris Nakagaki (http://tech.zsoldier.com/2011/09/save-powercli-login-credentials-to-xml.html) for originally posting about this a year ago. I am going to take his instructions a step further and show you how to not only create the file but also connecto to multiple vCenter/ESX Servers at one time.
First we need to create and add content to our new xml file
# Create VI Credential File New-VICredentialStoreItem -Host vCenterServerFQDN -File C:\PATHTOFILE\xmlfile.xml -User username -Password password
* As you may notice the string above will require that your password be viewed in plaintext on the screen, I would suggest not saving this but simply just creating this from the PowerCLI Shell and then once you’re done adding your entries closing that shell.
You want to run the above string as many times as you you need to. For my environment I only have 2 production vCenter servers that I need to connect to, so I ran the command twice providing the information needed for both vCenter servers.
Now let’s connect to the vCenter Servers.
You can do this one of 2 ways:
1. Connect to all vCenter Servers in the XML File
Get-VICredentialStoreItem -File c:\PATHTOFILE\xmlfile.xml | %{ Connect-VIServer -Server $_.host -User $_.User -Password $_.Password }
2. Connect to an array of vCenter Servers which are defined in a Powershell Array
# Using the VI Credential File for multiple vCenter Servers # vCenterServerNames have to match what is listed as the hostname in the VI Credential File $Hosts = @("vCenterServerA","vCenterServerB") $Hosts | %{ $creds = Get-VICredentialStoreItem -File c:\PATHTOFILE\xmlfile.xml -Host $_ Connect-VIServer -Server $creds.host -User $creds.User -Password $creds.Password } $creds = $null
Browse for File to POSH Variable
After many months of getting tired of typing in an entire directory path when using the “Read-Host” command to import a text file or CSV file I went looking for commands to present a popup box to let me browse for a file, then have that file’s path be presented to a variable. This example shows that $file will be the file path for the file specified in the Get-FileName function.
A big thank you goes to the blog over at Sapien.com for showing me this wonderfulness 🙂
http://www.sapien.com/forums/scriptinganswers/forum_posts.asp?TID=4115
Function Get-FileName($initialDirectory) { [System.Reflection.Assembly]::LoadWithPartialName("System.windows.forms") | Out-Null $OpenFileDialog = <strong>New-Object</strong> System.Windows.Forms.OpenFileDialog $OpenFileDialog.initialDirectory = $initialDirectory $OpenFileDialog.Title = "PowerShell Master Says...Select File:" $OpenFileDialog.filter = "All files (*.*)| *.*" $OpenFileDialog.ShowDialog() | Out-Null $OpenFileDialog.filename } #end function Get-FileName # *** Entry Point to Script *** $file = Get-FileName <em>-initialDirectory</em> "c:\"
Powershell VMWare Inventory
########################################################################### # # NAME: VM Inventory # # AUTHOR: Joshua Schofield # # COMMENT: Script to use when wanting Datastore,Host,Name,PowerState,OS,IP, and vCenter server information for all VMs. # # # VERSION HISTORY: 6 # # VERSION DATE: 08/10/2012 # # # PreReqs: Must have vSphere Client and PowerCLI installed # # # # ########################################################################### # Adding all snapins to current PS Session Get-PSSnapin -Registered | Add-PSSnapin # Set Variables for Outfile and vCenter Server(s) $outfile = Read-Host -Prompt "Type the entire path and file name (c:\temp\test.csv) for output file:" $vc = Read-Host -Prompt 'Enter vCenter Server FQDN or IP Address (If multiple type @("hostname","hostname2"):' # Popup Window asking to input credentials [System.Reflection.Assembly]::LoadWithPartialName(“System.Windows.Forms”) | Out-Null [Windows.Forms.MessageBox]::Show("Please Supply Your vCenter Server Credentials in the next Window”,0, [Windows.Forms.MessageBoxButtons]::OK, [Windows.Forms.MessageBoxIcon]::Information) $vccred = (Get-Credential) # Connect to vCenter Server Connect-VIServer -Server $vc -Credential $vccred Write-Output "Datastore,Host,VMName,FQDN,Power,OS,IP,vCenter Server" | Out-File $outfile -Force # -Force will overwrite any existing file Get-Datastore -Server $vc | Sort-Object {$_.name} | % { $datastore = $_.name Get-VM -Datastore $datastore | select name,powerstate | % { $name = $_.name $power = $_.powerstate $vmhost = $_.vmhost Get-VMGuest $name | select hostname,osfullname,ipaddress | % { $hostname = $_.hostname $os = $_.osfullname $ip = $_.IPaddress Write-Output "$datastore,$vmhost,$name,$hostname,$power,$os,$ip,$vc" | Out-File $outfile -Append }}}
Find CD Drive Letter(s)
I was presented with an issue the other day where I needed to mount an ISO to a VM, then run a program which was housed on that CD Drive. I could not find a central, easy way using PowerShell to find what the letter the CD Drive was so I decided I would create one. I know this could have been done with WMI, but I decided I would go a different route for this occasion since I have used FSUTIL for other items in the past.
First off we start off by querying all drives on the machine using the FSUTIL command, we then pipe these results to our variable of $drives. Line 1 will give us a result of the drive letters that are in use on the machine. With line 2 we are actually getting rid of part of the content of the $drives variable. We do not want to have the “Drives: ” content in our variable. Now that this is complete we can then split up our $drives variable into an array. We do this by using the .split function. This allows us to break up our variable into multiple parts, in this case we are telling PowerShell to break up the $drives variable everywhere there is a space, this is indicated by the ” ” portion.
Now that we have broken our variable up into an array we can now perform a foreach loop to determine each drive letters type. This foreach loop can be completed by typing “ForEach” or “%” either will start the loop. Once that loop completes writing the results to the $drivetype variable we can then process each CD Drive that resides on the host machine.
Hello WordPress world!
Welcome to my blog. After nearly 10 years of doing system admin work, I have finally decided to start a blog discussing what I do.
I hope you all enjoy my tidbits about Powershell and other system admin related topics.