28. June 2010 14:57
Yesterday I had to enable a bunch of user accounts and set a default password for the users that I had migrated to a new AD.
The users had to have a new password, to be enabled and have removed the "The user have to change password at next logon".
Normally I would create a VB script to do those things, but I decided to see if this could be done using PowerShell.
First I had to tell PowerShell to use the Active Directory module:
Then I could cd "into" the AD by writing
The Get-ADUser cmdlet is used for finding alle the users in the OU and any sub OU and the Set-ADAccountPassword cmdlet to set the password:
Get-ADUser -filter * -SearchBase 'OU=UserAccounts,DC=domain,DC=local' | Set-ADAccountPassword -Reset -NewPassword (ConvertTo-SecureString -AsPlainText "NewPassword" -Force)
Again the Get-ADUser is used together with the Set-ADUser cmdlet to enable the accounts and remove the "The user have to change password at next logon" option.
Get-ADUser -filter * -SearchBase 'OU=UserAccounts,DC=domain,DC=local' | Set-ADUser -Enable $True -ChangePasswordAtLogon $false
More AD PowerShell Cmdlets can be found here http://technet.microsoft.com/en-us/library/ee617195.aspx
11. June 2010 10:45
When trying to migrate a VMM from one server to another in the Virtual Machine Manager it fasils with error code 2940.
"VMM is unable to complete the requested file transker. The connection to the HTTP server server.domain.local could not be established"
2. June 2010 02:34
In exchange 2003 or Exchange 2007 you had to use PFADMIN to centrally set the rights on the users calendars, or you had to open every mailbox and set the rights on the calendar.
(Setting the user rights on the calendar is the same as what is happening when you share a calender from Outlook. It will then add the rights for the user to the calendar).
PFADMIN is not supported on Exchange 2010 because Exchange 2010 does not support WebDAV. (a replacement for PFADMIN can be found here that will support Exchange 2007 and Exchange 2010)
Starting with Exchange 2010 the calendar rights can be set centrally "out of the box". This can be done with the "Add-MailboxFolderPermission" cmdlet. More...
2. June 2010 00:31
I had installed a Forefront Client Security (FCS) server on a Windows Server 2008.
Fore some reason the FCS clients were not automatic approved in the MOM 2005 Administrator Console. Normally new clients will be approved within 60 minutes from the installation.
In the Application log on the FCS server there were an event id 20607 logged every 60 minutes saying:
The Data Access Server (DAS) on computer localhost returned an error. System error code: -2147024891 System error text: Access is denied. DAS method called: ProcessRuleSelectAll Called from file: d:\bt\4\private\product\config\tools\managementpacksupport\drivers\momdb\src\db2mpsupport.cpp