Posts tagged: PowerShell

Apr 23 2013

Powershell: Oracle, Exchange, secure string.

We will describe in this post how to connect to an Oracle database using Powershell cmdlets, this database hosts HR data. We will check if every employee has an Exchange 2010 mailbox. The common key between both systems (Oracle and Exchange) has to be a filterable attribute for performance issues when querying the Exchange mailboxes. Exchange’s attribute is CustomAttribute13 in our example and the corresponding Oracle value is HRCODE.
Read more »

Jan 06 2013

Powershell: Monitor the trusted root certification authorities store, Event Schannel ID 36885-36887

The root update package KB931125, when applied might break the authentication process on servers using certificate based authentication: This problem was reported for LDAP over SSL authentication on a Domain Controller, IIS authentication on a webserver and IAS authentication on a Radius server (called Network Policy Server under Windows 2008). The symptoms, patch and workarounds of this issue are explained in this KB. The patch is only available under Windows 2003 and the root update package (KB931125) cannot be uninstalled via WSUS once applied.
Read more »

Dec 10 2012

Pentesting an Active Directory infrastructure

We will see in this post some steps of a pentest against an ADDS domain. This pentest focuses only on the Microsoft System and does not take into account Antivirus, Firewall, IDS and IPS protections. The parts we describe in detail are scanning, exploitation and maintaining access. The pentest is performed with BackTrack 5 R3, you can download it here. The tools we use are Nmap, Nessus, Metasploit (the hacker’s framework, exploits are written in ruby), John the Ripper and Powershell. The pentest’s goal is to retrieve domain administrator credentials and maintain the access on the ADDS domain discretly.
Read more »

Aug 22 2012

Windows server 2012: PFX Certificates and SNI feature under IIS 8.0

Unless you’ve been living underground for the last few weeks, you should have already heard that Windows server 2012 RTM is available :-).  Last time I blogged about this operating system it was still named Windows server 8 Developer Preview. I will describe in this post how IIS 8 supports multiple SSL website certificates on a single IP and port, this feature is called Server Name Indication (SNI), and supported under Apache since version 2.2.12… I will also talk about the new features provided in Windows server 2012 for exporting/importing certificates in the PFX file format, in order to deploy certificates on a Webserver farm.
Read more »

Jul 31 2012

Powershell: Remove stale Activesync mobile device partnerships

We will describe in this post how to remove stale Exchange ActiveSync device partnerships. You can already find a script on the MS Exchange forum that performs this operation, but with that method the deletion can fail in some cases.
Read more »

Jun 28 2012

Powershell: Compact the Active Directory database

We will see in this post how to automate the AD database (NTDS.dit) offline defragmentaion with Powershell under Windows 2008 server. With Windows 2008 server, you no longer need to restart the DC in DSRM mode, you just need to stop the Active Directory service.
Read more »

Apr 19 2012

Powershell: Enable ActiveSync for users member of an AD group

We will describe in this post how to enable the mobile access to your mail system for only some employees. Only users who belong to the LDAP389-ACTIVESYNC will be able to use the ActiveSync protocol and set up their mailbox on their smartphone. This authorization will be managed by a Powershell script launched by a scheduled task.
Read more »

Mar 22 2012

Powershell: VMWare and physical Windows server inventory

We will describe in this post how to make an inventory of your physical and VMWare virtual machines running Windows Server. For each virtual machine, we will also retrieve on which physical host the server is running. If you have a VMWare virtualized environment this script can be useful to help you decide which type of Windows server edition you need to purchase in order to lower your costs. For more information on how to license MS Windows Server in a VMWare environment you can read this article.
Read more »

Jan 26 2012

Windows 8: Install and configure ADCS

We will describe in this post how to install ADCS on Windows 8 Developer Preview, and how to configure your PKI with Powershell.

Firstly we will install the ADCS role with Server Manager:


Read more »

Jan 11 2012

Windows 8: Manage Active Directory replication topology with powershell

I finally managed to free some time to install my first Windows 8 Developer Preview domain controllers in a test lab (thanks Vmdude). In this ldap389.local domain I installed two RWDCs named ldap389-pdce and ldap389-dc2, each one located in their own AD site. For the DC’s promotion you can read this two part post (here and here)

Once installation was completed, I launched the following Powershell command:

(get-module ActiveDirectory).exportedcommands

Read more »

WordPress Themes

Blossom Icon Set

Software Top Blogs