get-ADOrganizationalUnit –filter * | set-ADOrganizationalUnit –protectedFromAccidentalDeletion $true for /f "tokens=*" %i in ('dsquery ou -limit 0') do dsacls %i /d everyone:SDDT.

Download Report

Transcript get-ADOrganizationalUnit –filter * | set-ADOrganizationalUnit –protectedFromAccidentalDeletion $true for /f "tokens=*" %i in ('dsquery ou -limit 0') do dsacls %i /d everyone:SDDT. 

get-ADOrganizationalUnit –filter * |
set-ADOrganizationalUnit –protectedFromAccidentalDeletion $true
for /f "tokens=*" %i in ('dsquery ou -limit 0') do
dsacls %i /d everyone:SDDT
powershell.exe -command "&{import-module ServerManager;
add-windowsfeature Backup}"
dsquery * domainroot -scope subtree -attr modifytimestamp distinguishedname -limit 0 >
c:\backupdata\objlist.txt
cscript e:\scripts\BackupAllGPOs.wsf c:\BackupData
ldifde -f c:\Backupdata\DomainGpoLinks.ldf -r "(gplink=*)" -l
gplink,gpoptions
ldifde -f c:\Backupdata\SiteGpoLinks.ldf -d
cn=configuration,dc=… -r "(gplink=*)" -l gplink,gpoptions
wbadmin.exe START BACKUP -backupTarget:%TargetUNC% -allCritical
-include:c:,e: -noVerify -vssFull -quiet
Ntdsutil.exe snapshot “Activate Instance NTDS” create quit quit
Set Backup2Keep=10
SETLOCAL ENABLEDELAYEDEXPANSION
set count=0
for /f "tokens=*" %%i in ('dir /o:-d /b
%TargetUNC%\WindowsImageBackup\%computername%\backup*.') do (
set /a count=!count! + 1
if !count! GTR %Backup2Keep% (
echo DELETE !Count!: %%i
rd /s /q "%TargetUNC%\WindowsImageBackup\%computername%\%%i"
) else (
echo MAINTAIN !Count!: %%i
)
)
Enable-ADOptionalFeature ‘Recylce Bin Feature’ –Scope
ForestOrConfigurationSet –target (Get-ADForest).Name
Get-ADObject –LDAPFilter ‘(&(name=Ulf*)(isDeleted=*))’
-IncludeDeletedObjects
… | Restore-ADObject
dn: CN=User,OU=Demo,DC=xyz,DC=com
changetype: add
cn: User_Marketing
sn: Marketing
c: DE
l: Hometown
title: Worker-Bee
-
dn: CN=User,OU=Demo,DC=xyz,DC=com
changetype: modify
replace: cn
cn: User_Marketing
dn: CN=User,OU=Demo,DC=xyz,DC=com
changetype: modify
replace: sn
sn: Marketing
dn: CN=User,OU=Demo,DC=xyz,DC=com
changetype: modify
replace: c
c: DE
-
ldifde –d “ou=Demo,dc=…” –m –f filename.ldf –p port
ldifde –d “ou=Demo,dc=…” –r “(objectClass=User)” –f filename.ldf –p port
ldifde –d “ou=demo,dc=…” –l “physicalDeliveryOfficeName, telephoneNumber” filename.ldf –p port
dsget user cn=Ulf,ou=Demo,dc=xyz,dc=com
-s localhost:10002 -memberof | dsmod group -addmbr
cn=Ulf,ou=Demo,dc=xyz,dc=com
bcdedit /copy {current} /d
bcdedit /set {%i} safeboot dsrepair
ntdsutil "set dsrm password“ "sync from domain account xyz“ q q
auditpol /get /category:“DS Access“
auditpol /set /subcategory:“Directory Service Changes“
www.msmvps.com/UlfBSimonWeidner
#TESIA319
DOWNLOAD
Windows Server
2012 Release
Candidate
Hands-On Labs
microsoft.com/windowsserver
DOWNLOAD
Windows Azure
Windowsazure.com/
teched
http://europe.msteched.com
www.microsoft.com/learning
http://microsoft.com/technet
http://microsoft.com/msdn
http://europe.msteched.com/sessions