Recently I got a request to find a way to let managers or Human Resources the ability to modify basic user attributes in Active Directory. Like anyone else, I presented the idea of using RSAT to let them modify users in ADUC or ADAC. This was not an ideal solution because ADUC can become overwhelming to someone that isn’t technical. They wanted something that was extremely basic, easy to follow and work in without any guidance or instructions, and did not show the user anything else that they could not modify or needed to see.
The decision was made to create a custom program with the pre-requisite of having RSAT installed so we could use the AD modules underneath the hood. We could then control permissions on the Active Directory side.
Improvements from ADUC
Because I built this with a specific audience in mind, I was able to make some … Continue...
If you have never heard of PowerShell Universal Dashboard you need to head on over to PoshUD right now and check out this awesome PowerShell Module. Using PowerShell Core, Material Design, ReactJS and ASP.NET Core, Universal Dashboard takes advantage of cutting-edge technology to provide cross-platform, cross-device dashboards that looks sleek and modern.1
While reading over some other posts about what other people have done with PowerShell Universal Dashboard, I wondered if there was a way to create a interactive dashboard that would hook into Office 365 and gather data from it. At first, I attempted to create a dashboard that would create a PSSession to Office 365 but it presented some problems and overall was quite slow. I then decided to use the Microsoft Graph REST API to connect to Office 365. This allows it to refresh the data within in the dashboard quickly and takes seconds to connect.… Continue...
When doing a migration to Office 365, one of the final steps prior to “flipping” the user in the migration batches, is to make sure to properly license them so once they flip they get an Exchange Online mailbox. One of the issues you will come across is you will have more users in Office 365 than you are migrating. This is very common because some users may not need Exchange services but may need other Office 365 offerings such as OneDrive, SharePoint, etc. This also happens when you use ADConnect to sync on-premise Active Directory users to Office 365 and again, not everyone will be needing an Exchange mailbox. However, prior to completing your migration batch jobs is all the users in the batches must have a proper license for Exchange.
Instead of going through user objects one by one, I created a script that will do the following:… Continue...
In this article I will show you how PowerShell can automatically send an e-mail notification to end users when their Active Directory password is set to expire soon. I looked over several other similar scripts on TechNet but ended up writing one from scratch to incorporate several features I needed, as well as improve on the overall script flow.
Some of the requirements I needed to meet were as follows:
- Get users email addresses from the Email Address value in Active Directory, if it’s empty look at the default address in the proxyaddresses attribute
- Send E-mail to users with passwords that were expiring in 7 days or less
- Include directions users can follow to reset their Active Directory password
- Send E-mail with high priority
- Get E-mail notification if sent or failed
- Store the credential in a Cred object so it’s secure
- Advanced logging on the script for troubleshooting
- Send E-mail