Posts RSS Comments RSS 253 Posts and 411 Comments till now

Contact Me

Please Fill out Form to send me a Message

captcha

4 Responses to “Contact Me”

  1. on 29 Mar 2009 at 2:49 amGlenn

    Ask and you shall receive. You may remember asking about pinging a subnet during your interview on powerscripting… I had some free time Friday. Armed with the -AsJob param on gwmi you told me about. I took a swing at pinging a subnet, something like this http://poshcode.org/976.

    Thanks again for all your AD/Citrix content, I use your scripts as a reference whenever I’m working with either!

    ~Glenn

  2. on 29 Mar 2009 at 11:08 amtshell

    That is awesome Glenn, I will try this straight away.

  3. on 01 Apr 2009 at 1:05 pmSteven

    Do you know of a way to use PowerShell to connect to the Global Catalog and traverse it like you can with the Registry? I’m trying to be able to find a method of browsing through the elements exposed via ADSI to determine the AD elements’ types and properties.

  4. on 15 Apr 2009 at 2:43 pmjeff thompson jr

    I have tried using your Get-Set method to block inheritance on an Address List I’ve created in AD but I always end up getting an error that the permissions aren’t in canonical order whenever further permissions processing is attempted (in the code below, I believe the error comes following the line of code after ‘# Remove Authenticated Users from new address list’. I tried creating an address list and turning off inheritance to use at a template but I must be doing something wrong. This is the last piece of a script I’ve been working on for what seems like forever and I would really appreciate your expertise at your convenience. Thanks in advance for your time.

    # Create new address list
    new-AddressList -Name “$CompanyName AL” -Container ‘\’ -IncludedRecipients ‘AllRecipients’ -conditionalcustomattribute1 “$CompanyName” -domaincontroller $DC
    # Remove inheritance from new address list
    $NewCN = “CN=$companyName AL,CN=All Address Lists,CN=Address Lists Container,CN=Hosted Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=domain,DC=com”
    $CN = “CN=Template AL,CN=All Address Lists,CN=Address Lists Container,CN=Hosted Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=domain,DC=com ”
    $NewACL = C:\customscripts\Get-ADACL.ps1 $CN -sddl
    c:\customscripts\Set-ADACL.ps1 $NewCN -sddl $NewACL
    $al = [ADSI]”LDAP://CN=$companyName AL,CN=All Address Lists,CN=Address Lists Container,CN=Hosted Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=domain,DC=com”
    $sec = $al.psbase.objectSecurity
    $isProtected = $true ## allows protection against inheritance
    $preserveInheritance = $true ## remove inherited rules
    $sec.SetAccessRuleProtection($isProtected, $preserveInheritance)
    $al.psbase.commitchanges()
    # Remove Authenticated Users from new address list
    get-qadobject “CN=$companyName AL,CN=All Address Lists,CN=Address Lists Container,CN=Hosted Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=domain,DC=com” -securitymask Dacl | get-qadpermission -schemadefault -inherited -account “Authenticated Users” | remove-qadpermission
    # Add security group & permissions to new address list
    Add-AdPermission -identity “$companyName AL” -User “$companyName SG” -AccessRights GenericRead, ListChildren -ExtendedRights Open-Address-Book

Trackback this post | Feed on Comments to this post

Leave a Reply

You must be logged in to post a comment.