You can gracefully stop Windows processes using the Stop-Process command let. For example, to stop Chrome: Stop-Process -Name Chrome Or to stop it by ID. To locate the ID of a process, use get-process: get-process Chrome You can then use the -ID operator to stop the process: Stop-Process -ID 6969 Kill is a command that all Mac and Unix admins know. It’s similar to Stop-Process, except it’s anything but graceful. And you use the -processname option to stop a process: kill -processname calc
-
-
Enable AutoAdminLogon For Windows Deployments
There are 3 registry keys that admins in the Windows world use to enable automatic logins, often required for deployments that require a logged in user to setup user environments, such as configuring app deployments as part of a mass deployment. The required keys in the registry are:
-
Grep, Search, Loops and Basename for Powershell Hotness
Simple request: Search for all files in a directory and the child directories for a specific pattern and then return the filename without the path to the file. There are a few commandlets we end up needing to use: Get-ChildItem: Creates a recursive array of filenames and pipes that output into the For loop. ForEach-Object: Starts a for loop, looping through the output of the command that has been piped into the loop (much easier than an IFS array IMHO). If: This starts the if pattern that ends after the select-string in the below command, but only dumps the $_.PSPath if the pattern is true. Select-String: Searches for the content…
-
Use Syslog on Windows
There are a number of tools available for using Syslog in a Windows environment. I’ll look at Snare as it’s pretty flexible and easy to configure. First download the snare installation executable from http://sourceforge.net/projects/snare. Once downloaded run the installer and simply follow all of the default options, unless you’d like to password protect the admin page, at which point choose that. Note that the admin page is by default only available to localhost. Once installed, run the “Restore Remote Access to Snare for Windows” script. Then open http://127.0.0.1:6161 and click on Network Configuration in the red sidebar. There, we can define the name that will be used in syslog (or leave…
- Active Directory, Mac OS X, Mac OS X Server, Microsoft Exchange Server, Network Infrastructure, Ubuntu, Unix, VMware, Windows Server
Stashbox: Turning a Mac Mini Into A Logstash and Kibana Server
You have a lot of boxes. You would like to be able to parse through the logs of all those boxes at the same time, searching for a given timestamp across a set of machines for a specific string (like a filename or a port number). elasticsearch, logstash and kibana are one way to answer that kind of need. This will involve downloading three separate packages (which for this article, we’ll do in /usr/local) and creating a config file. First, install the latest Java JDK. This is available at jdk8-downloads-2133151.html. The following is going to download the latest version of logstash and untar the package into /usr/local/logstash (I like nesting…
-
Hey Active Directory, Can I Trade Some PowerShell For A Phone List?
According to how you’ve been creating accounts, you might be the best friend of the office manager, who calls looking to see if you can generate a quick phone list. Or you might be useless. Either way, you should know how to obtain the data and therefore possibly how to be helpful to others. Or again, you might be a lost cause. Sorry, had to be said before I take over the entire Tri-State area. Anyway, let’s assume that you want to just grab the office phone number and that you’ve entered that into Active Directory. So let’s pull that and print it to the screen: Get-AdUser -Filter * -Properties…
-
Create a Forest Trusts In Active Directory
Trusts in Active Directory allow objects from one Domain or Forest to access objects in another Domain or Forest and allows administrators. To setup a trust: Login with a user in the Domain Admins group if you are setting up a Domain trust or Enterprise Admins if you are setting up a Forest trust (if you cannot use an account in one of these groups, you can use an account in the Incoming Forest Trust Builders group) Open Administrative Tools Open Active Directory Domains and Trusts Right-click the name of the domain Click Properties Click on the Trust tab Click New Trust Click Next Click on the Trust Name page…
-
Change Active Directory Forest Mode With A Script
Changing the Forest Mode in Active Directory can be scripted. I find this useful when regression testing such tasks in a sandbox (e.g. restore image, automate login, change mode, run tests, etc). The script is very simple. First, you’ll import he ActiveDirectory modules: Import-Module -Name ActiveDirectory Then you’ll check for the mode prior to running: Get-ADForest | Format-Table ForestMode Then you’ll change the forest and domain modes (one per line): Set-ADForestMode –Identity “krypted.com” –ForestMode Windows2008Forest Set-ADDomainMode –Identity “krypted.com” –DomainMode Windows2008Domain Then you’ll report the result: Get-ADForest | Format-Table Name , ForestMode The end result could be as simple as three lines if just testing: Import-Module -Name ActiveDirectory Set-ADForestMode –Identity “krypted.com”…
- Active Directory, Mass Deployment, Microsoft Exchange Server, Network Infrastructure, Windows Server
Use Active Directory Commandlets On Computers That Aren’t Domain Controllers
By default, the Active Directory Powershell management tools are not installed on Windows Servers. Commandlets are instead installed when the Active Directory Domain Controller role is added. However, you can install them even without installing the role. To do so, open Server Manager and go to Add and Remove Roles and Features. Don’t add any Roles, instead skip to add features. Then open Remote Server Administration Tools and then Role Administration Tools. From there expand on AD DS and AD LDS Tools and then highlight the Active Directory Module for Windows PowerShell. Once enabled, click Next through the end of the wizard. Once the wizard is complete, open Powershell and use…
-
Enable Impersonation Rights In Exchange 2013
Exchange Impersonation Rights allow a user to impersonate the account of another user. To enable impersonation rights use the New-ManagementRoleAssignment command let. To enable Impersonation rights for an account called krypted (samAccountName), use the following commandlet: New-ManagementRoleAssignment –Name:impersonationAssignmentName –Role:ApplicationImpersonation –User: krypted To remove those rights, use the Remove-ManagementRoleAssignment commandlet. Below we’ll run a Get-ManagementRoleAssignment to finds the user krypted with the appropriate role and then pipe that to the Remove-ManagementRoleAssignment commandlet: Get-ManagementRoleAssignment -RoleAssignee "krypted" -Role ApplicationImpersonation -RoleAssigneeType user | Remove-ManagementRoleAssignment