Automated Offline Domain Join using PowerShell and JEA

Abstract An offline domain join requires network access to a writable Domain Controller, which might not be desired in a DMZ scenario. Also, permissions to create computer accounts are required and permissions to enable password replication to the Read-Only Domain Controller. This document describes the process of delegating and fully automating this process by means…

0

Visualize DSC Reporting with PowerBI

Abstract Reporting is an essential component of DSC and one of the main advantages. Always knowing the status about your nodes and even being able to know which settings are not compliant is a big advantage compared to classical scripting or Group Policies. However, the reporting feature is not so easy to use and there…


Broken DSC Reporting, RequestEntityTooLarge and some LCM internals

Abtract After migrating a complex DSC configuration using partial configurations to composite resources, DSC reporting using SQL Server as described in Using SQL Server 2016 for a DSC Pull Server did not work any longer or was no longer reliable. This article is about troubleshooting this and learning something about Event ID 4260 and how…


PowerShell Tip: Getting enum values as names, int and bit

There are a number of samples how to resolve enums and display all the possible values. However, none of those worked for me with the enum System.Security.AccessControl.FileSystemRights. This enum has duplicate values and as most functions listing enum values are based on Enum.GetValues, you see not just the duplicate values but also duplicate names. So…


Using SQL Server 2016 for a DSC Pull Server

This article describes how to use a SQL Server 2016 as the backend database for a Desired State Pull Server. The default database engine is EDB and lacks a couple of feature required. This article guides you through the setup process.


NTFSSecurity Tutorial 1 – Getting, adding and removing permissions

Summary Managing file and folder permissions in Windows PowerShell is not that easy, and there are numerous articles and blog posts describing how it works by using the .NET classes. This is far from being comfortable, and there is one major and one minor restriction: Path length Generic rights This post introduces the NTFSSecurity module,…


The ADSI Schema Cache revealed

Downloads related to this article:         dSASignatureFlag_Samples.zip Today's topic: The ADSI Schema Cache revealed Like mentioned in the first article of this blog <Active Directory Service Interface (ADSI) and the Read Only Domain Controller (RODC) – Avoiding performance issues> ADSI utilizes a Schema Cache of the LDAP directories it has successfully contacted. In the article mentioned…


AutomatedLab Introduction – Part 1

Introduction Why AutomatedLab We all know the situation: Your Company wants to upgrade some software product or wants to introduce something new, and you need to test this in a lab environment that looks somehow similar like to your production environment. Let’s say you need to test the integration of a software product with Active…

3

Active Directory Service Interface (ADSI) and the Read Only Domain Controller (RODC) – Avoiding performance issues

Hi there, this is the first blog entry for the new info series ‘Coding from the field’. The intention of this blog is to help you avoiding the reinvention of the wheel as well as to communicate known tripping hazards. Todays topic: Active Directory Service Interface (ADSI) and the Read Only Domain Controller (RODC) Avoiding…