Janus…

The second post in my two-part series that is a departure from my blogging norm… Looking back, the last year has been amazing. Watching the PoSh children grow, enjoying family and friends, succeeding at work, being healthy and happy and safe. We should all take time to take stock. Appreciate now. Looking forward, I wish for…

1

Happy Holidays 2016!

I’m going to take a blogging holiday for the next couple of weeks. Well, kind of… I’ll post something but it won’t be PowerShell related. Well, sort of… This week’s ‘departure’ below. If you’re celebrating at this time of year, or also if you’re not celebrating at this time of year, then I wish you all the very…

0

Security Focus: Set ConstrainedLanguage Mode on My Test Computer

Whilst doing some research, for a presentation on Security and PowerShell, I came across what I assume is an UNSUPPORTED setting, due to a lack of documentation: [Environment]::SetEnvironmentVariable(‘__PSLockdownPolicy’, ‘4’, ‘Machine’)   After running it, look what happens when I try and start PowerShell. Damn, my profile script won’t run… but, what’s this? I can’t do other…

0

RegEx for Splitting Hairs

Here’s some hairs…     Wrong hairs!   Here is the intended hairs… $Hairs = ‘PD112345D123456F£45637’   How do we split $Hairs down to just show numbers? RegEx and -Split to the rescue. $Hairs -split “\D+”     Here we are using anything that isn’t a digit as the divider. Simples.  

0

List Forest SPN Mappings

I was helping a customer setup Kerberos delegation the other day. After all these years, the specifics of this topic still seems to create uncertainty. Eventually, the conversation turned to the SPN-Mappings attribute. This little beauty can be found on the Directory Services NTDSService object in the configuration partition. It allows the “host/…” SPN of a computer to represent any…

2

10 Years of PowerShell!

Is it really 10 years? Time passes so fast. I was a Sys Admin when PowerShell was released, in November 2006, and I distinctly recall the buzz and confusion. Buzz – because, as a scripter, a new scripting language, a new Microsoft scripting language was something very cool. Confusion – because, in my team, we didn’t understand how we…

0

Days of Service and Service Anniversaries

Not an exact science*, but PowerShell and Active Directory can be used to arrive at the length of service for people in your team. *this post assumes that the WhenCreated date on user accounts corresponds to an employee’s actual start date.   Take a look at this… $Team | ForEach-Object { Get-ADUser -Filter {Name -like $_} -Properties…

0

All Properties AND a Constructed Attribute? Get out of here!

Can you retrieve all of an object’s properties and request a constructed attribute at the same time? Of course you can! The post would be a little pointless if I answered NO and stopped RIGHT HERE. With the AD cmdlets, we all know we can ask for an object and all of its properties by using -Properties *…

0

Active Directory Object Parent GUID Fun!

Another week of AD Object GUID fun! I’ve created an abridged version of a previous post, so crack open your extreme cola of choice for some extreme PowerShell of choice… Let’s ask for the ParentGuid (the clue’s in the name) constructed attribute of an AD object. How about an OU? $Ou = Get-ADOrganizationalUnit -Identity “OU=Word Smiths,OU=User Accounts,DC=HALO,DC=NET” -Properties…

0

Active Directory Object GUID Conversion Larks!

What fun I have in the hotel of an evening! Gym, meal and then Active Directory object conversion larks and laughs! Here’s my latest evening escapade… Let’s get the GUID of an Active Directory computer object. $b = (Get-ADComputer -Identity “CN=HALOCLI1001,OU=Clients,DC=HALO,DC=NET”).ObjectGUID   Now, convert it to a byte array. $c = $b.ToByteArray(); $c -join “”,…

1