Archive

Archive for the ‘Windows’ Category

Sending a reminder to users with password is about to expire (PowerShell Script)

11/07/2013 2 comments

One of the most annoying thing in user support is that they never notice the “consider changing your password” balloon, and sometimes they are locked out after their password expired,

To overcome this difficulty with users, I programmed This in PowerShell:

 

  • First, I pull out the users that their password ending soon –

import-module ActiveDirectory

$date1 = ((Get-Date).AddDays(-56)).ToString()
$date2 = ((Get-Date).AddDays(-61)).ToString()

//the default domain password expiration is 60 days

get-ADUser -server “YOURDC” -SearchBase “OU=Divisions,DC=DOMAIN,DC=COM” -Filter {(enabled -eq “TRUE”) -and (PasswordLastSet -lt $date1) -and (PasswordLastSet -gt $date2) -and (PasswordNeverExpires -eq “false”) -and (EmailAddress -notlike ‘\S’)} -Properties * | select EmailAddress, DisplayName, PasswordLastSet | Export-CSV c:\List1.csv

//Please notice that i export only 3 field for each user (EmailAddress, DisplayName, PasswordLastSet)

  • Now we delete the first row, and load the file into $list

get-content c:\list1.csv | select -skip 1| set-content c:\list2.csv

$list = import-csv “c:\list2.csv”

 

  • Now for the loop, it will go to each row and take the user information and send him an email to consider changing his password

ForEach ($row in $list) {
$Subject = “Dear “+$row.DisplayName+”, Your Domain Password Set On “+$row.PasswordLastSet+” And About To Expire”
$Body = “To change youre password press Control+Alt+Delete and choose Change Password `nThis is an automatic message, Please DO NOT reply ……”

send-mailmessage -to $row.EmailAddress -from “<me@domain.com>”  -subject $subject -body $body -smtpServer “smtp.domain.com”
}

You can consolidate all the script parts to one file .ps1 type

This is it, I hope you liked it….

Yair

 

 

Advertisements

The Complete Guide To Deploy 3rd Party Update Via WSUS Infrastructure

07/04/2013 2 comments

One of the annoying things with non-Microsoft vendors is their large amount of update (for example Adobe Flash) and the lack of ability to manage it in your company’s computers

In this post I’m assuming that you already have WSUS infrastructure in your organization, and if not you should have it before trying to do the following steps. (I hope that someday I have the time to publish my WSUS best practice from my experience).

Don’t you want to see this thing on your computers?

scup3

scup4

Well, let’s start

  1. Local Update Publisher

Local Update Publisher (LUP), is a software that allow system administrators to publish their own update or 3rd party update   using WSUS Local Publishing.

You can download it here and install it on your WSUS server, there is an installation manual in this link.

  1. Certification

The most difficult issue in this the ExportImport of the WSUS Certification, the LUP WIKI don’t showing the way to do it right

The WSUS Server need to issue itself a certification, and this certification need to installed in all WSUS clients.

What you really need to remember is that the Exported Certification needs to be 2046 Bit, and you need to deploy it with group policy to computers in to places:

    • Trusted Root Certification Authorities.
    • Trusted Publishers.

 

  1. WSUS policy

One more Change that you need to do is on the WSUS GPO (or computer registry if you don’t manage it with policy)

In the GPO (computer configuration > policies > administrative templates > windows components > Windows Update) you should enable: “Allow signed updates from an internet Microsoft update service location”

The registry value that Present this policy is AcceptTrustedPublisherCerts in :  HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdate

Need to look like that: “AcceptTrustedPublisherCerts”=dword:00000001

  1. XML Import

The next step is to go 3rd-party  vendors site and search for distribution terms of their products (like: SCUP, SCCM, SMS,  etc.)

For example:

FLASH: http://www.adobe.com/licensing/distribution/strategies/sms.html

Acrobat Reader: http://www.adobe.com/devnet-docs/acrobatetk/tools/AdminGuide/sccm.html

Now what you have to do is to import the catalogue file into the LUP, select the versions you want to import and the LUP will download it from the site

123

Now approve the update to the group you want (like you do in WSUS)

You can also create an update by your own, I Didn’t try it yet…

scup5

PXE not working after restating the sccm 2007 server

Hi All,

Our SCCM server contain the PXE Service Point and WDS (DHCP on another server) – The server is A Virtual Server

Every time we needed to restart the server, the PXE didn’t worked, and we received the cursed TFTP Error….

So i tried to fix this issue by removing the PXE Service point, and reinstalling, but  i needed to create distribution points again to all my software/images

So, after 6 month, i solves this issue

  1. Restart the WDS Service
  2. Restart The PXE Service
  3. Update the Distribution points of the Boot image, x86 and X64 as well, i don’t know why it’s worked, but it fixed it.

Yair

Windows Vista operating system not loading

Hello,

In case Windows Vista operating system failed to start.

make this quick steps:

1)Insert windows Vista operating system disc.

2) choose repair.

3) Do not choose ” system restore”.

4) At the new window choose “command Prompt”.

5) Type the following command to create New “boot sector”:                         (alike fixboot/fixMBR in Windows XP)

Bootrec

or

bootrec /fixboot

If it’s not working type the following command :

bootrec /fixmbr.

Windows Vista operating system should loading now 🙂

Printing to a shared network printer in vista/7

 

Hello,

When printing to a shared network printer in windows vista/7 you get the annoying following message:

To use the shared printer, you need to install the printer driver on your computer”

If you want to print you must press the install driver button and wait for a 30 seconds to 1 minute  until the document is sent to the printer

The solution to stop this message  is simple

Step 1:

On the local Vista/7 computer, open up Local Group Policy Editor by clicking on Start – > Run then type “gpedit.msc

Step 2:

Navigate to –> Local Computer Policy –> User Configuration –> Administrative Templates –> Control Panel –> Printers

Double click on “Point and Print Restrictions” and  choose the settings like the picture below

and that’s it, the annoying message will never pop-up.

now you can print a document Peacefully.

Categories: Printers

How to Enable/Disable Usb port Via Regedit

Hi All,

To Enable or Disable  USB virtual ports via Regedit

1) Go to Regedit

Expand the hives:

  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR

2) In the right pane double click on Key labale ” start”  –>change the Value Data :

To Enable USB ports: change from 4 To 3.

To Disable USB ports: change from 3 To 4.

That’s it . Close regedit and restart your computer.

Categories: Microsoft, Windows

How to fix Language Bar Missing issue (win vista/7)

hello,

This simple steps will resolve win vista/7 Language Bar Missing issue:

Method 1:

1)Go to Control Panel -> Regional and Language Option -> Keyboards and Languages -> press Change Keyboards. and add your language.

2)Go to language Bar -> make sure “Hidden” button is not selected. and Dock in the taskbar is marked.

 

Method 2

This method will enable the startup service required for language bar, when your all settings are correct as mentioned above.

1)go to registry editor ( start->run-> regedit) , Go to the following location:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

2) Right click on run-> new- >string Value

3) Right click on newly value key (new value #1) -> press Modify-> type in “Value data” :

“ctfmon”=”CTFMON.EXE”

Press Ok and restart your computer.