Category Archives: WIndows

File server permissions change auditing.

We’ve had some issues with admins improperly applying permissions in the past, and in recent times as well. Because of this, we’ve decided that maintaining permissions change logging to determine who it is that’s having issues learning how to apply permissions can get some extra training on how to appropriately set file ACEs. The issue with doing this is that it generates ~40GB of compressed Windows logs daily, or closer to 100GB uncompressed.  So, how can we use PowerShell to parse through the binary logs, store the info we need, and then get rid of the relatively gigantic evtx files?
Continue reading File server permissions change auditing.

Powershell Script to Audit Service Accounts Across All Servers

Today I got a half-joke request from a colleague to write ¬†script to help him audit service accounts across a multitude of servers. Initially, I didn’t see the use of writing a full script to do this for myself and my AD environment so I fired off this from my phone as a quick/dirty version.
Continue reading Powershell Script to Audit Service Accounts Across All Servers

Exchange 2013 Management tools on Windows 8.1 and Windows 10

Trying to install Exchange 2013 Management tools on Windows 8.1 is likely to present some problems by default. Unless you’ve already installed the IIS components required by Exchange you’ll get an extremely unhelpful error message when trying to install, saying that it cannot be installed on a client-based OS.
Continue reading Exchange 2013 Management tools on Windows 8.1 and Windows 10

Exchange 2013 2007 CoExistence Frozen Transport Queues

We’re in the middle of an Exchange 2007 to 2013 On Premise migration, and we haven’t been having the best time. After a major mail crash in 2011, every time we’ve attempted to move off the recovered server, either to Exchange 2010 or to a freshly built Exchange 2007 setup, we’ve encountered major, migration stopping issues.
Continue reading Exchange 2013 2007 CoExistence Frozen Transport Queues

dcpromo fails with An error with no description has occurred on Server 2008R2

While working to get rid of all our 2003/2008 DCs to get our AD to a 2012 Native level I came across one 2008 DC that was extremely difficult to rid ourselves of. It was created about a year ago to replace our 2003 FSMO master, and had been running without major issue since then. After building a new 2012 VM, and DCPromo’ing it, I transfered the FSMO roles to a stable server and set out to demote and decommission the 2008 machine. Upon running dcpromo from an admin shell, the system began to detect the ADDS binaries, and failed. The message it failed with was an extremely helpful “Failed to detect if Active Directory Domain Services binaries were installed. The error was: An error with no description has occurred.”¬†Lovely.
Continue reading dcpromo fails with An error with no description has occurred on Server 2008R2

Change default font in Office 2010 (Outlook, Word, PowerPoint) by GPO

I was asked if it was possible to rebrand our Office apps so that by default, we’d all be compliant with corporate branding when composing email, PowerPoint presentations, and Word documents. If I didn’t get to do fun things with computers, that would actually sound like the worst thing ever. But this kind of stuff is neat, so yay me! Continue reading Change default font in Office 2010 (Outlook, Word, PowerPoint) by GPO

Generate Certificate for TomatoUSB from Active Directory CA

I wanted to install a cert on my router so that I could stop getting shit for not trusting it when I log in. However, installing the cert on every device that I access it with. Since I’ve got all my computers on a domain, I can just install the CA role on my DC, so I don’t need to fuck around with an untrusted CA like StartCom who offer free certs, but still require you to install the CA chain, or buy a ridiculously overpriced cert from some random CA.
Continue reading Generate Certificate for TomatoUSB from Active Directory CA