Category: Microsoft Active Directory

Microsoft Exchange Server 2016 – SMTP Domain Command Line Configuration

June 15, 2018
AutomationEmailMicrosoft Active DirectoryMicrosoft Exchange Management ShellMicrosoft Exchange Server 2016Scripting

By default Microsoft Exchange Server 2016 configures a default accepted domain and email address policy using the fully qualified domain name (FQDN) of the Microsoft Active Directory (AD) domain into which it is installed. If necessary, you may use the following commands in the Microsoft Exchange Management Shell (EMS) to create an SMTP domain for Microsoft Exchange Server 2016. Note that you may change the -MakeDefault value to $false if you do not want it to be used as the default SMTP domain for the email address.

New-AcceptedDomain -Name domain.com
-DomainName *.domain.com
-DomainType authoritative |
Set-AcceptedDomain -MakeDefault $true

Microsoft Exchange Server 2016 – Mailbox Server Role Command Line Installation

June 15, 2018
AutomationEmailMicrosoft Active DirectoryMicrosoft Exchange Server 2016Microsoft Windows PowerShellScripting

You may use the following commands to install the Microsoft Exchange Server 2016 Mailbox Server role from the command line.

Setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms
Setup.exe /PrepareAD /IAcceptExchangeServerLicenseTerms /OrganizaionName:
“<Organization Name>”
Setup.exe /mode:install /role:Mailbox /IAcceptExchangeServerLicenseTerms

Microsoft Active Directory – Get NetBIOS Name

February 15, 2017
AutomationMicrosoft Active DirectoryMicrosoft Windows PowerShell

You may use Microsoft Windows PowerShell to obtain the NetBIOS name of a Microsoft Active Directory (AD) domain. The command is Get-ADDomain –Identity domain.com and the NetBIOS name is contained in the NetBIOSName field.

Microsoft Windows PowerShell – Delete DNS A Record

December 22, 2016
AutomationDomain Name SystemMicrosoft Active DirectoryMicrosoft Windows PowerShellScripting

Scripting is a great way to make yourself more efficient as an Information Technology (IT) professional. With that being said, the Microsoft Windows PowerShell script below may be used to automate the deletion of a domain name system (DNS) A record.

<#
.SYNOPSIS
This script will automate the process of deleting a DNS A record.
.DESCRIPTION
This script will automate the process of deleting a DNS A record.
.EXAMPLE
Remove-DnsServerResourceRecord -ZoneName “noelalvarez.net” -RRType “A” -Name “www”.
.AUTHOR
Written by Noel Enrique Alvarez on Thursday, December 22, 2016.
#>

#Request the hostname of the server
$HOSTNAME = Read-Host “What is the hostname of the server?”

#Delete the DNS A record
Remove-DnsServerResourceRecord -ZoneName “noelalvarez.net” -RRType “A” -Name “$HOSTNAME” -Force

#End of script

Microsoft Windows PowerShell – Add a Domain User to a Group

December 2, 2016
AutomationMicrosoft Active DirectoryMicrosoft Windows PowerShellScripting

You may use the Microsoft Windows PowerShell script below to remotely add a domain user to the specified group of the server you choose.

<#
.SYNOPSIS
This script will add a domain user to a group on a server.
.DESCRIPTION
This script will automate the process of adding a domain user to a group on a server.
.EXAMPLE
N/A.
.AUTHOR
Modified by Noel Enrique Alvarez on Friday, December 02, 2016.
#>

#Request the domain name
$DOMAIN = Read-Host “What is the domain?”

#Request the username
$– USERNAME = Read-Host “What is the username?”

#Request the hostname of the server
$SERVER = Read-Host “What is the hostname of the server?”

#Request the name of the group
$GROUP = Read-Host “What is the name of the group (i.e. Administrators)?”

([ADSI]”WinNT://$SERVER/$GROUP,group”).psbase.Invoke(“Add”,([ADSI]”WinNT://$DOMAIN/$– USERNAME”).path)

Microsoft Active Directory – Export Group Members

July 28, 2016
AutomationMicrosoft Active DirectoryMicrosoft Windows PowerShellScripting

The Microsoft Windows PowerShell script below will the export the list of users from a Microsoft Active Directory group to a notepad (.txt) file. You may modify the script to provide a file format of your choice.

<#

.SYNOPSIS
This script will provide the members of a Microsoft Active Directory group and export them to a notepad (.txt) file.
.DESCRIPTION
This script automates the process of exporting the users in a Microsoft Active Directory group.
.EXAMPLE
N/A.
.AUTHOR
Written by Noel Enrique Alvarez on Thursday, March 17, 2016.
#>

#Import the Microsoft Active Directory module
Import-Module ActiveDirectory

#Request the name of the Microsoft Active Directory group
$GROUP = Read-Host “What is the name of the Microsoft Active Directory group?”

#Export the members of the Microsoft Active Directory group and export them.
Get-ADGroupMember -identity $GROUP | Select Name, SamAccountName | out-file -filepath “<<<INSERT PATH>>>\$GROUP.txt”

Microsoft Active Directory – Verify the Status of User Accounts

July 28, 2016
AutomationMicrosoft Active DirectoryMicrosoft Windows PowerShellScripting

The Microsoft Windows PowerShell script below will verify the status, enabled or disabled, of Microsoft Active Directory user accounts.

<#
.SYNOPSIS
This scrip will query a list of SAMAccountNames from a notepad (.txt) file and provide the Name and Enabled status.
.DESCRIPTION
This script will automate the process of querying a list of SAMAccountNames and provide the Name and Enabled status.
.EXAMPLE
N/A.
.AUTHOR
Written by Noel Enrique Alvarez on Thursday, March 24, 2016.
#>

#Import the Microsoft Active Directory module
Import-Module ActiveDirectory

#Provide the path to the Notepad (.txt) file that contains the list of SAMAccountNames
$– USERS = Get-Content “<<<INSERT PATH>>>\Users.txt”

#Query the list of users and provide the output in the specified comma seperate value (.csv) file
$– USERS | ForEach {Get-ADUser $_ -Properties * | Select SAMAccountName, Name, Enabled} | Export-CSV -Path “<<<INSERT PATH>>>\Users.csv”

Group Policy Object – Disable Windows PowerShell

July 1, 2016
Microsoft Active DirectoryMicrosoft Group Policy Object

You may use a Microsoft Active Directory (AD) Group Policy Object (GPO) to restrict access to the Windows PowerShell. Below you will find the settings for this configuration.

Computer Configuration > Policies > Windows Settings > Security Settings > Software Restrictions > Additional Rules

Right click Additional Rules and select New Path Rule…. In the New Path Rule dialog box, enter C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe for the Path:, and select Disallowed for the Security level:, then click OK.

 

Group Policy Object – Disable Server Manager

June 30, 2016
Microsoft Active DirectoryMicrosoft Group Policy Object

You may create a Group Policy Object (GPO) to prevent access to the Microsoft Windows Server 2012 R2 Server Manager as well as prevent it from opening automatically after login. Below you will find the settings for this configuration.

Computer Configuration > Policies > Administrative Templates > System > Server Manager > Do not display Server Manager automatically at logon

User Configuration > Policies > Administrative Templates > System > Don’t run specified Windows applications

Group Policy Object – Hide Drives in My Computer

June 28, 2016
Microsoft Active DirectoryMicrosoft Group Policy Object

You may use the following setting to configure a Group Policy Object (GPO) in Microsoft Windows Server 2012 R2 that will allow you to restrict access to local drives in My Computer.

User Configuration > Policies > Administrative Templates > Windows Components > File Explorer > Hide these specified drives in My Computer