On Knowledge Factory, the company I work for, every one get’s their own lab-server. Nothing fancy, but it helps a lot when I want to test something in a controlled environment.
I’ve been playing around a bit with desired state configuration on my lab server lately. And especially with the great module VirtualEngineLab which I’ve been using to automatically build various scenarios. Each time I start a new build, the module uses the DSC resource xPendingReboot to check for pending reboots.
A PowerShell function can have different parameters depending on how it is called. This is called Parameter Sets. For example, Get-Process has a non mandatory parameter called Name which specifies which processes to Get by Name. But is also has a parameter called ID which also specifies which processes to get, this time by ID. Both parameters exists but are mutually exclusive, you cannot use them both at the same time, since they are defined in two different Parameter Sets.
I’ve previously written about how to generate a random password and how to output a password in phonetic alphabet. Today I’m going to put those two functions to use in a practical example.
Scenario: Carl is a helpdesk agent and today he is feeling a bit stressed out. There has been an outage on one of the business critical systems and the phones are constantly ringing. One of the calls is a user who forgot his password and Carl quickly asks the usual control questions to make sure that the user is who he claims to be, locates the user account and clicks on reset password.
I once wrote a post on how to generate random passwords that would comply with Active Directory complexity rules quite a while back. My script on TechNet Gallery has now reached over 2000 downloads and I thought it might be time to revisit the topic with a few updates. First off I’ve just updated the script, mainly for better performance.
I’ve also realized that a common scenario is when a user calls the service desk asking for a new password.
[TL;DR: I’ve written a script to bulk restore objects from Active Directory Recycle Bin, it is available on TechNet Galleries]
Active Directory Recycle Bin The Active Directory Recycle Bin is a nifty feature introduced with Windows Server 2008 R2 and makes it possible to undo an accidental deletion of an Active Directory object. This means that if the Active Directory Recycle Bin is enabled, all link-valued and non-link-valued attributes of a deleted object are preserved and the object can be restored in its entirety.