Notify AD user with mail when password expires

In my environment, i have a lot of users, which never comes to the office, but need remote access to the company network. for this they have an AD user account, which password will expires for company policy after 90 days. Cause they never logon to a domain computer, they didn’t get the “Change Password Request” when the password expires. So they will have at one day an blocked account, but needing it for syncing mobile phone or remote access over VPN. So i wrote a litle script which will notify every user per Mail about the expiring password: read more

Remove all disabled users from distribution lists

Cause of company policy we don’t delete users which are leaving, but we disabled them. The exchange mailbox will be removed after some months. For this incomming mails have to be forwarded to an exchange contact with an unresolvable address, so the sender receives an error message.

Cause of this, we need to remove the disabled users from all distribution list. If not, senders receive error messages each time a message was send to a distribution list with disabled users.

To automate this, i wrote a script. You can filter it by OU and run it first in a display-only mode before you remove the disabled users definitely from all distribution lists. read more

Add third-party SSL-Certificate to Cisco WLC’s web authentication page

If you create a guest network with a Cisco Wireless Lan Controller, you will like to create and import a third-party SSL-Certificate for the Web Auth page. If you don’t add a third-party SSL certificate, your guest users will receive an error-message, that the WLC’s selfsigned certificate isn’t valid. Cause i searched long time around, how to setup a third-party SSL certificate and it seems not to be the easiest thing, i wrote a Step-by-Step guide for integrating SSL-certificate to a Cisco WLC 5508 with Version 7.0.98.

Prerequisites

To create and import a third-party SSL-certificate you will need:

  • an WLC 5508 with IOS Version 7.0.98 (i didn’t test it with other WLC’s or other versions, but maybee it will run the same way)
  • an external Certificate Authority (CA). in this document i will use www.startssl.org, which offers free Class 1 certificates.
  • a separated VLAN for the guest network with a DNS- and a DHCP-server.
  • OpenSSL 0.9.8h for Windows
  • a TFTP-server software (i use TFTP32)
  • read more

    Collect CDP informations with SCCM

    Did you ever need to know, to wich network switch a computer is connected? When you are a system administrator in a large company with tousends of users, this can be difficult. But when you use SCCM for OS or Software deployment, you have a good inventory tool integreated. Unfortunately SCCM by default only collect datas which the client operating system knows. Your Windows computers doesn’t known to which switch or port they are connected, but if you have Cisco switches the computers would be able to collect this information. Fact is that switches from Cisco are spreading all 60 seconds a lot of information about them to the connected ports (you can disable this, but by default it’s enabled). So you need only a tool to gather this information an write it to the SCCM. read more

    VariantTypes

    When you manualy edit a monitor or rule in the SCOM Authorin Console, maybee you have to edit the field @VariantType. The VariantType describes the type of the value that is returned.

    The variant types are:

    • Empty = 0
    • Null = 1
    • Short = 2
    • Integer = 3
    • Single = 4
    • Double = 5
    • Currency = 6
    • Date = 7
    • String = 8
    • Object = 9
    • Error = 10
    • Boolean = 11
    • Variant = 12
    • DataObject = 13
    • Decimal = 14
    • Byte = 15
    • Char = 16
    • Long = 17

    Free iSCSI Target for Windows available

    For years, when you need to define a Windows Storage as iSCSI target, you need a paid software, cause Microsoft iSCSI target software did only run on the Windows Storage Server edition.

    As of April 2011, the target software is now available for free and supported in any Windows 2008 R2 edition!

    You can use this for:

  • highly available VMs
  • clustering of file and print services
  • testing environments
  • read more

    Problem with SCOM Authoring Console after CU4

    When you update your SCOM 2007 R2 to CU4 (Cumulative Update 4), you will have problems to load a management pack with SCOM Authoring Console.

    You will receive a message, searching for management pack Microsoft.SystemCenter.Library with Version 6.1.7221.61:

    Unfortunately you will found only version 6.1.7221.0 on your disk. Microsoft didn’t published the newer version as separated management pack file (*.mp).

    To solve this open your management pack with a text- or xml-editor and change from:

    to:

    Change Version from 6.1.7221.61 to 6.1.7221.0 read more

    Change string value to integer in a SNMP monitor

    When you create an SNMP monitor in SCOM 2007 R2, SCOM assumes that the values are in STRING-format. So if you define, that your monitor should check an SNMP-OID to be greather than 70 and the SNMP OID gives a value of 100 back, your monitor will generate an error. To correct this, you have to tell your monitor, that it’s an INTEGER-value. Unfortunately, you can’t do this with SCOM Console.

    The easiest way to do this, you have to export your management pack and open it with the SCOM Authoring Console. read more

    Monitor a SNMP device with Microsoft SCOM 2007 R2

    To monitor SNMP devices with SCOM 2007 R2 is a litle special, as i know other products witch are more easy for monitoring SNMP devices. But SCOM has some good feature and if you have SCOM, you don’t want to have another tool only for monitoring SNMP devices.

    Here is an overview for monitoring one ore more SNMP devices:

    • Create a separated Management Pack for each device type.
    • Create the SNMP device.
    • Create a group for each device type.
    • Find out, which Values a SNMP devices can have and which OID’s you have to use.
    • Create one ore more SNMP Monitors.
    • Enable the monitor to the device group.
    • Make some adjustments to the monitor.

    Here is a step-by-step guide to monitor one ore more SNMP devices:

    Create a separated Management Pack for each device type

    Make a separated Management Pack for each device type. You will have only benefits:

    • you are able to make some special changes with an xml-editor or the Authoring Console.
    • you can test the Management Pack, go forward and backward.
    • you can export and distribute the Management Pack.

    Create the SNMP device

    Right click Network Devices under Device Management from Administration pane and select Discovery Wizard. read more

    Find AD-User from Email-Address

    Problem:

    Did you ever searched an special email-address in your active directory? If yes, you will know, that there isn’t a special field for the email-addresses.

    Solution:

    Go to active directory users and computers (ADUC).

    Right click on the domain and choose Find.

    Select Custom Search in the Find-Field and Entire Directory in the In-Field.

    Select the Advanced-Register and type this LDAP query:

    proxyaddresses=SMTP:user@domain.com