Microsoft on Zachary Loeber's Blog

PowerShell: Easy Module Authoring with ModuleBuild

Wed, 05 Jul 2017 01:29:53 +0000

I’ve previously discussed using the excellent plaster module for creating new modules among other things. Now I’ve integrated plaster into my PSModuleBuild project, turned the whole thing into a module, and changed the name to just ‘ModuleBuild’

Powershell: Creating Plaster Manifest Files

Mon, 15 May 2017 17:49:48 +0000

I’ve kicked the tires on a great PowerShell code scaffolding tool called ‘Plaster’. Here is my take on this nifty module.

Powershell: Creating Plaster Manifest Files

Mon, 15 May 2017 17:49:48 +0000

I’ve kicked the tires on a great PowerShell code scaffolding tool called ‘Plaster’. Here is my take on this nifty module.

PowerShell: PowerShellGet Helper Functions

Wed, 21 Dec 2016 21:21:12 +0000

With the PowerShell Gallery at your fingertips in PowerShell v5 you are able to find and install modules and scripts quickly. Here are a few helper functions you may want to add to your profile to help automate some of these tasks.

PowerShell: PowerShellGet Helper Functions

Wed, 21 Dec 2016 21:21:12 +0000

Powershell: New-ADPasswordReminder

Thu, 13 Oct 2016 19:03:55 +0000

A single, self-extracting, self-scheduling, AD password change notice PowerShell script.

Powershell: New-ADPasswordReminder

Thu, 13 Oct 2016 19:03:55 +0000

A single, self-extracting, self-scheduling, AD password change notice PowerShell script.

PowerShell: New Project – PSModuleBuild

Mon, 01 Aug 2016 02:34:55 +0000

I’ve spent a little bit of time thinking about and putting together a proper build script for one of my projects. This post covers the decisions I made and technologies I used to get this set this up.

PowerShell: Thoughts on Module Design

Sat, 03 Oct 2015 18:57:04 +0000

I’ve finally decided to grow up and start making modules out of my rather large PowerShell code base. Here are a few things I’ve learned.

Exchange: Stop Email Exfiltration

Fri, 25 Sep 2015 01:41:25 +0000

When your users leave or get removed from the organization they may still be getting company confidential information. Here is how you can find out and stop this from happening.

Exchange: Stop Email Exfiltration

Fri, 25 Sep 2015 01:41:25 +0000

When your users leave or get removed from the organization they may still be getting company confidential information. Here is how you can find out and stop this from happening.

Skype For Business: Planning for Voice – Part 3

Sat, 12 Sep 2015 20:05:26 +0000

If you have been following along this series you already know the importance of getting a recent PSTN provider bill and performing an onsite visit. Next we will go into more depth on how the site PSTN is configured with your PBX at a site. There is lots of ground to cover so lets dive right in!

Skype For Business: Planning for Voice – Part 2

Fri, 04 Sep 2015 03:18:40 +0000

I’ve already gone over the basic phases of a Skype for Business enterprise voice deployment in my prior article. Now it is time to skip right over the first two of those phases and start preparing to replace your existing PBXs. To prepare you need to know what you are going to be replacing. In this article we will be focusing on beginning the information gathering process.

Powershell: Login As Batch Job Security Rights

Sat, 18 Jul 2015 04:09:12 +0000

Here is a quick bit of PowerShell. It is some snippets of C# code wrapped up with PowerShell which will allow you to assign accounts to the ‘login as batch job’ local security rights of a local machine. The code is no great shakes but it is a good example of how you might take some existing online code and modify to suit your needs in PowerShell. This function also compliments another script I’ve released in the past for automatically scheduling PowerShell scheduled tasks rather well.

Lync/S4B Client: Call Forwarding Options Compared

Fri, 01 May 2015 19:00:48 +0000

Here is a comparison chart I put together describing the different call forwarding options available to end users or their teams. This covers everything which can be setup by users in Lync as well as team calling (setup by the admin).

Exchange: Database Leveling Redux

Tue, 07 Apr 2015 00:12:33 +0000

Some time ago I tackled the challenge of constructing a variant of the bin packing algorithm for leveling out Exchange databases’ size with the least amount of mailbox migrations necessary. Since then, I’ve been approached by a few people in dreadfully large environments looking for help with errors and compatibility issues around the script I released. I’ve finally rounded back to this script to do it some justice.

Lync 2013: Scripting QoS Config on Edge Servers

Sat, 04 Apr 2015 21:41:51 +0000

In many environments the Lync 2013 edge servers are configured in a standalone workgroup without any easy method for setting standard policies (such as GPOs). To make QoS configuration a bit less manual and error prone I’ve put together this script which can be run in an administrative powershell prompt. It will update the NLA setting (or create it if it doesn’t already exist), backup and prompt for removal any existing Qos settings, then import the registry settings for Audio, Video, and App QoS settings as defined in the script parameters.

Lync 2013: Scripting QoS Config on Edge Servers

Sat, 04 Apr 2015 21:41:51 +0000

Powershell: WPF/Treeview OU Selection Dialog

Sun, 22 Mar 2015 16:13:54 +0000

This is a self-contained organizational unit selection dialog box using powershell, xaml, wpf, and ADSI. Should be useful in any number of one off Powershell projects I imagine.

Lync Book Review: Lync Server Cookbook

Sun, 15 Mar 2015 01:51:53 +0000

I had planned to purchase this book at some point but instead was pleasantly surprised by an offer from one of the authors to provide an objective review of ‘Lync Server Cookbook‘! As I have worked with the product in some form since LCS/OCS days I believe I can speak with some authority on subject matter and readily agreed. With that being said, lets start with the book’s overarching scope and structure.

Lync Client: Automatic Fortune Cookie Utility

Sun, 08 Feb 2015 23:30:30 +0000

Here’s a just for fun powershell script for the Lync user. In the not so old days of Unix administration it was not too uncommon to have a ‘fortune cookie’ display when logging into a system. I’ve always thought that it would be neat to have something similar in the Lync client that would allow for an easy rotation of your personal note field. Little did I realize how easy it would be to add such functionality myself with some powershell and the Lync SDK!

Powershell: Check For Misplaced Certificates

Thu, 11 Dec 2014 03:02:28 +0000

Here is a script I absentmindedly put together one evening while power watching a TV series on Netflix with the wife. The general idea of this script is to check local machine, trusted root, and intermediate trusted root stores for misplaced or duplicate certificates.

Powershell: Check For Misplaced Certificates

Thu, 11 Dec 2014 03:02:28 +0000

Exchange 2013: Server Component State Script

Tue, 09 Dec 2014 01:28:23 +0000

Exchange 2013 includes some powershell commands which allow you to set and view several components in the messaging infrastructure. This is important to be aware of as it means all Exchange related services can be running when looking at them in service manager (services.msc) but not actually doing anything. I went ahead put together a script to better gather this information for administrators.

Exchange 2013: Server Component State Script

Tue, 09 Dec 2014 01:28:23 +0000

Lync UCS Contacts Reporting with Powershell

Fri, 21 Nov 2014 17:37:30 +0000

By default a Lync enabled account within a Lync/Exchange 2013 environment will be enabled for UCS (Unified Contact Store). This means that the Lync contacts get saved in the Lync user’s mailbox and not the Lync database. In order to get a list of the contacts associated with these accounts you have to export data to a zip file with some debug Lync commands and, even then, the information is buried in a hard to interpret XML file.

Exchange 2010/2013: Database Leveling Script

Tue, 07 Jan 2014 22:08:16 +0000

It is common to randomly choose mailbox databases when creating or migrating user mailboxes in Exchange. I actually recommend this practice unless you are setting up a tiered user/storage environment. Unfortunately this may result in an unequal distribution of data which, in turn, can result in an environment where mailbox databases are wildly different in size. In this post I will discuss an approach to leveling the databases so they are equal in size by moving mailboxes between them.

Gather (and Diagram) Installed Roles and Features With Powershell

Wed, 18 Dec 2013 18:53:18 +0000

Use this powershell script to gather installed features and roles from remote systems. This uses two wmi classes in an attempt to gather as much information as possible. Win32_ServerFeature will contain roles and their dependencies on systems running Windows 2008 and above. For these systems we can use this hierarchy to also produce pretty diagrams using graphviz and techniques I’ve exhibited in some of my other scripts (I added this last part in cause it is easy to do, not really certain how useful it is other than maybe exploring the dependencies between windows roles/features).

Lync 2013: Monitoring Mirrored SQL Databases With PowerShell

Mon, 25 Nov 2013 18:16:24 +0000

In Lync 2013 you are given a powerful new backend redundancy option for your important databases in the form of SQL mirroring. In this article I’ll discuss which services are able to be mirrored, the databases they encompass, and provide a PowerShell script to generate a report on the database mirror status. I also threw in Lync CMS replication and service status sections because it is the civil thing to do…

Lync 2013: Monitoring Mirrored SQL Databases With PowerShell

Mon, 25 Nov 2013 18:16:24 +0000

Gather Remote Event Logs With Powershell

Wed, 16 Oct 2013 17:01:13 +0000

About

Gather the remote event log information for one or more systems using wmi, alternate credentials, and multiple runspaces. Function supports custom timeout parameters in case of wmi problems and returns Event Log information for the specified number of past hours. You can view verbose information on each runspace thread in realtime with the -Verbose option.

Version History

1.0.0 – 10/16/2013

Initial release

Notes

By default 24 hours is what we filter against for the results. I’m retroactively releasing this function individually from the new-assetreport project I’ve released a little while ago.

Retrieve Remote Scheduled Task Information With Powershell

Sun, 06 Oct 2013 23:32:48 +0000

This function uses multiple runspaces with along with COM objects to gather information about the scheduled tasks of remote systems. Getting this to work with alternate credentials may be possible but I wasn’t able to discern a usable method to make it happen so I resorted to PSremoting. What this means is that this script will work against multiple remote systems which do not have psremoting enabled as long as you are running the script with an account that has administrative rights to them. If you do pass a credential to the function then psremoting will be used instead. You can also force psremoting to be used if you are using that across the board in your environment.

Visualize Active Directory Site Connections

Sun, 06 Oct 2013 22:50:35 +0000

In this post I use powershell with graphviz to create an Active Directory diagram of all site connections between servers. Additionally, I’ve included some code which displays site connection options. You may be able to use this to find isolated DCs or just to see a pretty diagram.

Find Disabled Users With Lync Enabled Without Lync Cmdlts

Mon, 30 Sep 2013 21:19:15 +0000

Here is a quick tip which applies to more than just Lync. I use powershell with .NET ADSI to gather a list of all users which are disabled but still have Lync sip addresses assigned. There are numerous reasons to disable lync on such accounts. One reason would be to make certain that users whom are no longer with the organization get removed from the Lync address list. Another is so these same users can no longer access Lync! (Yes, a disabled AD account may still be authorized to access Lync).

Gather Remote Command Results With Powershell

Thu, 19 Sep 2013 16:22:41 +0000

Send a remote command using wmi, alternate credentials, and multiple runspaces then retrieve the results serially using mapped secure channels to the remote host. The remote command execution function supports custom timeout parameters in case of wmi problems and returns the remote tmp file information containing the command results. You can view verbose information on each runspace thread in realtime with the -Verbose option.

Get Remote Shadow Volume Information With Powershell

Sun, 15 Sep 2013 02:57:55 +0000

Gather the remote shadow volume information for one or more systems using wmi, alternate credentials, and multiple runspaces. Function supports custom timeout parameters in case of wmi problems and returns shadow volume information, shadow copies, their providers, and settings. You can view verbose information on each runspace thread in realtime with the -Verbose option.

Gather Local Group Membership With Powershell

Wed, 11 Sep 2013 14:11:52 +0000

Gather system local groups and their members for one or more systems using wmi, alternate credentials, and multiple runspaces. Function supports custom timeout parameters in case of wmi problems, a switch for inclusion of empty groups in the results, and returns group names with their members. You can view verbose information on each runspace thread in realtime with the -Verbose option.

Version History

1.0.0 – 09/11/2013

Initial release

Notes

None, this is an independent release of a function I’ve recently included in a larger project.

Excel and HTML Asset Reports With Powershell

Sun, 08 Sep 2013 05:07:29 +0000

This set of powershell functions collates and generates reports upon system information it gathers. Information gathered includes hardware health, system information, networking information and much much more. Multiple types of html reports can be generated and all data can be exported directly to an excel workbook, saved as individual reports, and emailed.

Gather Remote Installed Programs With Powershell

Wed, 28 Aug 2013 13:25:22 +0000

Gather program install information for one or more systems using wmi, alternate credentials, and multiple runspaces. Function supports custom timeout parameters in case of wmi problems and returns from the registry program name, manufacturer, and uninstall information. You can view verbose information on each runspace thread in realtime with the -Verbose option.

Multithreaded Remote Registry Gathering with Powershell

Wed, 07 Aug 2013 03:11:49 +0000

Gather specific subkey values or an entire registry key’s subkey values with powershell and multithreading.

Determine if a computer is virtual with powershell

Fri, 26 Jul 2013 18:22:43 +0000

This function attempts to connect to a computer and find out if it is virtual or not using WMI. If it is virtual, a best guess at the type of virtual platform it is running upon is returned as well.

Exchange 2010 Mailbox Audit Report GUI

Fri, 28 Jun 2013 20:17:29 +0000

I’ve updated the original Exchange Mailbox Audit Report Script with some new features and bug fixes. These updates have also set the stage for the entire script to be wrapped with a GUI! Here is the initial release of the Mailbox Audit Report GUI for your auditing needs.

Enhanced Remote Server Connectivity Testing With Powershell

Tue, 25 Jun 2013 14:22:18 +0000

Test the following connectivity methods to a server: RDP, ping, rpc, wsman, sccm agent, scom agent, and remote registry. Optionally an alternate credential can be used. Versatility is added with options to return only true/false when singular tests are performed.

Use Powershell to Gather Disk/Partition/Mount Point Information

Mon, 24 Jun 2013 04:41:01 +0000

I put together a function for remotely gathering Windows disk information. This was specifically written to accommodate alternate credentials. This script also accounts for the glaring disconnect between win32_Volume and win32_DiskDrive within WMI.

Audit User Profile Folders With Powershell

Fri, 21 Jun 2013 18:46:09 +0000

This function will aggregate sub-folders within a folder on a server and attempt to associate them with user IDs within a domain and provide additional information. This script can also be used to move folders for disabled or non-existent accounts.

Book Review: PowerShell 3.0 Advanced Administration Handbook

Wed, 19 Jun 2013 01:44:40 +0000

A fast-paced PowerShell guide with real-world scenarios and detailed solutions

Use Powershell to Create a Windows Service Dependency Diagrams

Mon, 17 Jun 2013 15:32:42 +0000

I use powershell with graphviz to generate color coded service dependency diagrams for windows services. Besides creating useful and beautiful diagrams for your environment, this will also provide some interesting functions for gathering remote service information with alternate credentials.

Exchange 2010 Mailbox Audit Report Script

Fri, 10 May 2013 02:33:54 +0000

Exchange 2010 Mailbox Audit Report Script

Recently I’ve released a number of scripts such as the HTML Table Colorizer, Exchange Mailbox Calendar Permission Function, and the Exchange Mailbox GUI. These were all actually created specifically as support scripts for a report generation powershell tool I’ve been working on, the Exchange Mailbox Auditing Tool.

Powershell: Colorize-Table.ps1 Updated

Sun, 28 Apr 2013 18:00:43 +0000

A little while ago I released a script which uses custom linq assemblies to quickly modify an html table based on column header and an arbitrary scriptblock to test the values within that entire column (by default it is a simple -eq comparison). If the scriptblock evaluates to be true then you can either change just the cell style or the entire row style.

Exchange: Get Calendar Permissions (multilingual edition)

Sun, 28 Apr 2013 17:35:54 +0000

Some time ago I released a rather simplistic GUI for viewing Exchange 2010 mailbox calendar permissions. Because of a semi-related script I’m working on currently I rounded back and recreated that GUI script to be a powershell function instead. This is the result.

Exchange: Co-existence Client Access Preparation Report

Wed, 16 Jan 2013 03:36:50 +0000

If you upgrade Exchange in a co-existence scenario (you want to keep the same client access namespace) there is one crucial moment of truth which must be overcome. This is the phase of the migration I’ve come to call the “dns flip-over” or the “client access part”. Without preparation this part of the migration can be a real headache as issues are directly experienced by your end users. This is a simple report card you can use to prepare you for this moment.

Exchange 2010: Poor Mans Monitoring 1.5

Tue, 28 Aug 2012 02:40:20 +0000

Just a quick upgrade to the script I posted earlier. This script is for monitoring and/or maintaining your Exchange 2010 mailboxes. It is meant to help an admin be proactive in their exchange environment. I updated the script to be a bit more customizable and fixed some obvious issues. The primary changes are removing the requirement for the MS chart controls as well as introducing an area of code just for custom scripts. There is always room for improvement but this version is a good start. ~~Download Troubleshoot-MailboxServeror. Or~~ Grab the recent updates at the MS script repository (Edit: Just to to the script repository as any newest version will be dropped there first. I already have a 1.6 version available there).

Exchange 2010: Poor Man’s Monitoring

Sun, 22 Jul 2012 20:11:16 +0000

I quietly released a new script into the wild the other day, Troubleshoot-MailboxServer.ps1. This script is meant for monitoring, fixing, and reporting on Exchange 2010 database servers. It pretty much just wraps around and reports on troubleshooting scripts found in %ExchangeInstallPath%Scripts. I also set it so you can have an email sent including warning/error color coded report upon completion.

Exchange 2010: Even More Migration Tips

Wed, 11 Jul 2012 00:34:32 +0000

It has been a while since I passed on some personal experiences when performing Exchange 2010 migrations. I thought it was about time to update my list to include some more of the lesser known aspects of an Exchange 2010 migration.

Lync 2010: IP/DNS Workbook

Sat, 23 Jun 2012 20:24:40 +0000

I just ran across a Lync article with all kinds of nice tables which distilled the myriad of DNS/IP addresses in a Lync deployment down to an easy to read format. I happen to have created one of these tables myself for a Lync deployment which included a standard Lync pool, XMPP gateway, Lync Mobility, and a single edge server. I figured others may find some use from it as it auto-populates the dns entries and what they are supposed to point to based on what you fill out for the highlighted cells. Sure you get some of this in the Lync Server 2010 Planning Tool but this offers a slightly different view of the environment as well as a nice one page overview.

Active Directory: Best Practices Workbook

Mon, 28 May 2012 21:57:58 +0000

This is a checklist for technicians performing Active Directory assessments. It is broken down by category and best practice. Some items listed are not really a best practice, but rather something which you may find in an environment which should be rectified (as part of an audit perhaps).

Exchange 2010: Changing an invalid DNS suffixed server

Thu, 01 Mar 2012 05:30:13 +0000

I ran into an interesting Exchange 2010/2007 co-existence issue today. After a new Exchange 2010 (all-in-one) server was introduced into the environment traffic would only flow from the 2010 server to the 2007 hub/cas server and not the other way around. The mail queues stated the last error to be

“Initial error: 451 4.4.0 dns query failed. The error was: SMTPsend.dns.nonexistentdomain; nonexistent”

Exchange 2010 One-liner: Get All Network Interface Information

Fri, 19 Aug 2011 16:57:15 +0000

Here are a few quick powershell one-liners to get all the network interface information in your exchange environment:

$ExchServers=(Get-ExchangeServer); @(foreach ($Srv in $ExchServers) {Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter IPEnabled=TRUE -ComputerName $Srv.Name | select @{Name="Server";Expression={$Srv.Name}},@{Name="DNS Host Name";Expression={$_.DNSHostName}},@{Name="Server Role";Expression={$Srv.ServerRole}},Description,@{Name="IP Address";Expression={$_.IPAddress}},@{Name="IP Subnet";Expression={$_.IPSubnet}},@{Name="Default Gateway";Expression={$_.DefaultIPGateway}},@{Name="Mac Address";Expression={$_.MacAddress}},@{Name="DNS Suffix Search Order";Expression={$_.DNSDomainSuffixSearchOrder}},@{Name="DNS Server Search Order";Expression={$_.DNSServerSearchOrder}},FullDNSRegistrationEnabled}) |Export-Csv -NoTypeInformation "C:\Temp\Exchange-network.csv"

If you just want interface information for Exchange 2010 servers:

$ExchServers=(Get-ExchangeServer | where {$_.ServerRole -ne "None"}); @(foreach ($Srv in $ExchServers) {Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter IPEnabled=TRUE -ComputerName $Srv.Name | select @{Name="Server";Expression={$Srv.Name}},@{Name="DNS Host Name";Expression={$_.DNSHostName}},@{Name="Server Role";Expression={$Srv.ServerRole}},Description,@{Name="IP Address";Expression={$_.IPAddress}},@{Name="IP Subnet";Expression={$_.IPSubnet}},@{Name="Default Gateway";Expression={$_.DefaultIPGateway}},@{Name="Mac Address";Expression={$_.MacAddress}},@{Name="DNS Suffix Search Order";Expression={$_.DNSDomainSuffixSearchOrder}},@{Name="DNS Server Search Order";Expression={$_.DNSServerSearchOrder}},FullDNSRegistrationEnabled}) |Export-Csv -NoTypeInformation "C:\Temp\Exchange2010-network.csv"

Exchange 2010: A Few More Migration Tips

Sat, 13 Aug 2011 23:43:04 +0000

Here are a few more notes from the field to consider when you are planning your Exchange 2010 deployment and migration. Some of these items are good to know even after you have completed your migration and may help with overall system stability.

Active Directory: Essential Tools

Thu, 11 Aug 2011 18:35:00 +0000

During my many years of working with active directory I’ve used several tools. Here are some of the best that I’ve used which are not baked into windows. Good thing about this list is that most of these tools are fee! Another bonus is that most of the information gathering tools don’t require elevated rights as, by default, domain users have read-only access to active directory.

Exchange 2010: Network Communication Table

Sat, 30 Jul 2011 17:06:36 +0000

I figured I’d post the massive table of firewall rules I compiled for my Exchange 2010 firewall generation script. It has both the source and destination roles for many aspects of an Exchange environment. Where there are ???’s is where I’m simply not certain (mainly around encryption between certain roles). If anyone spots any mistakes or omissions please let me know and I’ll update the accordingly.

Exchange 2010 Network Communication Table By Role

Exchange 2010: Automated Firewall Rule Generation 1.4

Fri, 29 Jul 2011 15:28:07 +0000

I made some updates to the automated firewall rule generation script. This includes some updates to the firewall rule spreadsheet to give information on setting setic ports and port ranges for RPC based services. This csv file may be a good general reference even without the script.

Exchange 2010: Automated Firewall Rule Generation 1.2

Wed, 20 Jul 2011 16:35:08 +0000

I made a few changes to this script to make it more modular and to allow for more exceptions in regards to DAGs and sites. Enjoy!

Exchange 2010 Firewall Rule Generation Script

Exchange 2010: Certificate Install Script

Thu, 30 Jun 2011 15:39:27 +0000

Many of the cert providers require that you install both an intermediary and a root trusted cert on the servers which you are configuring your newly requested Unified Communications certificate on. If you are doing an Exchange migration including several ISA/TMG/Exchange (2003 and 2010) servers this can be a tedious process. Here is the quick way to install all three certificates once they are on the server

Exchange 2010: Automated Firewall Rule Generation

Fri, 24 Jun 2011 16:40:50 +0000

A single, or even a dual site Exchange 2010 deployment does not usually require too much internal firewall manipulation. But if you have to setup a Exchange 2010 environment where there are many global sites or a heavily segmented network, the number of firewall requests required to get a fully functioning configuration working can be daunting. Wouldn’t it be nice to have some of those firewall rules automatically generated for you?

Exchange 2010: Protect VIP Mailboxes with Exclusive Scopes

Wed, 04 May 2011 21:26:37 +0000

Prior to starting my new job I wanted to ensure that my previous employer was able to protect VIP mailboxes in their Exchange 2010 SP1 organization. I had to do this with exclusive scopes and these are the steps I had to follow. A general knowledge of role based security is assumed in this post.

Windows: 2003 to 2008 R2 RADIUS Migration

Thu, 17 Mar 2011 12:58:12 +0000

I found myself doing yet another Windows 2003 IAS Radius server migration to 2008 R2 NPS. I found that I had my prior notes and was able to do this quickly but, hell, if I’m looking this up in my own notes I may as well just post this succinct little procedure.

Windows: 2003 to 2008 R2 RADIUS Migration

Thu, 17 Mar 2011 12:58:12 +0000

Active Directory: Role Based Access Modeling

Tue, 22 Feb 2011 04:22:28 +0000

Much of my time is spend delving into the minutia of a particular technology to resolve issues or improve department processes. But sometimes understanding and implementing a technology is not the best “fix” for an issue. Sometimes it is a mindset or a model that needs to change. I came up with this security grouping model to address some of the pains of managing permissions across large groups of systems in our environment. Ok, I modified a long standing Microsoft recommendation of AGDLP (an abbreviation of “account, global, domain local, permission”) to meet our needs. Regardless here is a quick rundown of this security group model I devised if anyone is interested.

Funny: Microsoft Goes Chick-Flick

Tue, 22 Feb 2011 04:02:28 +0000

My wife saw this on my laptop screen while we were on a plane trip. She pointed to it, and said “Awwwww!!” as if I were reading a book on relationships rather than a technical pdf going over general SCOM 2007 concepts.

Microsoft gets a bit soft...

Exchange – Notify Forwarded Accounts Script

Mon, 10 Jan 2011 20:00:19 +0000

In cleaning up a large number of disabled user accounts in AD I wanted a way to notify a large number of users specifically that they were being forwarded e-mail from another account. This was part of an effort to clean up AD a bit before moving everyone over to Exchange 2010 but it can be used independently of any one project as part of a general AD maintenance plan.

Exchange 2010 (SP1): Pre-Deployment Tips

Fri, 17 Dec 2010 18:55:00 +0000

I recently had the opportunity to experience all of the blood, sweat, and tears of migrating a minimally maintained Exchange 2003 infrastructure to Exchange 2010 (and mid-way through, an upgrade to 2010 SP1). All of the docs out on the web for migrations make it seem soooo easy. But if you are going to do anything other than a single server install and are doing things like, oh say; hardware load balancing, Exchange 2003 co-existence, or working in an old multi-domain forest then you are in for some punishment. I think I ran into every possible issue that you can have with an Exchange 2010 migration. One guide that helped me in this endeavor was the rapid transition guide from Exchange 2003 to Exchange 2010. This guide didn’t cover every aspect for me though, here are a few things that may save you a little bit of hassle. I’ve been meaning to publish this for a while and I have a whole lot more notes from this experience but this is a start.