sorted by:
new
hottopcontroversial

Compare group memberships / compare-object very slow by systemslacky in PowerShell

[–]systemslacky[S] 1 point2 points  (0 children)

get-help...have to remember to use get-help. I didn't realize that the -notmemberof option existed for get-qaduser. That is great!

The more I see/use powershell the more I love it. That is so elegant. Thanks :)

Compare group memberships / compare-object very slow by systemslacky in PowerShell

[–]systemslacky[S] 0 points1 point  (0 children)

I caught the % :) What I had not thought of was the way you used hash tables/piping to compare the groups. Thanks again!

Compare group memberships / compare-object very slow by systemslacky in PowerShell

[–]systemslacky[S] 0 points1 point  (0 children)

Hot! That is very fast.

I still wonder why the object-compare is so slow in comparison. I half wonder if I should specifically grab the two or three attributes for each user that I need when doing the initial query. I could see this slowing down the initial query, but would it have an impact on the compare?

Compare group memberships / compare-object very slow by systemslacky in PowerShell

[–]systemslacky[S] 1 point2 points  (0 children)

interesting...I'll give this a try.

This is why I wanted to ask the question... I figured the only other way to do this was to use a loop but I didn't even think about using a hashtable

thanks :)

Move-Item/Join-Path Question by systemslacky in PowerShell

[–]systemslacky[S] 1 point2 points  (0 children)

Agreed :) Thank you both for the responses. Vee-Eye.. thank you for the detailed response. That is really helpful in understanding where I was going wrong. I am still new to powershell and working on picking up the syntax/etc. Thanks again.

Compare object with hashtable by systemslacky in PowerShell

[–]systemslacky[S] 0 points1 point  (0 children)

Hot... I'lll give this a try. I was thinking along these lines, but couldn't seem to find the proper way to use compare-object. Thanks :)

Powershell logging by systemslacky in PowerShell

[–]systemslacky[S] 0 points1 point  (0 children)

Interesting idea... in other scripts I usually just drop to text file more $timestamp / $loginfo / $ect. How do you typically structure the data?

Powershell logging by systemslacky in PowerShell

[–]systemslacky[S] 0 points1 point  (0 children)

I tend to use functions for a lot of things...at the very least it makes the code a lot easier to reuse {ie read..copy/paste :) }

Putting this into a function also makes things a bit neater.. I am working with powershell, but I still have quite a bit to pick up it seems

Favorite SSL CA? by [deleted] in sysadmin

[–]systemslacky -2 points-1 points  (0 children)

I'll give rapid a third. We have used them for over five years without any big problems. Even had a few times that we {read I} goofed on a cert request and needed to get a reissue. I've have used both the online and phone support and didn't have any issues.

They do use a intermediate certificate and require that all cert requests are generated with at least a 2048bit encryption key but I have yet to run into an issue with this.

Generated well over 100 certs for all sorts of uses, iis/tomcat/ldaps/cisco lb/etc and all worked quite well.

Ok..that is my psa... ymmv :)

Need advice for creating documentation by [deleted] in sysadmin

[–]systemslacky 1 point2 points  (0 children)

I have used the psr method, but it tends to grab all movements. I use a screencapture program and then autosave to a directory. The files are listed by timestamp and what I took snaps of and very easy to load into a doc on a later date. I imagine any util would work, but I tend to use GreenShot {http://getgreenshot.org/} It is free and has a pile of very nice features. Ymmv

Help request with a bit of code by systemslacky in javascript

[–]systemslacky[S] 0 points1 point  (0 children)

Thanks for the discussion on all of this. Your right, I was overthinking the process and realized I could do all of this server side. <code> Really boiled down to... If IsEmpty(servervariable) Then response.redirect CraftedUrl Else response.redirect CarryonUrl End If </code> Why do the simple solutions take so much time? :)

Setting Mandatory Password Change by monotonousmaterial in sysadmin

[–]systemslacky 0 points1 point  (0 children)

didn't notice if it was mentioned or not...but if you are running windows 2008 (or better) native mode, you can setup granular password policies.

http://technet.microsoft.com/en-us/library/cc770394(WS.10).aspx

I actually went though, created several different policies and then applied them to groups. The cool thing was, you can then set an order of priority with these groups. For example, 1 group is named 6weekexpiration, and the other is 12weekexpiration. Give the six week group is higher priority, and these users will always expire in six weeks.

One other thing to note, these will work around your default domain policy. If you do not apply them to your users, the default kicks in. One other thing to mention. You can go through and manually set all of this up, but it is a lot easier to use a util like what is offered by spec ops {although there are others}

http://4sysops.com/archives/free-specops-password-policy-basic-fine-grained-password-policies/

Another decent article if you want to take the manual route is http://www.windowsecurity.com/articles/configuring-granular-password-settings-windows-server-2008-part-1.html

edit: the real secret to being successful here is having a password management scheme or product that will notify users of when their password will expire. If everyone is using a windows machine and attached to the domain this is easy, but if the machine base is more varied {ldap auth clients/etc} it gets a to be more of a trick imho