Archives for September 2013

My best practices for sharing

These are some things I do think about when helping a customer with their shares:

Backups, The shares, Formating, Previous versions. [Read more…]

Different ways of specifying Internet Explorer Zones

There are a few different ways of doing IE zone.. I dont like all though. I have listed the most common and the way I like.

[Read more…]

Nested groups and dynamic distribution groups

I got the question about nested groups and dynamic distributions groups, well to make it easy. No you cant (anymore).

Ill explain it a bit more, but remember just say no.

[Read more…]

Find granted rights in a directory structure


A long long long time ago I needed to find all rights that were set. So I wrote a script that lets me pipe the information to a CSV file.

There is a similar tool from Sysinternals called Access Enum, but:

  1. It outputs a txt file that is harder to work with afterwords.
  2. I didnt think of it when I needed it done.

So grab it from the Technet Gallery page.



New-Password revisited

Well. Here I am again. Another blog entry about the same simple script. I have made some changes.

So yes, it wasnt perfect but neither am I. So I did listen to the comments I got about the script and added that it wont fail after trying 100 times..

Change list:

  • It will try to use the builtin random for 50 times instead of 100
  • Instead of failing when reaching the limit, it will force the first X characters to be different.

Its uploaded to the same place Technet Galleries.

Automatically disable users when expired

So I was working at a company and the security department was complaining that old employees werent disabled. Well IT did set the account expired date on each user, but the security department really liked the little arrow on the user icon. So this is a simple powershell script that disables all user accounts which has passed their expires date. So we ran this script and IT could continue as before and the security department got their small arrows on the user accounts.

Or you could use the Cmdlet Search-ADAccount

Using DFS during company split

During a company split I was put in charge of file services.

The company were splitting of a part of the company with specific requirements:

  • Minimize user required interaction
  • Users have to be able to use homefolders from both sides
  • New company wanted to use redirection instead of only homedirectories

With these requirements we decided to use a DFS root. This allows me to create a fake new home server and share and point to the old server. This allows new clients access through the new layout, and old systems the old homedirectory. Due to the requirements we needed to keep the SID history.

[Read more…]

In which order do you enable RDP and Firewall openings?

Yesterday I noticed something.

The number of rules concerning RDP in the Windows Firewall with Advanced Security mmc differs. If you enable RDP before enabling the firewall rules, you will get two set rules per type, one for Public profile and one for Private/Domain profile. But If you enable the RDP rules when they say All and then enable RDP they one rule. Pictures inside blog.

[Read more…]

Plan a structure for Homedirectories and Redirected folders

This post discusses some ways of planing for homedirectories.

The logic is the same for redirected folders. With the big difference is that with redirected folders you create folders for My Documents, Desktop and Favorites within each userfolder.

Different methods:

  • Individual shares
  • One giant share
  • One leveled share
  • “Equal” split on a couple of share

[Read more…]

New-Password – Yet Another Password Function


Here I was, a colleague posted a password generation script in his blog. So I read it and remembered my old password generation script. Even though I liked his script I felt that some parts of mine were more the way I like. But some parts like the possibility to add your own characters sets really make me wanna improve on my old script. So I rewrote parts of my script and you can download it here.

Some examples of the script in action: