RE: Windows 7 Sysprep, PITA
What Jim said. Build your image while in audit mode. This way you can always fall back on it, run updates, etc. -Original Message- From: itli...@imcu.com [mailto:itli...@imcu.com] Sent: Saturday, January 19, 2013 4:50 PM To: NT System Admin Issues Subject: RE: Windows 7 Sysprep, PITA That is what we are doing as well. So we have a virgin never been touched image, an image with everything on it prior to sysprep, and the ImageX image after sysprep. Just sometimes the imagex image is junk after coming out of mini-setup. So we go back and try again. Is there a better way to image machines that I could try? -Original Message- From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Posted At: Friday, January 18, 2013 4:30 PM Posted To: itli...@imcu.com Conversation: Windows 7 Sysprep, PITA Subject: RE: Windows 7 Sysprep, PITA What I do is make an image just before I sysprep it. Then reboot it and sysprep and make an image and use that in production. So I always have an image that is in audit mode to fall back on. -Original Message- From: Matthew W. Ross [mailto:mr...@ephrataschools.org] Sent: Friday, January 18, 2013 4:12 PM To: NT System Admin Issues Subject: Re: Windows 7 Sysprep, PITA I've had issues with windows Vista/7 images. Here's one of the big gotchas: You can only sysprep an image 3 times. After that, it's no good... you'll have to start over. What that means: You make a base install of 7 and sysprep (1) image it. then you make a basic image with your usual software ans sysprep (2) that. Then you make a very specific lab image and sysprep (3) that... That's it. you can't do it anymore. If you try to modify your 3rd sysprep image and re-sysprep (4) it... game over. This is one of the ways Microsoft is trying to prevent piracy. Either that or they are trying to drive techs crazy. --Matt Ross Ephrata School District - Original Message - From: itli...@imcu.com [mailto:itli...@imcu.com] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Fri, 18 Jan 2013 13:01:31 -0800 Subject: Windows 7 Sysprep, PITA Why is the sysprep on Windows 7 so hard to get right? I have an image that has worked for over a year. I added some software to it and reimaged. Not the original machine comes out of Sysprep just fine but the install.wim is failing on all imaged devices with a Windows failed to load please insert Windows media and try again. WTF??? Any ideas? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Migrating from a 32bit print server to a 64bit print server
I have a VM that is running Win2008 (not R2) 32bit, and we are using this as our print server. I save the printer definitions and queues using the printbrm -B -F filename command as a scheduled task. Note that this server has both 32bit and 64bit drivers installed to it (I am told). 64bit drivers installed to that print server using the Print Manager snapin from a 64bit PC. Now, I want to replace this VM with a new one, running Win2008 R2. I think I should just be able to do: printbrm -R -f filename and then all my printers and queues should install, and be ready to go. Then I can decommission the old server, re-name the new server, re-use the old IP, and everyone who uses a printer defined on that print server name should continue to Just Work. .. .which seems Too Easy. Am I missing some consideration here? Thanks ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: DNS concerns - Server 2003 R2 SP2 Domain Controllers
Thank you Jim. We have no Cisco firewalls, but all Cisco switches, routers. A new switch may have went in last week. We also are in the middle of a Cisco VOIP project, past 6 months. Phones all up, but they are still working out tweaks, etc. Trying to make a Jabber client work on desktops and PDAs. Something on the Cisco side I should dig into? From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Wednesday, January 23, 2013 1:14 PM To: NT System Admin Issues Subject: RE: DNS concerns - Server 2003 R2 SP2 Domain Controllers Did someone put in a shiny new Cisco firewall this past weekend? From: Robert Peterson [mailto:robert.peter...@prin.edu] Sent: Wednesday, January 23, 2013 2:02 PM To: NT System Admin Issues Subject: DNS concerns - Server 2003 R2 SP2 Domain Controllers Hoping this is an old problem and someone has ideas? We have Server 2003 R2 SP2 Domain Controllers, four of them. Since this past weekend, we saw a large increase in Event 5504 warnings. Eventually the DC gives an Event 7502 and DNS services hang. When DNS hangs, memory usage of the DNS service has grown to 800,000K, after reboot the memory usage starts around 50,000K. Found a registry setting to add an EnableDuplicateQuerySuppression DWORD 0 setting. This has stopped the memory growth/leaks, and replaced the 5504 errors with numerous 404 and 408 errors, till probably due to the registry change to suppress dups it has quit logging those. DNS memory usage is stable around 100,000K and DNS services to our users is remaining stable too. However, I feel this is just a stopgap and I need to resolve the real culprit... thoughts? Ideas? As always... great listserv thanks! Robert ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: DNS concerns - Server 2003 R2 SP2 Domain Controllers
Yes. At some point your DNS servers are talking to the outside work...directly or via forwarders I would assume. If dns fixup is enabled you need to allow longer lookups. fixup protocol dns maximum-length 4096 Or turn off eDNS on the 2003 servers. dnscmd /Config /EnableEDnsProbes 0 From: Robert Peterson [mailto:robert.peter...@prin.edu] Sent: Wednesday, January 23, 2013 2:39 PM To: NT System Admin Issues Subject: RE: DNS concerns - Server 2003 R2 SP2 Domain Controllers Thank you Jim. We have no Cisco firewalls, but all Cisco switches, routers. A new switch may have went in last week. We also are in the middle of a Cisco VOIP project, past 6 months. Phones all up, but they are still working out tweaks, etc. Trying to make a Jabber client work on desktops and PDAs. Something on the Cisco side I should dig into? From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Wednesday, January 23, 2013 1:14 PM To: NT System Admin Issues Subject: RE: DNS concerns - Server 2003 R2 SP2 Domain Controllers Did someone put in a shiny new Cisco firewall this past weekend? From: Robert Peterson [mailto:robert.peter...@prin.edu] Sent: Wednesday, January 23, 2013 2:02 PM To: NT System Admin Issues Subject: DNS concerns - Server 2003 R2 SP2 Domain Controllers Hoping this is an old problem and someone has ideas? We have Server 2003 R2 SP2 Domain Controllers, four of them. Since this past weekend, we saw a large increase in Event 5504 warnings. Eventually the DC gives an Event 7502 and DNS services hang. When DNS hangs, memory usage of the DNS service has grown to 800,000K, after reboot the memory usage starts around 50,000K. Found a registry setting to add an EnableDuplicateQuerySuppression DWORD 0 setting. This has stopped the memory growth/leaks, and replaced the 5504 errors with numerous 404 and 408 errors, till probably due to the registry change to suppress dups it has quit logging those. DNS memory usage is stable around 100,000K and DNS services to our users is remaining stable too. However, I feel this is just a stopgap and I need to resolve the real culprit... thoughts? Ideas? As always... great listserv thanks! Robert ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: DNS concerns - Server 2003 R2 SP2 Domain Controllers
To clarify...the dns fixup refers to Cisco firewalls/asa's. From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Wednesday, January 23, 2013 2:48 PM To: NT System Admin Issues Subject: RE: DNS concerns - Server 2003 R2 SP2 Domain Controllers Yes. At some point your DNS servers are talking to the outside work...directly or via forwarders I would assume. If dns fixup is enabled you need to allow longer lookups. fixup protocol dns maximum-length 4096 Or turn off eDNS on the 2003 servers. dnscmd /Config /EnableEDnsProbes 0 From: Robert Peterson [mailto:robert.peter...@prin.edu] Sent: Wednesday, January 23, 2013 2:39 PM To: NT System Admin Issues Subject: RE: DNS concerns - Server 2003 R2 SP2 Domain Controllers Thank you Jim. We have no Cisco firewalls, but all Cisco switches, routers. A new switch may have went in last week. We also are in the middle of a Cisco VOIP project, past 6 months. Phones all up, but they are still working out tweaks, etc. Trying to make a Jabber client work on desktops and PDAs. Something on the Cisco side I should dig into? From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Wednesday, January 23, 2013 1:14 PM To: NT System Admin Issues Subject: RE: DNS concerns - Server 2003 R2 SP2 Domain Controllers Did someone put in a shiny new Cisco firewall this past weekend? From: Robert Peterson [mailto:robert.peter...@prin.edu] Sent: Wednesday, January 23, 2013 2:02 PM To: NT System Admin Issues Subject: DNS concerns - Server 2003 R2 SP2 Domain Controllers Hoping this is an old problem and someone has ideas? We have Server 2003 R2 SP2 Domain Controllers, four of them. Since this past weekend, we saw a large increase in Event 5504 warnings. Eventually the DC gives an Event 7502 and DNS services hang. When DNS hangs, memory usage of the DNS service has grown to 800,000K, after reboot the memory usage starts around 50,000K. Found a registry setting to add an EnableDuplicateQuerySuppression DWORD 0 setting. This has stopped the memory growth/leaks, and replaced the 5504 errors with numerous 404 and 408 errors, till probably due to the registry change to suppress dups it has quit logging those. DNS memory usage is stable around 100,000K and DNS services to our users is remaining stable too. However, I feel this is just a stopgap and I need to resolve the real culprit... thoughts? Ideas? As always... great listserv thanks! Robert ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: DNS concerns - Server 2003 R2 SP2 Domain Controllers
Defintely better to fix the firewall than to limit the size of DNS queries on the server. Other firewalls have needed similar fixes, too - not just Cisco. Kurt On Wed, Jan 23, 2013 at 11:44 AM, Kennedy, Jim kennedy...@elyriaschools.org wrote: Yes. At some point your DNS servers are talking to the outside work…directly or via forwarders I would assume. If dns fixup is enabled you need to allow longer lookups. fixup protocol dns maximum-length 4096 Or turn off eDNS on the 2003 servers. dnscmd /Config /EnableEDnsProbes 0 From: Robert Peterson [mailto:robert.peter...@prin.edu] Sent: Wednesday, January 23, 2013 2:39 PM To: NT System Admin Issues Subject: RE: DNS concerns - Server 2003 R2 SP2 Domain Controllers Thank you Jim. We have no Cisco firewalls, but all Cisco switches, routers. A new switch may have went in last week. We also are in the middle of a Cisco VOIP project, past 6 months. Phones all up, but they are still working out tweaks, etc. Trying to make a “Jabber” client work on desktops and PDAs. Something on the Cisco side I should dig into? From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Wednesday, January 23, 2013 1:14 PM To: NT System Admin Issues Subject: RE: DNS concerns - Server 2003 R2 SP2 Domain Controllers Did someone put in a shiny new Cisco firewall this past weekend? From: Robert Peterson [mailto:robert.peter...@prin.edu] Sent: Wednesday, January 23, 2013 2:02 PM To: NT System Admin Issues Subject: DNS concerns - Server 2003 R2 SP2 Domain Controllers Hoping this is an old problem and someone has ideas? We have Server 2003 R2 SP2 Domain Controllers, four of them. Since this past weekend, we saw a large increase in Event 5504 warnings. Eventually the DC gives an Event 7502 and DNS services hang. When DNS hangs, memory usage of the DNS service has grown to 800,000K, after reboot the memory usage starts around 50,000K. Found a registry setting to add an EnableDuplicateQuerySuppression DWORD “0” setting. This has stopped the memory growth/leaks, and replaced the 5504 errors with numerous 404 and 408 errors, till probably due to the registry change to suppress “dups” it has quit logging those. DNS memory usage is stable around 100,000K and DNS services to our users is remaining stable too. However, I feel this is just a stopgap and I need to resolve the real culprit… thoughts? Ideas? As always… great listserv thanks! Robert ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: DNS concerns - Server 2003 R2 SP2 Domain Controllers
We do not have Cisco firewalls, though everything else is Cisco (switches, routers, VOIP) Has anyone seen this issue using Fortinet firewalls? Thx, Robert -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Wednesday, January 23, 2013 3:05 PM To: NT System Admin Issues Subject: Re: DNS concerns - Server 2003 R2 SP2 Domain Controllers Defintely better to fix the firewall than to limit the size of DNS queries on the server. Other firewalls have needed similar fixes, too - not just Cisco. Kurt On Wed, Jan 23, 2013 at 11:44 AM, Kennedy, Jim kennedy...@elyriaschools.org wrote: Yes. At some point your DNS servers are talking to the outside work…directly or via forwarders I would assume. If dns fixup is enabled you need to allow longer lookups. fixup protocol dns maximum-length 4096 Or turn off eDNS on the 2003 servers. dnscmd /Config /EnableEDnsProbes 0 From: Robert Peterson [mailto:robert.peter...@prin.edu] Sent: Wednesday, January 23, 2013 2:39 PM To: NT System Admin Issues Subject: RE: DNS concerns - Server 2003 R2 SP2 Domain Controllers Thank you Jim. We have no Cisco firewalls, but all Cisco switches, routers. A new switch may have went in last week. We also are in the middle of a Cisco VOIP project, past 6 months. Phones all up, but they are still working out tweaks, etc. Trying to make a “Jabber” client work on desktops and PDAs. Something on the Cisco side I should dig into? From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Wednesday, January 23, 2013 1:14 PM To: NT System Admin Issues Subject: RE: DNS concerns - Server 2003 R2 SP2 Domain Controllers Did someone put in a shiny new Cisco firewall this past weekend? From: Robert Peterson [mailto:robert.peter...@prin.edu] Sent: Wednesday, January 23, 2013 2:02 PM To: NT System Admin Issues Subject: DNS concerns - Server 2003 R2 SP2 Domain Controllers Hoping this is an old problem and someone has ideas? We have Server 2003 R2 SP2 Domain Controllers, four of them. Since this past weekend, we saw a large increase in Event 5504 warnings. Eventually the DC gives an Event 7502 and DNS services hang. When DNS hangs, memory usage of the DNS service has grown to 800,000K, after reboot the memory usage starts around 50,000K. Found a registry setting to add an EnableDuplicateQuerySuppression DWORD “0” setting. This has stopped the memory growth/leaks, and replaced the 5504 errors with numerous 404 and 408 errors, till probably due to the registry change to suppress “dups” it has quit logging those. DNS memory usage is stable around 100,000K and DNS services to our users is remaining stable too. However, I feel this is just a stopgap and I need to resolve the real culprit… thoughts? Ideas? As always… great listserv thanks! Robert ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Help with this script
Yep.
The line $OUlist = @(Get-ADOrganizationalUnit -filter * -Credential $cred
-SearchBase $domain.distinguishedName -SearchScope OneLevel -Server
$domain.DNSroot)
Change OneLevel to SubTree
DAMIEN SOLODOW
Systems Engineer
317.447.6033 (office)
317.447.6014 (fax)
HARRISON COLLEGE
From: Heaton, Joseph@Wildlife [mailto:joseph.hea...@wildlife.ca.gov]
Sent: Wednesday, January 23, 2013 4:14 PM
To: NT System Admin Issues
Subject: Help with this script
I found this script, to count user objects in all OUs. The report doesn't list
all OUs, so I was wondering if anyone could tell me if it has a limit as to how
deep it will go to count.
Here's the script:
Import-Module activeDirectory
$fqdn = Read-Host Enter FQDN domain
$cred = Get-Credential
Write-Host Contacting $fqdn domain... -ForegroundColor Yellow
$domain = (get-addomain $fqdn -Credential $cred | select
distinguishedName,pdcEmulator,DNSroot,DomainControllersContainer)
Write-Host Completed. Enumerating OUs.. -ForegroundColor Yellow
$OUlist = @(Get-ADOrganizationalUnit -filter * -Credential $cred -SearchBase
$domain.distinguishedName -SearchScope OneLevel -Server $domain.DNSroot)
Write-Host Completed. Counting users... -ForegroundColor Yellow
for($i = 1; $i -le $oulist.Count; $i++)
{write-progress -Activity Collecting OUs -Status Finding OUs $i
-PercentComplete ($i/$OUlist.count*100)}
$newlist = @{}
foreach ($_objectitem in $OUlist)
{
$getUser = Get-ADuser -Filter * -Credential $cred -SearchBase
$_objectItem.DistinguishedName -SearchScope Subtree -Server $domain.pdcEmulator
| measure | select Count
for($i = 1; $i -le $getUser.Count; $i++)
{write-progress -Activity Counting users -Status Finding users $i in
$_objectitem -PercentComplete ($i/$getUser.count*100)}
$newlist.add($_objectItem.Name, $getUser.Count)
}
$newlist .\OUuserCount.txt
Write-Host All done! -ForegroundColor yellow
So, the report that it creates only lists top level OUs under the domain. I
think it does, however, dig down under that to get the count, but just wanted
to make sure.
Thanks,
Joe Heaton
Enterprise Server Support
CA Department of Fish and Wildlife
1807 13th Street, Suite 201
Sacramento, CA 95811
Desk: (916) 557-3422
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to
listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
Re: DNS concerns - Server 2003 R2 SP2 Domain Controllers
To test this for your environment... Get this: http://www.techrepublic.com/article/use-dig-to-administer-windows-dns-servers/5032892 Then do this: https://www.dns-oarc.net/oarc/services/replysizetest Kurt On Wed, Jan 23, 2013 at 1:15 PM, Robert Peterson robert.peter...@prin.edu wrote: We do not have Cisco firewalls, though everything else is Cisco (switches, routers, VOIP) Has anyone seen this issue using Fortinet firewalls? Thx, Robert -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Wednesday, January 23, 2013 3:05 PM To: NT System Admin Issues Subject: Re: DNS concerns - Server 2003 R2 SP2 Domain Controllers Defintely better to fix the firewall than to limit the size of DNS queries on the server. Other firewalls have needed similar fixes, too - not just Cisco. Kurt On Wed, Jan 23, 2013 at 11:44 AM, Kennedy, Jim kennedy...@elyriaschools.org wrote: Yes. At some point your DNS servers are talking to the outside work…directly or via forwarders I would assume. If dns fixup is enabled you need to allow longer lookups. fixup protocol dns maximum-length 4096 Or turn off eDNS on the 2003 servers. dnscmd /Config /EnableEDnsProbes 0 From: Robert Peterson [mailto:robert.peter...@prin.edu] Sent: Wednesday, January 23, 2013 2:39 PM To: NT System Admin Issues Subject: RE: DNS concerns - Server 2003 R2 SP2 Domain Controllers Thank you Jim. We have no Cisco firewalls, but all Cisco switches, routers. A new switch may have went in last week. We also are in the middle of a Cisco VOIP project, past 6 months. Phones all up, but they are still working out tweaks, etc. Trying to make a “Jabber” client work on desktops and PDAs. Something on the Cisco side I should dig into? From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Wednesday, January 23, 2013 1:14 PM To: NT System Admin Issues Subject: RE: DNS concerns - Server 2003 R2 SP2 Domain Controllers Did someone put in a shiny new Cisco firewall this past weekend? From: Robert Peterson [mailto:robert.peter...@prin.edu] Sent: Wednesday, January 23, 2013 2:02 PM To: NT System Admin Issues Subject: DNS concerns - Server 2003 R2 SP2 Domain Controllers Hoping this is an old problem and someone has ideas? We have Server 2003 R2 SP2 Domain Controllers, four of them. Since this past weekend, we saw a large increase in Event 5504 warnings. Eventually the DC gives an Event 7502 and DNS services hang. When DNS hangs, memory usage of the DNS service has grown to 800,000K, after reboot the memory usage starts around 50,000K. Found a registry setting to add an EnableDuplicateQuerySuppression DWORD “0” setting. This has stopped the memory growth/leaks, and replaced the 5504 errors with numerous 404 and 408 errors, till probably due to the registry change to suppress “dups” it has quit logging those. DNS memory usage is stable around 100,000K and DNS services to our users is remaining stable too. However, I feel this is just a stopgap and I need to resolve the real culprit… thoughts? Ideas? As always… great listserv thanks! Robert ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Help with this script
Awesome. Thanks Damien.
I really do intend to learn Powershell one of these days, honest.
From: Damien Solodow [mailto:damien.solo...@harrison.edu]
Sent: Wednesday, January 23, 2013 1:18 PM
To: Heaton, Joseph@Wildlife; NT System Admin Issues
Subject: RE: Help with this script
Yep.
The line $OUlist = @(Get-ADOrganizationalUnit -filter * -Credential $cred
-SearchBase $domain.distinguishedName -SearchScope OneLevel -Server
$domain.DNSroot)
Change OneLevel to SubTree
DAMIEN SOLODOW
Systems Engineer
317.447.6033 (office)
317.447.6014 (fax)
HARRISON COLLEGE
From: Heaton, Joseph@Wildlife [mailto:joseph.hea...@wildlife.ca.gov]
Sent: Wednesday, January 23, 2013 4:14 PM
To: NT System Admin Issues
Subject: Help with this script
I found this script, to count user objects in all OUs. The report doesn't list
all OUs, so I was wondering if anyone could tell me if it has a limit as to how
deep it will go to count.
Here's the script:
Import-Module activeDirectory
$fqdn = Read-Host Enter FQDN domain
$cred = Get-Credential
Write-Host Contacting $fqdn domain... -ForegroundColor Yellow
$domain = (get-addomain $fqdn -Credential $cred | select
distinguishedName,pdcEmulator,DNSroot,DomainControllersContainer)
Write-Host Completed. Enumerating OUs.. -ForegroundColor Yellow
$OUlist = @(Get-ADOrganizationalUnit -filter * -Credential $cred -SearchBase
$domain.distinguishedName -SearchScope OneLevel -Server $domain.DNSroot)
Write-Host Completed. Counting users... -ForegroundColor Yellow
for($i = 1; $i -le $oulist.Count; $i++)
{write-progress -Activity Collecting OUs -Status Finding OUs $i
-PercentComplete ($i/$OUlist.count*100)}
$newlist = @{}
foreach ($_objectitem in $OUlist)
{
$getUser = Get-ADuser -Filter * -Credential $cred -SearchBase
$_objectItem.DistinguishedName -SearchScope Subtree -Server $domain.pdcEmulator
| measure | select Count
for($i = 1; $i -le $getUser.Count; $i++)
{write-progress -Activity Counting users -Status Finding users $i in
$_objectitem -PercentComplete ($i/$getUser.count*100)}
$newlist.add($_objectItem.Name, $getUser.Count)
}
$newlist .\OUuserCount.txt
Write-Host All done! -ForegroundColor yellow
So, the report that it creates only lists top level OUs under the domain. I
think it does, however, dig down under that to get the count, but just wanted
to make sure.
Thanks,
Joe Heaton
Enterprise Server Support
CA Department of Fish and Wildlife
1807 13th Street, Suite 201
Sacramento, CA 95811
Desk: (916) 557-3422
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to
listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to
listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
RE: Help with this script
Are OneLevel and SubTree the only options for the SearchScope parameter?
From: Damien Solodow [mailto:damien.solo...@harrison.edu]
Sent: Wednesday, January 23, 2013 1:18 PM
To: Heaton, Joseph@Wildlife; NT System Admin Issues
Subject: RE: Help with this script
Yep.
The line $OUlist = @(Get-ADOrganizationalUnit -filter * -Credential $cred
-SearchBase $domain.distinguishedName -SearchScope OneLevel -Server
$domain.DNSroot)
Change OneLevel to SubTree
DAMIEN SOLODOW
Systems Engineer
317.447.6033 (office)
317.447.6014 (fax)
HARRISON COLLEGE
From: Heaton, Joseph@Wildlife [mailto:joseph.hea...@wildlife.ca.gov]
Sent: Wednesday, January 23, 2013 4:14 PM
To: NT System Admin Issues
Subject: Help with this script
I found this script, to count user objects in all OUs. The report doesn't list
all OUs, so I was wondering if anyone could tell me if it has a limit as to how
deep it will go to count.
Here's the script:
Import-Module activeDirectory
$fqdn = Read-Host Enter FQDN domain
$cred = Get-Credential
Write-Host Contacting $fqdn domain... -ForegroundColor Yellow
$domain = (get-addomain $fqdn -Credential $cred | select
distinguishedName,pdcEmulator,DNSroot,DomainControllersContainer)
Write-Host Completed. Enumerating OUs.. -ForegroundColor Yellow
$OUlist = @(Get-ADOrganizationalUnit -filter * -Credential $cred -SearchBase
$domain.distinguishedName -SearchScope OneLevel -Server $domain.DNSroot)
Write-Host Completed. Counting users... -ForegroundColor Yellow
for($i = 1; $i -le $oulist.Count; $i++)
{write-progress -Activity Collecting OUs -Status Finding OUs $i
-PercentComplete ($i/$OUlist.count*100)}
$newlist = @{}
foreach ($_objectitem in $OUlist)
{
$getUser = Get-ADuser -Filter * -Credential $cred -SearchBase
$_objectItem.DistinguishedName -SearchScope Subtree -Server $domain.pdcEmulator
| measure | select Count
for($i = 1; $i -le $getUser.Count; $i++)
{write-progress -Activity Counting users -Status Finding users $i in
$_objectitem -PercentComplete ($i/$getUser.count*100)}
$newlist.add($_objectItem.Name, $getUser.Count)
}
$newlist .\OUuserCount.txt
Write-Host All done! -ForegroundColor yellow
So, the report that it creates only lists top level OUs under the domain. I
think it does, however, dig down under that to get the count, but just wanted
to make sure.
Thanks,
Joe Heaton
Enterprise Server Support
CA Department of Fish and Wildlife
1807 13th Street, Suite 201
Sacramento, CA 95811
Desk: (916) 557-3422
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to
listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to
listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
RE: Help with this script
Nope.
-SearchScope ADSearchScope
Specifies the scope of an Active Directory search. Possible values for
this parameter are:
Base or 0
OneLevel or 1
Subtree or 2
A Base query searches only the current path or object. A OneLevel query
searches the immediate children of tha
path or object. A Subtree query searches the current path or object and
all children of that path or object.
DAMIEN SOLODOW
Systems Engineer
317.447.6033 (office)
317.447.6014 (fax)
HARRISON COLLEGE
From: Heaton, Joseph@Wildlife [mailto:joseph.hea...@wildlife.ca.gov]
Sent: Wednesday, January 23, 2013 4:58 PM
To: NT System Admin Issues
Subject: RE: Help with this script
Are OneLevel and SubTree the only options for the SearchScope parameter?
From: Damien Solodow [mailto:damien.solo...@harrison.edu]
Sent: Wednesday, January 23, 2013 1:18 PM
To: Heaton, Joseph@Wildlife; NT System Admin Issues
Subject: RE: Help with this script
Yep.
The line $OUlist = @(Get-ADOrganizationalUnit -filter * -Credential $cred
-SearchBase $domain.distinguishedName -SearchScope OneLevel -Server
$domain.DNSroot)
Change OneLevel to SubTree
DAMIEN SOLODOW
Systems Engineer
317.447.6033 (office)
317.447.6014 (fax)
HARRISON COLLEGE
From: Heaton, Joseph@Wildlife [mailto:joseph.hea...@wildlife.ca.gov]
Sent: Wednesday, January 23, 2013 4:14 PM
To: NT System Admin Issues
Subject: Help with this script
I found this script, to count user objects in all OUs. The report doesn't list
all OUs, so I was wondering if anyone could tell me if it has a limit as to how
deep it will go to count.
Here's the script:
Import-Module activeDirectory
$fqdn = Read-Host Enter FQDN domain
$cred = Get-Credential
Write-Host Contacting $fqdn domain... -ForegroundColor Yellow
$domain = (get-addomain $fqdn -Credential $cred | select
distinguishedName,pdcEmulator,DNSroot,DomainControllersContainer)
Write-Host Completed. Enumerating OUs.. -ForegroundColor Yellow
$OUlist = @(Get-ADOrganizationalUnit -filter * -Credential $cred -SearchBase
$domain.distinguishedName -SearchScope OneLevel -Server $domain.DNSroot)
Write-Host Completed. Counting users... -ForegroundColor Yellow
for($i = 1; $i -le $oulist.Count; $i++)
{write-progress -Activity Collecting OUs -Status Finding OUs $i
-PercentComplete ($i/$OUlist.count*100)}
$newlist = @{}
foreach ($_objectitem in $OUlist)
{
$getUser = Get-ADuser -Filter * -Credential $cred -SearchBase
$_objectItem.DistinguishedName -SearchScope Subtree -Server $domain.pdcEmulator
| measure | select Count
for($i = 1; $i -le $getUser.Count; $i++)
{write-progress -Activity Counting users -Status Finding users $i in
$_objectitem -PercentComplete ($i/$getUser.count*100)}
$newlist.add($_objectItem.Name, $getUser.Count)
}
$newlist .\OUuserCount.txt
Write-Host All done! -ForegroundColor yellow
So, the report that it creates only lists top level OUs under the domain. I
think it does, however, dig down under that to get the count, but just wanted
to make sure.
Thanks,
Joe Heaton
Enterprise Server Support
CA Department of Fish and Wildlife
1807 13th Street, Suite 201
Sacramento, CA 95811
Desk: (916) 557-3422
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to
listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to
listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to
listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
RE: Help with this script
http://technet.microsoft.com/en-us/library/ee617236.aspx
[-SearchScope {Base | OneLevel | Subtree}]
Thanks
Webster
From: Heaton, Joseph@Wildlife [mailto:joseph.hea...@wildlife.ca.gov]
Sent: Wednesday, January 23, 2013 3:58 PM
To: NT System Admin Issues
Subject: RE: Help with this script
Are OneLevel and SubTree the only options for the SearchScope parameter?
From: Damien Solodow [mailto:damien.solo...@harrison.edu]
Sent: Wednesday, January 23, 2013 1:18 PM
To: Heaton, Joseph@Wildlife; NT System Admin Issues
Subject: RE: Help with this script
Yep.
The line $OUlist = @(Get-ADOrganizationalUnit -filter * -Credential $cred
-SearchBase $domain.distinguishedName -SearchScope OneLevel -Server
$domain.DNSroot)
Change OneLevel to SubTree
DAMIEN SOLODOW
Systems Engineer
317.447.6033 (office)
317.447.6014 (fax)
HARRISON COLLEGE
From: Heaton, Joseph@Wildlife [mailto:joseph.hea...@wildlife.ca.gov]
Sent: Wednesday, January 23, 2013 4:14 PM
To: NT System Admin Issues
Subject: Help with this script
I found this script, to count user objects in all OUs. The report doesn't list
all OUs, so I was wondering if anyone could tell me if it has a limit as to how
deep it will go to count.
Here's the script:
Import-Module activeDirectory
$fqdn = Read-Host Enter FQDN domain
$cred = Get-Credential
Write-Host Contacting $fqdn domain... -ForegroundColor Yellow
$domain = (get-addomain $fqdn -Credential $cred | select
distinguishedName,pdcEmulator,DNSroot,DomainControllersContainer)
Write-Host Completed. Enumerating OUs.. -ForegroundColor Yellow
$OUlist = @(Get-ADOrganizationalUnit -filter * -Credential $cred -SearchBase
$domain.distinguishedName -SearchScope OneLevel -Server $domain.DNSroot)
Write-Host Completed. Counting users... -ForegroundColor Yellow
for($i = 1; $i -le $oulist.Count; $i++)
{write-progress -Activity Collecting OUs -Status Finding OUs $i
-PercentComplete ($i/$OUlist.count*100)}
$newlist = @{}
foreach ($_objectitem in $OUlist)
{
$getUser = Get-ADuser -Filter * -Credential $cred -SearchBase
$_objectItem.DistinguishedName -SearchScope Subtree -Server $domain.pdcEmulator
| measure | select Count
for($i = 1; $i -le $getUser.Count; $i++)
{write-progress -Activity Counting users -Status Finding users $i in
$_objectitem -PercentComplete ($i/$getUser.count*100)}
$newlist.add($_objectItem.Name, $getUser.Count)
}
$newlist .\OUuserCount.txt
Write-Host All done! -ForegroundColor yellow
So, the report that it creates only lists top level OUs under the domain. I
think it does, however, dig down under that to get the count, but just wanted
to make sure.
Thanks,
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
Re: DNS concerns - Server 2003 R2 SP2 Domain Controllers
On Wed, Jan 23, 2013 at 2:48 PM, Kennedy, Jim kennedy...@elyriaschools.org wrote: To clarify…the dns fixup refers to Cisco firewalls/asa’s. I've noticed that Cisco's fixup features tend to break things. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Help with this script
Thanks guys. I did google parameter SearchScope but didn't get any useful info.
From: Webster [mailto:webs...@carlwebster.com]
Sent: Wednesday, January 23, 2013 2:10 PM
To: Heaton, Joseph@Wildlife; NT System Admin Issues
Subject: RE: Help with this script
http://technet.microsoft.com/en-us/library/ee617236.aspx
[-SearchScope {Base | OneLevel | Subtree}]
Thanks
Webster
From: Heaton, Joseph@Wildlife [mailto:joseph.hea...@wildlife.ca.gov]
Sent: Wednesday, January 23, 2013 3:58 PM
To: NT System Admin Issues
Subject: RE: Help with this script
Are OneLevel and SubTree the only options for the SearchScope parameter?
From: Damien Solodow [mailto:damien.solo...@harrison.edu]
Sent: Wednesday, January 23, 2013 1:18 PM
To: Heaton, Joseph@Wildlife; NT System Admin Issues
Subject: RE: Help with this script
Yep.
The line $OUlist = @(Get-ADOrganizationalUnit -filter * -Credential $cred
-SearchBase $domain.distinguishedName -SearchScope OneLevel -Server
$domain.DNSroot)
Change OneLevel to SubTree
DAMIEN SOLODOW
Systems Engineer
317.447.6033 (office)
317.447.6014 (fax)
HARRISON COLLEGE
From: Heaton, Joseph@Wildlife [mailto:joseph.hea...@wildlife.ca.gov]
Sent: Wednesday, January 23, 2013 4:14 PM
To: NT System Admin Issues
Subject: Help with this script
I found this script, to count user objects in all OUs. The report doesn't list
all OUs, so I was wondering if anyone could tell me if it has a limit as to how
deep it will go to count.
Here's the script:
Import-Module activeDirectory
$fqdn = Read-Host Enter FQDN domain
$cred = Get-Credential
Write-Host Contacting $fqdn domain... -ForegroundColor Yellow
$domain = (get-addomain $fqdn -Credential $cred | select
distinguishedName,pdcEmulator,DNSroot,DomainControllersContainer)
Write-Host Completed. Enumerating OUs.. -ForegroundColor Yellow
$OUlist = @(Get-ADOrganizationalUnit -filter * -Credential $cred -SearchBase
$domain.distinguishedName -SearchScope OneLevel -Server $domain.DNSroot)
Write-Host Completed. Counting users... -ForegroundColor Yellow
for($i = 1; $i -le $oulist.Count; $i++)
{write-progress -Activity Collecting OUs -Status Finding OUs $i
-PercentComplete ($i/$OUlist.count*100)}
$newlist = @{}
foreach ($_objectitem in $OUlist)
{
$getUser = Get-ADuser -Filter * -Credential $cred -SearchBase
$_objectItem.DistinguishedName -SearchScope Subtree -Server $domain.pdcEmulator
| measure | select Count
for($i = 1; $i -le $getUser.Count; $i++)
{write-progress -Activity Counting users -Status Finding users $i in
$_objectitem -PercentComplete ($i/$getUser.count*100)}
$newlist.add($_objectItem.Name, $getUser.Count)
}
$newlist .\OUuserCount.txt
Write-Host All done! -ForegroundColor yellow
So, the report that it creates only lists top level OUs under the domain. I
think it does, however, dig down under that to get the count, but just wanted
to make sure.
Thanks,
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to
listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
Re: Help with this script
I tend to find better results for PowerShell cmdlets in BING. Of course,
that just may be the way I search.
On Wed, Jan 23, 2013 at 3:08 PM, Heaton, Joseph@Wildlife
joseph.hea...@wildlife.ca.gov wrote:
Thanks guys. I did google parameter SearchScope but didn’t get any
useful info.
** **
*From:* Webster [mailto:webs...@carlwebster.com]
*Sent:* Wednesday, January 23, 2013 2:10 PM
*To:* Heaton, Joseph@Wildlife; NT System Admin Issues
*Subject:* RE: Help with this script
** **
http://technet.microsoft.com/en-us/library/ee617236.aspx
** **
[-SearchScope {Base | OneLevel | Subtree}]
** **
** **
Thanks
** **
** **
Webster
** **
*From:* Heaton, Joseph@Wildlife
[mailto:joseph.hea...@wildlife.ca.govjoseph.hea...@wildlife.ca.gov]
*Sent:* Wednesday, January 23, 2013 3:58 PM
*To:* NT System Admin Issues
*Subject:* RE: Help with this script
** **
Are OneLevel and SubTree the only options for the SearchScope parameter?**
**
** **
*From:* Damien Solodow
[mailto:damien.solo...@harrison.edudamien.solo...@harrison.edu]
*Sent:* Wednesday, January 23, 2013 1:18 PM
*To:* Heaton, Joseph@Wildlife; NT System Admin Issues
*Subject:* RE: Help with this script
** **
Yep.
The line $OUlist = @(Get-ADOrganizationalUnit -filter * -Credential $cred
-SearchBase $domain.distinguishedName -SearchScope OneLevel -Server
$domain.DNSroot)
** **
Change OneLevel to SubTree
** **
DAMIEN SOLODOW
Systems Engineer
317.447.6033 (office)
317.447.6014 (fax)
HARRISON COLLEGE
** **
*From:* Heaton, Joseph@Wildlife
[mailto:joseph.hea...@wildlife.ca.govjoseph.hea...@wildlife.ca.gov]
*Sent:* Wednesday, January 23, 2013 4:14 PM
*To:* NT System Admin Issues
*Subject:* Help with this script
** **
I found this script, to count user objects in all OUs. The report doesn’t
list all OUs, so I was wondering if anyone could tell me if it has a limit
as to how deep it will go to count.
** **
Here’s the script:
** **
Import-Module activeDirectory
** **
$fqdn = Read-Host Enter FQDN domain
$cred = Get-Credential
** **
Write-Host Contacting $fqdn domain... -ForegroundColor Yellow
** **
$domain = (get-addomain $fqdn -Credential $cred | select
distinguishedName,pdcEmulator,DNSroot,DomainControllersContainer)
** **
Write-Host Completed. Enumerating OUs.. -ForegroundColor Yellow
** **
$OUlist = @(Get-ADOrganizationalUnit -filter * -Credential $cred
-SearchBase $domain.distinguishedName -SearchScope OneLevel -Server
$domain.DNSroot)
Write-Host Completed. Counting users... -ForegroundColor Yellow
** **
for($i = 1; $i -le $oulist.Count; $i++)
{write-progress -Activity Collecting OUs -Status Finding OUs $i
-PercentComplete ($i/$OUlist.count*100)}
$newlist = @{}
** **
** **
** **
foreach ($_objectitem in $OUlist)
{
$getUser = Get-ADuser -Filter * -Credential $cred -SearchBase
$_objectItem.DistinguishedName -SearchScope Subtree -Server
$domain.pdcEmulator | measure | select Count
for($i = 1; $i -le $getUser.Count; $i++)
{write-progress -Activity Counting users -Status Finding users $i
in $_objectitem -PercentComplete ($i/$getUser.count*100)}
$newlist.add($_objectItem.Name, $getUser.Count)** **
}
** **
$newlist .\OUuserCount.txt
** **
Write-Host All done! -ForegroundColor yellow
** **
** **
So, the report that it creates only lists top level OUs under the domain.
I think it does, however, dig down under that to get the count, but just
wanted to make sure.
** **
Thanks,
** **
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
RE: Help with this script
Huh; I usually just put the cmdlet name (and parameter if necessary) into
Google and get good results.
Although get-help from within PowerShell works well. ;) The -detailed and
-online switches are very helpful.
In PowerShell 3.0, the -OutWindow is very handy for get-help
DAMIEN SOLODOW
Systems Engineer
317.447.6033 (office)
317.447.6014 (fax)
HARRISON COLLEGE
From: Steven Peck [sep...@gmail.com]
Sent: Wednesday, January 23, 2013 6:40 PM
To: NT System Admin Issues
Subject: Re: Help with this script
I tend to find better results for PowerShell cmdlets in BING. Of course, that
just may be the way I search.
On Wed, Jan 23, 2013 at 3:08 PM, Heaton, Joseph@Wildlife
joseph.hea...@wildlife.ca.govmailto:joseph.hea...@wildlife.ca.gov wrote:
Thanks guys. I did google parameter SearchScope but didn’t get any useful info.
From: Webster [mailto:webs...@carlwebster.commailto:webs...@carlwebster.com]
Sent: Wednesday, January 23, 2013 2:10 PM
To: Heaton, Joseph@Wildlife; NT System Admin Issues
Subject: RE: Help with this script
http://technet.microsoft.com/en-us/library/ee617236.aspx
[-SearchScope {Base | OneLevel | Subtree}]
Thanks
Webster
From: Heaton, Joseph@Wildlife [mailto:joseph.hea...@wildlife.ca.gov]
Sent: Wednesday, January 23, 2013 3:58 PM
To: NT System Admin Issues
Subject: RE: Help with this script
Are OneLevel and SubTree the only options for the SearchScope parameter?
From: Damien Solodow [mailto:damien.solo...@harrison.edu]
Sent: Wednesday, January 23, 2013 1:18 PM
To: Heaton, Joseph@Wildlife; NT System Admin Issues
Subject: RE: Help with this script
Yep.
The line $OUlist = @(Get-ADOrganizationalUnit -filter * -Credential $cred
-SearchBase $domain.distinguishedName -SearchScope OneLevel -Server
$domain.DNSroot)
Change OneLevel to SubTree
DAMIEN SOLODOW
Systems Engineer
317.447.6033tel:317.447.6033 (office)
317.447.6014tel:317.447.6014 (fax)
HARRISON COLLEGE
From: Heaton, Joseph@Wildlife [mailto:joseph.hea...@wildlife.ca.gov]
Sent: Wednesday, January 23, 2013 4:14 PM
To: NT System Admin Issues
Subject: Help with this script
I found this script, to count user objects in all OUs. The report doesn’t list
all OUs, so I was wondering if anyone could tell me if it has a limit as to how
deep it will go to count.
Here’s the script:
Import-Module activeDirectory
$fqdn = Read-Host Enter FQDN domain
$cred = Get-Credential
Write-Host Contacting $fqdn domain... -ForegroundColor Yellow
$domain = (get-addomain $fqdn -Credential $cred | select
distinguishedName,pdcEmulator,DNSroot,DomainControllersContainer)
Write-Host Completed. Enumerating OUs.. -ForegroundColor Yellow
$OUlist = @(Get-ADOrganizationalUnit -filter * -Credential $cred -SearchBase
$domain.distinguishedName -SearchScope OneLevel -Server $domain.DNSroot)
Write-Host Completed. Counting users... -ForegroundColor Yellow
for($i = 1; $i -le $oulist.Count; $i++)
{write-progress -Activity Collecting OUs -Status Finding OUs $i
-PercentComplete ($i/$OUlist.count*100)}
$newlist = @{}
foreach ($_objectitem in $OUlist)
{
$getUser = Get-ADuser -Filter * -Credential $cred -SearchBase
$_objectItem.DistinguishedName -SearchScope Subtree -Server $domain.pdcEmulator
| measure | select Count
for($i = 1; $i -le $getUser.Count; $i++)
{write-progress -Activity Counting users -Status Finding users $i in
$_objectitem -PercentComplete ($i/$getUser.count*100)}
$newlist.add($_objectItem.Name, $getUser.Count)
}
$newlist .\OUuserCount.txt
Write-Host All done! -ForegroundColor yellow
So, the report that it creates only lists top level OUs under the domain. I
think it does, however, dig down under that to get the count, but just wanted
to make sure.
Thanks,
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to
listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to
listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to
listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage
Re: Help with this script
http://technet.microsoft.com/library/hh849720.aspx
In PowerShell v3 don't forget the occasional
Update-Help
Best to do so under a PowerShell launched with admin credentials
Steven Peck
http://www.blkmtn.org
On Wed, Jan 23, 2013 at 3:46 PM, Damien Solodow damien.solo...@harrison.edu
wrote:
Huh; I usually just put the cmdlet name (and parameter if necessary)
into Google and get good results.
Although get-help from within PowerShell works well. ;) The -detailed and
-online switches are very helpful.
In PowerShell 3.0, the -OutWindow is very handy for get-help
DAMIEN SOLODOW
Systems Engineer
317.447.6033 (office)
317.447.6014 (fax)
HARRISON COLLEGE
--
*From:* Steven Peck [sep...@gmail.com]
*Sent:* Wednesday, January 23, 2013 6:40 PM
*To:* NT System Admin Issues
*Subject:* Re: Help with this script
I tend to find better results for PowerShell cmdlets in BING. Of
course, that just may be the way I search.
On Wed, Jan 23, 2013 at 3:08 PM, Heaton, Joseph@Wildlife
joseph.hea...@wildlife.ca.gov wrote:
Thanks guys. I did google parameter SearchScope but didn’t get any
useful info.
** **
*From:* Webster [mailto:webs...@carlwebster.com]
*Sent:* Wednesday, January 23, 2013 2:10 PM
*To:* Heaton, Joseph@Wildlife; NT System Admin Issues
*Subject:* RE: Help with this script
** **
http://technet.microsoft.com/en-us/library/ee617236.aspx
** **
[-SearchScope {Base | OneLevel | Subtree}]
** **
** **
Thanks
** **
** **
Webster
** **
*From:* Heaton, Joseph@Wildlife
[mailto:joseph.hea...@wildlife.ca.govjoseph.hea...@wildlife.ca.gov]
*Sent:* Wednesday, January 23, 2013 3:58 PM
*To:* NT System Admin Issues
*Subject:* RE: Help with this script
** **
Are OneLevel and SubTree the only options for the SearchScope parameter?*
***
** **
*From:* Damien Solodow
[mailto:damien.solo...@harrison.edudamien.solo...@harrison.edu]
*Sent:* Wednesday, January 23, 2013 1:18 PM
*To:* Heaton, Joseph@Wildlife; NT System Admin Issues
*Subject:* RE: Help with this script
** **
Yep.
The line $OUlist = @(Get-ADOrganizationalUnit -filter * -Credential
$cred -SearchBase $domain.distinguishedName -SearchScope OneLevel -Server
$domain.DNSroot)
** **
Change OneLevel to SubTree
** **
DAMIEN SOLODOW
Systems Engineer
317.447.6033 (office)
317.447.6014 (fax)
HARRISON COLLEGE
** **
*From:* Heaton, Joseph@Wildlife
[mailto:joseph.hea...@wildlife.ca.govjoseph.hea...@wildlife.ca.gov]
*Sent:* Wednesday, January 23, 2013 4:14 PM
*To:* NT System Admin Issues
*Subject:* Help with this script
** **
I found this script, to count user objects in all OUs. The report
doesn’t list all OUs, so I was wondering if anyone could tell me if it has
a limit as to how deep it will go to count.
** **
Here’s the script:
** **
Import-Module activeDirectory
** **
$fqdn = Read-Host Enter FQDN domain
$cred = Get-Credential
** **
Write-Host Contacting $fqdn domain... -ForegroundColor Yellow
** **
$domain = (get-addomain $fqdn -Credential $cred | select
distinguishedName,pdcEmulator,DNSroot,DomainControllersContainer)
** **
Write-Host Completed. Enumerating OUs.. -ForegroundColor Yellow
** **
$OUlist = @(Get-ADOrganizationalUnit -filter * -Credential $cred
-SearchBase $domain.distinguishedName -SearchScope OneLevel -Server
$domain.DNSroot)
Write-Host Completed. Counting users... -ForegroundColor Yellow
** **
for($i = 1; $i -le $oulist.Count; $i++)
{write-progress -Activity Collecting OUs -Status Finding OUs $i
-PercentComplete ($i/$OUlist.count*100)}
$newlist = @{}
** **
** **
** **
foreach ($_objectitem in $OUlist)
{
$getUser = Get-ADuser -Filter * -Credential $cred -SearchBase
$_objectItem.DistinguishedName -SearchScope Subtree -Server
$domain.pdcEmulator | measure | select Count
for($i = 1; $i -le $getUser.Count; $i++)
{write-progress -Activity Counting users -Status Finding users $i
in $_objectitem -PercentComplete ($i/$getUser.count*100)}
$newlist.add($_objectItem.Name, $getUser.Count)
}
** **
$newlist .\OUuserCount.txt
** **
Write-Host All done! -ForegroundColor yellow
** **
** **
So, the report that it creates only lists top level OUs under the
domain. I think it does, however, dig down under that to get the count,
but just wanted to make sure.
** **
Thanks,
** **
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint
