Ever tried to search for a group by name but the part you know is in the middle? Did you think you would be smart and go to the advanced tab then do “blah” contains, hit search and find nothing?
Quickest way to find is actually via PowerShell
Get-ADGroup -Filter {Name -like “*blah*”} | select SAMAccountName
Works great!
Enjoy
-Eric
Quick one. Had an issue where I needed to remove a user from a AD group in another domain. To my surprise it was harder then I had thought. At first I settled on using set-QADGroupMember (the Quest Powershell CMDLET) as it takes -connectionusername and -connectionpassword. However it was dog slow. I think that was due to being over a WAN link and it was querying all members (which took about 2-3 mins).
I needed something swifter. I went directly to the .NET controls and reduced the time to about 15 second.
$GroupDN = “LDAP://CN=GroupName,OU=Distribution Lists,DC=domain,DC=local”
$Group = New-Object -TypeName System.DirectoryServices.DirectoryEntry -ArgumentList $GroupDN,”username”,”Password”
#To Add
$Group.Properties[“member”].Add(“DN of the User you wish to add”)
#To Remove
$Group.Properties[“member”].Remove(“DN of the User you wish removed”)
$Group.CommitChanges()
$Group.Close()
Enjoy!
-Eric
Quicky,
I had a need to write a Powershell script that would figure out what the current users UPN (User Principle Name) was. Believe it or not I was dumbfounded there wasn’t a good post on it anywhere. So here is the code:
$strFilter = “(&(objectCategory=User)(SAMAccountName=$Env:USERNAME))”
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.PageSize = 1
$objSearcher.Filter = $strFilter
$objSearcher.SearchScope = “Subtree”
$objSearcher.PropertiesToLoad.Add(“userprincipalname”) | Out-Null
$colResults = $objSearcher.FindAll()
$UPN = $colResults[0].Properties.userprincipalname
$UPN
Enjoy, if you needed this and found it here please let me a comment, always glad to hear when these things help people out!
If you are reading this its likely you googled for the answer to this very questions. “How do I install Exchange 2010 in a child domain?” Its almost like every step of the way you get another ambiguous error message.
Well if you know what to do its fairly easy.
1) Make sure you have an account that is NOT the administrator account that has Enterprise Admin, and Domain Admin of the ROOT domain.
2) Logon to a Windows 2008 x64 / or 2008 R2 x64 box that is a member of the ROOT domain. If you don’t have one just build one or temporarily move the new exchange server into the ROOT domain long enough to preform the following steps.
3) Logged in as your service account with Enterprise Admin and Domain Admin rights to the root open a command prompt (run as administrator if UAC is enabled).
4) Go to the directory you have the Exchange 2010 install located. I recommend using a direct Exchange 2010 SP1 install build.
5) Run the following command
ServerManagerCmd -i RSAT-ADDS
6) Reboot
7) Run the following command (Prep Legacy Permissions)
setup /pl
8) Run the following command (Prep Schema)
setup /ps
9) Run the following command (Prep Domain and Name Org)
setup /p /on:TestlaCorp
–Note: TestlaCorp is my test domain org name, please enter your desired org name.
9) Run the following command (Prep all Domains)
setup /preparealldomains
10) Follow these directions from the ROOT DC Domain Controller: (not totally sure this is required or not, skip and only do if you run into an issue)
11) Now go to your new exchange server box (rejoin it to the child domain if you had moved to the ROOT domain for the above commands).
10) Logon as that ROOT account with Enterprise Admin and Domain Admin for the ROOT domain. You will need to grant it local admin rights on the new child domain server you are planning on installing Exchange 2010 to ahead of logging in.
11) Run the setup as you normally would do. I usually follow this blog for those steps:
Final Notes: I noticed after installing that I was getting an error opening the EMC and it turns out it was just that the installer some how didn’t install any of the roles. Re-running the install fixed that.
