You can run powershell commands on your Exchange 2010 server from machines whether or not they have the Exchange Management Tools installed using implicit remoting.

Even when you run the Exchange Management Shell on your exchange server, you’re essentially creating a powershell remoting session. The following steps take place in the background when you click the EMS icon:

  • Load the Microsoft.Exchange.Management.PowerShell.E2010 snap-in gets loaded
  • The RemoteExchange.ps1 script is dot sourced
  • The Connect-ExchangeServer function is executed
  • You can set up implicit remoting from any maching using powershell v2. This imports the commands from your exchange server to your local powershell session so you don’t need any Exchange tools installed.

    First we create a session using the New-PSSession cmdlet:

    $s = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://<CAS FQDN>/PowerShell/ -Authentication Kerberos

    Then, import the session using the Import-PSSession cmdlet:

    Import-PSSession $s

    The Exchange Management Shell commands are now imported into the local PowerShell session.

    You could use the same method to setup a scheduled task from your machine to run a commands on your exchange server.

    [source: ]

     

    Active Directory doesn’t let you edit the Dial-up of VPN access policies for multiple users at once through the GUI. You have to edit this setting one at a time for each user. This can be painstaking if you a lot of users. Luckily there is a VB script available like for almost everything else in AD.

    Dim aConnection, aCommand, aResult, strLDAPPath, user, objUser
    Const ADS_PROPERTY_CLEAR = 1
    strLDAPPath = InputBox("Please enter the LDAP path of the OU:")
    WScript.Echo strLDAPPath
    Set aConnection = CreateObject("ADODB.Connection")
    Set aCommand = CreateObject("ADODB.Command")
    aConnection.Provider = "ADsDSOObject"
    aConnection.Open
    aCommand.ActiveConnection = aConnection
    aCommand.CommandText=";(&(objectCategory=Person)(objectClass=User));distinguishedName;subTree"
    Set aResult = aCommand.Execute()
    Do While Not aResult.EOF
    strDN = aResult.Fields("distinguishedName")
    WScript.Echo strDN
    Set objUser = GetObject("LDAP://" & strDN)
    ' Comment the following line to manage connection through Remote Access Policy
    objUser.Put "msNPAllowDialin", FALSE
    ' Uncomment the following line to manage connection through Remote Access Policy
    ' objUser.PutEx ADS_PROPERTY_CLEAR, "msNPAllowDialin", 0
    objUser.SetInfo
    aResult.MoveNext
    Loop


    This script will update the access settings for a group of users in a particular OU. Once you run the script, a dialog box will ask you for this OU. Once this is set all users in that OU will be updated.

    The AD property this script modifies is ‘msNPAllowDialin’. This property is accepts boolean values. So the three options are

  • TRUE (to allow access)
  • FALSE (to deny access)
  • To manage access via the Remote Access Policy, comment out the

    objUser.Put "msNPAllowDialin", FALSE

    and uncomment the

    ' objUser.PutEx ADS_PROPERTY_CLEAR, "msNPAllowDialin", 0

    line.

     

    The officially supported method of detecting the presence of the .NET Framework 2.0 is to check the following registry key/value:

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Net Framework Setup\NDP\v2.0.50727]
    Install = 1 (REG_DWORD)

     

    net user <username> <password>
    Or if you want to hide the password and enter it at a prompt
    net user <username> *

     

    If you want to allow non-admin users in Windows to change the IP address settings on their PCs, you can add them to the built-in “Network Configuration Operators” group. This can be done from the command line as

    net localgroup "Network Configuration Operators" /add <username>

    © 2012 !NSFW Suffusion theme by Sayontan Sinha