Wednesday, August 17, 2016

Delete Files Older than X Days and Delete Empty Folders

(1) Create a new text document (Del_OldDocs.txt)
(2) copy the script

REM Remove files older than X Days
forfiles -p "D:\Dir1\OldFolders" -s -m *.* /D -7 /C "cmd /c del @path"

cd /D    D:\Dir1\OldFolders
for /f "delims=" %%d in ('dir /s /b /ad ^| sort /r') do rd "%%d">NUL

(3) save the text document as Del_OldDocs.bat
(4) Run the script
(5) You can also run the script as job in the Task Scheduler


Note:
Please do some testing before using it in Production

D:\Dir1\OldFolders   -- this is the path where you have your old folders to be deleted
X Days -- Replace X with days (7 is used for one week), replace 7 with the number of days you want

First part of the script removes all the files in the OldFolders directory and Empty Folders still remain
Second part of the script will remove all the Empty Folders within OldFolders directory

Friday, June 10, 2016

Active Directory - Get account names, office and other properties from accountnames Powershell script

Using this script, you should be able to check and create Active Directory groups based on the input from spreadsheet (CSV)


  1. Copy the script in a notepad and save it as 'AD_DisplayNames_to_AccountNames.ps1'
  2. Use the same format for csv and add your DisplayNames and save it in the same folder as your script.
  3. Both script and csv are saved in the desktop
  4. Open powershell as Administrator (or ) Windows Powershell ISE that comes along with debugging. Using Powershell ISE can skip 5 thru 8 and open your script and hit F5
  5. In the powershell Navigate to your desktop (where script and csv are present)
  6. Set-ExecutionPolicy RemoteSigned
  7. Click Yes
  8. Now run the script by typing   ./AD_DisplayNames_to_AccountNames.ps1
  9. check for newly added txt and csv files for other properties in AD for the given displaynames


Powershell Script:

# Import active directory module for running AD cmdlets
Import-Module ActiveDirectory
$Sam = @()
$names = Import-csv "C:\Users\\Desktop\AD_input_DisplayNames.csv"


foreach ($name in $names)
{

$dispName = $name.displayname
$sam += get-aduser -filter  {displayname -like $dispName } -Property SamaccountName,DisplayName,office -Server ad3.xyz.com| Select DisplayName,SamaccountName,office


}
write-host $sam

#output to a text file format
$Sam | out-file 'C:\Users\\Desktop\AD_AccountNames.txt'
#output to a csv file format
$Sam | Export-Csv -Path 'C:\Users\Desktop\AD_AccountNames.csv'  -NoTypeInformation


Input:  (AD_input_DisplayNames.csv)

displayname
DisplayName1
DisplayName2


Output:  (AD_AccountNames.csv)

"DisplayName","SamaccountName","office"
"DisplayName1","accountname1","Office Name "
"DisplayName2","accountname2","Office Name "

Thursday, June 9, 2016

Bulk create Active directory groups and add users from csv - Powershell

Using this script, you should be able to check and create Active Directory groups based on the input from spreadsheet (CSV)


  1. Copy the script in a notepad and save it as 'Add_ADGroups_Members.ps1'
  2. Use the same format for csv and add your own groups and update csv based on your domain and path and save it in the same folder as your script.
  3. Both script and csv are saved in the desktop
  4. Open powershell as Administrator (or ) Windows Powershell ISE that comes along with debugging. Using Powershell ISE can skip 5 thru 8 and open your script and hit F5
  5. In the powershell Navigate to your desktop (where script and csv are present)
  6. Set-ExecutionPolicy RemoteSigned
  7. Click Yes
  8. Now run the script by typing   ./Add_ADGroups_Members.ps1
  9. check your AD groups getting created along with members added


Note: Users Domain is different to domain where groups are being created. You can have the same domain too, depending on your environment


# Import active directory module for running AD cmdlets
  Import-Module ActiveDirectory

    $Users = Import-Csv -Path "C:\Desktop\AD_input.csv"  
            
    foreach ($User in $Users)            
    {           
        $GroupName = $User.'GroupName'            
        $samAccountName= $User.'samAccountName'       
        write-host Current AD Group Name is $GroupName and accounts to add are $samAccountName
       
             
            Try
            {
              #Check if the Group already exists
              write-host checking to see if group $User.GroupName exists
              $exists = Get-ADGroup $User.GroupName
              Write-Host "Group $($User.GroupName) already exists! skipping group creation!"
         
            }
            Catch
            {
              #Create the group if it doesn't exist
                $create = New-ADGroup -Name $GroupName -GroupScope $User.GroupType -Path $User.GroupLocation -Description $User.GroupDescription
                Write-Host AD Group $GroupName created!
       
          
            }
            

         # Parse prospective members and add each to the new group. (multiple users to be added to same group)
         $Members = $User.samAccountName.Split(";")
      
         ForEach ($Member In $Members)
         {
             write-host Adding member  $Member
             $DomainGroupDN = Get-ADGroup -Identity $GroupName -Server ou.ad3.abc.com
             $SamDN = Get-ADUser $Member -Server ad3.abc.com
             Add-ADGroupMember $DomainGroupDN -Server ou.ad3.abc.com-Members $SamDN
             
             $Member = ""
         }
   

     Write-Host Members $Members added to Group $GroupName


}


Spreadsheet:   (save it as *.csv)
GroupName,GroupDescription,GroupType,GroupLocation,samAccountName
Test1,TestDescription1,DomainLocal,"OU=TESTOU,DC=ou,DC=ad3,DC=abc,DC=com","ramii;mreck"
Test2,TestDescription2,DomainLocal,"OU=TESTOU,DC=ou,DC=ad3,DC=abc,DC=com","larzi;mkhill"


Tuesday, May 31, 2016

Install ADUC on Windows 7 or Windows 10


Remote Server Administration Tool (RSAT) can be downloaded here
https://www.microsoft.com/en-us/download/confirmation.aspx?id=7887

(1) Download 64 bit or 32 bit depending on OS version installed on your computer

(2) After installing - to enable AD Management Tools

  1. From the Control Panel, click on Programs.
  2. Under Programs and Features, select Turn Windows features on or off.
  3. Under Remote Server Administration Tools > Role Administration Tools, select AD DS and AD LDS Tools


Click Ok. This will take a minute for windows to make changes to features