Run the following command from the CLI:
dsquery user -disabled -limit 0 -o rdn > c:\ FileName.txt
Note: use limit option when the default limit of 100 is reached
Use -o rdn for format type
To find all user accounts that have been inactive for at least the last week or longer, you'd use the command:
dsquery user -inactive 1 -o rdn
Thursday, June 30, 2011
Wednesday, June 29, 2011
Report on all VMs with snapshots using Vsphere PowerCLI
The first step is to connect to your VC from vSphere PowerCLI with the following command:
Connect-ViServer VCServerName
The second command lists all of the VMs, finding the shapshots, looking up what host currently houses the VM and then creating the actual table:
Get-VM | Get-Snapshot | Select-Object VM, Name, Description, PowerState, Created, @{Name="Host"; Expression = {(Get-VM $_.VM).Host.Name}} | ft -auto
The Output Screen looks like following:
VM Name Description
---- -------- --------------
Test1Server Before upgrade Pre software version 2 upgrade
Test2Server Pre SP2 install Pre Windows 2003 SP2 Install
Connect-ViServer VCServerName
The second command lists all of the VMs, finding the shapshots, looking up what host currently houses the VM and then creating the actual table:
Get-VM | Get-Snapshot | Select-Object VM, Name, Description, PowerState, Created, @{Name="Host"; Expression = {(Get-VM $_.VM).Host.Name}} | ft -auto
The Output Screen looks like following:
VM Name Description
---- -------- --------------
Test1Server Before upgrade Pre software version 2 upgrade
Test2Server Pre SP2 install Pre Windows 2003 SP2 Install
Friday, June 24, 2011
Intel Processor Comparison
Use this tool to compare detailed specifications for up to five processor numbers. Click Here
Thursday, June 16, 2011
How to Fix Corrupt Group Policy Database File
In order to fix the corrupted GPO Database file, you can easily restore the database file to its original state using the following steps outlined below:
- Open the %SystemRoot%\Security folder, create a new folder, and then name it "OldSecurity".
- Move all of the files ending in .log from the %SystemRoot%\Security folder to the OldSecurity folder.
- Find the Secedit.sdb file in the %SystemRoot%\Security\Database folder, and then rename this file to "Secedit.old".
- lick Start, click Run, type mmc, and then click OK.
- Click Console, click Add/Remove Snap-in, and then add the Security and Configuration snap-in.
- Right-click Security and Configuration and Analysis, and then click Open Database.
- Browse to the %SystemRoot%\Security\Database folder, type Secedit.sdb in the File name box, and then click Open.
- When you are prompted to import a template, click Setup Security.inf, and then click Open.
Default Group Policy objects become corrupted
The default domain GPOs are corrupted (for example, because of misconfiguration) and you do not have backed up versions of the Default Domain Policy GPO or the Default Domain Controller Policy GPO.
Refer to Microsoft Technet Site for Solution
Refer to Microsoft Technet Site for Solution
Tuesday, June 14, 2011
How to Decommission a Domain Controller
Decommissioning a dc requires all domain services that currently reside on a server need to be moved to other dc’s.
You need to move any fsmo roles from this dc to another dc (KB255960)
To learn where the roles reside run the command netdom query fsmo
If the PDCe fsmo role resided on this DC then you need to reconfigure the new holder of the PDCe to either use the internal hardware clock or an external source. I would recommend using an external source KB816042.
There needs to be at least one Global Catalog (GC) in each domain and it is recommended that there is one in each site (KB313994)
Move DNS services to other DC’s if this DC is a DNS provider. Also point all clients that use this server for DNS to the new DNS server
If AD integrated simply installing DNS on a member server prior to promotion will bring up a new DNS server
If not AD integrated and this is a primary server then a new primary server will need to be brought online. From DNS server manager the server needs to be promoted to primary
If a secondary server then make the new dc a new secondary server
If a dhcp server then the dhcp servers database needs to be backed up and copied to the new dhcp server. The old dhcp server deauthorized and the new dhcp server authorized (KB325473)
If you have Encryption File System (EFS) enabled you will need to move the private key if it resides on this dc (KB241201). You use the recovery agent's private key to recover data in situations when the copy of the EFS private key that is located on the local computer is lost
If this server manages Terminal Server Licensing (TSL) then it will have to be moved to a new DC. From Add/Remove programs you will need to add a new TSL. You can then restore the licenses by using the TS License Manager tool with the Telephone activation mechanism. You can switch to the Telephone mechanism by right clicking on the server in TS License Manager, and then selecting properties from the menu. (TS FAQ)
Finally once this is all accomplished go ahead and demote the dc to a member server (KB238369)
You need to move any fsmo roles from this dc to another dc (KB255960)
To learn where the roles reside run the command netdom query fsmo
If the PDCe fsmo role resided on this DC then you need to reconfigure the new holder of the PDCe to either use the internal hardware clock or an external source. I would recommend using an external source KB816042.
There needs to be at least one Global Catalog (GC) in each domain and it is recommended that there is one in each site (KB313994)
Move DNS services to other DC’s if this DC is a DNS provider. Also point all clients that use this server for DNS to the new DNS server
If AD integrated simply installing DNS on a member server prior to promotion will bring up a new DNS server
If not AD integrated and this is a primary server then a new primary server will need to be brought online. From DNS server manager the server needs to be promoted to primary
If a secondary server then make the new dc a new secondary server
If a dhcp server then the dhcp servers database needs to be backed up and copied to the new dhcp server. The old dhcp server deauthorized and the new dhcp server authorized (KB325473)
If you have Encryption File System (EFS) enabled you will need to move the private key if it resides on this dc (KB241201). You use the recovery agent's private key to recover data in situations when the copy of the EFS private key that is located on the local computer is lost
If this server manages Terminal Server Licensing (TSL) then it will have to be moved to a new DC. From Add/Remove programs you will need to add a new TSL. You can then restore the licenses by using the TS License Manager tool with the Telephone activation mechanism. You can switch to the Telephone mechanism by right clicking on the server in TS License Manager, and then selecting properties from the menu. (TS FAQ)
Finally once this is all accomplished go ahead and demote the dc to a member server (KB238369)
Thursday, June 2, 2011
Subscribe to:
Posts (Atom)