Domain Trust relationship failures, it may be a virus making it impossible to login using domain credentials..you are bound to run in to scenario's like this while managing a AD environment.you will have to login to a local administrator account on the client pc and re join the domain or do what ever the necessary troubleshooting procedures. in some cases you don't have local admin passwords on some pc's. so this will be a life saver cause i my self had the unfortunate incident where i had to guide a user to reset the local admin password of a pc over the phone using hiren bootcd.
its very simple actually. use this VB script file, modify it accordingly and add it as a computer start up script via Group policy.
this script first queary for the user name you have specified in the script on the local pc, if it doesn't exist it will create it as an member of the local administrator group. if the user name already exist it will change the password to the one specified.
'---------------------------------------------------------------------------------------------------------------
'this section creates the new user called localsupport if it doesn't existDim AdminPassword
AdminPassword = "password"
QueryForUser("user_name")
Set objNetwork = CreateObject("Wscript.Network")
strComputer = objNetwork.ComputerName
Set objComputer = GetObject("WinNT://" &strComputer)
Set colAccounts = GetObject("WinNT://" & strComputer & "")
Set objUser = colAccounts.Create("user", "localsupport")
objUser.SetPassword AdminPassword
objUser.Put "UserFlags", 65600 '
objUser.SetInfo
'add to administrators group
Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators,group")
Set objUser = GetObject("WinNT://" & strComputer & "/localsupport,user")
objGroup.Add(objUser.ADsPath)
'msgbox "user was created"
'this section just changes the password if the user exists
Sub QueryForUser(strlocalsupport)
Set objlocal = GetObject("WinNT://.")
objlocal.Filter = Array("user")
For Each User In objlocal
If lcase(User.Name) = lcase(strlocalsupport) Then
strComputer = "."
Set objUser = GetObject("WinNT://" & strComputer & "/localsupport, user")
objUser.SetPassword AdminPassword
objUser.SetInfo
'msgbox User.Name & " already exists." & vbCrLf & "The password was re-set."
WScript.Quit
End If
Next
End Sub
--------------------------------------------------------------------------------------------------------------
to change the password modify the password within the quotes (marked in red), in the following code section. this also allows you to easily change the password in case you have to give the password to a end user.
Dim AdminPassword
AdminPassword = "password"
QueryForUser("user_name")
hope this helps someone, cause this saved my ass so many time. :P
Friday, November 18, 2011
Wednesday, November 2, 2011
Managing calendar permissions in Exchange Server 2010
Admin may get asked to set and add / Edit permissions for shared Calendars.
these Sharing options are not available in EMC, so we have to use exchange power shell on the server to manipulate them.
these Sharing options are not available in EMC, so we have to use exchange power shell on the server to manipulate them.
View existing Calendar permissions
Get-MailboxFolderPermission -identity "Networking Calendar:\Calendar"
There are 4 MailboxFolderPermission cmdlets in Exchange Server 2010:
Each cmdlet have different syntax, follow the links for more information..
In this scenario we need to set following permissions to the Calendar Resource named "Networking Calendar.
user - "Nyckie" - full permissions
all users - permissions to add events without the delete permission
- To assign calendar permissions to new users "Add-MailboxFolderPermission"
Add-MailboxFolderPermission -Identity "Networking Calendar:\Calendar" -User [email protected] -AccessRights Owner 
- To Change existing calendar permissions "set-MailboxFolderPermission"
set-MailboxFolderPermission -Identity "Networking Calendar:\Calendar" -User default -AccessRights NonEditingAuthor 
This assigns the owner righs to the user "nyckig" for the calendar of the "Networking Calendar" resource.and sets NonEditingAuthor permissions as the default permission for the calendar for all other users
__________________________________________
Here are the other permission levels you can assign:-
None - FolderVisible
Owner - CreateItems, ReadItems, CreateSubfolders, FolderOwner, FolderContact, FolderVisible, EditOwnedItems, EditAllItems, DeleteOwnedItems, DeleteAllItems
PublishingEditor - CreateItems, ReadItems, CreateSubfolders, FolderVisible, EditOwnedItems, EditAllItems, DeleteOwnedItems, DeleteAllItems
Editor - CreateItems, ReadItems, FolderVisible, EditOwnedItems, EditAllItems, DeleteOwnedItems, DeleteAllItems
PublishingAuthor - CreateItems, ReadItems, CreateSubfolders, FolderVisible, EditOwnedItems, DeleteOwnedItems
Author - CreateItems, ReadItems, FolderVisible, EditOwnedItems, DeleteOwnedItems NonEditingAuthor - CreateItems, ReadItems, FolderVisible
Reviewer - ReadItems, FolderVisible
Contributor - CreateItems, FolderVisible
The following roles apply specifically to calendar folders:
AvailabilityOnly - View only availability data
source -
technet.microsoft.com
http://blog.powershell.no/2010/09/20/managing-calendar-permissions-in-exchange-server-2010/
Subscribe to:
Posts (Atom)