Posts
  • LeoPonti Blog

    Error "Access is denied" al despromover Domain Controller

    Hola a todos! En esta oportunidad, me gustaria dejarles la solucion a un inconveniente al querer despromover un Domain Controller el cual este operativo y al querer despromoverlo, les aparezca el siguiente mensaje: The operation failed because: Active Directory Domain Services could not configure the computer account <hostname>$ to the remote Active Directory Domain Controller account <fully qualified name of helper DC>. "Access is denied" Como primer medida, chequear el siguiente KB de Microsoft: DCPROMO fails with error "Access is denied" if the user performing the promotion is not granted the "trusted for delegation" user right Si aun asi no encuentran la solucion, les dejo la siguiente opcion que en una oportunidad experimente y se presenta el mismo error que es cuando marcamos el objeto "Computer" del Domain Controller a despromover como proteccion de eliminacion (Protect Object from accidental deletion). En ese caso, les paso dos formas de revertirlo si estamos en una estructura de Active Directory Windows Server 2008 o superior. Opcion 1: Destildar dicha opcion de Site&Services: Para esta opcion entramos a la consola de Site&Services: En dicha consola, buscamos en el Sitio del Domain Controller a despromover y dentro del mismo, NTDS Settings , donde desplegaremos el menu y seleccionaremos la opcion Properties: En la ventana que nos aparecera, vamos a la solapa Object , donde veremos la opcion "Protect Object from accidental deletion", de estar tildada, se tiene que destildar para habilitar que el objeto pueda ser eliminado al despromoverse. Opcion 2: Destildar dicha opcion de Users and Computers: Para esta opcion entramos a la consola de Users and Computers: En dicha consola, vamos al contenedor de Domain Controllers donde nos aparecera el objeto Computer del Domain Controller que deseamos despromover, donde iremos a tildar la opcion que encontramos en View - Advanced Features Luego seleccionamos el objeto Computer del Domain Controller a despromover y seleccionamos Properties. En la ventana que nos aparecera, vamos a la solapa Object , donde veremos la opcion "Protect Object from accidental deletion", de estar tildada, se tiene que destildar para habilitar que el objeto pueda ser eliminado al despromoverse. Aclaración 1: Estados dos opciones hay que chequearlas ya que se pueden haber habilitado en su momento y si no se destildan, no se podra despromover el...
  • LeoPonti Blog

    Links de Interes: Active Directory Disaster and Recovery

    Hola, En el presente post, les dejo links de interés para armado, preparación, prevención y ejecución de Disaster and Recovery. Tenemos que tener la idea en claro, que nuestra infraestructura de Active Directory es el Core y permite el funcionamiento de muchas otras plataformas, que sea por autenticación, resolución de nombre, delegaciones, etc toman los recursos de nuestro dominio y para brindar un correcto servicio, tenemos que tener un plan estructurado y detallado de recovery ante fallas que se nos puedan presentar, desde un simple objeto borrado, pasando por OUs con muchos objetos, Domain Controllers, Dominios, Políticas de Dominio y hasta un desastre de magnitudes importantes que hasta pueda afectar nuestro Forest Completo. Este tema es muy extenso de tratar y lamentablemente en muy pocos lugares le dan la importancia que realmente necesita, nos acordamos de tener un plan de recovery cuando tal vez es demasiado tarde..., pero es importante tener documentado y sobre un ambiente hacer pruebas, como para llegado el caso aplicar algo en nuestro ambiente productivo, sepamos los pasos a seguir y no se pierda tiempo con ejecuciones y "pruebas" sin sentido, demorando el tiempo de resolución del problema. A continuación, les dejo una lista de varios links de interés, el cual les será de utilidad para armar la documentación de Disaster and Recovery de su empresa, sobre el ambiente de laboratorio para hacer estas pruebas, pueden armarlo sobre infraestructura virtual, es recomendable generar una estructura paralela de iguales características que producción, tanto en cantidad de objetos como en cantidad de equipos, ya que les servirá para destinar tiempos de resolución, pero tal vez si tienen una empresa con una estructura de Active Directory grande, no pueden duplicar todo igual, con lo que armando su laboratorio "a escala", ya les sirve para sobre cada tipo de desastres, estimar tiempos de resolución.- Ahora si, les dejo los links, son en verdad muchos, pero pueden ir tomando los que les sea de utilidad ya que varios son de conocimiento general con lo que no necesitaran tomar información del mismo, pero de seguro, algunos se les pase y puedan tenerlo desde el siguiente detalle: How to move a Windows installation to different hardware http://support.microsoft.com/kb/249694 How to automate Ntdsutil.exe using a script http...
  • LeoPonti Blog

    PowerTip: Display All PowerShell Modules and Cmdlets

    Summary : Learn how to display all Windows PowerShell modules and cmdlet names. How can I get output that shows Windows PowerShell module names and the cmdlets or functions that are contained inside the modules? Use the Get-Module cmdlet, and then for each module, display the name and use Get-Command ( gcm is an alias) to retrieve the cmdlets and functions (this is a single-line command broken at the pipe character for readability): Get-Module -ListAvailable | foreach {"`r`nmodule name: $_"; "`r`n";gcm -Module $_.name -CommandType cmdlet, function | select name}...( read more )
  • LeoPonti Blog

    Weekend Scripter: Understanding PowerShell in Windows 8

    Summary : Microsoft Scripting Guy, Ed Wilson, talks about understanding Windows PowerShell 3.0 in Windows 8. Microsoft Scripting Guy, Ed Wilson, is here. It is an exciting and great day! I have been working a bit to solidify the editorial calendar for the Hey, Scripting Guy! Blog. I can say that there are some absolutely awesome posts coming up in the next couple months. I am not just saying this because I am writing them. Nope. I have a great lineup of guest writers. The upcoming stuff will simply rock! Windows 8 posh stuff… One of the really great things about Windows 8 is the implementation of Windows PowerShell 3.0. But many of the really cool commands (cmdlets or functions) are not strictly Windows PowerShell 3.0. For example, one function I use on a regular basis when I am traveling is Get-NetAdapter . This command tells me if a network adapter is up. Because I toggle my wireless and my Ethernet adapter connections (on or off depending on the network), I often need to see if a particular adapter is up. Another function I use a lot when I am traveling is the Get-NetConnectionProfile function. This tells me how a particular network adapter has been identified by the operating system. I can modify the profile by using Set-NetConnectionProfile . I need to use this a lot when I am traveling and I want to demonstrate Windows PowerShell. Neither of the two previously mentioned functions are part of Windows PowerShell 3.0, per se. They are included in modules that ship with Windows 8. The associated modules are shown here: PS C:\> Get-Command Get-NetConnectionProfile, Get-NetAdapter CommandType Name ModuleName ----------- ---- ---------- Function Get-NetConnectionProfile NetConnection Function Get-NetAdapter NetAdapter Am I being pedantic? If so, it is not my intention. It is important to know where specific functionality arises, so that when I install Windows PowerShell 3.0 onto a computer running Windows 7, I will know what to expect. This concept will be important when Windows 8.1 ships with Windows PowerShell 4.0 because Windows PowerShell 4.0 in Windows 8.1 will expose certain cmdlets and functions that may not be available if I install Windows PowerShell 4.0 on a down-level system. Emulating capability With all the great commands in Windows 8, it is easy to forget that the capability comes from modules that ship with the operating system, and that they are not part of Windows PowerShell 3.0 core installation...
  • LeoPonti Blog

    PowerTip: Use PowerShell to Write BitLocker Recovery Key to Text File

    Summary : Use Windows PowerShell to write your BitLocker recovery key to a text file. If I forgot to save my BitLocker recovery key when I enabled BitLocker on my laptop, how can I use Windows PowerShell to write it to a text file so I can copy it to a USB key for safe keeping? From an elevated Windows PowerShell console, use the Get-BitLockerVolume function, select -MountPoint C , choose the KeyProtector and the RecoveryPassword properties, and then redirect the output to a text file: (Get-BitLockerVolume -MountPoint C).KeyProtector.recoverypassword > c:\bitlockerkey.txt...( read more )
  • LeoPonti Blog

    Weekend Scripter: Understanding PowerShell in Windows 7

    Summary : Microsoft Scripting Guy, Ed Wilson, talks about understanding Windows PowerShell in Windows 7. Microsoft Scripting Guy, Ed Wilson, is here. This morning I am sipping a cup of English Breakfast tea, with goji berries , lemon grass, and cinnamon...
  • LeoPonti Blog

    PowerTip: Find Case-Specific Strings by Using PowerShell

    Summary : Use Windows PowerShell to find case-specific strings. How can I find a particular, case-sensitive word in a string? Use Select-String and specify the –CaseSensitive switch: "Hey Scripting Guy","hey scripting guy" | Select-String...
  • LeoPonti Blog

    Use PowerShell to Customize Server Manager

    Summary : Guest blogger, Rolf Masuch, talks about using Windows PowerShell to customize Server Manager. Microsoft Scripting Guy, Ed Wilson, is here. Today we have a guest post written by Rolf Masuch, who is a senior consultant for Microsoft in Germany...
  • LeoPonti Blog

    PowerTip: Use PowerShell to Show Approved Verbs Group

    Summary : Use Windows PowerShell to show the group of approved Windows PowerShell verbs. How can I find the grouping information for a couple of approved verbs that I want to use to name my advanced functions? Use the Get-Verb function, and supply...
  • LeoPonti Blog

    Use PowerShell to Log Changes to AD DS Attributes

    Summary : Microsoft Scripting Guy, Ed Wilson, talks about using Windows PowerShell to log changes made to Active Directory Domain Services attribute values. Hey, Scripting Guy! We are in the process of merging a couple of resource domains, and we need...
  • LeoPonti Blog

    PowerTip: Use PowerShell to Display Replications in AD DS

    Summary : Use Windows PowerShell to display replication connections in Active Directory Domain Services. How can I use a cmdlet from the Active Directory module to display replication connections in AD DS? Use the Get-ADReplicationConnection cmdlet...
  • LeoPonti Blog

    Use PowerShell to Change Sign-in Script and Profile Path

    Summary : Microsoft Scripting Guy, Ed Wilson, talks about using Windows PowerShell to modify the sign-in script and profile path in Active Directory. Hey, Scripting Guy! We are in the middle of an Active Directory migration (primarily moving our client...
  • LeoPonti Blog

    PowerTip: Use PowerShell to Get DHCP Server Database Info

    Summary : Learn how to use Windows PowerShell to get the DHCP Server database information. How can I use Windows PowerShell to get the database information for a DHCP server if I do not know the name of the server? Use the ServerName property from...
  • LeoPonti Blog

    Add User Principal Names in Active Directory via PowerShell

    Summary : Microsoft Scripting Guy, Ed Wilson, shows how to use Windows PowerShell to add user principal names to users in Active Directory. Hey, Scripting Guy! We are planning for our Active Directory migration, and as part of that, I am reviewing...
  • LeoPonti Blog

    PowerTip: Use PowerShell to See Network Adapters Bound to TCP/IP

    Summary : Use Windows PowerShell 3.0 in Windows 8 to see network adapters that are bound to TCP/IP. How can I find all network adapters that are bound to TCP/IPv4 by using Windows PowerShell 3.0 in Windows 8? Use the Get-NetAdapterBinding function...
  • LeoPonti Blog

    Adding Office Locations in AD DS with PowerShell

    Summary : Microsoft Scripting Guy, Ed Wilson, talks about using Windows PowerShell to add office locations in Active Directory Domain Services. Hey, Scripting Guy! We are in the midst of a domain migration at work, and I need to clean up a number of...
  • LeoPonti Blog

    PowerTip: Use PowerShell to Report Network Adapter Binding

    Summary : Use Windows PowerShell 3.0 in Windows 8 to view network adapter binding information. How can I use Windows PowerShell 3.0 in Windows 8 to review network adapter binding information? Use the Get-NetAdapterBinding function and pipe the resulting...
  • LeoPonti Blog

    Weekend Scripter: Run PowerShell Scripts from Remote File Share: Part 3

    Summary : Microsoft Scripting Guy, Ed Wilson, continues his discussion about running scripts from a remote file share. Microsoft Scripting Guy, Ed Wilson, is here. Some things should just be easier. For example, I should have access to client-side...
  • LeoPonti Blog

    PowerTip: Change PowerShell Script Execution Policy

    Summary : Learn how a user can change the Windows PowerShell script execution policy. How can I change the Windows PowerShell script execution policy as simply an ordinary user? Use the –Scope parameter with the Set-ExecutionPolicy cmdlet...
  • LeoPonti Blog

    Weekend Scripter: Run PowerShell Scripts from Remote File Share: Part 2

    Weekend Scripter: Run PowerShell Scripts from Remote File Share: Part 2 Summary : Microsoft Scripting Guy, Ed Wilson, continues his discussion about running scripts on a remote file share. Microsoft Scripting Guy, Ed Wilson, is here. This week has...
  • LeoPonti Blog

    PowerTip: Use PowerShell to Get DHCP Stats

    Summary : Learn how to use Windows PowerShell 3.0 in Windows Server 2012 to get DHCP statistics. How can I get an overview from my DHCP server running on Windows Server 2012? Use the Get-DHCPServerv4Statistics function: Get-DhcpServerv4Statistics...
  • LeoPonti Blog

    Running PowerShell Scripts from a Remote File Share

    Summary : Microsoft Scripting Guy, Ed Wilson, talks about running Windows PowerShell scripts from a remote file share. Microsoft Scripting Guy, Ed Wilson, is here. It is sort of official… There are at least three Windows PowerShell Saturday...
  • LeoPonti Blog

    PowerTip: Use PowerShell to Rename Printers

    Summary : Learn how to use Windows PowerShell 3.0 in Windows 8 to rename a printer. How can I use Windows PowerShell 3.0 in Windows 8 to rename a printer? Use the Get-Printer function to retrieve the printer, and pipe it to the Rename-Printer function...
  • LeoPonti Blog

    Use PowerShell in Windows 8 to Remove Printers

    Summary : Microsoft Scripting Guy, Ed Wilson, talks about using Windows PowerShell 3.0 in Windows 8 to remove printers. Microsoft Scripting Guy, Ed Wilson, is here. The Scripting Wife and I have been talking to various people from the Charlotte Windows...
  • LeoPonti Blog

    PowerTip: Use PowerShell to Display Help for Module Cmdlets

    Summary : Use Windows PowerShell to display all Help for all cmdlets in a module. How can I see all of the Help examples for cmdlets from a specific module? After you have updated your Help in Windows PowerShell 3.0, use the Get-Command cmdlet to...
Page 3 of 6 (126 items) 12345»