I needed to grant one of my techs local admin access to one of our DCs. (Don’t ask, it needed to happen temporarily) Anyways, here’s how: net localgroup Administrators $DOMAIN\$USERNAME /ADD

Enabling all AD User accounts in an OU is also a quick one liner: Get-ADUser -Filter * -SearchBase “OU=HWCDI,DC=HWCDI,DC=local” | Enable-ADAccount

Resetting the password for all users within an OU is a quick one liner (in CMD): dsquery user OU=HWCDI,DC=HWCDI,DC=local | dsmod user -pwd NewPassword1!

Earlier, I realized My AD export is not grabbing all object attributes. In the original AD export script, I was actually defining fields to export using -l argument: -l “cn,givenName,objectclass,samAccountName” You can get pretty complex with LDIFDE.exe (for help see): #> ldifde /? Omitting the -l argument in the export script exported ALL object attributes.[…]

Now we need to import our user objects into a new domain. Spin up a new Windows Server 2012 R2 VM, add necessary roles for AD. Create a new OU in AD for your imported users: dsadd ou “OU=HWCDI,DC=HWCDI,DC=local” Parse / modify your usersFile.ldf file however you’d like, just ensure each object’s entry is updated[…]

There must be a better way to recreate an AD domain. Enter: LDIFDE!!! – http://technet.microsoft.com/en-us/library/bb727091.aspx – http://support.microsoft.com/kb/555634 6. LDIFDE doesn’t support exporting Passwords. 7. By default “User must change password at next logon” attribute is selected, You can use this tool to manage AD objects. Immediately, I’m concerned only with exporting user objects. You need[…]

This morning, one of our managed Exchange 2013 Servers stopped passing mail. Event 5172: ‘\\?\C:\Windows\system32\inetsrv\config\applicationHost.config’, line number ‘1’. The error message is: ‘Configuration file is not well-formed XML You’d receive the same message when trying to manage IIS. On the hosed Exchange server, the applicationHost.config file was 239 lines of: 2014-03-11T17:43:51.855Z,1407758,Microsoft.Exchange.RpcClientAccess.Service.exe,5352,,Search,Success,2, 0,1,1,,(&(|(objectSid=S-1-XXX)(msExchMasterAccountSid=S-1-5-XXX)(sIDHistory=S-1-5-XXX))(!( objectClass=foreignSecurityPrincipal))(!(msExchCU=*))(|(objectCategory=person)( objectCategory=msExchDynamicDistributionList)(objectCategory=group)(objectCategory=publicFolder)( objectCategory=msExchPublicMDB)(objectCategory=msExchSystemMailbox)([…]

And I dodged a bullet! My personally developed backend for editing my blog was exposed to the public internet. With potential to post to my Facebook and Twitter. Silly Colin, I thought I had locked it down. (A good call for automated testing)… Stay tuned?

Chased this one for a minute – make a custom filter that at some point does: value.replace(‘ ‘,’ ’)

In the last post, Jinja stripped an HTML tag (I didn’t properly escape)… Here’s a properly formatted version: def BlogPostFilter(value):     return value.replace(‘\n’,'<br>\n’)