Category: @work

Categories
@work IT related Projects

Group based Homedir Quota Handling (Microsoft FSRM, Powershell, AD)

At work, we use Quotas on our User’s Homedrives. There is a default Quota on the Shared Homedir folder. There used to be multiple of these folders, and when a user got a larger Quota, the homedir had to be moved + the user’s account hat to be altered accordingly. Since it is a mapped drive, which is also offline synced on the Notebooks, this lead to quite some administrative work, if the user got a larger Quota.

So I’ve decided to set the quota using Active Directory groups + Powershell. This runs daily in a scheduled task.
Limitation: I do not remove non default quotas, if a user should get a larger Quota for a limited period, the Quota is not automatically removed. Could be automated, but is not a valid scenario in our case.


# Der übergeordnete Userhome Ordner hat die default Quota
# Die User welche in einer entsprechenden Quota-Gruppe sind erhalten die der Gruppe zugehörige Quota
# Entfernen aus der Gruppe führt nicht zur Entfernung der Quota!
# Nico Baumgartner, 27.07.2017

function set-homequota
{
param($group, $template)
$ConfirmPreference = "none"
$group = Get-ADGroupMember $group
    foreach ($user in $group)
    {
        $user = get-aduser $user -Properties homedirectory
        $homedir = "d:\home" + (get-item $user.HomeDirectory).BaseName
        if ($homedir -eq "d:\home")
        {
            $msg =  "Fehler beim Setzen der Quota für " + $user.Name + ", Ungültiger Pfad."
            Write-EventLog -LogName "Application" -Source "Rhenus Quota Script" -EventId 200 -EntryType Error -Message $msg
            write-host $msg
            $homedir = "" #Vermeiden, dass Quota für den überliegenden D:\Home\ Ordner geschrieben wird.
        }
        $aktquota = Get-FsrmQuota $homedir
        if ($template -eq $aktquota.template)
        {
            Write-Host $template
            Write-Host $aktquota
            write-host "Richtiges Template bereits zugewiesen" für $user.Name
        }
        Else
        {
            Remove-FsrmQuota $homedir -Confirm:$false
            new-FSRMQuota $homedir -Template $template -Confirm:$false
            $aktquota = ""
            $aktquota = Get-FsrmQuota $homedir
                    if ($template -eq $aktquota.template)
                    {
                    $msg =  "Neue Quota gesetzt für " + $user.Name
                    Write-EventLog -LogName "Application" -Source "Rhenus Quota Script" -EventId 101 -EntryType Information -Message $msg
                    Write-Host $msg
                    }
                    Else
                    {
                    $msg =  "Fehler beim Setzen der Quota für " + $user.Name
                    Write-EventLog -LogName "Application" -Source "Rhenus Quota Script" -EventId 200 -EntryType Error -Message $msg
                    write-host $msg
                    }                    
        }
    }
}

# New-EventLog -Source "Rhenus Quota Script" -LogName "Application"
Write-EventLog -LogName "Application" -Source "Rhenus Quota Script" -EventId 100 -EntryType Information -Message "Rhenus Quota Script gestartet"

$qgroup = "AA_RAG_CH_HomedriveQuota_0500MB_LG"
$template = "Rhenus 0500MB Homedrive"
set-homequota $qgroup $template

$qgroup = "AA_RAG_CH_HomedriveQuota_2000MB_LG"
$template = "Rhenus 2000MB Homedrive"
set-homequota $qgroup $template

$qgroup = "AA_RAG_CH_HomedriveQuota_8000MB_LG"
$template = "Rhenus 8000MB Homedrive"
set-homequota $qgroup $template
Categories
@work IT related

Simple PowerShell Script to create a list with AD Users and their Groups

Had a request to create a list that shows all users of a given Active Directory Organizational Unit, and their group memberships.

Output is in CSV.
$allusers = Get-ADUser -SearchBase "OU=SubOU,OU=OU1,DC=dom,DC=com" -filter * -Properties * | Select-Object samaccountname, distinguishedname
"sep=;" | Out-File c:\temp\usertobundle.csv
foreach($myuser in $allusers)
{
$my_groups = Get-ADPrincipalGroupMembership $myuser.distinguishedname | select-object SamAccountName
foreach ($my_group in $my_groups)
{
$myuser.samaccountname + ";" + $my_group.SamAccountName | Out-File -Append c:\temp\usertobundle.csv
}
}

Not much more to say, did the job.

 

Categories
@work IT related Uncategorized

Internet Explorer automatic Proxy detection not working until you opened and closed the connection settings.

Strange IE 9 behavior when using “Automatically detect setting” and a Proxy.pac that is promoted through DHCP.

When starting IE, intranet sites are working from the beginning, but internet sites are only working after opening Internet Options –> Connections –> Lan Settings, and then confirming with “OK”. No changes have to be made in the settings, it’s just about opening them, and closing again. This issue is reproducible every time the user profile is deleted.

After some further investigation with Procmon it was clear that settings are written to the registry, even if no changes are made when open the Lan Settings dialogue. The important ones are:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"EnableAutodial"=dword:00000000
"NoNetAutodial"=dword:00000000

Setting these 2 values using a script, or in our case GPO’s will solve the issue.

Categories
@work IT related

Microsoft Office 2010 Silent MUI install

Microsoft didn’t go the normal MSI-way with Office 2010, and included a customization wizard, as they did with previous versions. However, creating a silent install with integrated MUI-packs wasn’t as self explaining as I thought. In this post, I want to document the steps I’ve made, to create a silent install.

Needed Software:
– MS Office 2010 Professional Plus EN
– MUI Packs (DE, FR, IT)

Integrating the MUI Packs:
This is quite easy, you can just copy the MUI Packs contents into the setup sources, while keeping the files that already exist.

Customizing installation:
Setup.exe /admin starts the Customization Wizard, it will create a .msp patch, which includes the settings you’ve made. Be sure to choose the silent install.
If you didn’t add any MUI Packs, you can run 

Setup.exe /adminfile yourmsp.msp

, and it will install silently. If you’ve added additional languages, this will not work, because Setup will prompt you what to install (MUI-Pack or Office). If you choose office, it will also only install one language.
To solve this issue, you’ll need a config.xml file, which includes the product you want to install, display level and the additional languages:

<Configuration Product="ProPlus">
<Display Level="none" CompletionNotice="no" SuppressModal="yes" AcceptEula="yes" />
<AddLanguage Id="match" ShellTransform="yes"/>
<AddLanguage Id="en-us" />
<AddLanguage Id="fr-fr" />
<AddLanguage Id="de-de" />
<AddLanguage Id="it-it" />
</Configuration>

You are now ready to start your silent Installation while running: 

setup.exe /config yourxml.xml /adminfile yourmsp.msp
Categories
@work IT related

Microsoft .net Framework 3.5 on Windows XP Embedded

At work, I’m deploying Software to Windows XP embedded Clients. The Past days, i was analyzing a problem with Microsoft “Microsoft .NET Framework 3.0 Service Pack 1 (KB929300)”. The Installation Log said:

DepCheck indicates Microsoft .NET Framework 3.0a is not installed.

This Error is kind of confusing, since .NET Framework 3.0 was already installed, and there’s actually no version 3.0a which you can download. I then decided (after a lot of other ideas, which didn’t work out) to extract the 3.5 (yes, 3.5) Redist Package using winrar, and found the following MSI:

dotnetfx35\wcu\dotNetFramework\dotNetFX30\Netfx30a_x86.msi

This MSI tells you to use setup.exe, and quits installing, so it has to be edited (I’ve used ORCA to do so). After I installed it, i was finally able to install .NET Framework 3.5