For one of our customers, who's moving away from their On-Premise Exchange 2016 server, I needed to move all the relay connectors (Used by legacy applications, appliances, and hardware) to an IIS SMTP instance. Pretty straightforward, but typing the long list of addresses myself... No 🙂 In this blog post, I will show you a way to easily migrate the IP-Addresses from a Receive Connector into an IIS SMTP instance.
Security
Retrieve all local group members of Active Directory member servers
For one of our customers, we needed a report on all local groups and their members on all Active Directory joined servers. You can connect all servers one by one with Computer Management and check, but hey... PowerShell is there for you 🙂 In this blog post, I will show you an easy way to get a report on the memberships, and yes... I used the ImportExcel module too (Needed for the Export-Excel cmdlet) 😀
Test if Microsoft services TCP ports are accessible
In a previous blog post, I showed a way to retrieve all the Microsoft Services FQDNs, ports, and IP-Addresses. Nice to know those in secure environments where not everything is allowed to go onto the internet, but how can you test if they are accessible? This blog post will show how to test most of these services using PowerShell.
Using PowerShell scripts in Endpoint Manager Compliance Policies
I wrote a blog post about where you could use PowerShell scripts in Endpoint Manager here, but I didn't mention the possibility to use it in Compliance Policies. In this blog post, I will 🙂
Create a report on local DNS lookups using PowerShell
When troubleshooting a system, you sometimes need to know what DNS lookups are being done. This will give you a good insight into traffic from the systems to the local network or internet. You can do this with DNS auditing on your Windows server or in your local Pihole server, but that's not always available … Continue reading Create a report on local DNS lookups using PowerShell
Report on Active Directory Container permissions using PowerShell
In a previous blog post (Link), I showed a way to create a report on OU (Organizational Unit) permissions. One of the replies I got about that was: How about the Container permissions, those are important too 🙂 And that's correct, they are! In this blog post, I will show you how to create a report on those (Script is based on the OU report)
Create a TCP/UDP port listener using PowerShell
One of our customers is securing his network and firewall changes were made that needed to be tested. In this case, the new servers were not deployed in that specific network yet. But... We did want to test the connections before deploying the servers 🙂 In this blog post, I will show you a way how to create listening ports on a machine in order to test the connection from another network using netcat on Linux or portqry on Windows.
PowerShell and logging
Sometimes it's the last place that admins look... Logs 🙂 Something goes wrong and you don't know why, logs tell a lot! (When I deploy some Endpoint Manager packages and suddenly they don't work, I put in some logging and discover why) This blog post shows you a few ways to enable logging and how to read back all PowerShell actions on a device.
Report on Active Directory OU permissions using PowerShell
For one of our customers, we are working on restricting permissions of admin accounts by implementing Role Based Access and delegating permissions to Organizational Units (OU's). But one of the first questions was… What are the current permissions and what should we remove and where? In this blog post I will show you a way to report on the current permissions so that you can remove them where they shouldn't be granted 🙂
Retrieve Security events from Active Directory using PowerShell
In a previous blog post (here) I wrote about how to get a list of changes in Active Directory administrative groups, I got a question about that on Facebook... The question was: Nice to get a list of changed groups and what the change was, but what account made that change? This blog post shows you a way to get all the security events from the Domain Controller security logs 🙂