Active Directory

To get a list of the FSMO Role holders for a Single Domain.

Get-ADDomain | Select-Object DistinguishedName, SchemaMaster, DomainNamingMaster, InfrastructureMaster, PDCEmulator, RIDMaster

To get a list of the FSMO Role holders in a Forest.

Get-ADForest | Select-Object Name,SchemaMaster, DomainNamingMaster,InfrastructureMaster, PDCEmulator, RIDMasterall

To get a nicely formatted list with all the Domain Controllers and who owns which particular role.

Get-ADDomainController -Filter * | Select-Object Name, Domain, Forest, OperationMasterRoles | Where-Object {$_.OperationMasterRoles}

Create a new AD computer.

$ServerName="newsys"
$DC="ads01.example.com"
$OU="OU=SERVERS,DC=example,DC=com"
New-ADComputer -Name $ServerName -SamAccountName $ServerName -Path $OU  -Description "Apache Win Development"  -Server $DC -Enabled $True

Unlock an account

get-ADUser -Identity <username> -Properties LockedOut
Unlock-ADAccount -Identity <username>

Change a password

$SecPaswd= ConvertTo-SecureString -String 'kPnguoHTUQ' -AsPlainText -Force
Set-ADAccountPassword -Reset -NewPassword $SecPaswd -Identity cesvcsso01
Set-ADUser -Identity <username> -ChangePasswordAtLogon $false

New AD group

$GroupName="SvrOps"
$OU="OU=GROUPS,DC=exmple,DC=com"
New-ADGroup $GroupName -Path $OU -GroupCategory Security -GroupScope Global -PassThru -Verbose

PowerShell on macOS

CentOS 7 GSSAPI module

CentOS Linux 8 to CentOS Stream

Custom CentOS ISO

LVM with cache

Move RHEL Users

NFS on ZFS HA Cluster

RHEL Move Printers

systemd services

tmux

FFMPEG on EL 8

Azure to Ubiquiti IPSec

Ubiquti - USG disable NAT

tcpdump

Extract key/cert from PFX

Postfix TLS

OpenSSL tricks

Unlock the ESXi host account

Active Directory

Windows Management Consoles

Windows Install Media

Active Directory

No Comments