Powershell – Adding Cisco SIP Address to the ProxyAddresses field in Active Directory

May 13, 2013 • Jonathan -

The snippet below can be used to quickly add SIP entries to the Active Directory ProxyAddresses field for full Office integration in Cisco Jabber.

Import-Module ActiveDirectory
$domainController = 'dc.contoso.com'
$searchBase = 'OU=Users,DC=contoso,DC=com'

$users = Get-ADUser -SearchBase $searchBase -SearchScope Subtree -Filter { ObjectClass -eq "user" } -Properties ProxyAddresses

ForEach ($user in $users) {
	$newSip = 'SIP:' + $user.SamAccountName + '@contoso.com'
	Write-Host "Adding $newSip to" $user.SamAccountName
	Set-ADUser -Identity $user.DistinguishedName -Add @{proxyAddresses = $newSip} -Server $domainController

Powershell – Add Subnets to AD Sites and Services

Apr 24, 2013 • Jonathan -

Adding multiple subnets to AD Sites and Services, utilizing the New-ADSubnet script found on PoshCode. Quick and simple. Could easily be made to pull subnets from a CSV as well.

$subnets = @("", "")
foreach ($s in $subnets) { .\New-ADSubnet.ps1 $s Default-First-Site-Name USA/KY/Louisville }
param ($Subnet, $SiteName, $Location, [switch]$Help)
function Help
Write-Host "Usage: .\New-ADSubnet.ps1 -Help" -foregroundcolor Yellow
Write-Host "Usage: .\New-ADSubnet.ps1 <Subnet> <SiteName> <Location>" -foregroundcolor Yellow
Write-Host "Ex: .\New-ADSubnet.ps1 Default-First-Site-Name USA/KY/Louisville" -foregroundcolor Yellow
if ($Help) {Help}
if ($Subnet -eq $Null) {Write-Host "Please provide a Subnet!" -fore Red; Help}
if ($Location -eq $Null) {Write-Host "Please provide a Location!" -fore Red; Help}
if ($SiteName -eq $Null) {Write-Host "Please provide a Site Name!" -fore Red; Help}
if ($SiteName -like "CN=*")
        $SiteNameRDN = $SiteName
        $SiteNameRDN = "CN=$($SiteName)"
$Description = $Subnet
$RootDSE = [ADSI]"LDAP://RootDSE"
$ConfigurationNC = $RootDSE.configurationNamingContext
$SubnetRDN = "CN=$($Subnet)"
$Description = $Subnet
$SiteDN = "$($SiteNameRDN),CN=Sites,$($ConfigurationNC)"
$SubnetsContainer = [ADSI]"LDAP://CN=Subnets,CN=Sites,$($ConfigurationNC)"
$NewSubnet = $SubnetsContainer.Create("subnet",$SubnetRDN)
$NewSubnet.Put("siteObject", $SiteDN)
$NewSubnet.Put("description", $Description)
$NewSubnet.Put("location", $Location)
trap {Continue}
if (!$?)
Write-Host "An Error has Occured! Please Validate Your Input." -foregroundcolor Red
Write-Host "Error Message:" -foregroundcolor Red
Write-Host "Subnet Created Successfully." -foregroundcolor Green

Exchange 2010 – Find Mailboxes That Have Forwarding or Redirects Configured

Apr 24, 2013 • Jonathan -

Get list of users who have forwarding enabled on their accounts:

Get-Mailbox -Filter { ForwardingAddress -like "*" } | Where-Object { $_.ForwardingAddress -like "*" } | Select-Object Name,ForwardingAddress

Get list of users who have forwarding rules configured in their mailboxes:

ForEach ($m in (Get-Mailbox -ResultSize Unlimited)) { Get-InboxRule -Mailbox $m.DistinguishedName | where { $_.ForwardTo } | fl MailboxOwnerID,Name,ForwardTo }

Get list of users who have redirects configured on their mailboxes:

ForEach ($m in (Get-Mailbox -ResultSize Unlimited)) { Get-InboxRule -Mailbox $m.DistinguishedName | where {$_.ReDirectTo} | fl MailboxOwnerID,Name,RedirectTo }

Exchange – Export Email Addresses to Excel

Apr 16, 2013 • Jonathan -

Powershell command to export all user email addresses to an Excel sheet. Below uses OrganizationalUnit, you could change the Get-Mailbox criteria to Server, Database, or whatever your requirements.

Get-Mailbox -OrganizationalUnit 'contoso.com/users' -ResultSize Unlimited | Select-Object DisplayName,ServerName,PrimarySmtpAddress, @{Name=“EmailAddresses”;Expression={$_.EmailAddresses | Where-Object {$_.PrefixString -ceq 'smtp'} | ForEach-Object {$_.SmtpAddress}}} | Export-Csv -Path some-file.csv

Scripting – Quickbooks Error 1069 Unable to start the DataBase Manager Service

Mar 20, 2013 • Jonathan -

This is caused by a either a corrupt QBDataServiceUserXX, disabled QBDataServiceUserXX, or if the password has been changed. QBDataServiceUserXX is a user that quickbooks creates to authenticate and start a service called QuickbooksDBXX. The service is responsible for managing access to the data in the company file. It can also cause multiuser issues if it is not running properly.

I got tired of running through the steps on the Intuit website so I whipped up this quick batch script. This will set a new password on the QBDataServiceUserXX account and restart the QuickBooksDBXX service.

@echo off
set newpass=%random%%random%%random%
echo Setting new password on QBDataServiceUser20...
net user QBDataServiceUser20 %newpass%
echo Setting password on service...
sc config "QuickBooksDB20" obj= ".\QBDataServiceUser20" password= "%newpass%"
echo Starting QuickBooksDB20 service...
net start QuickBooksDB20

Powershell – Determine When Active Directory Password Was Last Set

Mar 15, 2013 • Jonathan -

Powershell script to determine the last time a user changed their password. Also displays domain password age, can it expire, and if the password is currently expired.

    Determine last time user set their password
    Shows password max age, if expired, and last date pw was changed.
    Author: Jonathan - [email protected]
	SAMAccountName for the user in question.
	.\pw-last-set.ps1 -SAMAccountName some.user

param (
	[parameter(Mandatory=$true, HelpMessage="SAMAccountName for user")]$SAMAccountName

$root = [ADSI]''
$searcher = new-object System.DirectoryServices.DirectorySearcher($root)
$searcher.filter = "(&(objectClass=user)(sAMAccountName= $SAMAccountName))"
$user = $searcher.findall()

$User = [ADSI]$user[0].path

# get domain password policy (max pw age)
$D = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
$Domain = [ADSI]"LDAP://$D"
$MPA = $Domain.maxPwdAge.Value

# get Int64 (100-nanosecond intervals).
$lngMaxPwdAge = $Domain.ConvertLargeIntegerToInt64($MPA)

# get days
$MaxPwdAge = -$lngMaxPwdAge/(600000000 * 1440)
"Domain Max Password Age (days): " + '{0:n3}' -f $MaxPwdAge

# check if password can expire or not
$UAC = $User.userAccountControl
$blnPwdExpires = -not (($UAC.Item(0) -band 64) -or ($UAC.Item(0) -band 65536))
"Can Password Expire?: $blnPwdExpires"

# when was pw last set?
$PLS = $User.pwdLastSet.Value

# convert to int64
$lngValue = $User.ConvertLargeIntegerToInt64($PLS)

# convert to ad date
$Date = [DateTime]$lngValue
if ($Date -eq 0) {
    $PwdLastSet = "<Never>"
else {
    $PwdLastSet = $Date.AddYears(1600).ToLocalTime()
"Password Last Set (local time): $PwdLastSet"

# is the password expired?
$blnExpired = $False
$Now = Get-Date
if ($blnPwdExpires) {
    if ($Date -eq 0) {
        $blnExpired = $True
        if ($PwdLastSet.AddDays($MaxPwdAge) -le $Now) {
            $blnExpired = $True

"Password Expired? $blnExpired"

Exchange – Duplicate Receive Connectors

Mar 6, 2013 • Jonathan -

Powershell snippet for duplicating receive connectors on new servers. This goes well with my Setup Anonymous Relay on Exchange 2010 Receive Connector post.

New-ReceiveConnector "Anonymous Connector" -Server HT02 -Bindings -RemoteIPRanges ( Get-ReceiveConnector "HT01\Anonymous Connector" ).RemoteIPRanges

Windows – Reset Local Administrator Password Remotely

Jan 31, 2013 • Jonathan -

The Pspasswd utlitiy, which comes as part of the Sysinternals PsTools kit, can be used to reset the local administrator password on machines locally or remotely. Obviously, this comes in handy when you’re not sure of the local administrator password on a domain joined machine.

Resetting the local administrator account on a single machine:

pspasswd \\server.contoso.com administrator "passwordGoesHere"

You can also specify a list of computer names in a text file to change the password on multiple machines. The example below assumes computerlist.txt contains a list of computer names, one per line:

pspasswd \\@computerlist.txt administrator "passwordGoesHere"

Powershell – List Printer Names, Ports, and Drivers on Print Server

Nov 29, 2012 • Jonathan -

Quick one-liner to pull printer names, drivers, and ports, from a print server.

Get-WMIObject -Class Win32_Printer -Computer server.contoso.com | Select Name,DriverName,PortName,Shared,ShareName | ft -auto

Powershell – Find Serial Numbers on MININT Computers in Active Directory

Nov 28, 2012 • Jonathan -

Find MININT computers and retrieve their service tag / serial numbers.

# get list of MININT* computers
$Computers = Get-ADComputer -Filter "Name -like 'MININT*'"

# get serial numbers for each computer
ForEach ($x in $Computers) {
	$colItems = Get-WmiObject Win32_BIOS -Namespace “root\CIMV2" -computername $x.DNSHostName -ErrorAction SilentlyContinue

	if ($colItems -ne $null) {
		ForEach($objItem in $colItems) { 
			Write-Host $x.Name "=" $objItem.SerialNumber

subscribe via RSS