I had a scenario come up where someone had 50 or so PST files. I wanted to add them all into their mailbox, but have a separate folder for each PST’s contents to go to.
This was on Exchange 2010 SP3 but should apply to newer versions too, and this is assuming you have at least Exchange 2010 SP1 – importing was done differently before this.
For starers, ExchangeServerPro covers the basics of PST importing. PeteNetLive delves a bit deeper into batch importing, which was close to what I wanted but had to modify somewhat.
I had the PST files in a UNC path, so started by navigating there – in Powershell, you can just ‘cd //server/sharename/’ (even though “cd” is an alias for “Set-Location”, I can’t help but use it!)
Once in the share that contains the PST files (and it HAS to be a share, can’t be an admin $ share, and needs the correct permissions as per ExchangeServerPro’s article), you can run this command:
dir *.pst | %{ New-MailboxImportRequest -BatchName Recovered -Mailbox alias -name $_.BaseName -FilePath “$_.” -TargetRootFolder $_.BaseName}
This will get the list of files, and run a mailbox import request against each one. “alias” needs to be changed to the mailbox name. The Filepath is just being called as itself “$_.” and the Target Root Folder is using BaseName, which is the filename without the extension .pst.
I’m also using the filename as the name for the job, if you leave that out it’ll hit a wall after 10 jobs and want a unique name (if not specified, the name is MailboxImport, then MailboxImport1, MailboxImport2 etc and hits a wall at MailboxImport9). That also makes it easy if one of the jobs fail, to work out which PST was involved.
This worked really well for me, so hopefully it helps someone else out there!
Running a Wake On LAN can be tricky if you’ve got lots of subnets to worry about. A magic packet will only work in the local subnet unless you happen to have complete access to your entire network and make some router changes.
There’s also ‘Wake Up Proxy‘ which was added to Configuration Manager that can potentially work too as it’s peer to peer and clients try to wake each other up, but won’t work in a lot of scenarios such as 802.1X.
In light of these, I wrote a script that was a mashed up version of a few things I could find and accomplish the task of sending WOL packets to each subnet I cared about.
What this script does:
Pulls computers and in turn, MAC addresses from a pre-created SCCM collection.
Checks each computer to see if it’s online
If online, it will trigger a reboot countdown of 5 minutes, with a warning prompt
If offline, it will send a WOL magic packet to the computer
This is valuable to me for software installs that require no user logged onto a computer. It will leave all computers at the login screen, ready for software installs.
This only works in a single subnet though, so the next trick is to set this up on a server in each subnet as a scheduled task. Each server is configured to check the SCCM collection of computers that exist in that subnet. Then, a master task is created that calls the task on each of the other servers:
This master task triggers all the WOL scripts, on a schedule or on demand as you wish. You need to use an account that has access on all servers required of course to be able to remotely trigger the scheduled tasks.
I’ll also note that Adam Bertram wrote a different WOL script that will find each subnet and use any PC it can find to send WOL commands to other computers which is worth checking out. It doesn’t incorporate the forced reboot, but should be modifiable to achieve that result.
The script uses the free wol.exe program from Gammadnye and is expecting to run from C:\Scripts\ but you can change that to whatever you like without breaking anything.
Start-Transcript -path C:\Scripts\Log\wolreboot.txt $SiteCode = ‘SCCM Site Code goes here’ $CollectionName = ‘Target collection name goes here’ #Retrieve SCCM collection by name $Collection = GWMI -ComputerName $siteServer -NameSpace “ROOT\SMS\site_$SiteCode” -Class SMS_Collection | where {$_.Name -eq “$CollectionName”} #Retrieve members of collection $SMSMembers = GWMI -ComputerName $SiteServer -Namespace “ROOT\SMS\site_$SiteCode” -Query “SELECT * FROM SMS_FullCollectionMembership WHERE CollectionID=’$($Collection.CollectionID)’ order by name” | select Name
ForEach ($SMSMember in $SMSMembers){ If (test-connection $SMSMember.Name -Count 1 -quiet) { write-host $SMSMember.Name “Online” $name = $smsmember.name Start-Process Shutdown “-r -t 300 -m \\$name -c `”Initiating scheduled maintenance reboot. You have 5mins to save your before your PC will reboot`”” -NoNewWindow -Wait } Else { $a = (GWMI -ComputerName $siteServer -Class SMS_R_SYSTEM -Namespace root\sms\site_$SiteCode | where {$_.Name -eq $SMSMember.Name}).MACAddresses $a = $a -replace ‘:’,” foreach ($mac in $a){ C:\Scripts\\wol.exe $mac write-host $SMSMember.name “WOL packet sent” $mac write-host `r`n} } }
Stop-Transcript
Exit
Update 9th August 2016
A few changes to the script – it’ll now log via transcript, but more importantly will support SCCM client objects with multiple MAC addresses, and broadcast each found MAC address.
I’ve been asked to review many products (both hardware and software) on this blog. Many of the things I write about here are triggered by my experiences, which I think adds to the usefulness of the posts. Usually I decline, because I either don’t have an interest in the product, or don’t have the time to invest reviewing something that I can’t get a personal benefit out of the product in question.
Softerra Adaxes was one of these companies. After giving it a quick once over, my interest had been piqued. After extensive testing, I was actually happy to write a review of what the product does, and how I can see it helping people in businesses… so here is my take on the product. This is a sponsored post, but written by myself with my honest view on the product after extensive testing.
What is Softerra Adaxes?
First and foremost, this is an Active Directory (AD) Identity Management piece of software. It will talk to your AD environment (don’t worry, no schema changes required!) and give you a framework to allow automation. I’d previously looked at System Center Orchestrator (SCOrch) to look at the automation of user accounts such as creation, change, deletion – but it was too complicated for my liking. Most things required you to write your own code (PowerShell, .NET etc) and use what I’d call strange variable calls, instead of plain old nice code. To me, you have to wear a developer hat to use SCOrch for anything beyond very basic workflows.
Adaxes takes a different approach. Instead of writing your own code (which you can do still), much of it is driven in a similar way to how Outlook rules work. You can use the Adaxes Console, or Adaxes webpage to perform tasks such as ‘Create User’ – but you define the rules. For example, think of the ‘City’ field in AD. These are the rules you can set for it:
Those rules then end up as the only choices via a drop-down menu:
Having a default value if > 50% of your users are going to be in a particular city is a time saver. Same applies to being able to list several cities, and have a dropdown list to select them from – removing human error from typos. Forcing the property to being required also means it won’t be missed. To me, this gives immediate benefit in the user creation process, if the time is spent setting it up correctly.
User Creation in Adaxes
Once a user is created with your template, ‘Business Rules’ can kick in. These are more rules based on an event happening – such as a successful user creation. For me, I created business rules based on the City. If they’re in Sydney, then do all these things that applies to a Sydney person. This can be the creation of a home drive, but also can hook into Exchange or Lync to create their account in that environment too.
The Exchange and Lync integration allow you to have a user fully set up without even needing to worry about it. The email alias can be pulled from the username, and normal email address policies apply for creation of SMTP addresses. You can specify which DAG the mailbox will be created on too. For Lync, it’s the same story. If you’re lucky enough to have Enterprise Voice, the user’s phone number can be used as a variable to create a Line URI for the user.
Other third party systems can be manipulated by running a PowerShell script or program easily enough, or if you want to start getting tricky… there’s the Adaxes SDK for API.
When it’s all done, you can even trigger an email to alert staff that a user has been created, which could be used to alert other departments of any manual processes they need to do once a user is ‘born’.
Even better, is the easy built-in security roles. You can give HR access to create a user via the native Adaxes web page. No software required, HR follow the bouncing ball of the webpage and see a prompt for any required field, and requests can be configured to require approval before being actioned too.
What Else Can Adaxes Do?
I’ve focused on User Creation so far, because that was the first benefit I saw from Adaxes – but there’s a bunch more this software solution can do. Softerra themselves list many of the featuresof the product, but it’s a very open framework where you can make the software do what you need to happen.
Group Management
Due to the granular security model they use, you could consider end user management of groups. Email group management for end users is already possible from Microsoft Exchange, but you can’t do the same with security groups. I can see a big benefit in letting key users manage a selection of security groups which could allow things such as access to network drives and folders, access to software or permissions to an internal resource such as a SharePoint site and so on. If you’re in a Microsoft environment, everything should be security based via AD groups anyway, so this is a much nicer solution than giving those key end users an Active Directory User and Computers console.
Password Expiration Notifcation
There are several built in examples of ‘Scheduled Tasks’ – including some I’ve written my own script for! The ‘Password Expiration Notifier’ does exactly what I wrote here, which is to notify end users via email when they have certain days left before their password expires. My preference is to have all of these tools and triggers in a central location where all the right people can see what’s going on with ease, which is better than having Windows based scheduled tasks scattered around your servers being harder to find and manage.
Although I encourage everyone to know PowerShell, the reality is we all have different skills and priorities. Having middle-ware that manages the smarts, and shows you in an easily readable format reduces company risk in both managing automation as well as staff time in making changes should be at least investigated for it’s potential value. The above example out of the box had only the 7 day notification, so I copied and pasted the rules below it, and set the trigger to also happen at 1 day, matching my script. That was 10 seconds of work.
Clean Up Old Computer Records
Another example of a built in Scheduled Task is the ‘Inactive Computer Deleter’. Simply, it does a daily check for computer objects to see if they’ve been inactive for more than 12 weeks. If true, it changes the ‘When Marked Inactive’ property of the computer to the current date and time. It won’t delete the computer until it has approval, and you can tell it who to get the approval from. Tasks like this should save you time as well as helping to secure your network from rogue devices.
Office 365 User Management
There is also Office 365 support, which can automate tasks such as user creation, or license management. At the time of writing, an Office 365 CAL can’t be auto assigned to an Office 365 user when synced from Active Directory, but Adaxes can automate that step for you.
Conclusion
To me, the above is enough of a business case to at least consider Softerra Adaxes. Some time needs to be invested to make the software do what you want to do – every businesses’ user management processes are different. If you’re currently using just a PowerShell script, you could use that from Adaxes and build the workflow and web interface management around it for starters, then migrate tasks to Adaxes as you find time.
I can’t find many weaknesses in this solution – there’s provision for resiliency by having more than one server, the product seems secure and stable. I would like to see more built in options on what you can do out of the box (to Softerra’s credit, there is a lot of options already and is highly configurable). I noticed that I couldn’t specify some extra parameters in Lync beyond the basics of user creation, such as which policies to apply to a user. This will have to be done by calling a PowerShell script I’d write instead.
There’s also a bit of a learning curve around applying security and using the interface – not that it’s difficult, and the online documentation is extensive, but you’ll need to do a bit of tutorial reading to understand the product and how to configure it to your liking.
I also really like the potential of giving end users control over certain things. Empowering users that make decisions to act on those decisions themselves is a time saver – as is having an incredibly easy workflow approval process that doesn’t need a complicated workflow engine and a team of developers behind the scenes.
Overall, I really liked the product and the direction they have taken it. I personally recommend checking it out, and am actually in the process of implementing it in my current workplace as a result of this review, as a paid product!
Other Adaxes videos are available on YouTube, along with pricing available on their website (there’s also a 30 day trial – install is very simple).
Update 30th July 2022 – TechNet links no longer work, but updated the script link to a github copy.
Original post:
Logon and Logoff events for a PC running Vista or above are logged to the Security section of Event Viewer. If you’re looking for a particular event at a particular time, you can browse through manually with a bit of filtering in the Event Viewer GUI and find what you need.
On a larger scale though, this doesn’t make sense. If you’re looking at multiple users or multiple events, the task gets tedious very quickly.
Logon and Logoff events on a domain will be logged against the closest domain controller, but unless you’re piping these logs elsewhere (which I briefly talked about here on Tech Target), the DC’s logs will quickly fill up and cycle off. Also, the user may have authenticated against multple DCs, or other scenarios such as an offline laptop user first logging in locally before being on the network.
A PC keeping only it’s own security logs will go back a lot further (over a month hopefully!) so there’s a lot of data to obtain.
Now, you can filter the event viewer to those Event IDs using Event Viewer, but you can’t filter out all the noise around anything authenticating to and from the PC you’re investigating.
One way of doing this is of course, PowerShell.
There are two commands I found for this – Get-EventLog(link now dead) and Get-WinEvent(link now dead). I used Get-Eventlog as it seemed to be a bit easier to get the data I needed…. but I couldn’t get it exactly to work.
The script doesn’t need any parameters to run, just asks for which PC, date range, if you want to only see failed logins (which I don’t for this scenario), and then how to display the information.
Sometimes it takes a lot of research and time to just use someone else’s script and be done with it :)
Update:
As @GirlGerms pointed out, many people just lock their workstation rather than logging off/on. In that case, these are the two Event IDs:
Workstation Locked Event ID 4800
Workstation Unlocked Event ID 4801
The script I found doesn’t include these, but appears very easy to adjust to see those results too. None of this works if the person doesn’t lock their PC, and never logs off so it’s hardly an all encompassing method.
Quick tip today about line breaks / carriage returns.
If you want to add multi-line values to an Active Directory field – (e.g. the notes field), it’s not plainly obvious as to how you can type this in a PowerShell command.
One way to pass through an ‘enter’ value is by using a line break. This can be achieved by using:
`r`n
Example:
Get all the users who are in Australia (based on their Country/region field being set to Australia), and update the street address two lines of BEWARE and MONSTERS:
