query disable computers objects
(&(objectCategory=computer)(Name=*)(userAccountControl:1.2.840.113556.1.4.803:=2))
LDAP – Custom Queries
Duben 18th, 2012Transcript – how restore AD Object from recycle bin – S2K8 R2
Březen 13th, 2012
**********************
Windows PowerShell Transcript Start
Start time: 20120313094724
Username : VDI\amasv
Machine : DCHV (Microsoft Windows NT 6.1.7600.0)
**********************
Transcript started, output file is C:\Users\amasv\Documents\PowerShell_transcri
pt.20120313094724.txt
PS C:\Windows\system32> Get-ADObject -SearchBase „cn=Deleted Objects,DC=vdi,DC=fujitsu,DC=lab“ -Filter {lastKnownParent -eq „OU=accounts,DC=vdi,DC=fujitsu,DC=lab“} -IncludeDeletedObjects
Deleted : True
DistinguishedName : CN=martin skapa\0ADEL:704fed33-f62c-4401-9d4b-760748508fb1,
CN=Deleted Objects,DC=vdi,DC=fujitsu,DC=lab
Name : martin skapa
DEL:704fed33-f62c-4401-9d4b-760748508fb1
ObjectClass : user
ObjectGUID : 704fed33-f62c-4401-9d4b-760748508fb1
Deleted : True
DistinguishedName : CN=martina R.\0ADEL:0295617c-30aa-4ef2-bc19-5191714752
94,CN=Deleted Objects,DC=vdi,DC=fujitsu,DC=lab
Name : martina R.
DEL:0295617c-30aa-4ef2-bc19-519171475294
ObjectClass : user
ObjectGUID : 0295617c-30aa-4ef2-bc19-519171475294
PS C:\Windows\system32> Get-ADObject -SearchBase „cn=Deleted Objects,DC=vdi,DC=fujitsu,DC=lab“ -Filter {lastKnownParent -eq „OU=accounts,DC=vdi,DC=fujitsu,DC=lab“} -IncludeDeletedObjects | Restore-ADObject
PS C:\Windows\system32> Stop-Transcript
**********************
Windows PowerShell Transcript End
End time: 20120313094801
**********************
Prepare AD Schema before Install MS Exchange 2010
Únor 6th, 2012import-module servermanager
get-windowsfeature
Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,NET-HTTP-Activation,RPC-Over-HTTP-Proxy –Restart
setup /PrepareLegacyExchangePermissions
setup /PrepareSchema
setup /PrepareAD /OrganizationName: NAme of DOmain – short name !!!!
setup /PrepareAllDomains:FQDN
dsmod – useful commands
Prosinec 18th, 2011Get members of group
dsget user „CN=UserName,OU=xxxxx,,DC=domain,DC=domain“ -memberof -expand
dsget group „CN=GroupName,DC=domain,DC=domain“ -members
Get inactive computers
dsquery computer -inactive 8 -limit 500 „OU=xxxxx,,DC=domain,DC=domain“
inactive = weeks
default limit is 100 objects
Commands to allow using AD Trust -SID History
Prosinec 14th, 2011source domain – source.com
target domain – target.com
On target domain DC
netdom trust source.com /d:target.com /enablesidhistory:yes
netdom trust target.com /d:source.com /enablesidhistory:yes
netdom trust source.com /d:target.com /quarantine:no
