Posts tagged ‘active directory’
How to create an O365 Mailbox when there is no On-Prem Exchange Servers.
In some cases the IT department decomission the On-Prem Exchange Server after migrating the mailboxes to O365. (For detailed steps for uninstallation of Exchange Please refer my previous article : https://vands.pro/2018/11/06/how-to-decomission-on-prem-exchange-server-after-migrating-the-mailboxes-to-o365/.
OK, Coming back to mailbox creation ; All these steps need to be done in the ADUC
+ Create an AD User.
+ Type the email address in the email field.
+ Go to the Account Tab and select the correct domain name.
+ In the Attributes Editor modify the two parameter’s as below
proxyAddresses: SMTP: myemail@email.com
targetAddress: SMTP: myemail@companyname.onmicrosoft.com
+ Either perform a manual sync or wait for the next schedule.
+ After the Sync is completed you will be able to see the user in O365 Portal and need to assign the Exchange License to complete
the mailbox creation.
Credits: https://c7solutions.com/2014/07/creating-mailboxes-in-office-365-when-using-dirsync
Additional Permissions needed for a Service Account to Reset and Change AD passwords and Unlock AD Accounts.
In some scenarios we had to delegate the permission for a Junior Administrator to do some AD related tasks ,for example change/reset the AD user password , Unlock user account , etc. In this case most of the articles I have googled and referred pointing only to enable the
“Reset user passwords and force password change at next logon “. But what I realized is that this alone will not grant your the required permission.
Thus additionally you need to add a custom level delegation as provided below;
- Create a custom task to delegate and click Next.
- Select Only the following objects in the folder from the Delegate control of option.
- Select the User objects option as the object to which to delegate.
Click Next to proceed.(Ensure Property-specific is selected.) - Scroll down to select the Read lockout Time and Write lockout Time.
- Review the changes and click next to complete the wizard.
Please note that I have not listed any detailed steps on how to create the delegation rules as there are plenty of articles available on the Internet that provides a very descriptive guidelines along with the screenshots.
How to import Users to Windows 2012 Active Directory using PowerShell
Hi Guys
In many AD installations I do come across requirements to create multiple users in Active Directory(More than 200 in many cases) .In these cases we could use the below mentioned CSV template and use the PS command to directly import the users in to Active Directory.
Here the Path value is pointing to the OU that you want to place the users in the Active Directory , which could be find using the Attribute Editor of the OU(We need to enable the Advance Feature in the ADUC Management Console)
PS Command Syntax
Import-CSV C:\anyname.csv | New-ADUser –AccountPassword (ConvertTo-SecureString –AsPlaintext “any complex password” –Force) –PassThru | Enable-ADAccount.
Example:
Import-CSV C:\Users_1.csv | New-ADUser –AccountPassword (ConvertTo-SecureString –AsPlaintext “P@ssw0rd” –Force) –PassThru | Enable-ADAccount
Update2:
I am including here another method to achieve the same.
# Prepare the CSV file as per below(You could any details as much as you want, by adding the correct attribute.)
firstname,lastname,username,email,department,password,jobtitle,company,ou,Mobile
# Then run the below powershell.
+ You must change the active directory domain name.
+ You must change the csv file name.
+ Ensure that , you have given the proper DN namespace for the OU Value. Otherwise , the script will fail with the below error messages:
“No superior reference has been configured for the directory”
“New-ADUser : The object name has bad syntax”
===================================================================================
# Import active directory module for running AD cmdlets
Import-Module activedirectory
#Store the data from ADUsers.csv in the $ADUsers variable
$ADUsers = Import-csv C:\test.csv
#Loop through each row containing user details in the CSV file
foreach ($User in $ADUsers)
{
#Read user data from each field in each row and assign the data to a variable as below
$Username = $User.username
$Password = $User.password
$Firstname = $User.firstname
$Lastname = $User.lastname
$OU = $User.ou #This field refers to the OU the user account is to be created in
$email = $User.email
$telephone = $User.Mobile
$jobtitle = $User.jobtitle
$company = $User.company
$department = $User.department
$Password = $User.Password
#Check to see if the user already exists in AD
if (Get-ADUser -F {SamAccountName -eq $Username})
{
#If user does exist, give a warning
Write-Warning “A user account with username $Username already exist in Active Directory.”
}
else
{
#User does not exist then proceed to create the new user account
#Account will be created in the OU provided by the $OU variable read from the CSV file
New-ADUser `
-SamAccountName $Username `
-UserPrincipalName “$Username@vands.pro” `
-GivenName $Firstname `
-Surname $Lastname `
-Name “$Firstname $Lastname” `
-DisplayName “$Lastname, $Firstname” `
-Enabled $True `
-Path $OU `
-Company $company `
-EmailAddress $email `
-Mobile $telephone `
-Title $jobtitle `
-Description $jobtitle `
-Department $department `
-AccountPassword (convertto-securestring $Password -AsPlainText -Force) -ChangePasswordAtLogon $True
}
}
===============================================================================
Error in Active Directory Operations when Joining ESXi 6 to Active Directory
Hi
Recently when I was testing the ESXi 6 on my LAB running on VMware Workstation 11 I faced a nightmare when I tried to join the ESXi to the Active Directory.
As I started troubleshooting I re-assured all the prerequisites are met (such as NTP, DNS resolution) but the problem was haunting me.
As per the VMware guidelines when I tried to restart the lwsmd service via Tech Support Mode it was throwing the below errors
– lwsmd is not fully started
– likewise service manager [failed to set memory reservation] esxi
Then it clicked on me that may be this behaviour could be due to insufficient memory and after increasing the memory voila everything turned out to be working normally.
Hope you like it.. 