Powershell: Update computer group membership
without restart! yay! Run line in powershell
PowershellTag ArchiveSubscribe
Powershell: Get free diskspace remote computer
Run this oneliner to get computer free disk space
AD DS: Collect User cmd history
After enabling auditing for event 4688, see post about auditing Microsoft AD DS(TBD). You can collect logs to see cmd activity for a user. I have wrote this powershell function little quick to help me out with this. But I do recommend an greylog for this purpose.
AD DS: Collect User Logon History
After enabling auditing for event 4624, see post about auditing Microsoft AD DS(TBD). You can collect logs to see login activity for a user. I have wrote this powershell function little quick to help me out with this. But I do recommend an greylog for this purpose.
DHCP: Troubleshooting
I got a weird case that DCHP settings has disappeared. Scope options and lease times where gone and resett, some routes where gone as well. We did use powershell to find effected scopes and to restore some of the options. The code is not pretty but it does the job for
Powershell: Format WMI timestap to normal DateTime
WMI does store timestamp in CIM_DATETIME format. To convert it to a more readable format there is a .Net management Class to help us out.
AD DS: Get all userobject containing UserCertificate
if an Certificate Template has enabled Publish certificate in Active directory it will publish the certificate in an attribute on the user object. This usally is not requiered to do and it might cause some problems. To find what account that has certificate published to their user object run following oneliner.
AD DS: Get last logon for user
To get most accurat time date for a user last logonyou need to use both lastlogon and lastlogonTimestamp. lastlogon will only be triggered when an interactive logon is done. while lastlogontimestamp will be updated if lastlogon is newer than 14 days(ish) and if an logon is done by a service. You can achieve this with… Continue Reading AD DS: Get last logon for user
Powershell: Convert time string to date time
Active Directory sotre date and time as number of 100 nanoseconds intervals. sometimes Gui and powershell results converts this to you to a more readable format. But sometimes it dont. You can convert this in some different ways. One is with powershell
PowerShell: Kill PID based on name
Kill specific process PID based on name