Active Directory – martinsblog.dk

Active Directory: Move FSMO roles with PowerShell

15/03/2018 Martin 2 comments

When moving FSMO roles the old fashioned way, you use MMC and move the roles each individually, it takes a little time, but it’s somewhat troublesome. BUT, this can be achieved much quicker with Powershell 🙂 Here is how to transfer all 5 FSMO roles: Move-ADDirectoryServerOperationMasterRole -Identity DC01 –OperationMasterRole PDCEmulator,RIDMaster,InfrastructureMaster,SchemaMaster,DomainNamingMaster Where “DC01” above is the TARGET DC. Check with netdom […]

Active Directory

Active Directory: Changing home folder servername

04/07/2017 Martin Leave a comment

When migrating filservers and you are using the “Home Folder” setting of an AD user’s object like here: From: To: It would be great just to edit all objects in bulk, with this script, it is possible:

Import-Module ActiveDirectory


$oldServerName = "oldserver"
$newServerName = "newserver"



$AllUsers = Get-ADUser -LDAPFilter '(name=*)' -SearchBase "DC=domain,DC=local" -Properties HomeDirectory


foreach($user in $AllUsers){


if(($user.HomeDirectory.ToString()).contains($oldServerName)){
$homeDirectory = ($user.HomeDirectory.ToString()) -replace $oldServerName, $newServerName
Set-ADUser $user.DistinguishedName -HomeDirectory $homeDirectory
}


}

Import-Module ActiveDirectory

$oldServerName = "oldserver"

$newServerName = "newserver"

$AllUsers = Get-ADUser -LDAPFilter '(name=*)' -SearchBase "DC=domain,DC=local" -Properties HomeDirectory

foreach($user in $AllUsers){

if(($user.HomeDirectory.ToString()).contains($oldServerName)){

$homeDirectory = ($user.HomeDirectory.ToString()) -replace $oldServerName, $newServerName

Set-ADUser $user.DistinguishedName -HomeDirectory $homeDirectory

}

Remember servername is CASE SENSITIVE! So if the oldserver is all with small letters, and you type them with CAPS, […]

Active Directory

NTFRS replication is going AWOL

14/09/2016 Martin Leave a comment

Two domain controllers have perfect replication via Active Directory, but the “File Replication Service” eventlogs, shows many errors and the NETLOGON share is missing on both domain controllers, which will give user login problems and Active Directory tools cannot be opened, claiming that access is denied. Event log on both servers: Using this article – even though it’s old: https://support.microsoft.com/en-us/kb/290762 […]

Active Directory, WIN2008R2, WIN2012R2

Exchange migrated, ActiveSync not working as supposed

02/10/2015 Martin Leave a comment

After a complete Exchange 2013 migration, everything works, but some users are complaining, that their mobile devices are not being updated with e-mails anymore. You try to delete their account and add it again, all is good when doing that, but the Inbox stays empty! This is mostly common to the Active Directory permissions, not being inherited on the users […]

Active Directory, Exchange

Change UPN (based on Primary Email) based on SMTP proxy address

24/09/2015 Martin Leave a comment

During an Exchange migration, where the users have several domains spread among them, I needed to find a script that looks into the SMTP Proxyaddress of the user object, and changes the UPN for that user to match the ProxyAddress. I did’nt have to search long, before I found this page: Change UPN (based on Primary Email) based on SMTP: […]

Active Directory

Create a new UPN and use it as default for all your users

21/09/2015 Martin 3 comments

If you in ex. want to enable Autodiscover for your mail clients, they need to have their e-mail as their username, and there for the UPN (Universal principal name), has to be changed from domain\user to user@domain.com. Here is how to do this in Active Directory, and then via PowerShell, change it on all the already created, user accounts. Open […]

Active Directory