Press any key to continue using Powershell

Hi,

This is the code in powershell that can be used as function where you want to repeat the tasks or present user with some kind of choice.

 

# Clear screen to clear the trash off the screen
clear-host


# Using here string to display Menu
$menu = @"
Menu
--------------------
Select your options
1
2
3
4
5
6
7
8
0 : Press 0 to Exit

"@

write-host $menu
Function Pause ($Message = "Press any* key to continue . . .Well I don't mean all :) ") {
    If ($psISE) {
        # The "ReadKey" functionality is not supported in Windows PowerShell ISE.

        $Shell = New-Object -ComObject "WScript.Shell"
        $Button = $Shell.Popup("Click OK to continue.", 0, "Script Paused", 0)

        Return
    }

    Write-Host -NoNewline $Message
   
    # Secret codes :) you don't want to continue when press shift key alt etc etc
   
    $Ignore =
        16,  # Shift (left or right)
        17,  # Ctrl (left or right)
        18,  # Alt (left or right)
        20,  # Caps lock
        91,  # Windows key (left)
        92,  # Windows key (right)
        93,  # Menu key
        144, # Num lock
        145, # Scroll lock
        166, # Back
        167, # Forward
        168, # Refresh
        169, # Stop
        170, # Search
        171, # Favorites
        172, # Start/Home
        173, # Mute
        174, # Volume Down
        175, # Volume Up
        176, # Next Track
        177, # Previous Track
        178, # Stop Media
        179, # Play
        180, # Mail
        181, # Select Media
        182, # Application 1
        183  # Application 2

    While ($KeyInfo.VirtualKeyCode -Eq $Null -Or $Ignore -Contains $KeyInfo.VirtualKeyCode) {
        $KeyInfo = $Host.UI.RawUI.ReadKey("NoEcho, IncludeKeyDown")
    }

    Write-Host
}


# using do while loop to do switch case annoyance

do {

if($a)
 {
    clear-variable a
  }
$a = read-host "Select your option"

switch ($a)
    {
      
        1 {write-host -ForegroundColor RED "The color is red."; Pause;}
        2 {write-host -ForegroundColor DARKBLUE "The color is blue."; Pause;}
        3 {write-host -ForegroundColor GREEN "The color is green."; Pause;}
        4 {write-host -ForegroundColor YELLOW "The color is yellow."; Pause;}
        5 {write-host -ForegroundColor DarkYellow "The color is orange."; Pause;}
        6 {write-host -ForegroundColor Magenta "The color is purple."; Pause;}
        7 {write-host -ForegroundColor Cyan "The color is pink."; Pause;}
        8 {write-host -ForegroundColor Gray "The color is brown."; Pause;}
        0 {write-host "Exiting..."; Exit;}
  default {"The color could not be determined."; Pause;}
     }
    }
     while(!($a -eq 'null'))

 

Hope this will be helpfully in some ways.

Regards,

Navdeep [v-2nas]

www.ExchangeADTech.com

What's running on that port?

At times we may run an internal or external scan on your server and we finds that there is port xxxxx open. You are not aware of that port or any application that is using that port. Well weird...? How to find what's running on that port.

The first though to do telnet
telnet IP_Address portno
you get a blank screen... now what next, it doesn't give any clue what is running on that port, which service which process etc.

So here are some cool tips to quickly find out what is running on unknown port, lets say 32456.
Step 1: Fireup the command prompt
Step 2: netstat -ano | findstr /i "listening"
TCP    0.0.0.0:32456            0.0.0.0:0              LISTENING       1100
TCP    0.0.0.0:135            0.0.0.0:0              LISTENING       888
TCP    0.0.0.0:445            0.0.0.0:0              LISTENING       4
TCP    0.0.0.0:4105           0.0.0.0:0              LISTENING       424
TCP    0.0.0.0:4728           0.0.0.0:0              LISTENING       424

Look for your port in the result and identify the PID,. The PID is listed at extreme right hand side.

Step 3: tasklist /svc /fi "PID eq 1100"

Image Name                     PID Services
========================= ======== ==========================

==================
svchost.exe                   1100 Appinfo, AppMgmt, BITS, Browser,
                                   gpsvc, IKEEXT, iphlpsvc, LanmanServer,
                                   ProfSvc, Schedule, ShellHWDetection,
                                   Themes, Winmgmt, wuauserv

Image Name is basically your process in taskmanager

Now you have the names of the services running under the svchost.exe, you can use google to perform quick search what services are for.

Hope that would be helpful.

Regards,
Navdeep [v-2nas]

Step By Step Installing AD LDS on Windows 2008 Member Server.

 

In this post we will be installing Active Directory Lightweight Directory Services, previously known as ADAM.

Member Server of hostname DL-LDS is joined to fictitious domain resrc.vrnmyp.net. The forest root domain is vrnmyp.net

We have used resrc\Administrator account to install AD LDS on DL-LDS server. A service account can be used instead of Administrator account of domain resrc.vrnmyp.net. By default AD LDS use the following port for its operation.

Port 389 for LDAP and 636 for secure LDAP, these ports can be changed however you need to get necessary ports open on windows server and firewall wall.

To start with let’s begin with installation of AD LDS. The document is created using screenshots which are quite self-explanatory. The process has been simplified however detail information can be found on technet.microsoft.com if required.

  1.       Click on Start > Administrative Tools > Server Manager.

2.       Select Roles and Click on Add Roles

3.       Under Roles select Active Directory Lightweight Directory Services. If you don’t have .net framework 3.5 installed then you will be prompted to add .net framework 3.5. Click on Add Required Features.

4.       Click on Install to proceed.

5.       AD LDS will be installed and will be available under Start > Administrative Tools> Active Directory Lightweight Directory Services Setup Wizard. This wizard helps to create AD LDS instances.

 

 

 

6.       Specify an instance name and its description. A service by the name of ADAM_InstanceName will be available under windows services console. This service will be used to start/stop AD LDS instance.

 

7.       The default ports will be populated by itself, update the port numbers if you want to use a different port.

8.       To better manager AD LDS we will create Application Partition. Specify the distinguished Name of application partition

9.       Here you have choice to use service account and it will be granted administrative permissions over AD LDS instance that we are creating. We have used domain\Administrator account instead in this example.

 

10.   Click on Next, now we are presented with Importing LDIF Files. These are default LDIF files which come along with AD LDS binaries. Each LDIF file contains Classes and Attributes which will be imported into the schema of AD LDS. In this scenario we have selected all of the LDIF files except MS-AzMan.LDF. Click on Next twice to trigger the installation.

Below is the brief description about function of each LDIF file.

 

 

.ldf file	User classes	Import this file if ...
MS-ADAM-DisplaySpecifiers-0409.LDF	o    Not applicable	You want to use an Active Directory snap-in (such as Active Directory Sites and Services) with AD LDS.
MS-AdamSyncMetadata.LDF	o    Not applicable	You want to use adamsync to synchronize AD LDS with Active Directory Domain Services (AD DS).
MS-AZMan.LDF	o    Not applicable	You want to use Windows Authorization Manager with AD LDS.
MS-InetOrgPerson.LDF	o    Person o    Organizational-Person o    User o    inetOrgPerson	You want to create user objects in the AD LDS directory, and you want to create users of the InetOrgPerson class (as defined in RFC 2798). MS-InetOrgPerson.LDF is a sample file that you can modify to meet your particular requirements.
MS-User.LDF	o    Person o    Organizational-Person o    User	You want to create user objects in the AD LDS directory, but you do not want to create users of the InetOrgPerson class (as defined in RFC 2798). MS-User.LDF is a sample file that you can modify to meet your particular requirements.
MS-UserProxy.LDF	o    User-Proxy	You want to create simple proxy objects in AD LDS for use in bind redirection. MS-UserProxy.LDF is a sample file that you can modify to meet your particular requirements.
MS-UserProxyFull.LDF	o    User-Proxy-Full	You want to create complete proxy objects in AD LDS for use in bind redirection. To use this file, you must also import MS-InetOrgPerson.LDF or MS-User.LDF. MS-UserProxyFull.LDF is a sample file that you can modify to meet your particular requirements.

 

 

 

 

 

Custom ADM template for GPO Windows Server 2003

Hi All, Today we will look into how to write custom adm template to use with GPO and manage finer configuration of software or windows server. We will use a sample ADM template to understand and write ADM template. Quick and Fast here is the sample ***************************************** ; CLASS MACHINE CATEGORY “SYSTEM” CATEGORY “McafeeEP” POLICY “Configure ExemptNetwork Regsitry key” KEYNAME “System\CurrentControlSet\Services\Sbce” EXPLAIN !!Explain_1 VALUENAME “ExemptNetwork” VALUEON NUMERIC 1 VALUEOFF NUMERIC 0 END POLICY POLICY “Allow Relaxed Removable Media Definition” KEYNAME “System\CurrentControlSet\Services\Sbce” EXPLAIN !!Explain_2 VALUENAME RelaxedRemovableMediaDefinition VALUEON NUMERIC 1 VALUEOFF NUMERIC 0 END POLICY POLICY “Define AutoDomain” KEYNAME “Software\Safeboot International\Safe Boot Device Encryption\AutoDomain” EXPLAIN !!Explain_3 VALUENAME InstallPath VALUEON “C:\Program files\McAfee\Endpoint Encryption\Autodomain” VALUEOFF “Null” END POLICY POLICY “Define SBTools” KEYNAME “SOFTWARE\Microsoft\Windows\CurrentVersion\Run” EXPLAIN !!Explain_4 VALUENAME SBTools VALUEON “C:\Program files\McAfee\Endpoint Encryption\Autodomain” VALUEOFF “Null” END POLICY END cATEGORY END CATEGORY [strings] Explain_1=”Allows you to set ExemptNetwork Dword value to 1 or 0 when set to Enable or Disable. ExemptNetwork key is modified under HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Sbce. If the key doesn’t exist a new key will be written to the registry” Explain_2=”Allows you to set RelaxedRemovableMediaDefinition Dword value to 1 or 0 when set to Enable or Disable. RelaxedRemovableMediaDefinition key is modified under HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Sbce. If the key doesn’t exist a new key will be written to the registry “ Explain_3=”Set InstallPath to REG_SZ value of C:\Program files\McAfee\Endpoint Encryption\Autodomain when configured to Enable and NULL on disable. InstallPath is modified under HKEY_LOCAL_MACHINE\Software\Safeboot International\Safe Boot Device Encryption\AutoDomain. If the key doesn’t exist a new key will be written to the registry” Explain_4=”Set SBTools to REG_SZ value of C:\Program files\McAfee\Endpoint Encryption\Autodomain when configured to Enable and NULL on disable. SBTools is modified under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run. If the key doesn’t exist a new key will be written to the registry” ***************************************** ; is for comments CLASS keyword defines which registry hive will be read/modified CATEGORY defines sub section under Administrative template if the category doesn’t exist, a new category will be created when GPO is imported into the GPO MMC POLICY “Configure ExemptNetwork Regsitry key” ; The name of the entry under GP KEYNAME “System\CurrentControlSet\Services\Sbce” ; registry to query, if reg don’t exist a new reg key will be created EXPLAIN !!Explain_1 ;description about the GP, it’s using a variable which is called from ; strings section VALUENAME “ExemptNetwork” ; The regkey VALUEON NUMERIC 1 ; value when GP is enabled VALUEOFF NUMERIC 0 ; value when GP is disabled END POLICY ; Policy closed You can still do more than basic when using custom GP. More details can be found on technet. http://technet.microsoft.com/en-us/library/cc779567%28v=ws.10%29.aspx I hope this would be helpful.

Food for Thought

"Computers are incredibly fast, accurate and stupid; humans are incredibly slow, inaccurate and brilliant; together they are powerful beyond imagination." -- Albert Einstein

Appending members to Existing Group’s Membership

Hi All,

I got a request from my old good friend. He has contacts which are member of various groups and now this contact’s group membership needs to be added to another Group membership.  There are about 40k contacts how to do this using powershell script and without overwriting the group’s existing membership. So here how we did it.
I used questad cmdlets with powershell.

Get-QadObject -identity Contact | Get-QADMemberOf | Add-QADGroupMember -identity Group

With the help of Quest the code has been made really really short. Although the same could have been done using pure powershell but it would require some grey matter which is in short

Difference between Exchange 2007 and Exchange 2010

Hi All,


Today we will go through a major difference and enchancements in Exchange 2010 over Exchange 2007.
High Availablilty:
Exchange 2010 comes with new high availability concepts of DAG [Database Availablity Group] which incooperates features of CCR, SCR clustering on Exchange 2007 into single entity. Exchange 2010 don't use CCR, SCR terms but rather user DAG for high availability within site and for site resilence.

CAS Array In Exchange 2010, by design mapi clients now connect to the Client Access RPC service that runs on cas server. High Availability of CAS servers can be achieved with using CAS Array with load balancers. CAS Array means that we can combine all the cas servers in single site as one server to which clients will connect. Then request will automatically be proxied over to the appropriate cas servers.

Storage Groups have been removed and database are no longer associated with particular storage group or server rather they are moved to Org level.
Permission Functionality:
Permission model has been resived in Exchange 2010. With Role Based Access control also spelled as RBAC, you can define extermly broad or extremely precise permissions model based on the roles of your administrators and users.
You can grant users with the rights to change their own personal information, contact information, DL group membership hence delegating most common administrative tasks to the end users itself.
Transport and Routing Functionality:
        Shadow redundancy   Messages that are submitted to an Exchange 2010 Hub Transport server are stored in the transport database until the next hop reports successful delivery of the message. If the     next hop doesn't report successful delivery and it fails, the message is resubmitted for delivery.
        Moderated transport   Exchange 2010 provides an approval workflow for sending messages to recipients. When you configure a recipient for moderation, all messages sent to that recipient must go        through an approval process.
        End-to-end message tracking With Exchange 2010 End users are given ability to track messages.
        Incremental EdgeSync In Exchange 2010, the EdgeSync process has been changed to keep track of synchronized information and only synchronize the changes since the last replication cycle. This  significantly reduces network traffic and greatly improves synchronization efficiency.
        Message throttling improvements   In Exchange 2010, you can configure a Receive connector to monitor the rate of message submissions by users, IP addresses, or both. If you configure a Receive        connector to monitor the message submission rate for users, it ensures that a specific user doesn't exceed the message rate that it's allowed, regardless of the IP address the connections are coming  from. The default client Receive connector created on the Hub Transport servers is configured this way.
Mailbox and Recipient Functionality
        Ability for users to share information, such as calendar free/busy information and contacts with users who reside in a different organization
        Ability to move a mailbox while the end user is still accessing it
        Ability to appoint a moderator to regulate the flow of messages sent to a distribution group
Messaging and Complaince
        Personal Archive feature to provide users with online archive mailboxes and help eliminate .pst files
These are the major changes in Exchange 2010 over Exchange 2007. For comprehensive listing please refer to technet Artcile.
http://technet.microsoft.com/en-us/library/dd298136.aspx