Archives for category: Uncategorized

Used this script to take ownership of profile folders and restore users access so it doesn’t break the roaming profile

takeown /F E:\Share\Profiles\USER /R /D Y
icacls “E:\Share\Profiles\USER” /reset /T
icacls “E:\Share\Profiles\USER” /grant:r “DOMAINNAME\Domain Admins”:(OI)(CI)F
icacls “E:\Share\Profiles\USER” /grant:r “System”:(OI)(CI)F
icacls “E:\Share\Profiles\USER” /grant:r “DomainName\User”:(OI)(CI)F
icacls “E:\Share\Profiles\USER” /setowner “DomainName\User” /T

Migrating users from an Exchange 2010 SBS server to Exchange 2016 I noticed that after one mailbox had completed the user was prompted to quit and restart outlook. But after the user did that nothing happened and their profile was still connected to the Exchange 2010 server. I tried to create a new profile but it wouldn’t complete giving me the infamous message

“Action cannot be completed. The connection to microsoft exchange is unavailable”

After double and triple checking my URL’s SCPs etc… I found that recycling the “MSExchangeAutodiscoverAppPool” service on the Exchange 2016 Server resolved the problem.

  1. Open IIS on the Exchange 2016 Server
  2. Click on Application Pools
  3. Right Click on “MSExchangeAutodiscoverAppPool”
  4. Choose Recycle

You can either recycle the app pool each time you migrate a mailbox or check out the MS KB that guides you through setting it up to recycle every minute.

https://www.iis.net/configreference/system.applicationhost/applicationpools/add/recycling

 

To remove Exchange from an SBS server during the process of decommissioning make sure all your mailboxes are moved to another server or Office365.

Open an Elevated EMS and perform the following
#Remove default Public folders
Get-PublicFolder “\” -Recurse -ResultSize:Unlimited | Remove-PublicFolder -Recurse -ErrorAction:SilentlyContinue

#Remove system Public folders
Get-PublicFolder “\Non_Ipm_Subtree” -Recurse -ResultSize:Unlimited | Remove-PublicFolder -Recurse -ErrorAction:SilentlyContinue

#Remove Offline Address Book
Get-OfflineAddressBook | Remove-OfflineAddressBook

#Remove send connectors
Get-SendConnector | Remove-SendConnector

#Remove Public Folder database (SBS 2011/Exchange 2010 Only)
Get-PublicFolderDatabase | Remove-PublicFolderDatabase

#Remove arbitration mailboxes (SBS 2011/Exchange 2010 Only)
Get-Mailbox -Arbitration | Disable-Mailbox -Arbitration DisableLastArbitrationMailboxAllowed

#Remove mailboxes
Get-Mailbox | Disable-Mailbox

Once that is complete you should be able to uninstall Exchange either through Add Remove Programs or opening an elevated command prompt and changing the directory to the Exchange installation folder (i.e. “C:\Program Files\Microsoft\Exchange Server\v14\Bin). Then running “setup.com /uninstall”

Once that is complete you can proceed with removing AD, and decommissioning the rest of the SBS.

Hard Match Multiple Office 365 Accounts

1. Save the following as a Get-ImmutableID.PS1 script

###########################################################################################################StartScript###############################################################################################################
[System.Console]::ForegroundColor = [System.ConsoleColor]::White
clear-host
Import-module activedirectory

write-host
write-host This Script will Get the ObjectGUID for a user and convert
write-host it to the Immutuable ID for use in Office 365
Write-Host
write-host Please choose one of the following:
write-host
write-host ‘1) Get ID for a Single User’
write-host ‘2) Get IDs for all Users’
write-host ‘3) Cancel’ -ForegroundColor Red
write-host
$option = Read-Host “Select an option [1-3]”

switch ($option)
{
‘1’{
write-verbose “Option 1 selected”
$GetUser = Read-Host -Prompt ‘Enter UserName’
$Users = get-aduser $GetUser | select userprincipalname,@{label=”ImmutableID”;expression={[System.Convert]::ToBase64String($_.objectguid.ToByteArray())}}
$Users
}

‘2’{
Write-host
Write-host Type the Path location to Export the results: i.e. c:\service\IMID.csv

$Path = Read-Host -Prompt ‘Enter Path’

$Users = get-aduser -filter * | select userprincipalname,@{label=”ImmutableID”;expression={[System.Convert]::ToBase64String($_.objectguid.ToByteArray())}}
$users
$users | export-csv $Path

}
‘3’{
write-verbose “Option 3 selected”
break
}
}

###########################################################################################################EndScript################################################################################################################
2. Select your option

3. Save the CSV file to a directory i.e. C:\Service\IMID.csv

4. Open the CSV file and remove whatever UPN’s and IMID’s that you don’t want to change. Also replace all the “@domain.local” with “@domain.onmicrosoft.com” and save the file

5. Save the following as Set-IMID.ps1

###########################################################################################################StartScript###############################################################################################################

$users = import-csv “C:\Service\IMID.csv”
ForEach ($item in $users)

{
$UPN = $item.(“UserPrincipalName”)

$IMID = $item.(“ImmutableID”)

“Set-MsolUser -UserPrincipalName $UPN -ImmutableId $IMID”
}

###########################################################################################################EndScript################################################################################################################

6. Connect to Office 365 via Powershell

7. Change directory to the location of set-IMID.PS1

8. Type .\Set-IMID.PS1

9. It will print out all the results for you. Copy and and paste them back into the powershell

Here is a quick way to add a printer for all users on a Terminal Server

Open a Run box and type the following

RUNDLL32 PRINTUI.DLL,PrintUIEntry /ga /z /n\\computername\printername

Then have the users log off and log back on.

Use PSEXEC to enable RDP on a machine

  1. psexec \\remotecomputername -u username -p password reg add “hklm\system\currentcontrolset\control\terminal server” /f /v fDenyTSConnections /t REG_DWORD /d 0
  2. psexec \\remotecomputername -u username -p password netsh firewall set service remoteadmin enable
  3. psexec \\remotecomputername -u username -p password netsh firewall set service remotedesktop enable

Notes:

To run the command as administrator use “-h”

  • Example –
    • psexec \\remotecomputername -u username -p password -h netsh firewall set service remoteadmin enable

To have it prompt you for a password so you don’t have to enter it in plain text don’t use the -p command

  • Example –
    • psexec \\remotecomputername -u username netsh firewall set service remoteadmin enable

Open an elevated Command Prompt and type the below commands. Once finished reboot.

dism /online /add-package /packagepath:”C:\Windows\servicing\Packages\Adobe-Flash-For-Windows-Package~31bf3856ad364e35~amd64~~10.0.14393.0.mum”