Archive for November, 2013

Use PowerShell to sync all Active Directory sites

Thursday, November 28th, 2013

Here’s a quick script for you to synchronise your entire domain

Import-Module ActiveDirectory

$DCs = Get-ADDomainController -Filter *

Foreach ($DC in $DCs) {

$replicate = ‘repadmin /syncall /A /d /e ‘+$DC

iex $replicate

}

Just save it as a ps1 file and run it on any machine with the AD remote server admin tools installed or even a domain controller. If you are delegating rights, delegate them at the root of the domain in Active Dircetory Users and Computers and for each context that you want to replicate in ADSI Edit (see http://www.msresource.net/knowledge_base/articles/how_to:_delegate_the_ability_to_manually_replicate_dcs_using_a_tool_such_as_dssite.msc_or_replmon.html).

if you only want to replicate part of the topology, use the code below:

 

Import-Module ActiveDirectory
$DCs =Get-ADDomainController -Filter *
$Char = [Char]34
$Scope = $Char + ‘DC=Domain,DC=com’ + $Char

Foreach ($DC in $DCs) {
$DC.hostname
$replicate = ‘repadmin /syncall /e ‘ + $DC + ‘ ‘ + $Scope
iex $replicate

}

Want to fully remove a feature ?

Thursday, November 28th, 2013

New to Windows 2012 is the ability to reduce your attack surface further by physically removing binaries from the operating system. Its really quite simple to do. Using the uninstall-windowsfeature command we append the -remove switch and that removes the install binaries from the hard drive.

If you need to add them back then, when using the install-windowsfeature command you will need to add the -source switch and make the installation source available (from a DVD or extracted ISO).

The easiest way to achieve this is to extract the \sources\SxS folder from the install DVD to a file share. The file share will need to be able to be accessed by computer accounts with Read rights. In this way, the features are available for install to any server if they have been removed.

Did I license my server with a MAK key or a KMS key ?

Thursday, November 28th, 2013

Enter the following command to find out:

slmgr /dli

Quick way to restart your server

Thursday, November 28th, 2013

Finding it a pain to navigate to the Charms | Power | Reboot command ? Want a simpler way of restarting your server  ?

start a powershell session and enter Restart-Computer.

You don’t even need Windows 2012 as it works with 2008 R2 also.

Of course, if you are really lazy you can just type the word “restart” – that works just as well 🙂

Restoring the GUI in Windows Server 2012

Thursday, November 28th, 2013

If you want to restore the GUI in Windows Server 2012 (and you didn’t install in core mode) you can use the following command

Install-WindowsFeature Server-Gui-Shell, Server-Gui-Mgmt-Infra -restore

If you did install core, you need to have the CD / ISO inserted or mounted and append the -Source switch to tell it where to get the files to perform the install of the GUI from. i.e. you enter:

Install-WindowsFeature Server-Gui-Shell, Server-Gui-Mgmt-Infra -Source C:\Source -restart

List a computers IP addresses easily

Thursday, November 28th, 2013

Now, we all know how to get a computers IP address, right . You enter ipconfig and press return. So far so good. But what if a computer has multiple NICs as they something’s do. Then it can be a bit of a chore sorting the wheat from the chaff. So, here’s a tip for just showing the IPV4 addresses. Enter the following instead.

Ipconfig | find “IPv4”

Creating remote powershell session

Monday, November 25th, 2013

Simply enter the command

Enter-PSSession –ComputerName <computer name>

This will let you control a single computer remotely, if you want to control more than one computer simultaneously then enter a command similar to the below

Invoke-Command -ScriptBlock { Get-EventLog System -Newest 5 } -Computername compname1,compname2,compname3

Where the command between the braces is the command you would like to run against the remote servers

Don’t forget, you can still enter commands against a remote computer with WinRM enabled (it’s enabled by default in Windows 2012) by entering the command:

winrs -r:<servername> <command to run>

<command to run> could even be powershell.exe to create a remote powershell session !