AD Powershell

After running Windows Server 2016 recently with a DC, I’ve started using Powershell to perform AD functions. Here are a few basics.

New-ADUser cmdlet to create a new user:

 New-ADUser -Name John.Smith 

The above would only create the username, create a new user with more associations:

 New-ADUser -Name John Smith -GivenName John -Surname Smith -Path "OU=Staff,DC=Company,DC=Com" 

Add the password for above account:

 $password = "Strong Password" | ConvertTo-SecureString -AsPlainText -Force
New-ADUser -Name John.Smith -GivenName John -Surname Smith -Path "OU=Staff,DC=Company,DC=Com" 

Bulk Import Users with New-ADUser:

$Import =Import-CSV "c:\utils\aduserimport.csv"
$OU = "OU=staff,DC=ausinfotech,DC=local"
Foreach ($user in $Import)
{
$password = $user.Password | ConvertTo-SecureString -AsPlainText -Force
New-ADUser -Name $user.Name -GivenName $user.FirstName -Surname $user.LastName -Path $OU -AccountPassword $Password -ChangePasswordAtLogon $True -Enabled $True
}

The above script imports the CSV file, sets the standard OU and calls each data record (line of your CSV), writes the password and creates the user account. We are using a “Foreach”-loop, which loads each user record with its parameters from the CSV file.

See here for more info:
http://activedirectoryfaq.com/2016/04/ad-powershell-basics-new-aduser

cmder

Cmder http://cmder.net/ is a software package created out of pure frustration over the absence of nice console emulators on Windows. It is based on amazing software, and spiced up with the Monokai color scheme and a custom prompt layout, looking sexy from the start.

Highly recommend installing the full version as it provides all the Linux utils including ls for a dir in Windows!

Find any E-Mail Address or Proxy Address In Active Directory

Who has this e-mail address? The address could be one of many different types of objects. A user mailbox, shared mailbox, distribution list, public folder, contact or resource could all contain that specific e-mail address. The problem with the Exchange Management Console in Exchange 2010 does not allow you to find any e-mail address only the primary.

Exchange Commandlets:

1: The following Exchange commandlet is the easiest method to find a specific e-mail address
or portion of an e-mail address. This will find any object within Exchange that has an exact
match to the e-mail address you place in the filter with -eq or email portion when using -like.

Get-Recipient [email protected]

Get-Recipient -Filter {EmailAddresses -like "*emailportion*"}

2: The following examples highlight the individual commandlets that target and return the
specific Exchange object types. You can substitute -eq with -like to include wild cards.

Get-Mailbox -Filter {EmailAddresses -eq "[email protected]" -or WindowsEmailAddress -eq "[email protected]"}

Get-MailboxContact -Filter {EmailAddresses -eq "[email protected]" -or WindowsEmailAddress -eq "[email protected]"}

Get-DistributionGroup -Filter {EmailAddresses -eq "[email protected]" -or WindowsEmailAddress -eq "[email protected]"}

Get-MailUser -Filter {EmailAddresses -eq "[email protected]" -or WindowsEmailAddress -eq "[email protected]"}

Reference:
http://powershellblogger.com/2015/10/find-any-e-mail-address-or-proxy-address-in-active-directory/

 

SSL Server Test

Qualys SSL Server Test is free online service that performs a deep analysis of the configuration of any SSL web server on the public Internet.

https://www.ssllabs.com/ssltest/

To configure Apache and Nginx with acceptable protocols TLS settings follow these guides, they will provide a better score on the above Qualys rating and make your SSL site more secure.

 

Penetration Testing Tools Cheat Sheet

Penetration testing tools cheat sheet, a quick reference high level overview for typical penetration testing engagements. Designed as a quick reference cheat sheet providing a high level overview of the typical commands you would run when performing a penetration test. For more in depth information I’d recommend the man file for the tool or a more specific pen testing cheat sheet.

Site and other tools from: https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/

400+ Free Resources for DevOps & Sysadmins

In 2014 Google indexed 200 Terabytes of data (1 T of data is equal to 1024 GB, to give you some perspective). And, it’s estimated that Google’s 200 TB is just .004% of the entire internet. Basically the internet is a big place with unlimited information.

So in an effort to decrease searching and increase developing, Morpheus Data published this massive list of free resources for DevOps engineers and System Admins, or really anyone wanting to build something useful out of the internet.

All these resources are free, or offer some kind of free/trial tier. You can use any/all of these tools personally, as a company, or even suggest improvements (in the comments). It’s up to you.

If you find this list useful, please share it with your DevOps/SysAdmin friends on your favorite social network, or visit Morpheus Data to learn how you can 4x your application deployment.

http://www.nextbigwhat.com/devops-sysadmin-tools-resources-297/?_utm_source=1-2-2

TagSpaces File Organiser

TagSpaces is an open source personal data manager. It helps you organize files with tags on every platform. It helps you organize files with tags on every platform. Organize your photos, recipes or invoices in the same way on every platform. Cross platform support for Windows, Linux, OS X, Android, Firefox and Chrome. With the help of tags you can do research better or you can manage projects using the GTD methodology. The application persists the tags in the file names. As a consequence, the tagging information is not vendor locked and can be used even without the TagSpaces application. The absence of a database, makes syncing of the tag meta information easy across different devices with services like Dropbox. TagSpaces features basic file management operations, so it is a kind of tag-based file manager.

Open and Extensible

TagSpaces is open sourced and published under the AGPL license. It is designed to be easily extended with different plugins for visualization of directory structures or for opening of different file types.

No Backend – No Login – No Cloud

TagSpaces is running completely offline on your computer, smartphone or tablet and does not require internet connection or online registration. You can still use platforms like ownCloud, Dropbox or Bittorrent Sync in order to sync your files between devices.

Ease of use

TagSpaces offers you a convenient web interface to your local file system. It is implemented in JavaScript and HTML5, which are the technologies behind most of the modern web applications.

tagspaces-tagging

 

 

 

 

 

More details and download:
https://www.tagspaces.org/

Mysterious cab files fill-up temp folder

A Windows server disk space is filling up fast due to cab files.

Upon closer inspection I found that every hour an unknown process would attempt to write a .cab file of approx 60MB to the Windows temp folder. Checking with Process Explorer I found that it was makecab.exe writing these files. Makecab was invoked by services.exe, so that was a bit of a dead end. I looked through the list of Windows scheduled tasks, but did not find anything that was supposedly run every hour.

The SFC.exe program writes the details of each verification operation and of each repair operation to the CBS.log file. The CBS.persist.log is generated when the CBS gets to be around 50Mb in size. CBS.log is copied to cbs.persist.log and a new cbs.log file is started. A bit of Google foo and we determine that the cbs logs would only be useful for serious troubleshooting issues. If the system is running fine, we can delete this file. SFC.exe will create a new one, next time it is run. I now speculate that the file size is larger than what is supported and the process fails, hence resulting in a partial .cab file that sits in the temp folder, rather than a complete .cab file in the CBS log folder.
I have deleted the offending .cab file and most of the other ones too, just keeping a few recent ones in case we need them. No more mysteries!

http://felixyon.blogspot.com.au/2013/03/mysterious-cab-files-fill-up-temp-folder.html

 

Last logon time of user in Windows

Using ‘Net user’ command we can find the last login time of a user. The exact command is given below.

 net user username | findstr /B /C:"Last logon" 

Example:
To find the last login time of the computer administrator

 C:\> net user administrator | findstr /B /C:"Last logon"
Last logon 6/30/2010 10:02 AM
C:> 

For a domain user, the command would be as below.

 C:\>net user john /domain | findstr /C:"Last logon"
Last logon 9/18/2013 10:18:41 AM 

Reference:
[[http://www.windows-commandline.com/last-logon-time-of-user/]]

Duplicati Backup Software

Duplicati is a backup client that securely stores encrypted, incremental, compressed backups on cloud storage services and remote file servers. It works with Amazon S3, Windows Live SkyDrive, Google Drive (Google Docs), Rackspace Cloud Files or WebDAV, SSH, FTP (and many more). Duplicati is open source and free.

Duplicati has built-in AES-256 encryption and backups can be signed using GNU Privacy Guard. A built-in scheduler makes sure that backups are always up-to-date. Last but not least, Duplicati provides various options and tweaks like filters, deletion rules, transfer and bandwidth options to run backups for specific purposes.

Reference and Download:
http://www.duplicati.com