PowerShell change AD displayname

While helping a peer at a Junior College clean up a their Active Directory I wrote this one liner to set the Display Name field uniformly for all of their accounts. It just takes every AD account with a specific UPN and sets display name to Last, First for each user based on what they already have in AD for Given Name and Surname.

Continue reading

Block petya virus on a computer

Yesterday news started to break about a new virus making the rounds. Initially it was being referred to as ransom-ware but the email address to get a recovery key after paying has been blocked and researchers have now discovered that the HD is in fact not encrypted but the MBR destroyed and there is no recovery (Link to more information about that here). There are also several sources speculating that this was a Nation State attack masked as a ransom-ware, Wired Magazine wrote this about the virus and possible ties to Russia. There appears to be a way to “inoculate” your computer to block the virus from infecting you and that is what this will show.

Continue reading

PowerShell, Rename Computer Remotely

In keeping with the last few posts this is a short but handy IT tool in a short but (hopefully) handy post. Computer naming conventions are a common practice in almost every organization. However, sometimes a machine gets misnamed or moved and we need to rename it. Of course you could send a tech or sysadmin to lay-on-hands and change the computer name through the GUI but that is time consuming and if the machine is at a remote site impractical. Luckily PowerShell can help us out here.

Continue reading

PowerShell to Create Secure PSCredentials for scripts

Rather than having a username and password in plain text you might want to put the password into a file in an unreadable format. This has some pretty clear benefit that you are not fully exposing the password. From time to time of course you want to test with a password in plain text but in production that practice should be avoided if possible. Clearly if someone “bad” acquires the file they could essentially have the password username (if they got this from your automation script) combination. A sysadmin could minimize that threat by limiting who has access to the servers and use file permissions to protect the password text file.

Continue reading

Add IE Trusted Sites without AD GPO

Building off of the post from yesterday about checking Trusted Sites in IE using PowerShell this is how to add a Trusted Site on a single computer without rolling it out domain wide with a GPO. This is handy in situations where a site might need to be trusted temporarily or only on one computer and pushing it out over a Group Policy Object is more work then needed. Continue reading

Show IE trusted sites from PowerShell

Like most organizations Sul Ross uses Active Directory Group Policy Objects to manage the Trusted Sites list in the Internet Explorer Internet Zone. If you are a part of Sul Ross and need to have a site added University wide or just to a single computer please reach out to help desk by emailing techassist@sulross.edu or calling extension 8888. If you’d like to just check what sites are listed in the Trusted Sites section on your computer you can run the following command.

Continue reading

IP info in an easy .bat file

Get the info you need from a user quickly with a bat file like this one.