Search Active Directory for Specific Word or Phrase (string) in a Group

Ever tried to search for a group by name but the part you know is in the middle? Did you think you would be smart and go to the advanced tab then do “blah” contains, hit search and find nothing?

Quickest way to find is actually via PowerShell

Get-ADGroup -Filter {Name -like “*blah*”} | select SAMAccountName

Works great!

Enjoy

-Eric

Offline Downloading of Windows 10 Patchs

Anyone looking at Microsoft KB’s may be surprised to see that there are no direct download links. However you can still download the patches manually by finding and downloding them here:

http://catalog.update.microsoft.com

This can also be used to import patches into WSUS if needed.

Hope it help

-Eric

Fix | Windows 10, “the connection cannot proceed because authentication is not enabled”

Ah security, the balance between not allowing access at all and allowing too much access.

In Windows 10 Microsoft changed RDP’s defaults. They modified the default for “SecurityLayer” from 0 to 2. Even if you go into the user interface and disable: “Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended)” Still doesn’t change that value to a 2.

Simple fix:

  1. Open RegEdit
  2. Navigate to this Key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
  3. Change “SecurityLayer” to a zero
  4. Reboot and done!

Fix | NVidia Control Panel will not save

Just got Lightroom 6!! Finally they are using the GPU to make things faster. Just one problem, its using my crappy Intel 4600 GPU instead of the NVidia Quadro K1100M in my dual GPU Notebook.

Adobes own advise from their FAQ is to disable the Intel Card. I tried that, all it did is screw up almost everything on the PC. Thanks Adobe for that… So looking around the interwebs I found way too many people having this issue but none having a good solution.

After about 3 hours of messing around with ProcessMon.exe I discovered it was trying to write to c:\ProgramData\NVidia Corporation\Drs folder. Only problem is that folder did not exist.

Simply create the folder, and give “everyone” full control in the security Tab and you should be good to go.

One thing to note, it seemed like it took two saves to start working for me, not sure what that was about but finally I was able to use the “Managed 3D Settings” part of the NVidia Control Panel to set Lightroom.exe to use the NVidia GPU.

Hope it helps you!

-Eric

Powershell | Using Modify AD Groups with Alternate Credentials

Quick one. Had an issue where I needed to remove a user from a AD group in another domain. To my surprise it was harder then I had thought. At first I settled on using set-QADGroupMember (the Quest Powershell CMDLET) as it takes -connectionusername and -connectionpassword. However it was dog slow. I think that was due to being over a WAN link and it was querying all members (which took about 2-3 mins).

I needed something swifter. I went directly to the .NET controls and reduced the time to about 15 second.

$GroupDN = “LDAP://CN=GroupName,OU=Distribution Lists,DC=domain,DC=local”
$Group = New-Object -TypeName System.DirectoryServices.DirectoryEntry -ArgumentList $GroupDN,”username”,”Password”
#To Add
$Group.Properties[“member”].Add(“DN of the User you wish to add”)
#To Remove
$Group.Properties[“member”].Remove(“DN of the User you wish removed”)
$Group.CommitChanges()
$Group.Close()

Enjoy!

-Eric

Powershell | Get Current User Principle Name (UPN)

Quicky,

I had a need to write a Powershell script that would figure out what the current users UPN (User Principle Name) was. Believe it or not I was dumbfounded there wasn’t a good post on it anywhere.  So here is the code:

 

$strFilter = “(&(objectCategory=User)(SAMAccountName=$Env:USERNAME))”
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.PageSize = 1
$objSearcher.Filter = $strFilter
$objSearcher.SearchScope = “Subtree”
$objSearcher.PropertiesToLoad.Add(“userprincipalname”) | Out-Null
$colResults = $objSearcher.FindAll()

$UPN = $colResults[0].Properties.userprincipalname
$UPN

 

Enjoy, if you needed this and found it here please let me a comment, always glad to hear when these things help people out!

Powershell | The Last $Error and Emailing it

OMG some things in Powershell are just too confusing to be useful. What if you need to see the last error message again. What if you want to write it into your script to email you when the error happens?

Well first, its all in $Error

However, $Error is an array.  To access it really requires notation like this:

$Error[0]

The [0] says give me back the last error. Where [1] would say to give me back the second to last error message.

The Problem….

Ok now here is where it gets “funky”. If you just type $Error[0] you get the entire error message like so: (note I am using an error message from some Lync work I have been doing, the names have been changed to protect well me lol)

Set-CsUser : Management object not found for identity “Jerry.Springer@Contoso.com”.
At C:\Scripts\EnableLyncUsers.ps1:138 char:15
+                 Set-CsUser <<<<  -Identity $user.UserPrincipalName -SipAddress $user.UserPrincipalName
    + CategoryInfo          : NotSpecified: (:) [Set-CsUser], ManagementException
    + FullyQualifiedErrorId : Microsoft.Rtc.Management.AD.ManagementException,Microsoft.Rtc.Management.AD.Cmdlets.S
   etOcsUserCmdlet

BUT…. if you type write-host $Error[0] you get this:

Management object not found for identity “Jerry.Springer@Contoso.com”.

So what gives right??? Why when you use Write-Host OR even better when you try to email $Error[0] do we get the crappy short error message? Well I don’t have the answer BUT I do have a great work around.

The Solution….

[string]$ErrorString = $Error[0].Exception
[string]$ErrorString = $ErrorString + ” `n `n ”
[string]$ErrorString = $ErrorString + $Error[0].InvocationInfo.PositionMessage

(that’s 3 lines BTW)

As far as I can tell the only thing one needs are the short error message and the line, script, and command. To do this use the code above and then simply use Write-Host or email that new $ErrorString variable. If you need other data follow the info below from how I figured this out.

Emailing the Error? Simply use this code (replace stuff inside of < > then remove the < >):

    [string]$ErrorString = $Error[0].Exception
    [string]$ErrorString = $ErrorString + ” `n `n ”
    [string]$ErrorString = $ErrorString + $Error[0].InvocationInfo.PositionMessage

    $SmtpClient = new-object system.net.mail.smtpClient
    $MailMessage = New-Object system.net.mail.mailmessage
    $SmtpClient.Host = “<SMTP IP OR NAME>”
    $mailmessage.from = <from@domain.com>
    $mailmessage.To.add(“email1@domain.com,email2@domain.com”)
    $mailmessage.Subject = “<Subject of Email>”
    $MailMessage.IsBodyHtml = $false
    $mailmessage.Body = $ErrorString
 
    $smtpclient.Send($mailmessage)

How did I figure this out?

First I indexed $Error to get me the first result [0]

Next I used the power of Get-Member

$Error[0] | Get-Member

This dumped out all the properties

TypeName: System.Management.Automation.ErrorRecord

Name                  MemberType     Definition                                                                    
—-                  ———-     ———-                                                                    
Equals                Method         bool Equals(System.Object obj)                                                
GetHashCode           Method         int GetHashCode()                                                             
GetObjectData         Method         System.Void GetObjectData(System.Runtime.Serialization.SerializationInfo inf…
GetType               Method         type GetType()                                                                
ToString              Method         string ToString()                                                             
CategoryInfo          Property       System.Management.Automation.ErrorCategoryInfo CategoryInfo {get;}            
ErrorDetails          Property       System.Management.Automation.ErrorDetails ErrorDetails {get;set;}             
Exception             Property       System.Exception Exception {get;}                                             
FullyQualifiedErrorId Property       System.String FullyQualifiedErrorId {get;}                                    
InvocationInfo        Property       System.Management.Automation.InvocationInfo InvocationInfo {get;}             
PipelineIterationInfo Property       System.Collections.ObjectModel.ReadOnlyCollection`1[[System.Int32, mscorlib,…
TargetObject          Property       System.Object TargetObject {get;}                                             
PSMessageDetails      ScriptProperty System.Object PSMessageDetails {get=& { Set-StrictMode -Version 1; $this.Exc…

All of the properties normally can be accessed like this:

$Error[0].Exception

But if you try to write-host $Error[0].InvocationInfo you get:

System.Management.Automation.InvocationInfo

Well that’s not very useful… the reason for this is there are deeper items in the $Error[0].InvocationInfo tree. So if we go ahead and whip out get-member again on $Error[0].InvocationInfo lets see what we get:

TypeName: System.Management.Automation.InvocationInfo

Name             MemberType Definition                                                                             
—-             ———- ———-                                                                             
Equals           Method     bool Equals(System.Object obj)                                                         
GetHashCode      Method     int GetHashCode()                                                                      
GetType          Method     type GetType()                                                                         
ToString         Method     string ToString()                                                                      
BoundParameters  Property   System.Collections.Generic.Dictionary`2[[System.String, mscorlib, Version=2.0.0.0, Cu…
CommandOrigin    Property   System.Management.Automation.CommandOrigin CommandOrigin {get;}                        
ExpectingInput   Property   System.Boolean ExpectingInput {get;}                                                   
HistoryId        Property   System.Int64 HistoryId {get;}                                                          
InvocationName   Property   System.String InvocationName {get;}                                                    
Line             Property   System.String Line {get;}                                                              
MyCommand        Property   System.Management.Automation.CommandInfo MyCommand {get;}                              
OffsetInLine     Property   System.Int32 OffsetInLine {get;}                                                       
PipelineLength   Property   System.Int32 PipelineLength {get;}                                                     
PipelinePosition Property   System.Int32 PipelinePosition {get;}                                                   
PositionMessage  Property   System.String PositionMessage {get;}                                                   
ScriptLineNumber Property   System.Int32 ScriptLineNumber {get;}                                                   
ScriptName       Property   System.String ScriptName {get;}                                                        
UnboundArguments Property   System.Collections.Generic.List`1[[System.Object, mscorlib, Version=2.0.0.0, Culture=…

Ah… there’s more stuff. Lastly I just needed to figure out what items inside of $Error[0].InvocationInfo I needed. Turns out just one thing. So to write-host it all I needed to do is call:

Write-Host $Error[0].InvocationInfo.PositionMessage

Hope that opens your mind to how more complex objects work in Powershell.

Hey!

Did I help? Make Sense? Something Wrong? Put it in the comments. Love to hear when my write-ups help folks out.

Enjoy

-Eric

Bug | Android | Error 111 (net::ERR_TUNNEL_CONNECTION_FAILED)

Quick one… After spending far too much time I figured it out an issue where I was getting the following error in Chrome on Android when trying to access a SSL website I hosted at my home on port 2000..

“Error 111 (net::ERR_TUNNEL_CONNECTION_FAILED)”

Some extra details… this was on my Nexus 4 on AT&T running first 4.2.1 then 4.2.2.

The real issue, Android for some unknown reason will not allow you to use unstandard ports for SSL (i.e. only port 443 works when using https)

I confirmed this by trying a SSL website on port 2000 using my wifes iphone on AT&T. Sure enough it worked fine. So its not AT&T. Also worth pointing out it works fine on wifi.

Hopefully this is just a bug and will be fixed in the future. The only thing I could do was move my SSL website to the standard port 443.

There was zero info on this on the net so I wanted to get it out there. Hope it sheds some light on it for you. If it did leave a comment so I know.

Office 2013 Installer Failure | “not supported upgrading from a preview version”

Well you are likely here because you are the adventurous type who had Office 2013 Preview installed and then tried to uninstall and install the full release.

Microsoft Office 2013 does not support upgrading from a preview version of Microsoft Office 2013. You must first uninstall these preview versions of Microsoft Office 2013 products and associated technologies:

Microsoft Office 2013 Professional Plus 2013

Some may advise you to go into control panel and remove all Office items from the programs list. However if you are like me then that will not be enough.

If you are still having issues after reviewing the programs list in the control panel then go ahead and delete the following registry key:

HKEY_CLASSES_ROOT\Installer\Products0005102110000000100000000F01FEC

If for some reason that isn’t enough, then delete these as well:

HKEY_CLASSES_ROOT\Installer\Patches\D5360E4B109548941BFB078A144B11D5
HKEY_CLASSES_ROOT\Installer\Patches\D5360E4B109548941BFB078A144B11D5
HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\15.0\

if that still doesn’t do it, then search for the phrase “2013” at the root of the registry and start wacking keys that look office 2013 related. However I am pretty sure that first one will take care of you.

Hey if I helped ya, or you can add something to the conversation then please let me know in the comments belooooooow! I take payment in the form of “thanks” in the comments 😉

Windows 8 System Image Tool, Where did it go?

Quick one….

Here is how you can do a full disk image of a Windows 8 system.

If you are like me and just finished setting up your shinny new Windows 8 system, you installed all of your non-metro apps, you activated all of your professional software and now thought, “damn good time to take a image” then had a hard time figuring out where it went…. you are not alone.

In what looks like a ridiculous and frustrating war between Microsoft and Windows Desktop the backup tool is now called “Windows 7 File Recovery”. They also took out direct links to “create a system image” as well.

Yes you are not losing your mind, its not Windows 7, nor is it only file recovery, it’s the only place to get to total system imaging.

Simply Search Metro for “Windows 7 File Recovery” and click the Settings area on the right and you will find it.

image

image

Once in the “Windows 7 File Recovery Tool” go to the top left “Create a system image”

image