Author

Working with Active Directory Attributes with multi-values.

By Author on February 4, 2019February 4, 2019Leave a Comment

It is common for organisations to use or create Active Directory Attributes that may contain multiple different values and when trying to obtain the information using PowerShell you might receive

Microsoft.ActiveDirectory.Management.ADPropertyValueCollection

Which isn’t helpful to man or beast. However, I have been recently working with custom attributes so its time to share my experiences once again. In this post I will be working with information that is located within my personal lab, where I have customattribute10 defined with O365.

# Command
Get-ADUser -Properties * -Filter * | Select-Object  samaccountname,customattribute10 | export-csv -Path  $env:USERPROFILE\desktop\test1.csv

As you can see that from the above I am not receiving the desired output from Get-ADUser. So lets use a PowerShell string that obtains the required information

Let’s discuss the below string in detail to explain what each part does

@{name=” customattribute10 ”;expression={$_. customattribute10}}

The @ symbol, is the property you are retrieving is an array, which means it contains multiple values. Then you gave the property a name/label (you can name it anything you like). This will be the header of the column in the CSV file

@{name=” customattribute10 ”;

Then you provide an expression; this is the script block where you tell the PowerShell cmdlet what you are trying to fetch. For example; we want to fetch the values for the customattribute10 attribute.

expression={$_. customattribute10}}

So, now we understand the require array to pull the multi-values from lets execute the below command

# Command
Get-ADUser -Filter * -Properties  proxyaddresses,customattribute10 | select samaccountname,  @{L='customAttribute10'; E={$_.customAttribute10}}  | Export-Csv -Path  $env:USERPROFILE\desktop\test.csv

Now executing this command you will receive the correct output from the attribute which you desired.

Regards
The Author – Blogabout.Cloud

Working with Active Directory using Get-ADUsers

By Author on January 22, 2019February 4, 2019

When working with Active Directory Users sometimes its a lot easier using PowerShell to obtain all the information you require from your environment. As a Consultant I have lost count how many times I’ve used PowerShell to get information out of Active Directory and its essential to your skill set.

The most simple and effective way by running the following command, as it will dump all Active Directory Users and their properties to a CSV file located on your desktop

# Command
Get-ADUser -Filter * -Properties * | Export-CSV $env:userprofile\desktop\ADExport.csv

# Command
Get-ADUser -Filter * | Export-CSV $env:userprofile\desktop\ADExport.csv

What if you only require bits of information? The command only targets the Name and SamAccountName Field. Simple right?

# Command
Get-ADUSer -Filter * -Properties Name,SamAccountName  | Export-CSV $env:userprofile\desktop\ADExport.csv

# Command
Get-ADUSer -Filter * -Properties * | Select-Object -Property  Name,SamAccountName  | Export-CSV $env:userprofile\desktop\ADExport.csv

The possibilities are endless, you can call all everything from the below table because it exists on the AD object by default. If you have used ExtensionAttributes or CustomAttributes you can also call these as well by adding them to your filter.

Property	Syntax	R/RW	lDAPDisplayName
AccountExpirationDate	DateTime	RW	accountExpires, converted to local time
AccountLockoutTime	DateTime	RW	lockoutTime, converted to local time
AccountNotDelegated	Boolean	RW	userAccountControl (bit mask 1048576)
AllowReversiblePasswordEncryption	Boolean	RW	userAccountControl (bit mask 128)
BadLogonCount	Int32	R	badPwdCount
CannotChangePassword	Boolean	RW	nTSecurityDescriptor
CanonicalName	String	R	canonicalName
Certificates	ADCollection	RW	userCertificate
ChangePasswordAtLogon	Boolean	W	If pwdLastSet = 0
City	String	RW	l
CN	String	R	cn
Company	String	RW	company
Country	String	RW	c (2 character abbreviation)
Created	DateTime	R	whenCreated
Deleted	Boolean	R	isDeleted
Department	String	RW	department
Description	String	RW	description
DisplayName	String	RW	displayName
DistinguishedName	String (DN)	R	distinguishedName
Division	String	RW	division
DoesNotRequirePreAuth	Boolean	RW	userAccountControl (bit mask 4194304)
EmailAddress	String	RW	mail
EmployeeID	String	RW	employeeID
EmployeeNumber	String	RW	employeeNumber
Enabled	Boolean	RW	userAccountControl (bit mask not 2)
Fax	String	RW	facsimileTelephoneNumber
GivenName	String	RW	givenName
HomeDirectory	String	RW	homeDirectory
HomedirRequired	Boolean	RW	userAccountControl (bit mask 8)
HomeDrive	String	RW	homeDrive
HomePage	String	RW	wWWHomePage
HomePhone	String	RW	homePhone
Initials	String	RW	initials
LastBadPasswordAttempt	DateTime	R	badPasswordTime, converted to local time
LastKnownParent	String (DN)	R	lastKnownParent
LastLogonDate	DateTime	R	lastLogonTimeStamp, converted to local time
LockedOut	Boolean	RW	msDS-User-Account-Control-Computed (bit mask 16)
LogonWorkstations	String	RW	userWorkstations
Manager	String (DN)	RW	manager
MemberOf	ADCollection	R	memberOf
MNSLogonAccount	Boolean	RW	userAccountControl (bit mask 131072)
MobilePhone	String	RW	mobile
Modified	DateTime	R	whenChanged
Name	String	R	cn (Relative Distinguished Name)
ObjectCategory	String	R	objectCategory
ObjectClass	String	R	objectClass, most specific value
ObjectGUID	Guid	R	objectGUID converted to string
Office	String	RW	physicalDeliveryOfficeName
OfficePhone	String	RW	telephoneNumber
Organization	String	RW	o
OtherName	String	RW	middleName
PasswordExpired	Boolean	RW	msDS-User-Account-Control-Computed (bit mask 8388608) (see Note 1)
PasswordLastSet	DateTime	RW	pwdLastSet, local time
PasswordNeverExpires	Boolean	RW	userAccountControl (bit mask 65536)
PasswordNotRequired	Boolean	RW	userAccountControl (bit mask 32)
POBox	String	RW	postOfficeBox
PostalCode	String	RW	postalCode
PrimaryGroup	String	R	Group with primaryGroupToken
ProfilePath	String	RW	profilePath
ProtectedFromAccidentalDeletion	Boolean	RW	nTSecurityDescriptor
SamAccountName	String	RW	sAMAccountName
ScriptPath	String	RW	scriptPath
ServicePrincipalNames	ADCollection	RW	servicePrincipalName
SID	Sid	R	objectSID converted to string
SIDHistory	ADCollection	R	sIDHistory
SmartcardLogonRequired	Boolean	RW	userAccountControl (bit mask 262144)
State	String	RW	st
StreetAddress	String	RW	streetAddress
Surname	String	RW	sn
Title	String	RW	title
TrustedForDelegation	Boolean	RW	userAccountControl (bit mask 524288)
TrustedToAuthForDelegation	Boolean	RW	userAccountControl (bit mask 16777216)
UseDESKeyOnly	Boolean	RW	userAccountControl (bit mask 2097152)
UserPrincipalName	String	RW	userPrincipalName

Regards
The Author – Blogabout.Cloud

Dealing with SQL AlwaysOn in Skype for Business Server 2015/2019 Powershell Style

By Author on December 19, 2018February 4, 2019Leave a Comment

Dealing with a Skype for Business deployment with SQL AlwaysOn isn’t an easy task as there are a number of different elements involved from ensuring your databases are in the correct configuration to security permissions across the nodes.

I did originally create the following script while doing a customer deployment and have improved/modified to ensure I take out most of the headaches involved when deploying your backend databases.

The script runs through the following actions;

Check if SQL Instance
Check if Failover Clustering Role in configured on the two SQL servers
Ask to configure Failover Clustering Role (If required)
Convert and backup all Skype for Business Databases
Detect Skype for Business Folder on source SQL Server and copy to secondary
Configure SQL Server Service for AlwaysOn
- Repeat task manually on the secondary server

Complete your AlwaysOn Configuration using the SQL Management Studio

Download

Set-SfBSQLDatabases (554 downloads)

Change Log

Version 1.1 – Features

Support Skype for Business 2019
Support for SQL Server 2014 Enterprise, SQL Server 2016 Enterprise

Video

Reporting Issues

If you identity any issues within running the script please email theauthor@blogabout.cloud

Regards
The Author – Blogabout.Cloud

Office ProPlus ToolKit

By Author on December 12, 2018December 12, 2018Leave a Comment

Installing Office 365 ProPlus can be a bit of a headache and also there are many different tricks/hacks which can be implemented to test out the latest channels.

The Office ProPlus ToolKit script is built with following options to help you test and deploy ProPlus in the most effective way. This script is built with the following menu options

1) Configure Monthly Channel –>
2) Configure Semi Annual (Targeted) Channel –>
3) Configure Semi Annual Channel –>
4) Configure Monthly (Targeted) Channel –>
5) Configure Insider (Unsupported) Channel –>
6) Check your Office 365 ProPlus Configuration –>

7) Download the Office Readiness Toolkit for Add-ins & VBS –>
8) Download Microsoft FixIT Removal Tool –>
9) Download Offscrub Files (Office 03,07,10, O15 & O16) –>
10) Download Office 2016/2019/ProPlus Group Policy Templates –>
11) Download Office Telemetry Requirements –>

15) Download Office Deployment Tool (Official) –>
16) Download Pre-Loaded Office 365 Configuration Files –>

20) Install Office 365 ProPlus –>
21) Install SQL Express –>
22) Install SQL Management Studio –>
23) Install Office Telemetry Dashboard –>

30) Build your own configuration.xml (config.office.com) –>
31) Install Office using your modified configuration.xml –>

This script has seen a number of updates recently which have been logged below

Download

Get-OfficeProPlusToolKit.ps1 (609 downloads)

Change Log

Version 1.1 – Features

Download Pro-Loaded Office 365 Configuration Files – This contains Office 365 ProPlus and Office 2019. This option supports menu 20 which calls the downloaded setup.exe and xml files.
Support for PowerShell Version 5 – This script using Version 5 to expand Zip archives which allows the script to call the contents. If Version 5 is not detected you will be prompted to extract the required files manually.

Reporting Issues

If you identity any issues within running the script please email theauthor@blogabout.cloud

Regards
The Author – Blogabout.Cloud

PowerShell – Filtering your PowerShell outputs using Where-Object and Select-Object

By Author on December 11, 2018December 11, 2018

When working with PowerShell and using a (get-command | fl or format-list) you will receive a whole list of information which sometimes can be difficult to digest as shown below. In most cases normally you are only after one or two pieces of key information.

Using Select-Object

Select-Object is a great command when filtering PowerShell output by a particular property example Get-Service and Name/Status

# Command
Get-Service | Select-Object -Property Name,Status

Get-Service | Select-Object -Property Name,Status

This command isnt limited to just Get-Service and can be used across all Microsoft workloads for example you wanted to see UserPrincipleName and O365 licence, Select-Object can help you achieve that.

Using Where-Object

Where-Object is a powerful option when filtering PowerShell output by a particular value, for example, Get-Service state based on stopped services

# Command

Get-Service | select -Property Name,Status | where {$_.Status -like 'Stopped'}

Get-Service | select -Property Name,Status | where {$_.Status -like ‘Stopped’}

Where-Object doesn’t just stop there, what if you just wanted all the Stopped Service begining with the letter C?

# Command

Get-Service | select -Property Name,Status | where {($_.Name -like 'C*') -and ($_.Status -like 'Stopped')

Get-Service | select -Property Name,Status | where {($_.Name -like ‘C*’) -and ($_.Status -like ‘Stopped’)}

Again where-object isnt just limited to this command, I have just both commands in PowerShell scripts I have written for a customer to achieve a desired state.

Now go and try this commands within on your computer or organisation and see what you automate.

Regards
The Author – Blogabout.Cloud

PowerShell – How to format your PowerShell output into a table using Format-Table

By Author on December 10, 2018February 4, 2019Leave a Comment

Using Format-List or LT you can specify the required information into something a bit more readable.

For example, I am currently working Get-SPOSite (SharePoint Online Sites) and I would like to know if any of the sites have sharing capabilities and site defined sharing capabilities.

# Command
Get-SPOSite | Select-Object -Property URL,SharingCapability,SiteDefinedSharingCapability | ft

Get-SPOSite | Select-Object -Property URL,SharingCapability,SiteDefinedSharingCapability | ft

As you can see from the above image the output for the required fields is more readable to my needs. You can use this approach for many different scenarios and maybe within a technical script you are writing for a deployment or an action.

Regards

The Author – Blogabout.Cloud

Office365 and PowerShell DSC? Whats this all about

By Author on December 7, 2018February 4, 2019Leave a Comment

Just come across an interesting blog post about Office365DSC Module and like a kid in the candy store. Just had to have it and start playing

The module has been created by a number of Microsoft Premier Field Engineers (PFE’s) and its very much in the earlier stages but supports the following.

O365Group: Office 365 Groups (Security, Distribution List, Mail enabled and Office 365)
O365User: Office 365 User and Licenses
SPOSite: SharePoint Online site collection

The blog is quite vague of information but the goal is to make the community aware that the effort is currently undergoing, and that if people want to contribute to it, that they are encouraged to report issues, comments/feedback or to fork and submit Pull Requests to help out with the code base.

https://GitHub.com/Microsoft/Office365DSC

To install the Early Preview, run the following line of Powershell

install-module – Name Office365DSC -AllowPrerelease

The Author – Blogabout.Cloud

Microsoft Teams PowerShell Module Updates (Version 0.9.6 now available)

By Author on December 4, 2018Leave a Comment

Microsoft have recently released an update to the Microsoft Teams powershell module, in this update we see 3 new exciting additions allowing more control for your Microsoft 365 Global Adminstrator or dedicated Microsoft Teams Service Administrator.

New-Team -Owner Parameter

You can now create Microsoft Teams using the Owner parameter

Edit all Teams settings on all Teams without ownership

Now as a Microsoft 365 Global Admin or Microsoft Teams Service Admi, you can edit all setting within a Microsoft Team located within your tenant.

What no licence require?

The administration account no longer requires a Microsoft Teams Licence in order to use the PowerShell Module

So now lets update Microsoft Teams PowerShell module.

I have created the following script which will check your client machine to see what version is installed and install the latest version.

Detect, Remove, Destroy and Upgrade your Microsoft Teams Module`

Regards

The Author – Blogabout.Cloud

QuickTips: Install-CsDatabase failed

By Author on November 26, 2018November 26, 2018Leave a Comment

Deploying Skype for Business and ran into the following error? Well here’s a quick tip to resolve the error.

Error(s)

Install-CsDatabase failed.

System.Management.Automation.CmdletInvocationException: Command execution failed: Requested registry access is not allowed.

Resolution(s)

Remove-CsConfigurationStoreLocation to ensure no corrupt legacy information

Run Skype for Business Topology Builder as Administrator

Once this command has been executed, you will be able to successfully publish the Skype for Business Topology.

Regards

The Author – Blogabout.Cloud

QuickTips: Get-CsManagementStoreLocation did not return a valid connection

By Author on November 23, 2018Leave a Comment

Deploying Skype for Business and ran into the following error? Well here’s a quick tip to resolve the error.

Error(s)

Topology Builder encountered an issue and cannot publish this topology.

Topology Builder has encountered an unexpected error from Skype for Business Server 2019 Management Shell.

Error Details:

Get-CsManagementStoreLocation did not return a valid connection.

Resolution(s)

Remove-CsConfigurationStoreLocation

Once this command has been executed, you will be able to successfully publish the Skype for Business Topology.

Regards

The Author – Blogabout.Cloud

Share this:

Share this:

Download

Change Log

Video

Reporting Issues

Share this:

Download

Change Log

Reporting Issues

Share this:

Using Select-Object

Using Where-Object

Share this:

Share this:

Share this:

New-Team -Owner Parameter

Edit all Teams settings on all Teams without ownership

What no licence require?

Share this:

Error(s)

Resolution(s)

Share this:

Error(s)

Resolution(s)

Share this: