• Mike Rodrick

    Hello @Waqkas-Ahmed ,

    Are you using Exchange? What version are you running?

    posted in Microsoft read more
  • Mike Rodrick

    Hey @Waqkas-Ahmed ,

    This sounds like a really good time to use inbox rules. They are easy to create and would be applied when the email arrives.

    I'm sure it can be done with PowerShell, but I think it would involve much more work. Not only writing the script, but trying to get it to trigger each time a new email arrives. The inbox rules are for this very scenario.

    If there is a reason for using PowerShell instead of inbox rules, let me know, and post what you have so far and I can try to help!

    posted in Microsoft read more
  • Mike Rodrick

    Hey @Daniel-Fiore ,

    Awesome, glad you got it working!!

    I just checked, and the plan is to replace the entire series at once, so the new episodes wont be available until the new show is complete.

    P.S. Just thought I would mention, you can do nested virtualization. Some of the Hyper-V servers I use in the shows are actually virtual machines running on VMWare Workstation ;)

    Glad I could help,

    posted in Microsoft read more
  • Mike Rodrick

    Hello @Daniel-Fiore ,

    We are updating our Microsoft Windows Server 2016 MCSA track starting next week. We plan to start filming 70-740 and 70-742 on Monday. The previous shows were recorded in the last quarter of 2017, and many things have changed since then!

    As for the current content, is is accurate. Lets see if we can get it working for you.

    1. You should be able to install the NuGet package provider. This command hasn't changed. There is a newer version of NuGet available (2.8.5.208). The computer will need an internet connection for the command to work. Also make sure you are running PowerShell with administrative rights. (There is a way to download the package on another machine if you needed to do an offline install) Try leaving the MinimumVersion parameter out and see if that works. Something like this...
    Install-PackageProvider -Name NuGet 
    

    You can verify the package provider was successfully installed by running

    Get-PackageProvider
    

    Here is a link to check out as well...
    https://docs.microsoft.com/en-us/powershell/module/packagemanagement/install-packageprovider?view=powershell-5.1

    1. New-VHD and New-VirtualDisk are different cmdlets that do two very different things. New-VHD is the cmdlet for creating VHDs to use with virtual machines in Hyper-V. New-VirtualDisk is the cmdlet for creating new virtual disks in Storage Pools.

    The PowerShell command New-VHD is part of the hyper-v module. You will need to make sure this module is installed. You can install the module using the Add Roles and Features Wizard, or by using the Install-WindowsFeature cmdlet.

    In the Add Roles and Features wizard, click next till you get to Select Features. In the list of features, navigate to Remote Server Administration Tools -> Role Administration Tools -> Hyper-V Management Tools and select Hyper-V Module for Windows PowerShell.

    To install the Hyper-V module using PowerShell, use the following...

    Install-WindowsFeature -Name Hyper-V-PowerShell
    

    You should now be able to use the New-VHD cmdlet. You can verify the module is installed by running...

    Get-Module
    

    I've verified all of the above commands on Windows Server 2016 version 1607, running PowerShell 5.1.

    I hope this helps, if you have any more questions or issues, just let me know.

    Thanks for watching and being a member!!

    posted in Microsoft read more
  • Mike Rodrick

    Hello @Wilfried-THIAM ,

    Not sure if this is what you are looking for...

    Get-ADPrincipalGroupMembership <username> | Get-ADGroup -Properties * | select name, description
    

    This will return a list of groups a user belongs to and the description for the group, if there is one.

    If you are looking for something else, let me know.

    Mike

    posted in Microsoft read more
  • Mike Rodrick

    Hello @Nagayya-Pujari ,

    Did you go through the post-installation tasks after installing WSUS?

    When adding WSUS to a SCCM install to create a SUP, you should not launch the post-install configuration for WSUS. You will use SCCM to manage WSUS.

    In the site system role wizard, when adding the SUP role, you will specify that WSUS is configured to use 8530 and 8531.

    Hope this helps,

    posted in Microsoft read more
  • Mike Rodrick

    Hey @Waqkas-Ahmed ,

    If the accounts being created were domain accounts, we could use the delegation wizard to give a user permissions to only create accounts. There isn't a way to delegate granular permissions on a local machine, as far as I know. The user would need local admin rights to create a local account.

    Mike

    posted in General Discussion read more
  • Mike Rodrick

    Hello @Ankit-Sharda ,

    Once a machine has the Active Directory role installed, and has been promoted to be a domain controller, you will no longer be able to log on normally using a local account. Ronnie is correct, you can boot into Active Directory Restore Mode (where Active Directory is not running) and use the Restore mode password set when Active Directory was configured. This is the only local account available, an can only be used when booted into Restore Mode.

    When you log on using pre-Windows 2000 style credentials (domain\user) and omit the domain, Windows will assume you are logging in to the domain add the domain for you. To log in using a local account, you have to specify by using "computername\user" or ".\user" This is the way all Windows machines work, not just domain controllers. This is why users can log in just using there user name, and not have to type the domain name.

    You can verify this by logging on to a domain controller as administrator, without the domain, as you suggested. Then open PowerShell and type "whoami". The results should be "domainname\administrator" If you try to log on to the domain controller using "DCname\administrator" or ".\administrator" it will fail.

    The local administrator account from before Active Directory was installed, becomes the default domain administrator account in Active Directory. Whatever the password was for the local admin account is now the password for the built-in domain administrator account. The only local account left is the Restore Mode account.

    Hope this helps, let me know if you have more questions!

    Mike

    posted in Microsoft read more
  • Mike Rodrick

    Hello @Kyle-Hardin-0 ,

    You are correct, command history in PowerShell is handled differently starting with PowerShell v5.0 and the introduction of the PSReadline module. This module introduced persistent command history, and is accessed differently. I cover this topic in the "PowerShell Basics for Administrators" series. Here is a link to the specific episode.

    https://itpro.tv/course-library/powershell-2017/2017-command-historyaliases/

    The course "PowerShell for Administrators" was filmed using PowerShell v4.0. This series will eventually be moved to the legacy courses, but much of the content is still relative.

    I agree this could be a point of confusion, and will add something to the show notes or maybe hide that particular episode.

    Thanks for bringing this to our attention!!

    Mike

    posted in General Discussion read more
  • Mike Rodrick

    Hey @Waqkas-Ahmed,

    Here is a script that I found in the Technet Gallery. The original script worked, but prompted you for a computer name, therefor only did one at a time. I have modified it to return all computers and loop through them. In a large environment, this might be a little slow. You can modify the Get-ADComputer command with some of the filters from @Adam-Gordon's post to limit what type of computers are looked up, or limit the search to a particular OU.

    I also added a progress bar and the ability to output to an HTML file, just because PowerShell is so much fun :)

    This script takes one computer at a time, checks with each domain controller to see what the last logon time is for that computer, and records the latest one. This is necessary because the lastLogon attribute is not replicated, and you don't know which domain controller was used for authentication.

    ###############################################################  
    # Get_Computer Last_Logon_v1.1.ps1  
    # Version 1.0  
    # Changelog : n/a  
    # MALEK Ahmed - 29 / 06 / 2017
    # Modified by mike@itpro.tv 6/13/18  
    ###################  
      
    ##################  
    #--------Config  
    ##################  
      
    $domain = "itprotvdemo.com"  
    
    ##################  
    #--------Main  
    ##################  
      
    Import-Module ActiveDirectory  
    cls  
    
    $myForest = [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()  
    $domaincontrollers = $myforest.Sites | % { $_.Servers } | Select Name  
    $RealComputerLastLogon = $null  
    $LastusedDC = $null  
    $domainsuffix = "*."+$domain  
    $computerNames = (Get-ADComputer -Filter *).name
    $computerCollection = New-Object System.Collections.ArrayList
    $i = 0
    foreach ($computerName in $computernames)
    {
        $i++
        foreach ($DomainController in $DomainControllers)   
        { 
            if ($DomainController.Name -like $domainsuffix)  
            {  
                $ComputerLastlogon = Get-ADComputer -Identity $computername -Properties LastLogon -Server $DomainController.Name  
                    if ($RealComputerLastLogon -le [DateTime]::FromFileTime($ComputerLastlogon.LastLogon))  
                    {  
                        $RealComputerLastLogon = [DateTime]::FromFileTime($ComputerLastlogon.LastLogon)  
                        $LastusedDC =  $DomainController.Name  
                    }
            }  
                
        }
        $temp = New-Object System.Object
        $temp | Add-Member -MemberType NoteProperty -Name "Computer" -Value $computerName
        $temp | Add-Member -MemberType NoteProperty -Name "Date" -Value $RealComputerLastLogon
        $temp | Add-Member -MemberType NoteProperty -Name "DC" -Value $LastusedDC
        $computerCollection.Add($temp) | Out-Null
        $ComputerLastlogon = ""
        $RealComputerLastLogon = "" 
        $LastusedDC = "" 
        Write-Progress -Activity "Collecting Data" -status $computerName -percentComplete ($i / $computerNames.count*100)
    }
    
    $computerCollection | Sort-Object -Property date
    
    #####
    # Uncomment section below to output an HTML file, make sure to update FilePath
    #####
    
    <#
    $Header = @"
    <style>
    TABLE {border-width: 1px; border-style: solid; border-color: black; border-collapse: collapse;}
    TH {border-width: 1px; padding: 3px; border-style: solid; border-color: black; background-color: #6495ED;}
    TD {border-width: 1px; padding: 3px; border-style: solid; border-color: black;}
    </style>
    "@
    $computerCollection | Sort-Object -Property date | ConvertTo-Html -Head $header | Out-File -FilePath <replaceWithYourPath>
    #>
    

    posted in General Discussion read more