get-adgroupmember : The size limit for this request was exceeded

Although I have worked in big infrastructures, it is not long time ago, I have personally met with the limitation of ADWS service.  Because exists good reasons why this limit should not be changed on DC server, command-let get-adgroupmember can be easily replaced by Get-ADGroup ‘GroupName’ -properties Member | select-object -ExpandProperty member 🙂

https://docs.microsoft.com/en-us/archive/blogs/activedirectoryua/active-directory-maximum-limits-and-scalability-topic-updated
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd391908(v=ws.10)?redirectedfrom=MSDN

Novinky v Powershell v 5

Transcript loggining – GPO ( loguje všechno, i příkazy Exchange, AD admin center atd.,  které běží na pozadí!)

GPO cesta k nastavení:
Computer Policy: Computer Configuration -> Administrative Templates -> Windows Components -> Windows PowerShell -> Turn on PowerShell Transcription
New commands v powershell v.5  ———
Compress-archive
Expand-archive

New-temporaryfile
Drive pouze – [system.io.file]::gettempfile()

Přístup do stránky (ctrl +c)
Get-clipboard -format

New-guid
Drive pouze – [guid]::newGuid()

Clear-recyclebin

Jak volat registry key:
Get-itempropertyvalue

Převody:
“hello world ” | Format-hex

Převedení zprávy do nečitelného textu :)(zakryptuj si to)
Crypto rfc5652 (base 64)
Protect-cmsmessage

Práce s balíčky 🙂
Get-package, find-package, remove -package

Powershell – Regular Expressions “list of characters”

powershell

 

 

.

matches any character except newline

\

escape character

\w

word character [a-zA-Z_0-9]

\W

non-word character [^a-zA-Z_0-9]

\d

Digit [0-9]

\D

non-digit [^0-9]

\n

new line

\r

carriage return

\t

tabulation

\s

white space

\S

non-white space

^

beginning of a line

$

end of a line

\A

beginning of the string (multi-line match)

\Z

end of the string (multi-line match)

\b

word boundary, boundary between \w and \W

\B

not a word boundary

\<

beginning of a word

\>

end of a word

{n}

matches exaclty n times

{n,}

matches a minimum of n times

{x,y}

matches a min of x and max of y

(a|b)

‘a’ or ‘b’

*

matches 0 or more times

+

matches 1 or more times

?

matches 1 or 0 times

*?

matches 0 or more times, but as few as possible

+?

matches 1 or more times, but as few as possible

??

matches 0 or 1 time

How automatically set DSRM password or something like that via Powershell

function set-DSRMPass {
Begin {write-host “`n”
Write-Host -ForeGroundColor Yellow “Set new DSRM password …… ” ;
}
Process {

#$ntdspasschange = ‘ntdsutil “set dsrm password” “reset password on server null”‘
#invoke-expression $ntdspasschange

$pass = Read-Host „password“ -AsSecureString
$wshell = New-Object -ComObject wscript.shell;
$wshell.Run(“cmd.exe”)
sleep 5
$wshell.SendKeys(‘ntdsutil’)
$wshell.SendKeys(‘{ENTER}’)
sleep 5
$wshell.SendKeys(‘set dsrm password’)
$wshell.SendKeys(‘{ENTER}’)
sleep 5
$wshell.SendKeys(“reset password on server null”)
$wshell.SendKeys(‘{ENTER}’)
$wshell.SendKeys(“$pass”)
$wshell.SendKeys(‘{ENTER}’)
sleep 5
$wshell.SendKeys(“$pass”)
$wshell.SendKeys(‘{ENTER}’)
$wshell.SendKeys(‘q’)
$wshell.SendKeys(‘{ENTER}’)
$wshell.SendKeys(‘q’)
$wshell.SendKeys(‘{ENTER}’)
}
#ntdsutil “set dsrm password” “reset password on server null” q q

}