POSH

Script to modify the defaultSecurityDescriptor attribute on the Group-Policy-Container schema class object

June 29, 2016

Last week I published an article about the changes in the behavior of Group Policy processing after the deployment of security update MS16-072 under KB3163622. It included a script to assist with the remediation of Group Policy permissions: Script to report on and remediate the Group Policy security change in MS16-072. Of course that’s not where it […]

Read the full article →

Script to report on and remediate the Group Policy security change in MS16-072

June 22, 2016

On June 14th 2016 Microsoft released security update MS16-072 under KB3163622 that changes the behavior of Group Policy processing so that user group policies are now retrieved by using the machine’s security context instead of the user’s security context. This is a by-design behavior change from Microsoft to protect computers from a security vulnerability. Update 23/06/2016: Microsoft […]

Read the full article →

Script to Import and Bind a Certificate to the Default Web Site

January 4, 2015

This Powershell script will import and bind a certificate to the Default Web Site. I use this script for Citrix StoreFront and Director deployments, but it’s written to be very flexible and versatile so can be used for other tasks. The original idea came from scripts written by Thomas Albaek and Jerome Quief for Citrix StoreFront. The way I’ve written […]

Read the full article →

Script to Change the Drive Letter of all CDROM and DVD Drives

January 4, 2015

This PowerShell script will change the drive letter of all CDROM & DVD Drives found starting from whatever is set as $LastDriveLetter variable, working backwards until it finds an available drive letter. Too many IT Pros leave CDROM/DVD Drives as the drive letter Windows assigns them when first detected, which is typically usually either D: or E:. Then […]

Read the full article →

Custom MDT Wizard For Network Settings

January 4, 2015

Setting a fixed IP Address during the MDT task sequences has always been ugly. It’s an area that I believe needs to be revisited by Microsoft. I don’t like the concept behind the “Apply Network Settings” task action. I don’t find it dynamic enough. In my opinion it’s too cumbersome and involved. The old “NICSettings_Definition_ENU.xml” […]

Read the full article →

Script to Create a Summary Overview and Full Report of all Contact Objects in a Domain

January 2, 2015

This PowerShell script is one of the most comprehensive you will find that provides a thorough overview and full report of all contact objects in a domain. It is the culmination of many Active Directory audit and reviews and therefore contains valuable input from many customers. A lot of thought has been put into the logic […]

Read the full article →

Script to Create an Overview and Full Report of all Group Objects in a Domain

January 2, 2015

This PowerShell script is one of the most comprehensive you will find that provides a thorough overview and full report of all group objects in a domain. It is the culmination of many Active Directory audit and reviews and therefore contains valuable input from many customers. A lot of thought has been put into the logic within […]

Read the full article →

Script to Create an Active Directory Schema Update Report

June 22, 2014

This PowerShell script was written by the awesome Ashley McGlone (AKA Goatee PFE) and published to the TechNet Script Center. It was also blogged on the Scriting Guy TechNet site. However, it did need some updates to keep up with the newer schema updates as well as adding the SCCM (ConfigMgr) versions. As Ashley has […]

Read the full article →

Script to Create an Overview of all Computer Objects in a Domain

June 22, 2014

This PowerShell script will provide an overview and count of all computer objects in a domain based on Operating System and Service Pack. It helps an organisation to understand the number of stale and active computers against the different types of operating systems deployed in their environment. Computer objects are filtered into 4 categories: Windows Servers […]

Read the full article →

Script to Create a Report of Members of Privileged Groups

June 9, 2014

This PowerShell script will create a report of users that are members of the following privileged groups: Enterprise Admins Schema Admins Domain Admins Cert Publishers Administrators Account Operators Server Operators Backup Operators Print Operators This is the default list of privileged groups I’ve set, but you can adjust the privileged groups directly within the getForestPrivGroups function if needed. […]

Read the full article →