DNS. Remove NS Records. Powershell.

After a force removal of a Domain Controller and the metadata cleanup using ntdsutil, I was left with a heap of NS records for each Zone in DNS to remove. Although possible, using the GUI to do this would be painful.

I removed these using Powershell and the DNS cmdlets.

Get-DnsServerZone | %{$Name = $_.zonename ; Get-DnsServerResourceRecord -ZoneName $_.zonename -RRType ‘NS’ | ?{$_.RecordData.NameServer -like “*serverfqdn.domain.com*”} | Remove-DnsServerResourceRecord -ZoneName $name}

Note: This requires confirmation each time. If you are brave enough use the ‘-Confirm:$false’ switch, however I wouldn’t recommend it.

If you want to confirm the records returned are correct, run the command below first

Get-DnsServerZone | %{$Name = $_.zonename ; Get-DnsServerResourceRecord -ZoneName $_.zonename -RRType ‘NS’ | ?{$_.RecordData.NameServer -like “*serverfqdn.domain.com*”}

 

Exchange 2013. Management Tools. RDS. Part 2

You may have read this post
https://mxrnz.wordpress.com/2014/07/30/exchange-2013-management-tools-rds/

Or this Microsoft Article
https://support.microsoft.com/en-gb/kb/2921141

I had given up on this and after some time, I thought I’d reattempt this with the Exchange 2013 CU 12 release and to my surprise the Management Tools have installed!

I’m not so sure when the fix was made and I may have missed it in the updates notes, however it does appear to have been fixed!

Party Time!

 

 

Public Folder Mailbox. Storage Limit. False Alerts.

In a follow up to this post

https://mxrnz.wordpress.com/2015/12/07/exchange-2013-split-publicfoldermailbox-ps1-fails/

I had received quota alerts and moved the folders, a default quota of 2 GB, a PublicFolderStatistics only shows 4 MB of data, a Search-Mailbox with -SearchDumpsterOnly returns nothing and yet the alert was still generating.

A quick google brought up the blog post below suggesting this is a bug and I am inclined to agree. http://no-one-uses-email-anymore.com/bogus-public-folder-mailbox-quota-alerts-in-exchange-2013/

My advise in the mean time is to ignore the alert entirely until there is a fix.

A better option would be to remove the reliance on Public Folders altogether. Like all good things, this will take time.

Alert: 
PublicFolders health set unhealthy (PublicFolderMailboxQuotaMonitor/PublicFolders) – Public folder mailbox %Mailbox%is approaching storage limit – The public folder mailbox PFMailbox11 is approaching its storage limit. Consider splitting the mailbox using Split-PublicFolderMailbox.ps1. This warning will not be sent again for at least twenty four hours. Error context: {<Properties> <TenantHint>00000000000000000000000000000000</TenantHint> <MailboxDisplayName>%Mailbox%</MailboxDisplayName> <MailboxGuid>%guid%</MailboxGuid></Properties>} Knowledge: http://technet.microsoft.com/en-us/library/ms.exch.scom.PublicFolders(EXCHG.150).aspx?v=15.0.1130.7

Lync Server 2013. Bulk Enable Enterprise Voice and Conferencing.

Often I am tasked with enabling Voice or Conferencing or both for many users at once. This is how I go about it.

Step 1. Create a CSV file with the following table.
Note: Email can also be UPN, in my environment email and UPN are the same.

DisplayName,Email,Extension,ConferencingPolicy,DialPlan,VoicePolicy

Step 2. Import the CSV and pipe to your commands enabling voice and conferencing.

Import-CSV Extensions.csv | %{ Get-CSUser $_.email | Set-CSUser -EnterpriseVoiceEnabled $True -LineURI $_.extension ; Grant-CsConferencingPolicy -Identity $_.email -PolicyName $_.ConferencingPolicy ; Grant-CsDialPlan -Identity $_.email -PolicyName $_.DialPlan ;Grant-CSVoicePolicy -Identity $_.email -PolicyName $_.VoicePolicy}

Adjust to suit your needs.

Powershell Script. Remove old IIS Logs.

I don’t like to keep IIS logs for too long. Just over a week is plenty in my environment. To keep these under control , I run a powershell script with an automated task once a week.

There are likely better ways to manage this or better ways to write the script but in saying that, it works for me.

$Servers = “server1” , “server2”
$dir = “\driveLetter$\inetpub”
$daysOldLimit = 8
Set-Location MyScriptFolderLocation

$servers | foreach {
$server = $_

Get-ChildItem -Path (“\\” + $_ + $dir) -filter *.log -Recurse | foreach {

$timestamp = [datetime]$_.lastwritetime
$daysOld = (NEW-TIMESPAN –Start ([datetime]$_.lastwritetime) –End (get-date) | select TotalDays).TotalDays

If ($daysold -gt $daysOldLimit)
{
$FullName = $_.FullName
Remove-Item -Path $FullName
}

}

}

Powershell Script. AD Replication Report.

Every Morning, I run a script to collect Replication test results from each of my domain controllers.

Although there could be some improvements, particularly with the text files I use. This is the script I run, with details of my environment taken out.

$Date = (get-date -Format “yyyy-MM-dd HHmm”)
$Output = “.\output.txt”
$tempFile = “.\Temp.txt”
$RunFrom = (get-location)
$Computer = gc env:computername

$smtpServer = “<yourSMTPServer>”
$emailFrom = “<YourSenderAddress>”
$emailTo = “<YourRecipients>”
$subject = “<YourSubjectLine>

$servers = “MyServer1″,”MyServer2″,”MyServer3”
$location = “MyLocation”
Set-Location $location

# Create text file
New-Item -ItemType file $Output -Force
add-content -path $Output -value “<YourTitleInformation>”
add-content -path $Output -value “$Date”
add-content -path $Output -value ” ”

$Servers | Foreach {

add-content -path $Output -value ” ”
add-content -path $Output -value “Server: $_”
add-content -path $Output -value “”

dcdiag /test:replications /s:$_ > $TempFile

(gc $TempFile) | ? {$_.trim() -ne “” } | set-content $TempFile

$tempContent = get-content $tempfile
add-content -path $Output -value $tempcontent

}

add-content -path $Output -value ” ”
add-content -path $Output -value “Run from $location on computer $computer at $date”

# Email
$OutputRead = (get-content $Output)
$body = New-object System.Text.StringBuilder
foreach($line in $OutputRead)
{
[void] $body.AppendLine($line.ToString())
}

# Send Email
$smtp = new-object Net.Mail.SmtpClient($smtpServer)
$smtp.Send($emailFrom, $emailTo, $subject, $body.ToString())

Check Certificates. Remote Computer. Powershell.

Certificate expiry poses a problem for many a administrator. There are many monitoring tools and techniques, however using a periodic interval, I like to check this manually.

I do this using the following exert from one of my scripts.
Limiting the collection of computer names to a text file is how I like to keep things consistent.

get-content computers.txt | foreach {Invoke-Command -ComputerName $_ -ScriptBlock {Get-ChildItem Cert:\LocalMachine\My | Where {$_.NotAfter -lt (Get-Date).AddDays(65)} | select subject, thumprnint, notafter}}

Note: Winrm will need to be enabled.