List and count users that never logged on to domain

neverloggedin

I got an urgent case from the boss, we had to compare a list of users from our meta-catalog with users in our AD and list and count which users who never logged on to domain. I imported the csv in an variable and then used an foreach-loop to check if the users had logged in or not. We also wanted to list and count all users that where included in the csv-file but not in the active driectory, I used the ErrorVariable to do that and the appended each entry to a text-file with the out-file append switch. As you can see I used two different techniques to export multiple data from the foreach-loop. The first one when I exported the users that hadn´t logged on, where I first created an variable with an empty array  “$users = @()” , then instead of running the command to get the users I used the + to fill the array with result “$users +=”, on the second I used the out-file as I explained above.  When the lists where done I used the count and length property.

 

Complete network-setup on ESX host with vSphere powerCLI

PowerCLI

Me and my colleague Stefan Lozancic had the task to configure the networks on our new Vsphere esx hosts. It was 14 hosts and 54 vlans, 1 vmotion and 1 management-network on each host that had to be configured. We used vSphere powerCLI to do it automated. First we populated a csv-file with all the vlans from one of our old hosts.

After that we rebuild the vmotion and production network from scratch and populated the production network with the vlans from the csv. Since the hosts where prepared by two different person some hosts had the management network cards in an active/passive mode, so we made a check and changed those to active/active.

Bulk change password at next logon

heartbleed

Because one of our services that are exposed to the internet had the famous Heartbleed bug we had to do a bulk change password at next logon for 1100 users. A pretty easy task (maby to easy for this blog?) but since it´s smoking hot and one of my colleges (let`s call him J.B) asked if I could post the script on the blog, here it is. First I collected all the users in a csv-file, then I imported the csv-file and put the content in an foreach loop and changed the ChangePasswordAtLogon attribute to true. I am not sure if picking the cn attribute is correct but set-ADUser says -Identity should be “LDAP display name” and 5 seconds of sloppy googling I got an answer that cn equels LDAP display name, but I got some errors when setting the attribute in the second script som it might be better to pick sam account name.

Create quota templates

Last year I was involved in a project where the goal was to migrate the users home directories from an old Windows 2003 server to a new Windows 2012 and going from no quotas to 30 different quotas. In the POC I created this script to setup the quota templates with warning messages and thresholds, and I am glad i did since the project changed the template size and the body in the email a couple of times.

 

Populate AD Group from profile

Today we needed to collect all the users who had logged in the last 90 days on one of our remote desktop servers. This script looks at the user profile directories last write time to determine last login and then put all users who has logged in last 90 days in an array. After that it creates a new AD-group and populates the group with the users from the array.

Count AD group members

Every year we have to count and report licenses on different systems. Since we use centralized Active Directory security groups to decide which users who gain access to RDS servers etc etc… it`s a pretty easy task to count the users in those groups to find out how many CALs we need. When the boss interrupts you more then once it´s time to use powershell to solve it. This script include one level nested groups.