Thursday, March 30, 2017

Powershell 4 - Get authorized DHCP server

You can use the following command to get all authorized DHCP server:
Get-DhcpServerInDC

The output will be the IP and DNSName of the server.

You can add out-gridview to easy filter or copy it to Excel.
Get-DhcpServerInDC | Out-GridView

If you want to instant filter on name or IP address you can do it this way:
Name:
$DEDHCPs = Get-DhcpServerInDC | where {($_.DNSName –like “DE*”)}
$DEDHCPs

IP:
$ipDHCPs = Get-DhcpServerInDC | where {($_.IPAddress –like “10.15*”)}
$ipDHCPs


You can also write the output directly to a file. Just use export-csv:
Get-DhcpServerInDC | where {($_.IPAddress –like “10.15*”)} | Export-Csv c:\admin\dhcps.csv -NoTypeInformation

or using >c:\admin\dhcps.txt (same output like in PS)

Get-DhcpServerInDC | where {($_.IPAddress –like “10.15*”)} >c:\admin\dhcps.txt

Tuesday, March 14, 2017

Powershell Get Active Directory and Exchnage Schema Version FOREST

To get the AD Schema Version, just run the following command:
Get-ADObject (Get-ADRootDSE).schemaNamingContext -Property objectVersion

You can use the objectVersion and the following table, to verify which OS is connected to this number.

Version = OS

87 = Windows Server 2016
69 = Windows Server 2012 R2
56 = Windows Server 2012
47 = Windows Server 2008 R2
44 = Windows Server 2008



For Exchange you can use this command:
(Get-ADObject $("CN=ms-Exch-Schema-Version-Pt,"+$((Get-ADRootDSE).NamingContexts | Where-Object {$_ -like "*Schema*"})) -Property rangeUpper).rangeUpper

rangeUpper = Exchange

15137 = 2013 RTM   
15254 = 2013 CU1   
15281 = 2013 CU2   
15283 = 2013 CU3   
15292 = 2013 SP1   
15300 = 2013 CU5
15303 = 2013 CU6
15312 = 2013 CU7-CU15   
15317 = 2016 Preview   
15317 = 2016 RTM   
15323 = 2016 CU1   
15325 = 2016 CU2   
15326 = 2016 CU3   
15326 = 2016 CU4    

Wednesday, March 8, 2017

Powershell Get deleted AD Users

To find deleted AD Users you can use this Powershell command:
get-adobject -Filter {Deleted -eq $true -and ObjectClass -eq "user" -and ObjectClass -ne "computer" } -IncludeDeletedObjects -property * | Format-List LastKnownParent,DisplayName,samaccountname

Lets say you only want to get the accounts that were deleted in the last 42 days? Just used whenChanged attribute and use the actual date minus 42 Days.

get-adobject -Filter {Deleted -eq $true -and ObjectClass -eq "user" -and ObjectClass -ne "computer" } -IncludeDeletedObjects -property * |  where { $_.whenChanged -ge (Get-Date).AddDays(-42) } |Format-List LastKnownParent,DisplayName,samaccountname,whenchanged

That´s to much? You just want users from a specified OU like OU=Users,OU=Germany,DC=timsdomain,DC=com? And that should be saved into a file? Ok lets add the LastKnownParent and just >c:\DeletedUsersDE.txt at the end to get this!

get-adobject -Filter {Deleted -eq $true -and ObjectClass -eq "user" -and ObjectClass -ne "computer" -and LastKnownParent -eq "OU=Users,OU=Germany,DC=timsdomain,DC=com" } -IncludeDeletedObjects -property * |  where { $_.whenChanged -ge (Get-Date).AddDays(-42) } |Format-List LastKnownParent,DisplayName,samaccountname,whenchanged >c:\DeletedUsersDE.txt