Stopzilla AVM

Sunday, March 31, 2013

Create OU in Active Directory using PowerShell

Here I’ve written code for creating OU in Active directory.
First of all will get Domain name and pass Distinguished name to function DNStoDN.
   1: function PassPath

   2: {

   3:     

   4:     $DC = Convert-DNStoDN (gwmi WIN32_ComputerSystem).Domain

   5:     

   6:     return "OU=$OU, $DC"

   7: }

Then split DistinguishedName using function DNStoDN


   1: # This function to get 
   2: function Convert-DNStoDN ([string]$DNSName) 
   3: { 
   4:    #  Create an array of each item in the string separated by "." 
   5:    $DNSArray = $DNSName.Split(".") 
   6:   # Let's go through our new array and do something with each item 
   7:    for ($x = 0; $x -lt $DNSArray.Length ; $x++) 
   8:       { 
   9:         #I don't want a comma after my last item, so check to see if I am on my last one and set 
  10:         # $Separator equal to nothing. 
  11:         # Remember that we need to go to Length-1 because arrays are "0 based indexes" 
  12:          if ($x -eq ($DNSArray.Length - 1)){$Separator = ""}else{$Separator =","} 
  13:          [string]$DN += "DC=" + $DNSArray[$x] + $Separator 
  14:       } 
  15:    return $DN 
  16: }


Now I’ll check OU is exists, If it does not will create new OU. You can change the name of OU given in the beginning.




   1:  

   2: function CheckOU

   3: {

   4: [string] $path = PassPath  #Calling function PassPath

   5: [string] $fPassPath = Convert-DNStoDN (gwmi WIN32_ComputerSystem).Domain

   6: try {

   7:      if(([adsi]::Exists("LDAP://$fPassPath")))

   8:      {

   9:         #return $true #Throw("Supplies Path does not exists.")

  10:         if(([adsi]::Exists("LDAP://$path")))

  11:         {

  12:             return $true

  13:         }

  14:      }    

  15:     }

  16: catch {

  17:        Write-Host "Please check Domain of your machine" -ForegroundColor red  

  18:        exit   

  19:       }

  20: }

  21:  

  22: if((CheckOU))

  23: {

  24:     Write-Host "OU exits"

  25: }

  26: else

  27: {

  28: try {

  29:         [string] $fPassPath = Convert-DNStoDN (gwmi WIN32_ComputerSystem).Domain

  30:         Write-Host $fPassPath

  31:         if(([adsi]::Exists("LDAP://$fPassPath")))

  32:         {

  33:             $Connect = [adsi]"LDAP://$fPassPath"

  34:             

  35:             $CreateOU = $Connect.Create("OrganizationalUnit","OU= $OU")

  36:             $CreateOU.SetInfo()

  37:             if((CheckOU))

  38:             {

  39:                 Write-Host "`nOU" $OU " has been created!"  -ForegroundColor green

  40:                 

  41:                 

  42:     

  43:             }

  44:         }

  45:     }

  46: catch {

  47:          Write-Host "Can't create OU." -ForegroundColor red

  48:          exit

  49:       }

  50: }

Here is the complete code snippet.

Run this script with Administrator privilege.


   1: Import-Module ActiveDirectory
   2:  
   3: $OU = "myOU" # Organizational Unit Name
   4:  
   5:  
   6: # This function to get 
   7: function Convert-DNStoDN ([string]$DNSName) 
   8: { 
   9:    #  Create an array of each item in the string separated by "." 
  10:    $DNSArray = $DNSName.Split(".") 
  11:   # Let's go through our new array and do something with each item 
  12:    for ($x = 0; $x -lt $DNSArray.Length ; $x++) 
  13:       { 
  14:         #I don't want a comma after my last item, so check to see if I am on my last one and set 
  15:         # $Separator equal to nothing. 
  16:         # Remember that we need to go to Length-1 because arrays are "0 based indexes" 
  17:          if ($x -eq ($DNSArray.Length - 1)){$Separator = ""}else{$Separator =","} 
  18:          [string]$DN += "DC=" + $DNSArray[$x] + $Separator 
  19:       } 
  20:    return $DN 
  21: }
  22:  
  23:  
  24: function CheckOU
  25: {
  26: [string] $path = PassPath  #Calling function PassPath
  27: [string] $fPassPath = Convert-DNStoDN (gwmi WIN32_ComputerSystem).Domain
  28: try {
  29:      if(([adsi]::Exists("LDAP://$fPassPath")))
  30:      {
  31:         #return $true #Throw("Supplies Path does not exists.")
  32:         if(([adsi]::Exists("LDAP://$path")))
  33:         {
  34:             return $true
  35:         }
  36:      }    
  37:     }
  38: catch {
  39:        Write-Host "Please check Domain of your machine" -ForegroundColor red  
  40:        exit   
  41:       }
  42: }
  43:  
  44: if((CheckOU))
  45: {
  46:     Write-Host "OU exits"
  47: }
  48: else
  49: {
  50: try {
  51:         [string] $fPassPath = Convert-DNStoDN (gwmi WIN32_ComputerSystem).Domain
  52:         Write-Host $fPassPath
  53:         if(([adsi]::Exists("LDAP://$fPassPath")))
  54:         {
  55:             $Connect = [adsi]"LDAP://$fPassPath"
  56:             
  57:             $CreateOU = $Connect.Create("OrganizationalUnit","OU= $OU")
  58:             $CreateOU.SetInfo()
  59:             if((CheckOU))
  60:             {
  61:                 Write-Host "`nOU" $OU " has been created!"  -ForegroundColor green
  62:                 
  63:                 
  64:     
  65:             }
  66:         }
  67:     }
  68: catch {
  69:          Write-Host "Can't create OU." -ForegroundColor red
  70:          exit
  71:       }
  72: }


Thanks.


Thursday, March 14, 2013

SharePoint 2010 Service Account Password Change

My SharePoint Farm has multiple application pools including SharePoint Services running.

And each Application Pool is running on different service account.

To check which application pool is running using which service account.

Go to Run >> Type inetmgr. This will open Internet Information Services Manager.

Click on Application Pool and you can see Identity of Application pool which is Service account.

AppPool

When we create Application Pool or Application Service and choose new service application pool account, this account

get registered to Manage Accounts under Security.

Path will be Central Administration >  Security > Manage Accounts

We can see here are all service accounts are registered.

Manage Accounts

If you want to Check password of service account you can check using PowerShell command.

Open Windows PowerShell Module from All Application Program.

type below PowerShell Command.

Get-WmiObject –Namespace root/MicrosoftIIsV2 –Class IIsApplicationPoolSetting –Property Name, WAMUserName, WAMUserPass | Select Name, WAMUserName, WAMUserPass

and it will show all passwords of particular service account name.

 ServiceAccountPassword

This will help you in case you forget your AppPool Service Account password.

Now, we will change password of service account which is running a web application name Tesst – 45380. And you can see

the service account name is spdev\testpass and password is P@ssw0rd3

For changing password of spdev\testpass  go to Central Administration > Security > Manage Accounts

look for spdev\testpass and edit.

Now check box named Change Password Now and select Set account password to new value.

enter new password and click on ok.

ChangePass

 

To confirm password is changed or not you can run above PowerShell script.

 

Thanks for reading,

Any query, please post comment.