There are 3 registry keys that admins in the Windows world use to enable automatic logins, often required for deployments that require a logged in user to setup user environments, such as configuring app deployments as part of a mass deployment. The required keys in the registry are:
-
-
Configure The OS X Yosemite Server Mail Service
Mail is one of the hardest services to manage. Actually, mail is pretty simple in and of itself: there’s protocols people use to access their mail (such as IMAP and POP), protocols used to communicate between mail servers and send mail (SMTP, SMTPS) and then there’s a database of mail and user information. In Mavericks Server, all of these are represented by a single ON button, so it really couldn’t be easier. But then there’s the ecoysystem and the evil spammers. As a systems administrator of a large number of mail servers, I firmly believe that there is a special kind of hell where only spam is served at every…
-
Migrate Mailboxes With Large Items Using New-MailboxImportRequest In Exchange 2013
When migrating mailboxes to Exchange 2013, you can run into an error the regarding maximum number of bad items. This causes the import to fail: Error code: -2146233088 This mailbox exceeded the maximum number of corrupted items that were specified for this move request. The message exceeds the maximum allowed size for submission to the target mailbox. A bad item can be one whose size is a bit large. The New-MailboxImportRequest commandlet can be called with the -BadItemLimit option, specifying a number of items> when using that option you must also specify the -AcceptLargeDataLoss option. For example, to import a mailbox called john.doe using a pst of john.doe.pst, the command would…
-
Grep, Search, Loops and Basename for Powershell Hotness
Simple request: Search for all files in a directory and the child directories for a specific pattern and then return the filename without the path to the file. There are a few commandlets we end up needing to use: Get-ChildItem: Creates a recursive array of filenames and pipes that output into the For loop. ForEach-Object: Starts a for loop, looping through the output of the command that has been piped into the loop (much easier than an IFS array IMHO). If: This starts the if pattern that ends after the select-string in the below command, but only dumps the $_.PSPath if the pattern is true. Select-String: Searches for the content…
-
Heartbleed in Comics
- Active Directory, Mac OS X, Mac OS X Server, Microsoft Exchange Server, Network Infrastructure, Ubuntu, Unix, VMware, Windows Server
Stashbox: Turning a Mac Mini Into A Logstash and Kibana Server
You have a lot of boxes. You would like to be able to parse through the logs of all those boxes at the same time, searching for a given timestamp across a set of machines for a specific string (like a filename or a port number). elasticsearch, logstash and kibana are one way to answer that kind of need. This will involve downloading three separate packages (which for this article, we’ll do in /usr/local) and creating a config file. First, install the latest Java JDK. This is available at jdk8-downloads-2133151.html. The following is going to download the latest version of logstash and untar the package into /usr/local/logstash (I like nesting…
- Active Directory, Mass Deployment, Microsoft Exchange Server, Network Infrastructure, Windows Server
Use Active Directory Commandlets On Computers That Aren’t Domain Controllers
By default, the Active Directory Powershell management tools are not installed on Windows Servers. Commandlets are instead installed when the Active Directory Domain Controller role is added. However, you can install them even without installing the role. To do so, open Server Manager and go to Add and Remove Roles and Features. Don’t add any Roles, instead skip to add features. Then open Remote Server Administration Tools and then Role Administration Tools. From there expand on AD DS and AD LDS Tools and then highlight the Active Directory Module for Windows PowerShell. Once enabled, click Next through the end of the wizard. Once the wizard is complete, open Powershell and use…
-
Enable Impersonation Rights In Exchange 2013
Exchange Impersonation Rights allow a user to impersonate the account of another user. To enable impersonation rights use the New-ManagementRoleAssignment command let. To enable Impersonation rights for an account called krypted (samAccountName), use the following commandlet: New-ManagementRoleAssignment –Name:impersonationAssignmentName –Role:ApplicationImpersonation –User: krypted To remove those rights, use the Remove-ManagementRoleAssignment commandlet. Below we’ll run a Get-ManagementRoleAssignment to finds the user krypted with the appropriate role and then pipe that to the Remove-ManagementRoleAssignment commandlet: Get-ManagementRoleAssignment -RoleAssignee "krypted" -Role ApplicationImpersonation -RoleAssigneeType user | Remove-ManagementRoleAssignment
-
Script to Create Exchange Mailboxes for Active Directory Users Based On OU
Here’s a little powershell script to enable mailboxes based on an OU and put their new mailbox into a given database. To customize, change OU=ORGANIZATIONALUNIT,DC=companyname,DC=com to the DN for the OU you are configuring. Also, change DATABASENAME to the name of the information store that you’d like to use for the mailboxes in that OU. Import-module activedirectory $OUusers = Get-ADUser -LDAPfilter ‘(name=*)’ -searchBase {OU=ORGANIZATIONALUNIT,DC=companyname,DC=com} foreach($username in $OUusers) { Enable-Mailbox -Identity $username.SamAccountName -database {DATABASENAME} }
-
Check It Ma, Logz For Dayz
On a Mac, I frequently use the tail command to view files as they’re being written to or in use. You can use the Get-EventLog cmdlet to view logs. The Get-EventLog cmdlet has two options I’ll point out in this article. The first is -list and -newest. The first is used to view a list of event logs, along with retention cycles for logs, log sizes, etc. Get-EventLog -list You can then take any of the log types and view information about them. To see System information: Get-EventLog System There will be too much information in many of these cases, so use the -newest option to see just the latest:…