Blog

Lees hier de laatste IGA-ontwikkelingen

ADSI error 8007001f: a device attached to the system is not functioning

When creating user accounts using scripts or tools, you can run into the error 8007001F: A device attached to the system is not functioning. This is because you are trying ...
Lees meer

Arnout van der Vorst

Categorieën

Identity en Access Management

, , , ,

LDAP: objectcategory versus objectclass

When performing LDAP searches using scripts or LDAP capable tools, you are usually looking for user, group or computer objects. Default queries include the objectClass to distinguish between these types. ...
Lees meer

Arnout van der Vorst

Categorieën

Identity en Access Management

, ,

AD: lastLogon versus lastlogontimestamp

Active Directory has always contained the lastLogon attribute on every user object which denotes the last logon date/time in the nice integer8 format. To realistically report the last logon for ...
Lees meer

Arnout van der Vorst

Categorieën

Identity en Access Management

Exchange: mail-enabled or mailbox-enabled and permissions

If you frequently work with Exchange mailboxes you probably know there’s a difference between mail-enabled and mailbox-enabled. Distribution/security groups or contacts, can be mail-enabled but don’t get a dedicated mailbox ...
Lees meer

Fix reply-to and missing calendar items after Exchange migration

When you migrate your Exchange organisation, say from 2000/2003 to 2007 using import/export PST (when using a new AD domain, otherwise you can use the move mailbox option), you can ...
Lees meer

Arnout van der Vorst

Categorieën

Identity en Access Management

ADSI error 80070035: server unwilling to process the request

When you using ADSI scripting to create or modify user accounts, you can run into error code 80070035 server unwilling to process the request. Active Directory presents this error because ...
Lees meer

Arnout van der Vorst

Categorieën

Identity en Access Management

, ,

HP servicedesk: use sd_event to create and update items

HP ServiceDesk offers the sd_event command-line tool to interact with its database. Using classes and mappings inside HPSD, you can configure exactly how sd_event can create and/or update items the ...
Lees meer

Arnout van der Vorst

Categorieën

Identity en Access Management

Request your VB or PowerShell script

My blog features several examples on scripting for Active Directory and Exchange user account related operations. Request a script and I will provide you with feedback.
Lees meer

Arnout van der Vorst

Categorieën

Identity en Access Management

, ,

PowerShell: list NTFS permissions on folder

Same as on the AD permissions post, first bind to the directory, and get its ACL. $directory = "C:DATA" $acl = Get-Acl $directory $acl.psbase.getAccessRules($true, $true, [system.security.principal.NtAccount])
Lees meer

Arnout van der Vorst

Categorieën

Identity en Access Management

,

PowerShell: list AD permissions on object

Using PowerShell you first have to bind to a user using $UserObject=[ADSI]”LDAP://…..”. After that you can use the $UserObject to display a detailed table of the AD object ACL. $Userobject.psbase.get_ObjectSecurity().getAccessRules($true, ...
Lees meer

Arnout van der Vorst

Categorieën

Identity en Access Management

PowerShell: add NTFS security settings to folder

The script below adds “Modify” rights for a folder to its ACL. $directory = "C:DATA" $inherit = [system.security.accesscontrol.InheritanceFlags]"ContainerInherit, ObjectInherit" $propagation = [system.security.accesscontrol.PropagationFlags]"None" $acl = Get-Acl $directory $accessrule = New-Object system.security.AccessControl.FileSystemAccessRule("", ...
Lees meer

Arnout van der Vorst

Categorieën

Identity en Access Management

PowerShell: assign send-as permissions to Exchange 2003 mailbox

On Exchange 2007 this is easy, but what if you have PowerShell without the Exchange 2007 provider? See below to assign send-as to a mailbox on regular PowerShell for Exchange ...
Lees meer

Arnout van der Vorst

Categorieën

Identity en Access Management

,

VBScript to determine logical disk with most free space using wmi

strComputer = wscript.arguments(0) tempFreespace = 0 Set objWMIService = GetObject(“winmgmts:” _ & “{impersonationLevel=impersonate}!\” _ & strComputer & “rootcimv2”) Set colDisks = objWMIService.ExecQuery (“Select * from Win32_Volume”) For Each objDisk in ...
Lees meer

Arnout van der Vorst

Categorieën

Identity en Access Management

VBScript to automatically insert strings into word document, print and close it

Make sure you have the file “document.doc” and it contains the bookmarks as you can see (Text1-7). The VBScript will open the document, insert all strings into the bookmarks, print ...
Lees meer

Arnout van der Vorst

Categorieën

Identity en Access Management

LDAP search filter to check if user is member of a group

The member attribute (or memberOf) is a multi-valued DN list. Fortunately, in LDAP the = operator automatically does a “contains” instead of “equals” when dealing with multi-values. So to check ...
Lees meer

Arnout van der Vorst

Categorieën

Identity en Access Management