Ubuntu Phone and implications for the Enterprise

Ubuntu Phone Docked

I dont know about you but the recent news from Ubuntu regarding the Ubuntu OS on mobile devices is very very exciting to me. A “One device fits all” model is finally within grasp!

Combining ideas like the Asus Padphone and VDI on an ARM (phone) device would allow a user to carry a phone in their pocket to grab emails on the go, dock to a tablet to take notes in meetings, then dock on their desk to allow a full Windows desktop experience.

Combining that with something like VMWARE View or Citrix XenDesktop clients to start up as soon as the phone are docked would facilitate very interesting scenarios.

Also, when you consider how easy it is to provision devices for enterprise users with Airwatch, which is surely to support Ubuntu Phone in the future, I can see Ubuntu Phone becoming a real option for enterprise in the near future.

What to do when your transaction log drive is full (using Powershell)

 

What to do when your transaction log drive is full (using Powershell)

I recently had to resolve an issue where backups had paused, causing our transaction log drive to fill up on Exchange. Obviously this happened just as I was about to leave on a Friday afternoon!

First things first… DO NOT DELETE ANY TRANSACTION LOGS!!! if you do, the databases will more than likely not mount. Very Very important!!

The guide assumes that your log drive is 100% full, your databases have dismounted and you feel like pulling your hair out.

First, make sure your databases are dismounted. You can check this in the failover cluster manager (if its a clustered mailbox server), in the exchange management tools GUI or using Powershell on the mailbox server.

Get-Mailboxdatabase -status | where {$_.Mounted -eq $true}
(will tell you what databases are mounted)

Get-Mailboxdatabase -status | where {$_.Mounted -eq $false}
(will tell you if the database is dismounted)

Once you’ve ensured your exchange database is dismounted you can do one of two things. Either move the logs yourself to a new location, or let the exchange powershell cmdlet do it for you.

I personally prefer to move the logs myself so I can see the progress but its up to you.If youve moved the logs yourself, run the following after they’ve moved:

move-storagegrouppath -identity SERVERNAME\STORAGEGROUPNAME”-LogFolderPath X:\NEWLOGPATH -ConfigurationOnly

If you want the powershell cmdlet to move them for you, run this command instead:

move-storagegrouppath -identity SERVERNAME\STORAGEGROUPNAME” -LogFolderPath X:\NEWLOGPATH 

Once the commands are complete, you can mount the database again and all should be well.

 

If you have transaction logs and mailbox databases on the same drive

If for some crazy reason you have your transaction logs and your mailbox databases on the same drive, you might opt to move the database rather than the logs (due to how much space you have available in the new location)

Obviously you need the databases dismounted for this as well, either in cluster manager, the gui or using powershell (as above).

For this, I do prefer to let powershell move the database (edb file) . The progress bar doesnt tend to reflect how far the copy has got, so dont worry if it doesnt move. I use resouce monitor to make sure the disk activity is active between the source and destination.

To initiate the database move (powershell will move the database for you):

Move-DatabasePath -identity “MAILSERVER\STORAGEGROUP\DATABASE” -EdbFilePath “X:\NewLocation\Database.edb”

If you want me to go over anything else, please leave a comment.

 

 

 

 

Bulk converting AD groups from Domain Local or Global to Universal

 

A useful but short post for a friday afternoon.
I needed to convert around 300 groups from DL\Global to universal as a precursor for some user migrations to another domain in the forest we are part of. I did have the option of having a 1st line engineer go through each one and change the type… but I didnt want to find his body on the pavement at the end of the day so i wrote a script :) .

Again, i used the AD CMDlets from PowerGUI ( http://community-downloads.quest.com/powergui/Release/3.1/PowerGUI.3.1.0.2058.msi)

Code is here:

$group=Get-QADGroup -SearchRoot “Domain/OU/” GroupScope Global
 
foreach ($objitem in $group){
Set-qadgroup -Identity $objitem -GroupScope Universal
}

All its doing is:

  • Looking in the OU here: “Domain/OU”
  • For global groups: -groupscope Global
  • And setting what it finds to universal: Set-qadgroup-Identity $objitem -GroupScope Universal

Nice and easy!
To change what its looking for to Domain local groups, change the groupscope to DomainLocal.
To change what the group type will be set to, change the 2nd groupscope to DomainLocal or Global. Obviously you cant change from universal to global\domain local if you have members outside of your domain.

Any questions, add to the comments. If this has helped, donate me a bitcent or two!

How to Team Intel Pro 1000MT in Windows Server 2008 R2

I recently had to install Server 2008 R2 on an old Dell Poweredge 2850 and had a need to team the network adaptors. Intel sadly dont support this as standard so you have to follow a couple of steps to get it working!

First you need to download the driver CD Zip file from here:http://www.lostmydrivers.com/driver/download/25242/Intel/Network-Drivers/INTEL-PRO-1000-MT-DRIVER-15.3-WINDOWS-XP-32-64-2003-32-64-VISTA-32-64-7-32-64-WINDOWS-VISTA-WIN20.

Extract the content and update the drivers from the \V15.3_CD\PRO1000\Winx64\NDIS61 folder in device manager.

Once the drivers have been updated you can install the teaming software from \V15.3_CD\APPS\PROSETDX\Winx64\ProsetDX.msi and it should run through and add the necessary tabs to the network adaptors in device manager.

 

Creating a “no reply” address \ hub transport rule in Exchange 2007

We have recently implemented a service that required an email to be sent out with an alert to users. The email states that no responses to the email will be recived.
To Keep things tidy, I wanted to create a transport rule in exchange to automatically drop messages sent back to the address so emails dont mount up, whether it be global email sent to all users, replies or just spam. I use Exchange 2007 and im not sure if the same process applies to 2010 as ive not used it. I cant see it being much different though.

After creating the mailbox and configuring the service to use the email address you create the transport rule in exchange.  First open the Exchange Management console and on the left navigation par, browse to Organisation Configuration and to Hub Transport.

Hub Transport Selection

Right Click in the blank space of the hub transport window and select new rule. Type in a relevant name and comment so its easily identified in the future.

New Hub Transport Rule

Hub Transport Rule Wizard 1

At the first config page of the rule, you select what user (the no-reply user) the rule will apply to. You can instead apply to rule to members of a distribution list if you have more than one no-reply address. That way to apply the rule to new no-reply addresses in the future, youd just add them to the applicable distribution list and not have to edit the rule each time a new address is created.
In this instance i’m adding an individual user, but the process is the same.
Tick the “Sent to people” Option (select “Sent to member of a distribution list” to set up against a dist list) click on “people” in the window below and browse and select the no-reply user. click next

Hub Transport Rule Wizard 2
On the next screen, select the action at the bottom of the list “silently drop the message” and click next.

Hub Transport Rule Wizard 3

Leave the exceptions blank, unless you have any special requirements. Click next, the click new.

The Last screen will state that the operation has completed sucessfully and show the powershell script the GUI used to apply the change.

Hub Transport Rule Wizard 4

Once its created, view the entry in the Hub Transport list and ensure the rule is enabled. (Otherwise it wont work!). if its disabled, right click and enable the rule.

Happy email dropping!

Passing CSV files to powershell to perform bulk commands

Nice easy one for a Wednesday morning.
Again, you’ll need the quest Powershell ActiveRoles Management Plugin from here: http://www.quest.com/powershell/activeroles-server.aspx

For this i’ll be using the New-QADUser command but you can use any command you like. All the csv and code is doing before that command is populating some variables that are passed to the command.

To tell Powershell what CSV file to use, you use the Import-Csv command and assign to a variable, then pick out each row and assign each value to its own variable :

$List = Import-Csv C:\scripts\list.csv
ForEach ($entry in $list){ 
$firstname = $($entry.firstname)
$lastname = $($entry.lastname)
$ccg = $($entry.ccg)
$code = $($entry.code)
$job = $($entry.job)
$name=$lastname+” “+$firstname
$username=$firstname+”.”+$lastname
$displayname=$name+” (DOMAIN)”
$upn=$username+”@domain.uk”
$password=”tgrefgbfdbfdshgtfsbgfd”
if ($ccg -eq “preston”) {
$ou = “Domain/OU1/Preston”
}
if ($ccg -eq “csr”) {
$ou = “Domain/OU2/C&SR”
}
if ($ccg -eq “wl”) {
$ou = “Domain/OU3/West Lancs”
}

The CSV contains the users name, CCG (OU Name), job title and Job Code. Each are assigned a variable, then other values such as Display name and username are constructed from the variables in the csv file. If I wanted to add more values from the csv, id create a new column (eg Phone number), then reference it in the code like this:

$phone = $($entry.phone)
 

The $phone at the start of the string is the variable within powershell. the “($entry” is the variable for the csv specified at the top of the code and “.phone)” is the column name in the csv.
Once all the variables have been specified that you want to use, you add the command:

New-QADUser -FirstName $firstname -LastName $lastname -Name $name -DisplayName $displayname -UserPrincipalName $upn -UserPassword $password -ParentContainer $ou -SamAccountName $username -Office $code -Description $job
 

To add an additional variable such as phone number, you would add “-PhoneNumber $phone” to the command.
Blank values in the CSV will add a blank value to the object in AD when the account is created.  PS1 download is below.

Powershell File

Sample CSV



Lazy Admin Quick Fix Tool

I thoughts id be a good samaritan and write a tool to help our service desk automate a few day to day tasks to make their lives a little easier… (im nice like that!).

Its basicly an old school batch menu that calls a PSexec command to run on another computer. All the Service desk tech needs to do is enter the PC number they want to send the command to, then pick the option from the menu. Once its done, they wait for the next job, enter a new PC number then select another command. The command will run as the tech regardless of what user is logged onto the PC at the other end.
May be worth mentioning that our users are basic users on PCs (not power users or local admin) and our Service desk Techs are Part of a security group that has local administrator rights over users PCs. In the past they’d have to open a dameware session (Like VNC) and run any of these commands manually.
Heres what it looks like:

Main GUI

Selecting option A lets you set the value for the PC you want to connect to.  The PSExec command then uses the variables specified, and picks out the command from the menu option selected. Basicly ANYTHING you can run from the command line can be implemented into the menu. All commands will run as the techy, so no need for the user to log out to perform the commands.

The Office 2010 Utilities option also launches a submenu, with a few options in:

Office Menu



 

Building a Powershell script to create user accounts on Active Directory

User accounts in Active directory can be a pain (and boring) to create… especially if you have a high staff turnover or you need to add extra bits to user accounts once they’ve been provisioned.

For example, when we create a user account in our domain environment i need to:

  • Format the Display name in a certain way. eg, “Smith Jane (CLPCT)”
  • Format the username (Jane.Smith)
  • As we are part of a large AD forest, i sometimes need to choose a different domain suffix in the UPN.
  • The account needs to be added to the correct OU to pick up group policy
  • The mailbox needs to be placed in a particular database in exchange depending on the domain and the users name\position
  • Custom attributes sometimes need to be added
  • Add the user to one or more common AD security groups
  • Depending on the domain, add a profile path based on the users login name

The list goes on and on. With so many steps involved, its easy to miss some and cause problems later down the line.

I decided to create an easy way to create the accounts by entering the bare minimum about the user then selecting the rest of the info from menus and letting powershell do all the work for me.

To make this happen i used:

Before doing any of this, i suggest you TEST on a TEST domain, or a TEST OU…. TEST!

When installing powerGUI, be sure to select AD and Exchange from the powerpacks when you get to the installation feature screen. Also, when installing the Quest activeroles cmdlets, select the option to change powershell to allow unsigned code to run otherwise you’ll hit problems when you come to run your scripts.

Now that bits done we can start on some code…

All my code does is have the commands to create an exchange mailbox and modify an AD user account ready filled with variables, then have multiselection menus and prompts to popualte them. here we go…

First things first. We need to work out what commands we will be using and what values we can apply. Creating an exchange account will also create an account in active directory, so I use the New-Mailbox command. typing the command into a new powerGUI window will show you all the available values you can apply when creating the account. Some user object attributes arent available with that command so we will need to use Set-QADUser after the exchange command to add the bits its missing.

So here’s the command I use for the new mailbox:

New-Mailbox -DomainController $dc -name $name -userprincipalname $upn -Alias $username -OrganizationalUnit $ou -FirstName $firstname -LastName $LastName -Password $password -ResetPasswordOnNextLogon $true -Database $maildatabase -DisplayName $displayname

And the extra values you cant specify in the New-Mailbox command:

Set-QADUser -Identity $upn -ProfilePath $profilepath

All the values starting with $ are variables ive set before the commands run. To set the variables ive added some prompts, along with some “write-host” commands to list all the options.

Here I prompt for the basics:

$firstname = read-host -prompt “Enter First Name”
$lastname = read-host -prompt “Enter Last Name”
$trust = read-host -prompt “LCFT or CLPCT or ICO”
$password = read-host -assecurestring -prompt “Please enter a Password”

Then from the Values above, i can construct some of the other values based on how we format them in our domain.

$name=$lastname+” “+$firstname
$username=$firstname+”.”+$lastname
$displayname=$name+” (“+$trust+”)”
if ($trust -eq “CLPCT”) {
$domain = “@centrallancashire.nhs.uk”
$attrib = ” ”
}
if ($trust -eq “LCFT”) {
$domain = “@lancashirecare.nhs.uk”
$attrib = “TCS-LCFT-CL”
}
if ($trust -eq “ICO”) {
$domain = “@centrallancashire.nhs.uk”
$attrib = “TCS-ICO”
}
$upn=$username+$domain

Here’s the options for the $maildatabase value.

Write-Host “”
Write-Host -foregroundcolor Green “Please Pick a Mailbox Database”
Write-Host “”
Write-Host “0 – TCS User”
Write-Host “1 – StandardUsersA-C”
Write-Host “2 – StandardUsersD-F”
Write-Host “3 – StandardUsersG-I”
Write-Host “4 – StandardUsersJ-L”
Write-Host “5 – StandardUsersM-O”
Write-Host “6 – StandardUsersP-R”
Write-Host “7 – StandardUsersS-U”
Write-Host “8 – StandardUsersV-W”
Write-Host “9 – StandardUsersX-Z”
Write-Host “”
$mailnumber = read-host -prompt “Please Choose a number”
if ($mailnumber -eq “0”) {
$maildatabase = “MAIL\VIPUsers\VIPUsers”
}
if ($mailnumber -eq “1”) {
$maildatabase = “MAIL\StandardUsersA-C\StandardUsersA-C”
}
if ($mailnumber -eq “2”) {
$maildatabase = “MAIL\StandardUsersD-F\StandardUsersD-F”
}
if ($mailnumber -eq “3”) {
$maildatabase = “MAIL\StandardUsersG-I\StandardUsersG-I”
}
if ($mailnumber -eq “4”) {
$maildatabase = “-MAIL\StandardUsersJ-L\StandardUsersJ-L”
}
if ($mailnumber -eq “5”) {
$maildatabase = “MAIL\StandardUsersM-O\StandardUsersM-O”
}
if ($mailnumber -eq “6”) {
$maildatabase = “-MAIL\StandardUsersP-R\StandardUsersP-R”
}
if ($mailnumber -eq “7”) {
$maildatabase = “MAIL\StandardUsersS-U\StandardUsersS-U”
}
if ($mailnumber -eq “8”) {
$maildatabase = “MAIL\StandardUsersV-W\StandardUsersV-W”
}
if ($mailnumber -eq “9”) {
$maildatabase = “MAIL\StandardUsersX-Z\StandardUsersX-Z”
}

MAIL in this instance is the name of our Exchange mailbox server. The rest is the path the the mailbox databases. You’ll be able to pick your own values out of exchange. The code to populate the $ou variable is very similar.

To run the script from a shortcut, you’ll need to create a shortcut that calls powershell.exe then references the location of the ps1 file. So change the target to something like:

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -file “C:\location of ps1 file”
 

You can use unc paths if your wanting to share  the script with other people

My PS1 file is below. you’ll need to go through and change the values to suit your own domain. Any questions, post a comment.

Powershell File