Changing AD users using PowerShell

by Thomas Forsmark Sørensen 28. June 2010 14:57

Yesterday I had to enable a bunch of user accounts and set a default password for the users that I had migrated to a new AD.

The users had to have a new password, to be enabled and have removed the "The user have to change password at next logon".

Normally I would create a VB script to do those things, but I decided to see if this could be done using PowerShell.

First I had to tell PowerShell to use the Active Directory module:

Import-Module ActiveDirectory

Then I could cd "into" the AD by writing


The Get-ADUser cmdlet is used for finding alle the users in the OU and any sub OU and the Set-ADAccountPassword cmdlet to set the password:

Get-ADUser -filter * -SearchBase 'OU=UserAccounts,DC=domain,DC=local' | Set-ADAccountPassword -Reset -NewPassword (ConvertTo-SecureString -AsPlainText "NewPassword" -Force)

Again the Get-ADUser is used together with the Set-ADUser cmdlet to enable the accounts and remove the "The user have to change password at next logon" option.

Get-ADUser -filter * -SearchBase 'OU=UserAccounts,DC=domain,DC=local' | Set-ADUser -Enable $True -ChangePasswordAtLogon $false

More AD PowerShell Cmdlets can be found here

Migration of VM in Virtual Machine Manager fails

by Thomas Forsmark Sørensen 11. June 2010 10:45

When trying to migrate a VMM from one server to another in the Virtual Machine Manager it fasils with error code 2940.

 "VMM is unable to complete the requested file transker. The connection to the HTTP server server.domain.local could not be established"


How to centrally set the calendar access rights in Exchange 2010

by Thomas Forsmark Sørensen 2. June 2010 02:34

In exchange 2003 or Exchange 2007 you had to use PFADMIN to centrally set the rights on the users calendars, or you had to open every mailbox and set the rights on the calendar.

(Setting the user rights on the calendar is the same as what is happening when you share a calender from Outlook. It will then add the rights for the user to the calendar).

PFADMIN is not supported on Exchange 2010 because Exchange 2010 does not support WebDAV. (a replacement for PFADMIN can be found here that will support Exchange 2007 and Exchange 2010)

Starting with Exchange 2010 the calendar rights can be set centrally "out of the box". This can be done with the "Add-MailboxFolderPermission" cmdlet.  More...

Forefront Client Security Client agents are not auto approved

by Thomas Forsmark Sørensen 2. June 2010 00:31

I had installed a Forefront Client Security (FCS) server on a Windows Server 2008.

Fore some reason the FCS clients were not automatic approved in the MOM 2005 Administrator Console. Normally new clients will be approved within 60 minutes from the installation.

In the Application log on the FCS server there were an event id 20607 logged every 60 minutes saying:

The Data Access Server (DAS) on computer localhost returned an error.
System error code: -2147024891
System error text: Access is denied.
DAS method called: ProcessRuleSelectAll
Called from file: d:\bt\4\private\product\config\tools\managementpacksupport\drivers\momdb\src\db2mpsupport.cpp


Powered by BlogEngine.NET
Theme by Mads Kristensen | Modified by Mooglegiant

About Me


My name is Thomas Forsmark Sørensen.

I live in Odense in Denmark and work for Globeteam in Virum.

I am working as a Microsoft Infrastructure consultant with main focus on application and Operating System Deployment.

I work mostly with Microsoft System Center Configuration Manager 2012 R2 and MDT 2013, but I also work with other of Microsofts products. 


<<  April 2021  >>

View posts in large calendar