Pages

3/28/2012

SIEM Group Test - SC Magazine

SIEM Group Test - SC Magazine: Security information and event managers (SIEM) have pretty much reached their plateau in terms of product-type maturity. In terms of functionality, we did not see much that was new this year. However, the tools we looked at exhibited many improvements in the depth to which they analyze data and present it to the administrator.

3/26/2012

Powershell - Bulk change home directory for AD users

#Change home directory
# must be logged on with administrative permission for AD
$ou = "TestOU"
$Search = New-Object DirectoryServices.DirectorySearcher([ADSI]"LDAP://OU=$ou,DC=USA,DC=DOMAIN,DC=COM")
$Search.filter = "(&(objectCategory=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))" #users, not disabled
Foreach($result in $Search.Findall()){
 $user = $result.GetDirectoryEntry()
 $updHome = $($user.HomeDirectory)
 #$new = $updHome.ToLower().Replace("\\priricfs01\users\","\\pricifs\ricusers\")
$new = $updHome.ToLower().Replace("\\pricifs\ricusers\","\\priricfs01\users\")
 $new = $new.Replace("(","")
 $new = $new.Replace(")","")
 $objUser = [ADSI]"$($User.Path)" # Get user object
 $objUser.put("HomeDirectory", "$new") # Make change
 $objUser.SetInfo() # Commit change
}

Powershell - List AD users and Home Directory

#LIST Home Directories
#AD List users & home dirs
$outfile = "c:\dev\home-list.csv"
$ou = "TestOU"
$ou = ""
$Search = New-Object DirectoryServices.DirectorySearcher([ADSI]"LDAP://OU=$ou,DC=USA,DC=DOMAIN,DC=COM")
$Search.filter = "(&(objectCategory=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))" #users, not disabled
Foreach($result in $Search.Findall()){
 $user = $result.GetDirectoryEntry()
 $report = write-host "$($user.sAMAccountName),$($user.HomeDirectory)"
 $report
 $report | out-file -encoding ASCII $outfile -append
}

Use PowerShell and Active Directory Cmdlets to Update Users in Active Directory

Use PowerShell and Active Directory Cmdlets to Update Users in Active Directory

3/02/2012

Cisco IOS - Connection refused

there may be too many logged on: show users Get rid of phantom connections: clear line vty 1