Posts

Useful Administration Commands

What groups is this user a member of? dsquery user -samid loginname | dsget user -memberof -expand When did someone last change his password? net user loginname /domain | find /I "password last set" Is someone's account locked? net user loginname /domain | find /I "account active" List all domains and workgroups in the network net view /domain List all computers in the network net view List all domain controllers nltest /dclist:contoso.com netdom query dc /domain:domainname List all member servers netdom query server /domain:domainname List all local administrators net localgroup Administrators List all ldap servers in domain nslookup -type=srv _ldap._tcp.DOMAINNAME Server not pinging netsh firewall set icmpsetting 8 Remotely start terminal service sc \\servername start termservice Remotely check who is logged in to the server query user /server:servername quser /server:servername qwinsta /server:servername Log off remote users logoff /server:servername id /v Re

Change DNS IP Address in remote Windows Server

Open PowerShell as Administrator and run the following commands: Invoke-Command -ComputerName "server1.bnv.com" -ScriptBlock { $NetworkInterface = Get-NetAdapter -Name "Eathernet0" $DNSServers = "10.10.10.10", "10.10.10.11" $NetworkInterface |Set-DnsClientServerAddress -ServerAddress $DNSServers } Note: Replace $DNSServers IP with your DNS IP.

Repair a Windows Server

Open the command prompt as Administrator and run the following commands: dism /online /cleanup-image /scanhealth dism /online /cleanup-image /checkhealth dism /online /cleanup-image /restorehealth Mount the Windows Server 2016 ISO as a drive (E: in this case) and run the following command. Please check the WIM version before selecting it. dism /online /cleanup-image /restorehealth /source:WIM:E:\sources\install.wim:1 /limitaccess sfc /scannow Check Windows Update and install any pending updates. Reboot the server. To check the WIM version for various versions of OS, run the following command: dism /Get-WimInfo /WimFile:E:\sources\install.wim wim:1 – Windows Server 2019 Standard Installation: Server Core wim:2 – Windows Server 2019 Standard (Desktop Experience) wim:3 – Windows Server 2019 DataCenter Installation: Server Core wim:4 – Windows Server 2019 DataCenter (Desktop Experience)

Register SPN for Windows Server

Suppose -  The server name is - Server1 Alias name is - App1 AD Domain name is - company.local First, create a CNAME record for App1 against Server1 in DNS. Let it replicate properly. Once replication is done, login to Server1 and run the following commands in elevated mode: netdom computername server1 /add:app1 netdom computername server1 /add:app1.company.local restart server1.

Check Microsoft Exchange Schema Version

# Exchange Schema Version $sc = (Get-ADRootDSE).SchemaNamingContext $ob = "CN=ms-Exch-Schema-Version-Pt," + $sc Write-Output "RangeUpper: $((Get-ADObject $ob -pr rangeUpper).rangeUpper)" # Exchange Object Version (domain) $dc = (Get-ADRootDSE).DefaultNamingContext $ob = "CN=Microsoft Exchange System Objects," + $dc Write-Output "ObjectVersion (Default): $((Get-ADObject $ob -pr objectVersion).objectVersion)" # Exchange Object Version (forest) $cc = (Get-ADRootDSE).ConfigurationNamingContext $fl = "(objectClass=msExchOrganizationContainer)" Write-Output "ObjectVersion (Configuration): $((Get-ADObject -LDAPFilter $fl -SearchBase $cc -pr objectVersion).objectVersion)" # Exchange Object Version (configuration) This script will give you the output in below format: Post Schema Update : RangeUpper: 15334 ObjectVersion (Default): 13243 ObjectVersion (Configuration): 16223

Get SID of Active Directory Forest

$rootDomainSid = (Get-ADDomain -Server (Get-ADForest).RootDomain).DomainSID.value $hasher = [System.Security.Cryptography.HashAlgorithm]::Create('sha256') $hash = $hasher.ComputeHash([System.Text.Encoding]::UTF8.GetBytes($rootDomainSid)) $hashString = [System.BitConverter]::ToString($hash) $hashString.Replace('-', '')

Get Extension Attributes for Azure AD User

Connect-AzureAD Get-AzureADUser -ObjectID "xnverma@nilabh.com" | Select * Get-AzureADUser -ObjectID "xnverma@nilabh.com" | Select -ExpandProperty ExtensionProperty