Best posts made by Grey

The current process in the organization is to take a template (literally just a user with a special name, settings and group memberships) and copy that to create a user. I'm thinking there has to be a better way. Is anyone out there using something that works as well or better?

Just updated (waiting for it to boot up now) a t710 from bios v1.x to 6.4.

@Tim_G said in Creating users:

You could probably waste a bunch of time creating an .hta with dropdowns and all kinds of things.

Or you could get HR to fill out a .csv with required fields and import that to create a user.

Easiest to keep things how they are. There's no harm in a user template in AD. It's fast and simple.

And it sucks to have a whole bunch of template users. It's not efficient, in my view.
https://media.makeameme.org/created/i-was-getting-4qbs0x.jpg

@travisdh1 @Jaredbusch I really want the 3d printed version of the board game.

@NerdyDad said in Creating users:

Full disclosure: It can create folders within network shares. I had to go through the drive (ex c$) in order to create the proper folder. However, I have not yet been able to add permissions to the folders via the script. I've always had to go back and add permissions later on. There is an NTFS add-on module that a third-party individual has written and put out there, but I was never able to get it to working properly.

I've used this to fix full directories of user home folders. Maybe you can cut out the parts you need for this user creation script?

#
# !! This ONLY works in PowerShell v2. !!
#
#            Variables
#
# Where is the root of the home drives?
$homeDrivesDir="\\domain.com\userdir$"
# Report only? ($false = fix problems - aka dangerous mode)
$reportMode = $false
# Print all valid directories?
$verbose = $false
# What domain are your users in?
$domainName = "domain.com"
#
# #############################################
 
# Save the current working directory before we change it (purely for convenience)
pushd .
# Change to the location of the home drives
set-location $homeDrivesDir
 
# Warn the user if we will be fixing or just reporting on problems
write-host ""
 
if ($reportMode) {
 Write-Host "Report mode is on. Not fixing problems!"
} else {
 Write-Host "Report mode is off. Will fix problems!"
}
 
write-host ""
 
# Initialise a few counter variables. Only useful for multiple executions from the same session
$goodPermissions = $unfixablePermissions = $fixedPermissions = $badPermissions = 0
$failedFolders = @()
 
# For every folder in the $homeDrivesDir folder
foreach($homeFolder in (Get-ChildItem $homeDrivesDir | Where {$_.psIsContainer -eq $true})) {
 
 # dump the current ACL in a variable
 $Acl = Get-Acl $homeFolder
 
 # create a permission mask in the form of DOMAIN\Username where Username=foldername
 #    (adjust as necessary if your home folders are not exactly your usernames)
 $compareString = "*" + $domainName + "\" + $homeFolder.Name + " Allow  FullControl*"
 
 # if the permission mask is in the ACL
 if ($Acl.AccessToString -like $compareString) {
 
 # everything's good, increment the counter and move on.
 if ($verbose) {Write-Host "Permissions are valid for" $homeFolder.Name -backgroundcolor green -foregroundcolor white}
 $goodPermissions += 1
 
 } else {
 # Permissions are invalid, either fix or report
 # increment the number of permissions needing repair
 $badPermissions += 1
 # if we're in report mode
 if ($reportMode -eq $true) {
 # reportmode is on, don't do anything
 Write-Host "Permissions not valid for" $homeFolder.Name -backgroundcolor red -foregroundcolor white
 } else {
 # reportmode is off, fix the permissions
 Write-Host "Setting permissions for" $homeFolder.Name -foregroundcolor white -backgroundcolor red
 # Add the user in format DOMAIN\Username
 $username = $domainName + "\" + $homeFolder.Name
 # Grant the user full control
 $accessLevel = "FullControl"
 # Should permissions be inherited from above?
 $inheritanceFlags = "ContainerInherit, ObjectInherit"
 # Should permissions propagate to below?
 $propagationFlags = "None"
 # Is this an Allow/Deny entry?
 $accessControlType = "Allow"
 try {
 # Create the Access Rule
 $accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($username,$accessLevel,$inheritanceFlags,$propagationFlags,$accessControlType)
 
 # Attempt to apply the access rule to the ACL
 $Acl.SetAccessRule($accessRule)
 Set-Acl $homeFolder $Acl
 # vvvvvvv Possible PS v3+ fix vvvvvvvvv
 # Set-Acl --path $homeFolder -AclObject $Acl
 # ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 # if it hasn't errored out by now, increment the counter
 $fixedPermissions += 1
 } catch {
 # It failed!
 # Increment the fail count
 $unfixablePermissions += 1
 # and add the folder to the list of failed folders
 $failedFolders += $homeFolder
 }
 } #/if
 } #/if
} #/foreach
 
# Print out a summary
 
Write-Host ""
Write-Host $goodPermissions "valid permissions"
Write-Host $badPermissions "permissions needing repair"
if ($reportMode -eq $false) {Write-Host $fixedPermissions "permissions fixed"}
if ($unfixablePermissions -gt 0) {
 Write-Host $unfixablePermissions "ACLs could not be repaired."
 foreach ($folder in $failedFolders) {Write-Host " -" $folder}
}
 
# Cleanup
popd

@JaredBusch said in Gaming - What's everyone playing / hosting / looking to play:

@Grey said in Gaming - What's everyone playing / hosting / looking to play:

@travisdh1 @Jaredbusch I really want the 3d printed version of the board game.

Never saw that before.
A friend has a base for the board game that he bought from a kickstarter.
But never saw an entire 3D printed game. That would have all kinds of copyright issues.

Really? http://www.thingiverse.com/search?q=catan&sa= for the pieces and such, and then some work to sand and paint them, and then you have a board game. The copyright on Catan extends to the produced materials; what you buy in the box. There's nothing wrong with producing our own board and pieces as long as you don't photocopy stuff. You can even sell your own 3d printed pieces, as long as you don't use the trademark name or duplicate any of the board pieces exactly (which would be a 2d set).

PLEX all the things.

@scottalanmiller said in What Are You Doing Right Now:

Where is everyone this morning? Man this place is slow.

Just got to work at a quarter of 6, and I brought in donuts. We're adding some Cisco 4500s and changing the network so that the core isn't reliant on a single, old 6509 an the new design will have redundancy from the firewall throughout.

I have an old 2950 in service running a 2008 server for my file access (primary file storage & print server) with a couple other VMs on the host. One of those other hosts is the Ubuntu Server 14.04 (if I recall correctly) with plex on there, using smb to mount all of my movies and other media. All of my media is on DAS, internal through the perc. As I stated above, I use a roku3 to watch everything. The only problems I have is that the 2950 is underpowered and if a tv show or movie isn't encoded in a ready-to-play format, then I need to prepare to watch that show by telling plex to transcode it for watching in advance. I'm planning to upgrade to a 510 or something as soon as I have a couple grand just doing nothing. Mostly, I just want more storage.

@DustinB3403 said in What Are You Doing Right Now:

@Grey said in What Are You Doing Right Now:

@scottalanmiller said in What Are You Doing Right Now:

Where is everyone this morning? Man this place is slow.

Just got to work at a quarter of 6, and I brought in donuts. We're adding some Cisco 4500s and changing the network so that the core isn't reliant on a single, old 6509 an the new design will have redundancy from the firewall throughout.

We'd have to do that work between the hours of 1 AM and 1:15AM.... can't have downtime!

Part of that was sarcastic...

I completely agree, but the business made the decision on the time. I wanted to do it at 10pm or so. Instead, we're kicking off at 6:30 for some of the servers and 7 for the network, with an anticipated finish 90 minutes later.

@BBigford said in "You don't just restore a server":

@coliver said in "You don't just restore a server":

Is person the boss? Or a coworker?

Without airing dirty laundry... I'll just say they are in a technical, non-managerial role.

https://media.licdn.com/mpr/mpr/shrinknp_200_200/p/7/005/06e/190/10c6129.jpg

@RojoLoco said in What Are You Doing Right Now:

@wirestyle22 said in What Are You Doing Right Now:

@scottalanmiller said in What Are You Doing Right Now:

How often do we hear "We can save you money" and the answer is "oh no, money is too tight, we can't save money right now."

Raid 50? Why?

Because it is 10x better than RAID 5?

https://i.makeagif.com/media/12-24-2015/GkVyiL.gif

@scottalanmiller said in Nethserver for FTPS/SFTP:

@alefattorini said in Nethserver for FTPS/SFTP:

It should work flawlessly, do you have any issue?

I guess a big question is, with Nethserver is.. does it "just work" or is there a setting that needs to be selected? Not sure if this is the default behaviour or not.

Mostly this. I haven't done anything with it yet and before I invest the time, I'd like to know if it possible and/or how difficult it is, especially since a co-worker claims that it did not and he went with IIS to get the same task done (and then he sat there cursing the whole day because he doesn't like Microsoft products).

Entered! I'm going to put my tile mate on my phone so I don't lose it.

This sounds like a replication issue. What does gpresult tell you? Be sure to use /v and /h options to get a full picture.

I'm using the CodeTwo tool to import user pictures to AD. So far, it's killed my laptop once and complained about memory 3 times.

APC is like the generic brand of UPS equipment. They make money on volume, and it shows. Get some real UPS equipment!

After yesterday's successful network upgrade, the business catered lunch in today. Domino's pizza and salads. No big deal.

@coliver said in Home Anti-virus:

@Grey said in Home Anti-virus:

@NerdyDad said in Home Anti-virus:

@Grey said in Home Anti-virus:

If you want a 30 day webroot code, let me know (via PM/Chat). I'm happy to make a couple for people to test, and if you want to purchase, we can move from there.

@Grey with the side hustle over here.

Meh. I'm happier that people aren't spreading infectious diseases.

You have webroot branded condoms?

I'm a little sad that @nic can't get those made now.

@scottalanmiller said in Gaming - What's everyone playing / hosting / looking to play:

Liesl is playing 12 Labors of Hercules.

I finished AoE Myths last night.