PowerShell

Prevent AD objects from accidental deletion via PoSh

0
2 years ago
by Mirco Lueneburg in ,

Here are some One-Liners to prevent your Active Directory from accidental deletion.

User objects:

Get-ADObject -filter {(ObjectClass -eq "user")} | Set-ADObject -ProtectedFromAccidentalDeletion:$true

Organizational units:

Get-ADOrganizationalUnit -filter * | Set-ADObject -ProtectedFromAccidentalDeletion:$true

Check if a service is running via PowerShell

0
4 years ago
by Mirco Lueneburg in

I´ve found a script in another blog by Anders Mikkelsen which I found really good and quite helpful since I´ve experienced that different services on some machines have the habit not to start after the server is being rebooted because of an update or reboot cycle at night.

function FuncCheckService{
    param($ServiceName)
    $arrService = Get-Service -Name $ServiceName
    if ($arrService.Status -ne "Running"){
        Start-Service $ServiceName
        FuncMail -To "to-email@domain.com" -From "from-mail@domain.com"  -Subject "Servername : ($ServiceName) service started." -Body "Service $ServiceName started" -smtpServer "relay.mailserver.com"
    }
}
function FuncMail {
    #param($strTo, $strFrom, $strSubject, $strBody, $smtpServer)
    param($To, $From, $Subject, $Body, $smtpServer)
    $msg = new-object Net.Mail.MailMessage
    $smtp = new-object Net.Mail.SmtpClient($smtpServer)
    $msg.From = $From
    $msg.To.Add($To)
    $msg.Subject = $Subject
    $msg.IsBodyHtml = 1
    $msg.Body = $Body
    $smtp.Send($msg)
}
FuncCheckService -ServiceName "VMware VirtualCenter Server"

Just copy and paste this script, save it as a ps1 file and schedule it to run every x minutes…

PowerShell Script to create functional and ACL Groups

0
4 years ago
by Mirco Lueneburg in

Since I had the need to create 2 ACL and 2 functional groups in fixed and predefined OUs for the x-th time and just didn´t want to click my way I started to write this tiny script which created them for me…

import-module ActiveDirectory

$Name1 = "acl_" + $args + "_ro"
$Name2 = "acl_" + $args + "_rw"
$Name3 = "func_" + $args + "_ro"
$Name4 = "func_" + $args + "_rw"

new-adGroup -name $Name1 -GroupScope 1 -Path "<UPN-of-OU>" -GroupCategory 1 -sAMAccountName $Name1
new-adGroup -name $Name2 -GroupScope 1 -Path "<UPN-of-OU>" -GroupCategory 1 -sAMAccountName $Name2
new-adGroup -name $Name3 -GroupScope 1 -Path "<UPN-of-OU>" -GroupCategory 1 -sAMAccountName $Name3
new-adGroup -name $Name4 -GroupScope 1 -Path "<UPN-of-OU>" -GroupCategory 1 -sAMAccountName $Name4

Add-ADGroupMember -Identity $Name1 -Member $Name3
Add-ADGroupMember -Identity $Name2 -Member $Name4
Go to Top