Move A records from subdomain to a new Primary Zone non Active Directory Integrated

2016-11-02 / Random / 0 Comments
$dnsServer = "baldns1"
$oldDomain = "mytest.baldanza.org"
$newDomain = "mytest.baldanza.org"
$dynamicUpdate = "None"
$responsiblePerson = "hostmaster.baldanza.org."
$notifySettings = "NotifyServers"
$transferType = "TransferToSecureServers"
$secondaryServers = "10.23.0.4","10.23.0.5","192.20.0.4","192.0.5"


#DONT TOUCH BELOW
$records = Get-WmiObject -ComputerName $dnsServer -Namespace root\microsoftDNS -Query ("select * from MicrosoftDNS_AType where DomainName = ""$oldDomain""")
$foundZone = Get-DnsServerZone -ComputerName $dnsServer -Name $newDomain -ErrorAction SilentlyContinue
if ($foundZone -eq $null) {
    Write-Output "Creating zone $newDomain..."
    Add-DnsServerPrimaryZone -ComputerName $dnsServer -Name "$newDomain" -ZoneFile "$newDomain.dns" -ResponsiblePerson $responsiblePerson -DynamicUpdate $dynamicUpdate
    Set-DnsServerPrimaryZone -ComputerName $dnsServer -Name $newDomain -Notify $notifySettings -NotifyServers $secondaryServers -SecureSecondaries $transferType -SecondaryServers $secondaryServers -PassThru
    $foundZone = Get-DnsServerZone -ComputerName $dnsServer -Name $newDomain -ErrorAction SilentlyContinue
} else {
    Write-Output "Zone: $newDomain already created"
}
if ($foundZone -ne $null) {
    Write-Output "Copying records from $oldDomain to $newDomain"
    foreach ($record in $records) {
        $hostname = $record.OwnerName.Replace("."+$record.DomainName, "").ToString();
        $ipAddr = $($record.IPAddress.ToString());
        $ipTTL = $($record.TTL.ToString());
        $ipTTL = [timespan]::fromseconds($ipTTL)
        try {
            Write-Output "Adding..."
            Write-Output "Hostname: $hostname"
            Write-Output "IP: $ipAddr"
            Write-Output "TTL: $ipTTL"
            Add-DnsServerResourceRecordA -ComputerName $dnsServer -Name "$hostname" -ZoneName "$newDomain" -AllowUpdateAny -IPv4Address "$ipAddr" -TimeToLive $ipTTL
        } catch {
            Write-Output "Unable to add: $hostname - $ipAddr"
        }
    }
} else {
    Write-Host "Unable to copying records because $newDomain does not exist"
}
Read More

in place windows server 2008 r2 standard to enterprise upgrade

2015-05-18 / Random / 0 Comments

You can find information on how to upgrade your license here

http://richardstk.com/2012/04/10/in-place-upgrade-of-windows-server-2008-r2-standard-to-enterprise-or-datacenter-edition/

Read More

Change Terminal Services Profile Path PowerShell

2014-10-28 / Random / 0 Comments

Problem: I needed to change all domain users to the new terminal services profile server

Solution
I was able to create a powershell script that loops through the domain and finds instances of where the terminal services profile path is set to the old server. It then replaces the old server with the new server name and logs the output to console.

You can modify the below to limit the scope of the items found (findall() only does 1000 objects by default) by changing adding in an OU filter or creating a function that adds in the user. In any case my problem was solved with the below script.

$root = "LDAP://DC=GALAXY,DC=local"
$searcher = ([ADSISearcher]"(&(samAccountType=805306368)(!userAccountControl:1.2.840.113556.1.4.803:=2))") #user account type will be person and the account not disabled.
$searcher.SearchRoot=$root
$users = $searcher.findall()
 foreach ($user in $users) {
    try {
    $userSearch = ""
    $tsprofilepath = ""
    $username = ""
    $userSearch = [adsi]"$($user.path)"
    $tsprofilepath = $userSearch.psbase.InvokeGet("TerminalServicesProfilePath")
    
    $username = $userSearch.psbase.InvokeGet("sAMAccountName")
                
       if ($tsprofilepath) { #check for not null
            if ($tsprofilepath.contains("OLDSERVERNAME")) { #check for containing string
                $newtsprofilepath = $tsprofilepath.Replace("OLDSERVERNAME", "NEWSERVERNAME") ##set ts profile path location
                Write-Output "$username has profile path of $tsprofilepath"#log existing
                $userSearch.psbase.Invokeset(“terminalservicesprofilepath”, $newtsprofilepath) #set new path
                $userSearch.setinfo() #save user info
                Write-Output "$username changed profile path to $newtsprofilepath" #log new path
                }
            else {
                Write-Output "$username has a profile path of $tsprofilepath" #log already has new path
                }
            }
            else {
                Write-Output "$username has a no profile path set" #log already has no path
            }
            #start-sleep 1 #loop sleep Timer
        }
        catch { 
        #error handle
        $ErrorMessage = $_.Exception.Message
        $FailedItem = $_.Exception.ItemName
        Write-Output "$username had an error of: $ErrorMessage"
        Write-Output "$FailedItem"
    }
}
Read More

The password stored in Credential Manager is invalid.

2013-04-24 / Desktop, Random / 0 Comments

Problem:

When a user was printing documents it would show up under a help desk person’s account.

Also was seeing a bunch of EventID 552 like these in the security logs

Logon attempt using explicit credentials:
Logged on user:
User Name: USER1
Domain: DOMAIN
Logon ID: (xxx,0x7D052)
Logon GUID: {xxxxxxx-07b5-8f5f-d5dd-d78268681b37}
User whose credentials were used:
User Name: HELPDESKUSER
Domain: DOMAIN.LOCAL

Logon GUID: –
For more information, see Help and Support Center at

Solution:

After enabling NetLogon debug logging information. http://support.microsoft.com/kb/109626

This would appear in the System Log under Kerberos Warning:

The password stored in Credential Manager is invalid. This might be caused by the user changing the password from this computer or a different computer. To resolve this error, open Credential Manager in Control Panel, and reenter the password for the credential XXX.

I was able to launch the Credential Manager using “rundll32.exe keymgr.dll,KRShowKeyMgr” and delete the cached credentials for the server that was running under the help desk person’s account.

Rebooted the PC and the user’s print jobs now show up under the correct account.

Read More

Remove .ashx extension from sitecore media file links

2013-01-30 / IIS, Random / 2 Comments

Problem:

When clicking on a linked PDF document or any media file sitecore added .ashx extension to the linked file. This caused issues with some browsers and OS versions not knowing what to do the file.

 

Solution:

Let the uploaded file present its original extension.

Modify the web.config file and look for

<setting name=”Media.RequestExtension” value=”ashx” />

change the setting to

<setting name=”Media.RequestExtension” value=”” />

Read More

Enable Crystal Reports 2011 Server AD Authentication

2012-04-24 / Random / 0 Comments

Solution:
Documentation is from SAP website that assisted me in enabling AD authentication

Crystal 2011 AD Authentication

Read More

Configure mediawiki for LDAP authentication with Microsoft active directory

2011-08-15 / Linux, Random, Server / 3 Comments

Problem:

Needed to enable  Microsoft Active Directory authentication to our internal mediawiki site.

Solution:

enable Ldapauthentication.php extension. modify localsettings.php file to include the following:

require_once( “$IP/extensions/LdapAuthentication/LdapAuthentication.php” );
$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDomainNames = array( “ADSITE” );
$wgLDAPServerNames = array( “ADSITE”=>”wcp01xdc.ADSITE.local”  );
$wgLDAPBaseDNs = array( “ADSITE”=>”dc=ADSITE,dc=local” );
$wgLDAPSearchStrings = array(“ADSITE” => “ADSITE\\USER-NAME”);
$wgLDAPSearchAttributes = array( “ADSITE”=>”sAMAccountName” );
$wgLDAPLowerCaseUsername = array( “ADSITE”=>true );
$wgLDAPRequiredGroups = array( “ADSITE”=>array(“cn=information technology,ou=users,ou=information technology,ou=ADSITE,dc=ADSITE,dc=local”) );
$wgLDAPGroupUseFullDN = array( “ADSITE”=>true );
$wgLDAPGroupsUseMemberOf = array( “ADSITE”=>true );
$wgLDAPGroupObjectclass = array( “ADSITE”=>”group” );
$wgLDAPGroupAttribute = array( “ADSITE”=>”member” );
$wgLDAPGroupSearchNestedGroups = array( “ADSITE”=>true );
$wgLDAPGroupNameAttribute = array( “ADSITE”=>”cn” );
$wgLDAPPreferences = array( “ADSITE”=>true );
$wgLDAPDisableAutoCreate = array( “ADSITE”=>false );
$wgMinimalPasswordLength = 1;
$wgLDAPUseSSL = false;
$wgLDAPEncryptionType = array( “ADSITE”=>”clear” );
$wgUseLocal = false;
#$wgLDAPDebug = 99;
#$wgDebugLogGroups[“ldap”] = “/tmp/wikildapdebug.log” ;

Replace “ADSITE” with the name of your domain. It is currently setup for clear text authentication. After you get clear text authentication working you should enable tsl or ssl authentication if need be.

the setting $wgLDAPRequiredGroups is optional and is used to allow only certain groups to login the wiki. in this case “Information Technology”

Read More

Quickly Backup DNS Zones

2011-01-18 / Random, Server / 0 Comments

Problems:

Need a quick solution to backup AD DNS zones daily.

Resolution:

Created a scheduled task to run the following daily:

dnscmd /zoneexport pwcc.local backup\daily\%date:~4,2%%date:~7,2%%date:~12,2%.pxxxx.local.dns.bak dnscmd /zoneexport pwcstores.com backup\daily\%date:~4,2%%date:~7,2%%date:~12,2%.pxxxxstores.com.dns.bak

Read More

My Project: Intel DH57JG w/ i5-650 inside a Mini-Box M350 Case

2010-07-16 / Random / 9 Comments
 

I am building a new media center PC with an Intel DH57JG w/ i5-650 inside a Mini-BoxM350. I will be updating with more specs, pics, and all the parts used.     

MB:                         Intel DH57JG Socket 1156/ Intel H57/ A&GbE/ Mini-ITX Motherboard, Retail
CPU:                       Intel Core i5 Processor i5-650 3.20GHz 4MB LGA1156 CPU, Retail
HD:                         2x Western Digital Scorpio Blue 500GB (WD5000BEVT) 5400rpm SATA2 8MB 2.5inch Drive
RAM:                     Kingston KHX1333C7D3K2/4G DDR3-1333 4GB(2x 2GB) Memory Kit
Case:                      Mini-Box.com M350 Universal Mini-ITX enclosure
Power:                   picoPSU-160-XT with short-circuit 12.5A 150W AC-DC adapter
Fan #1:                  Low Profile Intel LGA1156 Core i3/i5/i7 Ultra Quiet CPU Cooler
Fans #2:                Noiseblocker NB-BlackSilentFan XM2 40mmx10mm Ultra Quiet Fan (NB-BS4010XM2)
Internal USB:      1 xUSB 2.0 Cable – USB A Female to USB Motherboard 4 Pin Header F/F – 6″ (USBMBADAPT)
Case Mod:             1 xSolid Wall Polyethylene Grommet Edging with Adhesive – Black (GES-BK05)     

Photos:     

Front View

 

Open Top View

 

CPU Fan View

 

PSU Side View

 

Final Case Mod

 

Final Resting Point

 

Temp: 

Before Making Cuts into Case

  

After Making Cuts into Case

  

Info:     

I had to make some modifications to the case due to the i5 CPU and dual hard drive combination. I bought a metal cutter and bastard hand grinder and made the cuts into the case. Since cutting the hole in the top of the case the CPU fan is able to grab cold air. If the additional hard drive was not present this would not be an issue. I installed a small chipset fan in the front fan slot to allow cold air to get pulled in to cool the psu.

Read More

HP dv7t Select Edition Series (dv7tse)

2010-05-19 / Random / 0 Comments

HP released their new DV7T series labeled DVT7SE. It has some pretty good specs and I will be purchasing very soon.

Read More