AD

Read-Only Friday November 25, 2022

November 25, 2022 by ClaytonT Leave a Comment

I know a lot of US workers have off today, but still wanted to post something as I know there are still many working and others who may have a little extra free time for learning. For today’s ROF, it really is a module or should I say modules, but the solution from these modules could be so helpful, I didn’t want someone to miss it.

The creator is called AsBuiltReport, which they have designed As Built Reports for different software and systems which you can customize what you want to see on the report and what thresholds should be for pass/fail.

Another way I could see using this to do to monthly/weekly/daily checks on your systems, and see if anything has been changed, but not only that, for certain(or all) systems it automatically changes back to the standard settings that it should be.

GitHub:

https://github.com/AsBuiltReport

One-Liner Wednesday Nov 9, 2022

November 9, 2022 by ClaytonT Leave a Comment

This is an oldie, but a goodie…

Unlock-ADAccount -Identity "UserName"

If you haven’t used this, and didn’t know it existed, definitely add it to your tool box. It’s so much easier than having to go into the GUI to do this.

A nice future script you could have this in is if you have multiple users get locked out, that you could pipe Get-ADUser for the group you want and filter it so only disabled show and either unlock all of them, or pipe it to Out-GridView with passthrough. This would give you a nice gridview of the users and the ones you select from it would be disabled.

Module Monday November 7, 2022

November 7, 2022 by ClaytonT Leave a Comment

It’s Monday…..

So here is a new module for today! This one is actually expanding on one liner Wednesday form last week.

This module is called “Password Solution” which allows you to easily search, review, and email users, managers, and IT about passwords expiring. You can even create specific templates to send out to depending on who is receiving it. He make makes it so easy, it makes it tough for a reason not to have something like this in place!

Another great feature is the dashboard that he provides you, which saves you a lot of time trying to make your own from the one liner last week.

PowerShell Gallery:
PasswordSolution/0.0.29

One-Liner Wednesday November 2, 2022

November 2, 2022 by admin Leave a Comment

Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False} –Properties "DisplayName", "msDS-UserPasswordExpiryTimeComputed" |
Select-Object -Property "Displayname",@{Name="ExpiryDate";Expression={[datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")}} | sort-object ExpiryDate

Here is a one liner that find very useful and hope you do to.

You can customize it even more, but for now this one grabs all the AD User accounts that are expiring and the ones expiring first at the top. I love using this to stay in front of users passwords expiring then they can’t connect or if they are off network and is a rush to get it done.

You could even sent this up as a scheduled task and have it pull the next 2 weeks of users. Then either you reach out to them, it emails them, or it notifies your help desk to reach out to them to help change their password.

Or you could have it in your dashboard so you’d always see the next 2 weeks of users passwords expiring.

Module Monday October 24, 2022

October 24, 2022 by ClaytonT Leave a Comment

It’s Module Monday…

Although this module could be on Read-Only Friday, I wanted to show you that not all modules change your environment, and they can be extremely helpful getting information for you so you don’t have to create it or yourself. And with it being Cyber Security Month, why not have an easy way to find changes in your Active Directory.

With that said, today’s module is Jeff Hicks ADReportingTools, which I think the name is pretty obvious of what it does, but definitely check out the GitHub for all the reporting it can do. Here are a few of my favorites.

Get-ADDomainControllerHealth – this checks storage space, physical memory, % of security log in use, and critical services not running
Get-ADUserAudit – which will search the event logs on your domain controller for that specific user events
Get-ADGroupUser – which will display all users in that defined group and who any disabled users in red
Get-ADSiteSummary – shows a quick view of your sites and subnets
Show-DomainTree – this will show your domain in a tree view in your console
New-ADDomainReport – I really like this one, it shows you a nice html formatted report of your domain

Hope you take a look at it and if you see any features you’d like, let Jeff know.

PowerShell Gallery:

ADReportingTools/1.4.0

GitHub:
ADReportingTools

Read-Only Friday October 21, 2022

October 21, 2022 by ClaytonT Leave a Comment

It’s Friday, so you know what that means!

I like todays, because it’s another one of those it’s easy, but we either forget to check or believe it’s working but it may not be.

What is it? Event logging and dashboards. I’ll admit the dashboard part isn’t easy, but the event logging is. And I’m not just talking about your scripts(which you should be adding event logging to them when possible), I’m talking about any of your infrastructure that you manage. Even if you have alerting on, how do you know the alerting is actually working? Maybe your script or application you are using to go through the logs has an update but you don’t see it since you haven’t checked it in a month thinking it just works?

It’s always better to be proactive than reactive. Also while going through the logs you may find something else you want to start alerting for. Maybe you adding a new feature to your firewall or you added a print server and you want to setup alerting for those?

Hope you take out some time today and go through your logs, and if you’ve done that, do you have dashboards and/or alerting in place? If so, check those as well, and see if there is anyway you could improve it.

What scripts/modules/applications do you use to manage your event logs and/or create dashboards with?