How to Deploy BIOS settings to DELL clients

You can use CCTK from DELL to perform BIOS configuration. First download the latest version of “Dell Command Configure” under “System Management” category from dell.com/support

Then install it and run the “Dell Command Configure Wizard”

cctk.PNG

Edit it selecting the required settings.

The export the config clicking the button “EXPORT CONFIG” to be able to modify it later if needed.

Clicking on button “EXPORT .EXE”, and executable file will be created. Running this exe on the target machines, your BIOS settings will be applied.

The exe is silent but create a log on the same folder where you run it.

To deploy it via PSEXEC, some options is required:
– Put the EXE file on a share reachable by clients
– Run PSEXEC with option -s

DELL deliver also a powershell module for managing BIOS setting.
If you have WMF5 you can download it directly from http://www.powershellgallery.com/

Check if you find it:

Find-Module DellBIOSProvider

If yes, install it:

Install-Module DellBIOSProvider

Once installed, import the module:

Import-Module DellBIOSProvider

Check if the provider is there:

Get-PsProvider

Then browse the BIOS settings:

cd dellsmbios:

Like example, to set “Numlock” attribute enabled:

Set-Item –Path .\POSTBehavior\Numlock Enabled

 

VIA: http://www.dell.com/support/manuals/us/en/19/dell-command-powershell-provider-v1.0/DCPP_UG/Introduction?guid=GUID-80A7A07A-2643-4156-A275-A06F90F85E35&lang=en-us

How to send email to users with approacing password expiration

I created and scheduled a script for send email when the user password expiration is approaching.

We are on a international company, so this script have an option to specify a file where the mail body is written in the appropriate language and with the appropriate info.

Here the parameters of Send-PasswordNotify.ps1:

  • notificationGroup: it’s the Active Directory group the have the users that should receive the password expiry notification.
  • emailBodyFile: the text file that contain the body of email (the default option is mailbox.txt).
  • logFile: This is a Boolean option. If $True a log file (Send-PasswordNotify.log) is created. By default is $False. You can change the path of logfile at line 51
  • eventLog: This is a Boolean option. If $True an entry on eventlog (Scripts) is written. By default is $True.
    NOTE: You should enable/create the eventlog running this command once:

    New-EventLog -LogName “Scripts” -Source Send-PasswordNotify

    You can change the eventlog where send the info atn line 49. If you change the eventlog, remember also to enable it for this script with the command above. Example: New-EventLog -LogName “Application” -Source Send-PasswordNotify

On Send-PasswordNotify.ps1 at lines 43-51 you can fine the parameters that you can adjust, like days before the expiration, smtp server, etc.

Copy Send-PasswordNotify.ps1 and mailbox.txt on the same folder.

 

How to Reset Offline File Cache

Sometime our helpdesk need to reset offline file cache on Windows because corrupted.

I created a batch script (I do not used powershell because somewhere winrm is not configured):

You can pass as parameter the hostname/ip address of computer where you need to reset the cache. Use “.” to specify that you want to reset cache on local computer.
You need admin rights and a reboot of remote computer is required after the cache reset.

Pushd & Popd

I had the need to write a script that make some directories changes but at the exit came back to the current directory where I ran it.

The pushd command saves the current working directory so it can be returned to at any time, optionally changing to a new directory. The popd command returns to the path at the top of the directory stack.

In Windows PowerShell, pushd is a predefined command alias for the Push-Location cmdlet and popd is a predefined command alias for the Pop-Location cmdlet.

This directory stack is accessed by the command Get-Location -stack in Windows PowerShell.

pushd and popd is available also on windows command prompt (CMD) and Linux bash.

Example:

PS C:\> pushd .\Data\Working\
PS C:\Data\Working> Get-Location -Stack

Path
----
C:\

PS C:\Data\Working> popd
PS C:\>

 

Via: https://technet.microsoft.com/en-us/library/bb490978.aspx

Error:The DFS Replication service detected a conflict between two or more nTDSConnection objects while polling for configuration information

I had this warning on a bad wan connected DC:

Log Name: DFS Replication
Source: DFSR
Date: 30/03/2016 02:27:44
Event ID: 6004
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: [ServerName]
Description:
The DFS Replication service detected a conflict between two or more nTDSConnection objects while polling for configuration information. The DFS Replication service resolved the conflict between CN=1a46e70a-b0f5-410f-afdd-7049b1685292,CN=NTDS Settings,CN=MyDC,CN=Servers,CN=MySite,CN=Sites,CN=Configuration,DC=Domain,DC=Local, CN=b1f0fddb-18cc-459a-9891-15458f6c9a06,CN=NTDS Settings,CN=MyDC,CN=Servers,CN=MySite,CN=Sites,CN=Configuration,DC=Domain,DC=Local, CN=b377e129-e214-4c52-bbe8-867686db3cb7,CN=NTDS Settings,CN=MyDC,CN=Servers,CN=MySite,CN=Sites,CN=Configuration,DC=Domain,DC=Local, CN=c037d3d8-16cb-4ede-bf82-c2c72c025ea5,CN=NTDS Settings,CN=MyDC,CN=Servers,CN=MySite,CN=Sites,CN=Configuration,DC=Domain,DC=Local, CN=82dff205-bc51-4f00-bf18-c47e96215608,CN=NTDS Settings,CN=MyDC,CN=Servers,CN=MySite,CN=Sites,CN=Configuration,DC=Domain,DC=Local by using CN=ee5b0d6a-d843-48e5-8d8c-b3164dfa4b1a,CN=NTDS Settings,CN=MyDC,CN=Servers,CN=MySite,CN=Sites,CN=Configuration,DC=Domain,DC=Local.

This error means that there are some connection objects conflicting. To solve it run ADSI Edit and connect to “Configuration” naming context

ADSI_Configuration

and delete the connection objects listed in the event where the conflict was detected, making sure to leave the object after “by using” in place because it’s the working connection.

Right click on connection object:

CN=1a46e70a-b0f5-410f-afdd-7049b1685292,CN=NTDS Settings,CN=MyDC,CN=Servers,CN=MySite,CN=Sites,CN=Configuration,DC=Domain,DC=Local

and delete it.

Repeat the process for any additional connection object on eventlog.

 

Via: https://social.technet.microsoft.com/Forums/en-US/e8e5d0ea-4fc6-4df0-acf7-39dd1c1987cd/dfs-health-report-inconsistent-configuration-detected-conflict?forum=winserverDS

 

How to Delete inactive user Profiles

Excluding the graphical but manual interface, you can used DELPROF2 or GPO.

DelProf2

This batch delete users profile on PCs (PC01, PC02, PC03) older that 15 days

Note: DelProf2 is the equivalent of delprof tools but with support extended to the latest OS. Fortunately he have the same syntax.

Group Policy

Opening Group policy editor, go to:
Computer Configuration/Policy/Administrative Templates/System/User Profile
and enable the option “Delete user profiles older than a specified number of days on system restart” specifying the days.