dsquery computer -limit 2000 > allcomputers.txt
Then so
dsquery computer -inactive 4 -limit 1000 > inactivecomputers.txt
inactive 4 selects computers inactive for more than 4 weeks.
Then compare them to find the active ones.
AD groups – pt 2
Get-ADGroup -Filter {name -like “*”} > C:\Scripts\Glist.txt
name-like value can be changed for narrowing down Group Names such as Account* will include all Accounting.US, Accounting.International, etc
Notepad++- Bookmark lines containing “SamAccountName”, remove Unbookmarked lines, Replace “SamAccountName : ” with nothing and save.
Then as a script run:
$groups = Get-Content c:\Scripts\Glist.txt
foreach($Group in $Groups) {
Get-ADGroupMember -Id $Group | select @{Expression={$Group};Label=”Group Name”},* | Export-CSV c:\Scripts\GroupsInfo.CSV -Append -Force -NoTypeInformation
}
Test Windows AD creds
http://www.joeware.net/freetools/tools/auth/index.htm
Auth V01.01.00cpp Joe Richards (joe@joeware.net) August 2001
Usage: Auth.exe /d:dom /u:uid /p:pwd
WSUS location in unknown enviromnent
The wsus server URL will be in the windows update log c:\windows\windowsupdate.log
or
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\WUServer
Sending OS Alert Message across networked computers
As net send is old and not always supported, msg is a good alternative
msg /SERVER:[PC you want to send a message to] * “[message]”
use of /TIME:[seconds] changes the alert’s lifetime from default 60 seconds
use of /V provides a bit more info, but nothing to write home about, however adding /V /W will let you know the user clicked “OK” with a ” Message to session [] responded to by user”
Playing WebEx recordings
Not all computers have the proper codec installed to play a WebEx recording.
This was how I stripped their proprietary codec to allow compatible playing.
Required :
https://www1.gotomeeting.com/codec?Portal=www.gotomeeting.com https://citrix.sharefile.com/download.aspx?id=seadcbe4ce7744dab
Pretty straight forward after that, add the file, start and boom.
List Groups An AD User Is In
PowerShell:
Import-Module ActiveDirectory
(Get-ADUser userName –Properties MemberOf | Select-Object MemberOf).MemberOfNotepad++:
Three Find and Replace – ,CN=.* ,OU=.* CN= with nothing
It searches for [text] followed by any character (.) any number of times (*), effectively “any sequence of characters”, ending at the line break.
Linux VNC Remote Control via Reverse SSH
Phone Home Server Main Image – Setup – as root
Enable port 22 on VM firewall
edit /etc/ssh/sshd_config
RSA Authentication
GSSAPI Authentication NO
X11 Forwarding NO
service sshd start
chkconfig sshd on
Phone Home Server
Clone/replicate from main image and get IP address- either static or DHCP assign
RVA – Setup – as root
yum install tigervnc-server
cp /lib/systemd/system/vncserver@.service /lib/systemd/system/vncserver@:1.service
edit /lib/systemd/system/vncserver@:1.service
replace <USER> with vauser
add “-localhost” after the %i in the start line
systemctl –system daemon-reload
systemctl enable vncserver@:1.service
system start vncserver@:1.service
Firewall Setup
Setup port forward to <home IP> <RVA port number> to individual Phone Home Server IP:22
RVA – Setup – as user
vncpasswd
ssh-keygen -b 4048
ssh-copy-id “External Phone Home IP” or “Internal IP during initial setup”
RVA – Usage – auto script and shortcut on desktop
ssh -R 2001:localhost:5901 -p <portnumber> <home IP>
[anything here on home IP] [goes here from RVA]
Phone Home Server – usage – create shortcut on desktop
vncserver localhost:2001