Remko Weijnen's Blog (Remko's Blog)
About Terminal Server, Citrix, Delphi and other stuff
Read Maximum Password Age with PowerShell
Author: Remko2 Dec
I needed to read out the Maximum Password age with a PowerShell script in a Windows 2003 domain.
Reading out the maxPwdAge attribute is a trivial task in PowerShell (I am re-using the function AdsLargeIntegerToInt64):
|
1 2 3 |
# Read Maximum Password Age (from Domain Policy) # Read maxPwdAge attribute and convert to Int64 $maxPwdAge = AdsLargeIntegerToIn64 $Domain.maxPwdAge.Value( |
In my case this returns the value -78624000000000 but how do we interpret this?
Settings NTFS Permissions by SID in PowerShell
Author: Remko2 Sep
I am currently creating a PowerShell script that creates a user with all needed Active Directory attributes, Exchange mailbox, (TS) Home- and Profile directories and so on.
In such a script you can easily get failures because of Active Directory replication.
Check if a useraccount exists with PowerShell
Author: Remko2 Sep
Function below can be used to check if a given Username exists in Active Directory:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
function UserExists([string]$Username) { $strFilter = "(&(objectCategory=person)(sAMAccountName=$Username))" $objDomain = New-Object System.DirectoryServices.DirectoryEntry $objSearcher = New-Object System.DirectoryServices.DirectorySearcher $objSearcher.SearchRoot = $objDomain $objSearcher.PageSize = 1000 $objSearcher.Filter = $strFilter $objSearcher.SearchScope = "Subtree" $colResults = $objSearcher.FindAll() return [bool]($colResults -ne $null) } |
AD Internals: Display RID Allocation Pools
Author: Remko27 Jun
In my previous post I wrote about a problem I had with duplicate RID Allocation pools.
But how do we get more insight into these RID Allocation pools?
The DCDIAG tool can display this information per domain controleler using the following syntax
|
1 |
dcdiag /s:server /v /test:ridmanager |
Example output:
But where in Active Directory is this information stored and can we display it for all Domain Controllers at once for larger environments?
The case of the duplicate SID’s
Author: Remko27 Jun
I encountered another interesting error during Exchange 2010 installation today. During the Organization Preparation I got the following error:
The setup.log doesn’t give us much more detailed info:
|
1 2 3 4 5 6 7 8 9 10 11 |
[06-22-2011 11:16:29.0614] [2] [ERROR] Active Directory operation failed on dc001.zorg.local. This error is not retriable. Additional information: The requested object has a non-unique identifier and cannot be retrieved.
Active directory response: 0000219D: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data 0
[06-22-2011 11:16:29.0630] [2] [ERROR] The server cannot handle directory requests.
[06-22-2011 11:16:29.0630] [2] Ending processing initialize-ExchangeUniversalGroups
[06-22-2011 11:16:29.0630] [1] The following 1 error(s) occurred during task execution:
[06-22-2011 11:16:29.0630] [1] 0. ErrorRecord: Active Directory operation failed on dc001.zorg.local. This error is not retriable. Additional information: The requested object has a non-unique identifier and cannot be retrieved.
Active directory response: 0000219D: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data 0
[06-22-2011 11:16:29.0630] [1] 0. ErrorRecord: Microsoft.Exchange.Data.Directory.ADOperationException: Active Directory operation failed on dc001.zorg.local. This error is not retriable. Additional information: The requested object has a non-unique identifier and cannot be retrieved.
Active directory response: 0000219D: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data 0 |
I remembered from a Tweet by Helge Klein recently that the Active Directory schema has no mechanism for enforcing uniqueness of an attribute.
Exchange 2010 well-known object entry install error
Author: Remko24 Jun
Today I was testing the installation of Exchange 2010 in a VMWare sandbox environment. We created the sandbox to test migration from a 2003 AD and Exchange environment to 2008 R2 with Exchange 2010.
We used a P2V to get real copies of the Active Directory and the AD upgrade to 2008 R2 was already tested.
But during the Exchange installation in the sandbox I got the following error:
Reading the otherWellKnownObjects attribute with PowerShell
Author: Remko24 Jun
I wanted to read the otherWellKnownObjects attribute from an Active Directory object.
In my case this was the Microsoft Exchange container in the Configuration partition:
The otherWellKnownObjects attribute is of type ADSTYPE_DN_WITH_BINARY which unfortunately cannot be viewed or edited with ADSI Edit:
Profile
Tags
Active Directory Altiris Automation Manager bug Citrix Dell Delphi Exchange Exchange2003 Exchange2010 Hack Hewlett-Packard HP iOS Jailbreak Java LinkedIn Linux Lync McAfee MSI MySQL Navigation Objects Office Outlook Passat Password PowerPoint PowerShell RES RNS315 RNS510 SasLibEx Terminal Server ThinApp TSAdminEx VBS VCDS Vista VMWare Volkswagen Windows PE Wordpress XenApp
WP Cumulus Flash tag cloud by Roy Tanck requires Flash Player 9 or better.
Recent Tweets
- Blogged: Citrix Launcher Progress Update 1: http://t.co/8YcDPE5I #Citrix #XenApp 6 hours ago
- Hut is almost finished... http://t.co/Ll9gkkZb 15 hours ago
- RT @Denamik: We are proud to sponsor the @E2EVC #Denamik agenda! - http://t.co/CpcqLsNa - See you there! 1 day ago
- Any recommendations for a Table of Contents plugin for WP? (TOC of a post) 1 day ago
- Caution: ThinApp 4.7.1 has a breaking change for virt office 2010 and is incompatible with the app-v deployment kit for office 2010 1 day ago
Views
Donate
Blogroll
- Andrew Morgan
- Arnout’s blog
- Assa’s Blog
- Barry Schiffer
- Delphi Praxis
- Ingmar Verheij
- Jedi Api Blog
- Jedi API Library
- Jeroen Tielen
- Kees Baggerman
Categories
- .NET (1)
- Active Directory (27)
- Altiris (36)
- Apple (3)
- Application Compatibility (7)
- Automotive (2)
- C# (1)
- C++ (1)
- Citrix (62)
- Delphi (57)
- Embedded (4)
- Exchange (16)
- General (62)
- iPhone (4)
- Java (7)
- Lync (2)
- Oracle (4)
- Other (1)
- Packaging (18)
- PowerShell (40)
- Programming (73)
- RES (4)
- script (20)
- SQL Server (10)
- Strange Error (3)
- Terminal Server (64)
- ThinApp (1)
- Unattended Installation (18)
- Uncategorized (31)
- Vista (35)
- VMWare (21)
- Windows 2003 (22)
- Windows 2008 (33)
- Windows 2008 R2 (12)
- Windows 7 (26)
- Windows 8 (2)
- Windows Internals (8)
- Windows XP (12)
Archives
- May 2012 (4)
- March 2012 (13)
- February 2012 (12)
- January 2012 (9)
- December 2011 (9)
- November 2011 (4)
- October 2011 (5)
- September 2011 (10)
- August 2011 (10)
- July 2011 (2)
- June 2011 (8)
- May 2011 (12)
- April 2011 (4)
- March 2011 (14)
- February 2011 (8)
- January 2011 (32)
- December 2010 (23)
- November 2010 (19)
- October 2010 (10)
- September 2010 (6)
- August 2010 (1)
- July 2010 (1)
- June 2010 (6)
- March 2010 (7)
- February 2010 (3)
- December 2009 (3)
- November 2009 (11)
- September 2009 (2)
- July 2009 (1)
- June 2009 (5)
- May 2009 (1)
- April 2009 (2)
- March 2009 (3)
- February 2009 (6)
- January 2009 (3)
- December 2008 (8)
- November 2008 (5)
- October 2008 (3)
- September 2008 (3)
- August 2008 (3)
- June 2008 (6)
- May 2008 (2)
- April 2008 (3)
- March 2008 (5)
- January 2008 (3)
- December 2007 (3)
- November 2007 (13)
- October 2007 (10)