Month: August 2018

Useful Windows PowerShell (PS) command

by Samuel Mitchell, posted in Microsoft, Windows server

This blog is an opportunity to record all the PS commands I used in my day-to-day management of my environment.

Get-Help [*command*]

The get-help is a useful command used to get details of the command executed.

Get-Command [*command*]

List the A record of the server

Get-DnsServerRecord -Name [Hostname]-RRType [A]

Add an server name with the IP address to the DNS server. This command should be ran from the DNS server remotely or locally.

Add-DnsServerRecordA -Name [HostName] -IPAddress [IP] -ZoneName [domain-name] -AllowUpdate

Shutdown the server

Stop-Computer -ComputerName [Servername] -Force

Restart the server

Restart-Computer -ComputerName [Servername] -Force

Start a remote PowerShell session on server

Enter-PSSession [Servername]

Exit the existing PowerShell remote session

Exit-PSSession

A Similiar command to ping and trace route in Powershell

Test-NetConnection [-traceroute] [destination-name or address]

A command to execute PS commands on a remote host

Invoke-Command -ComputerName -ScriptBlock { [Powershell command goes here] }

List all the services on a computer

Get-Service

List all the Windows share (SMB) session on a computer

Get-SmbSession

Get the AD User information filtered by Name or login

Get-ADUser -Identity [CID] -Filter ‘Name -like “Firstname*”‘

Set the AD User information

Set-ADUser -Identity [CID] -ParameterField “Value”

Unlock User Account

Unlock-ADAccount -Identity [CID]

Disable User Account

Disable-ADAccount Identity [CID]

Enable User Account

Enable-ADAccount Identity [CID]

Reset User Account Password

Set-ADAccountPassword -Identity [CID] -Reset -NewPassword (ConvertTo-SecureString -ASPlainText “MyPassword” -Force)

Set the user account password settings

Set-ADUser -ChangePasswordAtLogon $true -CannotChangePassword $true -AccountExpirationDate “mm/dd/yyyy” -PasswordNeverExpires $true

Search AD for User Account that has expired password

Search-ADAccount -UsersOnly -PasswordExpired | FT SamAccountName, Name, LastLogonDate

Search AD for Locked Out Accounts

Search-ADAccount -UsersOnly -LockedOut | FT SamAccountName, Name, LastLogonDate

Search AD for Expiring Accounts within 60 days

Search-ADAccount -usersonly -AccountExpiring -TimeSpan 60.00:00 | FT SamAccountName,Name,AccountExpirationDate

Search AD for Inactive Accounts

Search-ADAccount -UsersOnly -AccountInactive | FT SamAccountName, Name, LastLogonDate

Search AD for Disabled Accounts

Search-ADAccount -UsersOnly -AccountDisabled | FT SamAccountName, Name

Search AD for Expired Accounts

Search-ADAccount -UsersOnly -AccountExpired | FT SamAccountName, Name, AccountExpirationDate

Search AD for Accounts password set to never expire

Search-ADAccount -UsersOnly -PasswordNeverExpires | FT SamAccountName, Name, AccountExpirationDate,LastLogonDate

Retrieve AD Group Information based on Filter

Get-ADGroup -Filter ‘Name -like “[string]*”‘ -Properties canonicalName | FT canonicalname

Retrieve members for a specific AD Group

Get-ADGroupMember -Identity ‘[groupname]’ | FT SamAccountName, Name

Retrieve the properties of an object

Verb-Object -properties *

Add Members to an AD Group

Add-ADGroupMember -Identity ‘GroupName’ -Members [UserName]

Create an New OU

New-ADOrganizationUnit -Name [OU-Name] -Path “[DC=Domain,DC=com]”

Create a user in the New OU

New-ADUser -Name “Firstname Lastname” -SamAccountName [CID] -Path “OU=,DC=,D=com”

Create a New AD Group

New-ADGroup -Name “GroupName” -SamAccountName [GroupName] -GroupCategory [Security/Distribution] -GroupScope [DomainLocal/Global/Universal] -Path “OU=,DC=domain,DC=com”

Create a managed service account

New-ADServiceAccount -Name [AccountName] -RestrictToSingleComputer

Add-ADComputerServiceAccount -Identity [COMPNAME] -ServiceAccount [AccName]

Test-ADServiceAccount -Identity [AccName]

Get Windows Security event of lockout accounts from PDC

Get-ADDomainController -Filter “OperationMasterRoles -like ‘*PDCEmulator*'” | FT Hostname, OperationMasterRoles, Site, OperatingSystem

Get-WinEvent -ComputerName [PDCEmulaor] -FilterHashtable @{LogName=’Security’;Id=4740} -ErrorAction Stop

Show the Default Domain Password Policy

Get-ADDefaultDomainPasswordPolicy

Change the Default Domain Password Policy

Get-ADDefaultDomainPasswordPolicy | Set-ADDefaultDomainPasswordPolicy -LockoutDuration -LockoutThreshold -MaxPasswordAge -MinPasswordAge -MinPasswordLength -ComplexityEnabled [$true/$false] -PasswordHistoryCount -LockoutObservationWindow

 

VCP65-DCV – Objective 7.5 – Troubleshoot HA and DRS Configurations and Fault Tolerance

by Samuel Mitchell, posted in VMware

The following reference material from the vSphere 6.5 online documentation will assist you in covering the main information that is needed to know the topics in this objective:

  1. How vSphere HA works
  2. Troubleshooting vSphere HA host states
  3. Troubleshooting Availability
  4. Configure Proactive HA
  5. DRS troubleshooting information
  6. Migration with vMotion
  7. Migration with Storage vMotion
  8. Troubleshooting Storage DRS
  9. Providing Fault Tolerant for Virtual Machines
  10. Troubleshooting Fault Tolerant Virtual Machines
  11. DRS Cluster Validity
  12. Overview Performance Charts for Clusters

VCP65-DCV – Objective 7.4 – Troubleshoot Virtual Machines

by Samuel Mitchell, posted in VMware

The following reference material from the vSphere 6.5 online documentation will assist you in covering the main information that is needed to know the topics in this objective:

  1. Overview Performance Charts
  2. Troubleshoot and Enhance Performance
  3. CPU Virtualization Basics
  4. Memory virtualization Basics
  5. Working with Advanced and Custom Charts
  6. Storage Device Panel
  7. know the commands:
    1. esxtop
  8. EVC requirements for Hosts
  9. Change the EVC mode for a Cluster