Editing Computer object "info" attribute in AD
Hi.
I need to make it possible for users to update the AD computer object of the machine they are logged onto.
To be able to do this I need to grant users write access to the "info" attribute of computer objects in AD. My problem is that I cannot figure out what permission entry to set to allow for users to apply "info".
Does anyone know what permission entry on the "Computers" OU object to use to set delegated rights for "Domain users" to be able to edit the "info" attribute on each computer object?
I am trying to achieve much of the same as described in this article, but I need to edit the "info" attribute...
http://www.experts-exchange.com/Software/Server_Software/Active_Directory/Q_24097287.html
/Tord Bergset
Greetings!
Use 'Delegation Wizard' and select 'Create a custom task to delegate'. After that only choose
'Computer Objects' and assign below rights:
Regards.
Mahdi Tehrani |
|
www.mahditehrani.ir
Please click on Propose As Answer or to mark this post as
and helpful for other people.
This posting is provided AS-IS with no warranties, and confers no rights.
How to query members of 'Local Administrators' group in all computers?
Similar Messages
-
Script Help - Adding Users from AD Group to Computer Object Attribute
Environment:
Computer Objects have the following name convention - USERNAME-INV#-PC. An example is TEST1-54321-D. There is a GPO in place that adds any user populated under the managedBy attribute in a computer object to the administrators group for that computer
object.
Scenario:
Create "Local PC Admin" group
When user TEST1 gets added to the "Local PC Admin" group, a powershell script that runs on an hourly scheduled task goes out and finds any computer object (that is not a server) that has TEST1 in its name. For example, TEST1-54321-D for desktop
and TEST1-98765-L for laptop.
It then adds the user to the managedBy attribute of the computer object and appends the text "added as local admin on <currentdate>" to the computerobject description.
If TEST2 is added to the group later, the script should see that TEST1 has already been added and only add TEST2 to the managedBy attribute to the appropriate computer as well as the "added as local admin on <currentdate>".
Still thinking how this can be automated when a user is removed from the "Local PC Admin" group.
Can somebody please find holes in this scenario or suggest a better method to approach this?Security nightmare? How so? Regular domain users cannot modify the "managedBy" computer object attribute.
The "Local PC Admin" group would be a ADUC security group. The Help Desk and Network Admins would be the only ones that can either add users to the group or directly modify the "managedBy" computer object attribute.
The Group Policy that runs against the desktops/laptops looks to see if the managedBy attribute of the computer object is populated. If so, it adds that user as a local admin to their workstation/laptop and removes any other user/group not specified
and given local admin rights. This would only be done for a handful of users (those in the Local PC Admin group) that need admin access ; in other words, the attribute would only be populated for a few computer objects and not the entire organization.
If it is not populated, it does nothing and leaves the default admins on it.
More info on how the GPO works here: http://fbinotto.blogspot.com/2014/01/making-user-object-set-in-managedby.html -
Logoncount Attribute on Computer objects in Active Directory
Hello,
I have one question about the logoncount Attribute on Active Directory objects. As I understood on user objects this attribute counts the number of logons per DC (because it is not replicating).
My question is:
What exactly is count here on computer objects?
I can see that on a Domain Controller computer object the logoncount is high for the DC itself and low on the other DC objects.
Thank you.
Regards
DennisHere is an old thread. You will see some of the explanation from our own Richard :)
http://www.techtalkz.com/windows-server-2003/500367-attributes-update-during-computer-logon.html
Santhosh Sivarajan | Houston, TX | www.sivarajan.com
ITIL,MCITP,MCTS,MCSE (W2K3/W2K/NT4),MCSA(W2K3/W2K/MSG),Network+,CCNA
Windows Server 2012 Book - Migrating from 2008 to Windows Server 2012
Blogs: Blogs
Twitter: Twitter
LinkedIn: LinkedIn
Facebook: Facebook
Microsoft Virtual Academy:
Microsoft Virtual Academy
This posting is provided AS IS with no warranties, and confers no rights. -
Request for info regarding MAC address population in computer objects
Hi,
I am trying to determine how MAC address information is populated in computer objects. I had assumed initially that the hardware scan would be used, but observation shows this information
to be obtained prior to any hardware inventory.
I have laptops that are primarily connected via VPN, and before long their objects lose the internal network interface's MAC address. When I try to rebuild them, they fail to PXE boot. I have
found that importing a CSV of host / MAC / SMBIOD GUID will update the object (rather than having to delete and recreate it) which works temporarily. The MAC will eventually disappear, and the device fail to PXE boot.
I have thousands of these devices to manage, and it is already difficult enough having a CAS and two primaries (the windows Deployment Service on a DP only cares about devices in the DPs primary
site, and so devices that move site are a real pain already, try finding that anywhere in the OSD reference documents!)
I'm assuming now that this information is pulled from the actual client-server connection, and therefore is dynamic(ish), like IP information. If this is the case, more detail around that process,
where to find evidence of that process occurring would be very useful.The MAC is updated by hardware inventory and heartbeat discovery.
Torsten Meringer | http://www.mssccmfaq.de -
Libmtp error: could not send object info
I have an HTC One m8, and a laptop running Arch Linux. I installed gvfs-mtp, and my computer detects my phone and the files inside of it. I use the GNOME desktop environment, and it's default file manager.
If I try to transfer files to my phone, I get an error reading:
There was an error copying the file into mtp://[usb:003,005]/SD%20card.
"libmtp error: could not send object info".
I am not sure how to fix this. i tried reinstalling libmtp and gvfs to no avail.
I want to be able to connect my phone to my computer, and transfer files through my file manager. Any help would be appreciated..
Here's some output that may be relevant:
[saadnajmi@archlaptop ~]$ adb devices
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
List of devices attached
FA456WM01083 device
[saadnajmi@archlaptop ~]$ mtp-detect
Unable to open ~/.mtpz-data for reading, MTPZ disabled.
libmtp version: 1.1.8
Listing raw device(s)
Device 0 (VID=0bb4 and PID=0f63) is a HTC HTC One (MTP+ADB).
Found 1 device(s):
HTC: HTC One (MTP+ADB) (0bb4:0f63) @ bus 3, dev 5
Attempting to connect device(s)
ignoring libusb_claim_interface() = -6PTP_ERROR_IO: failed to open session, trying again after resetting USB interface
LIBMTP libusb: Attempt to reset device
Android device detected, assigning default bug flags
USB low-level info:
bcdUSB: 528
bDeviceClass: 0
bDeviceSubClass: 0
bDeviceProtocol: 0
idVendor: 0bb4
idProduct: 0f63
IN endpoint maxpacket: 512 bytes
OUT endpoint maxpacket: 512 bytes
Raw device info:
Bus location: 3
Device number: 5
Device entry info:
Vendor: HTC
Vendor id: 0x0bb4
Product: HTC One (MTP+ADB)
Vendor id: 0x0f63
Device flags: 0x18008106
Configuration 0, interface 0, altsetting 0:
Interface description contains the string "MTP"
Device recognized as MTP, no further probing.
Device info:
Manufacturer: HTC
Model: HTC One_M8
Device version: 1.58.502.1
Serial number: FA456WM01083
Vendor extension ID: 0x00000006
Vendor extension description: microsoft.com: 1.0; android.com: 1.0;
Detected object size: 64 bits
Extensions:
microsoft.com: 1.0
android.com: 1.0
Supported operations:
1001: get device info
1002: Open session
1003: Close session
1004: Get storage IDs
1005: Get storage info
1006: Get number of objects
1007: Get object handles
1008: Get object info
1009: Get object
100a: Get thumbnail
100b: Delete object
100c: Send object info
100d: Send object
1014: Get device property description
1015: Get device property value
1016: Set device property value
1017: Reset device property value
101b: Get partial object
9801: Get object properties supported
9802: Get object property description
9803: Get object property value
9804: Set object property value
9805: Get object property list
9811: Set object references
95c1: Get Partial Object (64bit Offset)
95c2: Send Partial Object
95c3: Truncate Object
95c4: Begin Edit Object
95c5: End Edit Object
96f0: Unknown (96f0)
Events supported:
0x4002
0x4003
0x4004
0x4005
Device Properties Supported:
0xd401: Synchronization Partner
0xd402: Friendly Device Name
0x5003: Image Size
Playable File (Object) Types and Object Properties Supported:
3000: Undefined Type
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
3001: Association/Directory
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
3004: Text
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
3005: HTML
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
3008: MS Wave
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dce0: Display Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
dc46: Artist STRING data type READ ONLY
dc9a: Album Name STRING data type READ ONLY
dc9b: Album Artist STRING data type READ ONLY
dc8b: Track UINT16 data type ANY 16BIT VALUE form READ ONLY
dc99: Original Release Date STRING data type DATETIME FORM READ ONLY
dc89: Duration UINT32 data type ANY 32BIT VALUE form READ ONLY
dc8c: Genre STRING data type READ ONLY
dc96: Composer STRING data type READ ONLY
de93: Sample Rate UINT32 data type range: MIN 0, MAX 48000, STEP 50 GET/SET
de94: Number Of Channels UINT16 data type ANY 16BIT VALUE form READ ONLY
de99: Audio WAVE Codec UINT32 data type enumeration: 0, 1, 2, 3, 8, 9, 11, 49, 50, 80, 85, 352, 353, 354, 355, 356, 41222, GET/SET
de9a: Audio Bit Rate UINT32 data type range: MIN 0, MAX 384000, STEP 1 GET/SET
3009: MP3
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dce0: Display Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
dc46: Artist STRING data type READ ONLY
dc9a: Album Name STRING data type READ ONLY
dc9b: Album Artist STRING data type READ ONLY
dc8b: Track UINT16 data type ANY 16BIT VALUE form READ ONLY
dc99: Original Release Date STRING data type DATETIME FORM READ ONLY
dc89: Duration UINT32 data type ANY 32BIT VALUE form READ ONLY
dc8c: Genre STRING data type READ ONLY
dc96: Composer STRING data type READ ONLY
de93: Sample Rate UINT32 data type range: MIN 0, MAX 48000, STEP 50 GET/SET
de94: Number Of Channels UINT16 data type ANY 16BIT VALUE form READ ONLY
de99: Audio WAVE Codec UINT32 data type enumeration: 0, 1, 2, 3, 8, 9, 11, 49, 50, 80, 85, 352, 353, 354, 355, 356, 41222, GET/SET
de9a: Audio Bit Rate UINT32 data type range: MIN 0, MAX 384000, STEP 1 GET/SET
300b: MPEG
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dce0: Display Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
dc46: Artist STRING data type READ ONLY
dc9a: Album Name STRING data type READ ONLY
dc89: Duration UINT32 data type ANY 32BIT VALUE form READ ONLY
dc48: Description STRING data type READ ONLY
de93: Sample Rate UINT32 data type range: MIN 0, MAX 48000, STEP 50 GET/SET
de94: Number Of Channels UINT16 data type ANY 16BIT VALUE form READ ONLY
de99: Audio WAVE Codec UINT32 data type enumeration: 0, 1, 2, 3, 8, 9, 11, 49, 50, 80, 85, 352, 353, 354, 355, 356, 41222, GET/SET
de9a: Audio Bit Rate UINT32 data type range: MIN 0, MAX 384000, STEP 1 GET/SET
dc8b: Track UINT16 data type ANY 16BIT VALUE form READ ONLY
dc99: Original Release Date STRING data type DATETIME FORM READ ONLY
dc8c: Genre STRING data type READ ONLY
dc87: Width UINT32 data type ANY 32BIT VALUE form READ ONLY
dc88: Height UINT32 data type ANY 32BIT VALUE form READ ONLY
de9b: Video Four CC Codec UINT32 data type enumeration: 0, 859189832, 958804552, 1195724877, 827739479, 844516695, 861293911, GET/SET
de9c: Video Bit Rate UINT32 data type range: MIN 0, MAX 2000000000, STEP 1 GET/SET
de9d: Frames Per Thousand Seconds UINT32 data type range: MIN 0, MAX 60000, STEP 1 GET/SET
3801: JPEG
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dce0: Display Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
dc48: Description STRING data type READ ONLY
3802: TIFF EP
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
3804: BMP
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dce0: Display Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
dc48: Description STRING data type READ ONLY
3807: GIF
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dce0: Display Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
dc48: Description STRING data type READ ONLY
3808: JFIF
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
380b: PNG
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dce0: Display Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
dc48: Description STRING data type READ ONLY
380d: TIFF
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
b901: WMA
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dce0: Display Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
dc46: Artist STRING data type READ ONLY
dc9a: Album Name STRING data type READ ONLY
dc9b: Album Artist STRING data type READ ONLY
dc8b: Track UINT16 data type ANY 16BIT VALUE form READ ONLY
dc99: Original Release Date STRING data type DATETIME FORM READ ONLY
dc89: Duration UINT32 data type ANY 32BIT VALUE form READ ONLY
dc8c: Genre STRING data type READ ONLY
dc96: Composer STRING data type READ ONLY
de93: Sample Rate UINT32 data type range: MIN 0, MAX 48000, STEP 50 GET/SET
de94: Number Of Channels UINT16 data type ANY 16BIT VALUE form READ ONLY
de99: Audio WAVE Codec UINT32 data type enumeration: 0, 1, 2, 3, 8, 9, 11, 49, 50, 80, 85, 352, 353, 354, 355, 356, 41222, GET/SET
de9a: Audio Bit Rate UINT32 data type range: MIN 0, MAX 384000, STEP 1 GET/SET
b902: OGG
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dce0: Display Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
dc46: Artist STRING data type READ ONLY
dc9a: Album Name STRING data type READ ONLY
dc9b: Album Artist STRING data type READ ONLY
dc8b: Track UINT16 data type ANY 16BIT VALUE form READ ONLY
dc99: Original Release Date STRING data type DATETIME FORM READ ONLY
dc89: Duration UINT32 data type ANY 32BIT VALUE form READ ONLY
dc8c: Genre STRING data type READ ONLY
dc96: Composer STRING data type READ ONLY
de93: Sample Rate UINT32 data type range: MIN 0, MAX 48000, STEP 50 GET/SET
de94: Number Of Channels UINT16 data type ANY 16BIT VALUE form READ ONLY
de99: Audio WAVE Codec UINT32 data type enumeration: 0, 1, 2, 3, 8, 9, 11, 49, 50, 80, 85, 352, 353, 354, 355, 356, 41222, GET/SET
de9a: Audio Bit Rate UINT32 data type range: MIN 0, MAX 384000, STEP 1 GET/SET
b903: AAC
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dce0: Display Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
dc46: Artist STRING data type READ ONLY
dc9a: Album Name STRING data type READ ONLY
dc9b: Album Artist STRING data type READ ONLY
dc8b: Track UINT16 data type ANY 16BIT VALUE form READ ONLY
dc99: Original Release Date STRING data type DATETIME FORM READ ONLY
dc89: Duration UINT32 data type ANY 32BIT VALUE form READ ONLY
dc8c: Genre STRING data type READ ONLY
dc96: Composer STRING data type READ ONLY
de93: Sample Rate UINT32 data type range: MIN 0, MAX 48000, STEP 50 GET/SET
de94: Number Of Channels UINT16 data type ANY 16BIT VALUE form READ ONLY
de99: Audio WAVE Codec UINT32 data type enumeration: 0, 1, 2, 3, 8, 9, 11, 49, 50, 80, 85, 352, 353, 354, 355, 356, 41222, GET/SET
de9a: Audio Bit Rate UINT32 data type range: MIN 0, MAX 384000, STEP 1 GET/SET
b982: MP4
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
b983: MP2
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
b984: 3GP
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dce0: Display Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
dc46: Artist STRING data type READ ONLY
dc9a: Album Name STRING data type READ ONLY
dc89: Duration UINT32 data type ANY 32BIT VALUE form READ ONLY
dc48: Description STRING data type READ ONLY
de93: Sample Rate UINT32 data type range: MIN 0, MAX 48000, STEP 50 GET/SET
de94: Number Of Channels UINT16 data type ANY 16BIT VALUE form READ ONLY
de99: Audio WAVE Codec UINT32 data type enumeration: 0, 1, 2, 3, 8, 9, 11, 49, 50, 80, 85, 352, 353, 354, 355, 356, 41222, GET/SET
de9a: Audio Bit Rate UINT32 data type range: MIN 0, MAX 384000, STEP 1 GET/SET
dc8b: Track UINT16 data type ANY 16BIT VALUE form READ ONLY
dc99: Original Release Date STRING data type DATETIME FORM READ ONLY
dc8c: Genre STRING data type READ ONLY
dc87: Width UINT32 data type ANY 32BIT VALUE form READ ONLY
dc88: Height UINT32 data type ANY 32BIT VALUE form READ ONLY
de9b: Video Four CC Codec UINT32 data type enumeration: 0, 859189832, 958804552, 1195724877, 827739479, 844516695, 861293911, GET/SET
de9c: Video Bit Rate UINT32 data type range: MIN 0, MAX 2000000000, STEP 1 GET/SET
de9d: Frames Per Thousand Seconds UINT32 data type range: MIN 0, MAX 60000, STEP 1 GET/SET
ba05: Abstract Audio Video Playlist
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
ba10: WPL Playlist
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
ba11: M3U Playlist
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
ba14: PLS Playlist
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
ba82: XMLDocument
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
b906: FLAC
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
b981: WMV
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dce0: Display Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
dc46: Artist STRING data type READ ONLY
dc9a: Album Name STRING data type READ ONLY
dc89: Duration UINT32 data type ANY 32BIT VALUE form READ ONLY
dc48: Description STRING data type READ ONLY
de93: Sample Rate UINT32 data type range: MIN 0, MAX 48000, STEP 50 GET/SET
de94: Number Of Channels UINT16 data type ANY 16BIT VALUE form READ ONLY
de99: Audio WAVE Codec UINT32 data type enumeration: 0, 1, 2, 3, 8, 9, 11, 49, 50, 80, 85, 352, 353, 354, 355, 356, 41222, GET/SET
de9a: Audio Bit Rate UINT32 data type range: MIN 0, MAX 384000, STEP 1 GET/SET
dc8b: Track UINT16 data type ANY 16BIT VALUE form READ ONLY
dc99: Original Release Date STRING data type DATETIME FORM READ ONLY
dc8c: Genre STRING data type READ ONLY
dc87: Width UINT32 data type ANY 32BIT VALUE form READ ONLY
dc88: Height UINT32 data type ANY 32BIT VALUE form READ ONLY
de9b: Video Four CC Codec UINT32 data type enumeration: 0, 859189832, 958804552, 1195724877, 827739479, 844516695, 861293911, GET/SET
de9c: Video Bit Rate UINT32 data type range: MIN 0, MAX 2000000000, STEP 1 GET/SET
de9d: Frames Per Thousand Seconds UINT32 data type range: MIN 0, MAX 60000, STEP 1 GET/SET
300a: MS AVI
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
300c: ASF
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
ba83: Microsoft Word Document
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
ba85: Microsoft Excel Spreadsheet (.xls)
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
ba86: Microsoft Powerpoint (.ppt)
dc01: Storage ID UINT32 data type ANY 32BIT VALUE form READ ONLY
dc02: Object Format UINT16 data type ANY 16BIT VALUE form READ ONLY
dc03: Protection Status UINT16 data type ANY 16BIT VALUE form READ ONLY
dc04: Object Size UINT64 data type READ ONLY
dc07: Object File Name STRING data type GET/SET
dc09: Date Modified STRING data type DATETIME FORM READ ONLY
dc0b: Parent Object UINT32 data type ANY 32BIT VALUE form READ ONLY
dc41: Persistant Unique Object Identifier UINT128 data type READ ONLY
dc44: Name STRING data type READ ONLY
dc4e: Date Added STRING data type DATETIME FORM READ ONLY
Storage Devices:
StorageID: 0x00020001
StorageType: 0x0004 removable RAM storage
FilesystemType: 0x0002 generic hierarchical
AccessCapability: 0x0000 read/write
MaxCapacity: 31896633344
FreeSpaceInBytes: 31628312576
FreeSpaceInObjects: 1073741824
StorageDescription: SD card
VolumeIdentifier: ##storage##ext_sd
StorageID: 0x00010001
StorageType: 0x0003 fixed RAM storage
FilesystemType: 0x0002 generic hierarchical
AccessCapability: 0x0000 read/write
MaxCapacity: 26667683840
FreeSpaceInBytes: 9365225472
FreeSpaceInObjects: 1073741824
StorageDescription: Internal storage
VolumeIdentifier: ##storage##emulated##0
Special directories:
Default music folder: 0xffffffff
Default playlist folder: 0xffffffff
Default picture folder: 0xffffffff
Default video folder: 0xffffffff
Default organizer folder: 0xffffffff
Default zencast folder: 0xffffffff
Default album folder: 0xffffffff
Default text folder: 0xffffffff
MTP-specific device properties:
Friendly name: (NULL)
Synchronization partner: (NULL)
libmtp supported (playable) filetypes:
Folder
Text file
HTML file
RIFF WAVE file
ISO MPEG-1 Audio Layer 3
MPEG video stream
JPEG file
BMP bitmap file
GIF bitmap file
JFIF file
Portable Network Graphics
TIFF bitmap file
Microsoft Windows Media Audio
Ogg container format
Advanced Audio Coding (AAC)/MPEG-2 Part 7/MPEG-4 Part 3
MPEG-4 Part 14 Container Format (Audio+Video Emphasis)
ISO MPEG-1 Audio Layer 2
Abstract Playlist file
XML file
Free Lossless Audio Codec (FLAC)
Microsoft Windows Media Video
Audio Video Interleave
Microsoft Advanced Systems Format
DOC file
XLS file
PPT file
OK.i got the solution...........thanks every one
-
Delete Computer object VS Disjoin
Quick question on AD administration to help resolve an internal debate:
We're running AD on Windows Server 2008 R2. One admin states that "deleting doesn't remove all AD objects", and that you need to run a disjoin on the machine first to properly remove the Computer Object. Can anyone confirm this?
Which is the correct way to remove objects in AD?
It's my understanding that no matter what, you'll end up running a delete command, which marks the object as deleted; this gets replicated to all other DC's, and whenever the tombstone lifetime expires, then a cleanup process will finally and forever remove
the tombstone objects. If you don't run a "disjoin" command first, will there be any other lingering objects that need special care and consideration??
Any info is appreciated. Thanks much.Hi - This is _how_ it works:
A domain unjoin comes down to the NetUnJoinDomain() API call documented at:
http://msdn.microsoft.com/en-us/library/windows/desktop/aa370644(v=vs.85).aspx
There is two scenarios that can happen, either the account get's disabled (by default) if you unjoin using the UI, or it's not disabled leaving out the misnamed flag 'NETSETUP_ACCT_DELETE' that actually means disable and not delete.
The computer account is only disabled regardless of the flag if the user that performs the unjoin has the rights to disable the computer account in AD, e.g write to the userAccountControl attribute.
The computer account (object) in AD is never deleted from AD during a unjoin.
How ever the importance of clean up here is that the computer accounts password is cleared from the LSA during a unjoin, so it can't be used to authenticate against AD in case that the computer account is NOT being disabled for one of the reasons mentioned
above.
Deleting the computer object from AD is like deleting any other object in AD, it stays for the TSL until it's ultimately removed from the database.
Enfo Zipper
Christoffer Andersson – Principal Advisor
http://blogs.chrisse.se - Directory Services Blog -
I have a requirement where I have to give the list of users who can access a specific computer define in AD.
I am new with PS.
Do you have a script to list users that can access a computer object of AD ?
I have executed the following script but it does not give me the access rights of who can access the computer 'computername'
How can i have this information. please help
Import-Module activedirectory
$computer=get-adcomputer "computername" -properties ntSecurityDescriptor
$omputer.ntsecurityDescriptor.Access | select-object -expandproperty IdentityReference | sort-object -uniqueI would say that, since the OP has so little info, there are no policies in use. It there were then this question would never be asked the way it is being asked.
I had a client call with a letter from their insurance company; an accountant with malpractice insurance. THey asked the same question inmuch the same way. "What computer can you users access?" The question should be more like
"Do you have a policy that restricts access to computers and do you audit for compliance?"
I have had other clients whose insurance asked the question in that way. It produces a better view of what should be happening and how to show compliance.
I recommend that companies being asked these questions by their legal departments or insurance companies should contract with a god computer security consultant to assist with answering these very tricky questions. Of course if it is just you boss's
curiosity then you may need to discuss his requirements with him in more depth.
¯\_(ツ)_/¯ -
I ran the following script and got a bunch of computer objects in my csv. How to i Prevent this? I already tried using
Where-Object{$_.type
-eq
"user"} OR
-filter{type
-eq
"user"}
script:
Get-ADUser-Filter*-PropertiessamAccountName,accountExpires,Created,LastLogonTimeStamp,Department,physicalDeliveryOfficeName,employeeID,AccountExpirationDate,Manager|
Where-Object
{$_.accountexpirationdate
-lt$timex}
|
select
Name,samAccountName,@{Name="Timestamp";
Expression={[DateTime]::FromFileTime($_.lastLogonTimestamp)}},@{n='Date
Created';e={$_.created}},Department,@{n='Location';e={$_.physicalDeliveryOfficeName}},employeeID,AccountExpirationDate,@{Label='Manager
sAMAccountName';Expression={(Get-ADUser$_.Manager).sAMAccountName}},@{Label='Manager
Name';Expression={(Get-ADUser$_.Manager).name}}
|
export-csv
-path$mypath-notypeinformationSomeone told me the Computer accounts are generic accounts...makes any sense?
No.
EDIT: What's the output of this command for one of these computer accounts:
Get-ADUser ThatComputerAccount | Select *
Don't retire TechNet! -
(Don't give up yet - 13,225+ strong and growing) -
Trying to update hidden attibute in AD computer objects.
I am trying to update my AD computers using PowerShell to read the items from a CSV file. I have successfully updated the Description and other standard items, but I cannot get the non-common
hidden attributes to updated. I am very green on PowerShell. I'm not even sure I'm using the correct commands.
The contents of the CSV file looks like as below:
Name = preexisting Computer object name
Description = Information I want to place in the description field (Non-hidden \ standard)
comment = Information I want to place in the comments field (Hidden field)
name,description,comment
Computer1,Computer Model - 123456789 - Office 1111,Comment1
Computer2,Computer Model - 234567891 - Office 1112,Comment2
Computer2,Computer Model - 345678912 - Office 1113,Comment3
Below is the script:
# Update Computer Description and Comments
Import-module ActiveDirectory
Import-CSV "C:\temp\Computers.csv" | % {
$Computer = $_.name
$Description = $_.description
$Comment = $_.comment
Set-ADComputer $Computer -description $Description
Set-ADComputer $Computer -comment $CommentTo set comments on non-standard items you need to do something like this:
Set-ADComputer Computername -replace @{Comment="Test1"}
[email protected]
Thank you Richard. The information worked well. I modified it slightly to retrieve the information from the CSV file as seen below:
Set-ADComputer $Computer -replace @{Comment=$Comment} -
JCo method to find CCMS Text Attribute/Object Description attributes value
Is there any function available in SAP JCo / XAL ( External Interface for Alert Management ) to find the current values for CCMS Text Attribute or Object Description attributes and CCMS Heartbeat attributes from a Java Program. It seems XAL only has functions to find the current values of performance, status and log attributes.
hi arun,
refer this link
http://help.sap.com/saphelp_nw04/helpdata/en/6a/82343ecc7f892ee10000000a114084/content.htm
https://dsd.esco-salt.com/StartPage/documents/admin/30.html
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/548da290-0201-0010-0299-f037dd7eeb36
check for the api for jmomapi.jar
Alert status definitions
ther u have code and example also
bvr
Edited by: bvr on Apr 27, 2009 12:18 PM
Edited by: bvr on Apr 27, 2009 12:53 PM
Edited by: bvr on Apr 27, 2009 12:55 PM -
Managing multiple "old" AD computer objects
So we have implemented a naming convention where the techs just select a location and department during the imaging process for a machine that is about to be deployed; during that process and the computers are automagically named something like "NYC-FIN-1234567"...
with 1234567 being the dell asset tag.... pretty nifty Johan(!)
However... the problem is that once that machine gets re-imaged at the same location and deployed to another team like the marketing folks (ie."MKT")... it gets the name NYC-MKT-1234567...
the problem I am seeing is now we have multiple objects in AD with the same asset tag which is causing nightmares for licensing management... NYC-FIN-1234567 & NYC-MKT-1234567 respectively.
I am working on a PowerShell script that will trim the names down to their respective tags and then compare the list for duplicates - then check and compare the duplicates properties like "created date" and make a determination and delete
the older object...
this checking for duplicates is proving to be a little more difficult and haven't even gotten to the evaluate section yet... I am still working on my proficiency when it comes to more complex arrays.
am i going about this the right way or does anyone else have another approach to this conundrum?
scripting games '14 anyone :pall good info!
Since our AD has less than 3000 workstation objects the 'scaling' is manageable... but could make it a little faster, but alas here is what i have with a couple of tweaks
i am skimming all computer objects in our 'workstation' OU... and dropping the first two prefixes, and then checking for machines that match... we were originally using "created date" but since we have workstations that have been imaged to say
a FIN dept and then to a MKT dept and then re-re-imaged back to FIN... the created date doesn't change so i switched to Modified date, and keep the newest one...
but also as another 'layer' of protection i test-path of the workstation (we run this middle of the day) before disabling it and moving it to a "temp" ou where we can let them sit for a couple weeks in case we had a false positive (thus the ping)
we can quickly restore that object... i also can just comment out the actual "move and disable command" so it generates me a nice list of machines that would have been deleted so i can do a 'sanity check' before deleting a bunch of vip's machiens
from AD :)
#Declare Domain and OU to be Scrubbed - and $dupou is the ou we can let them 'chillout' before deleting on the next run
$domain = "domain.com"
$OU = "OU=Workstations,DC=domain,DC=com"
$CleanupList = "c:\disabled.txt"
$dupOU = "OU=Duplicates,OU=INACTIVE,DC=domain,DC=com"
if (test-path $CleanupList) {Remove-Item $CleanupList}
$delOK = "c:\DelOk.txt"
if (test-path $delOK) {Remove-Item $delOK}
#this is the TEMPORARY throttle cap... so it will stop after it finds the amount defined by $cap (so we can phase it in)
$cap = 10000
$Global:i = 0
$sdate = (Get-Date)
Write-Output "AD Duplicate 'Scrubber' Script started on: "$sdate >> $CleanupList
Write-output "These Machines were disabled and moved to the Inactive\Duplicates OU in our domain" >> $CleanupList
Write-Output "--------------------------------------------------------------------------------------------------------------">> $CleanupList
$comps = (Get-ADComputer -filter * -Server $domain -SearchBase $OU).name
ForEach ($comp in $comps) {
if ($global:i -lt $cap) {
#trim length to just asset tags (last 7 digits)
$Length = $comp.Length
$var = $Length - 7
$tag = $comp.Substring($var,7)
Write-host -ForegroundColor yellow "Testing asset tag: $tag"
$x =(Get-ADComputer -Filter "name -like '*$tag'" -Properties DistinguishedName, Modified -Server $domain -SearchBase $OU |Sort-Object -Property Modified)
if ($x.count -gt 1) {
$y = ($x.count) -1
while ($y -ge 1 ) {
$z = $y - 1
$x.name[$z] >> $CleanupList
#added a ping feature to as another level of "protection"
if (Test-Connection $x.name[$z] -Count 2 -Quiet){
Write-Output $x.name[$z]" is Online... Skipping"
$x.name[$z] >> c:\WTF.txt
}Else {
#this line below this one is the one that moves and disables... comment out if testing with a # sign or remove when testing compelete
#Get-ADComputer $x.name[$z] | Move-ADObject -TargetPath $dupOU -PassThru | Disable-ADAccount
Write-Output $x.name[$z]" is Offline... should delete"
$global:i++
$x.name[$z] >> $delOK
write-host -ForegroundColor Cyan $x.name[$z]" Moved and Disabled - $global:i"
$y--
Write-host "------------"
Write-host -foregroundcolor cyan "$i Computer objects were Disabled and Moved to $dupOU :)"
#message in the body
$msg ="Please review the attached list to see the Duplicate machines that were moved and disabled via this script"
#Recipients
$mailTo = "shad acker <[email protected]>"
Send-MailMessage -SmtpServer smtp.domain.com -Attachments $delOK -Body $msg -to $mailTo -From "DuplicateFinder<[email protected]>" -Subject "Computer Duplicates Disabled" -Cc "who ever <[email protected]>"
not the prettiest or most efficinent but it seems to be working :) -
Pull owner from computer object and add to BUILTIN\Administrators via GPO
Quick question here - is it possible to pull an owner from computer object in AD (left side of picture) and add him to BUILTIN\Administrators on this particular workstation along with 2 AD groups and 'LocalAdmin' user (right side of picture)? Im interested
only in doing it via GPO.> Quick question here - is it possible to pull an owner from computer
You mean "manager" and not "owner", right? The owner is defined in
"security - advanced - owner" and is the account that initially created
the object. Typically "Domain Admins"...
> object in AD (left side of picture) and add him to
> BUILTIN\Administrators on this particular workstation along with 2 AD
> groups and 'LocalAdmin' user (right side of picture)? Im interested only
> in doing it via GPO.
Nothing as easy as that. You can use GPP local users and groups, and you
can use Item Level Targeting with LDAP filters. Grab the managedBy
attribute of the computer account, grab the samaccountname of the
managedBy DN and you're almost done :)
Martin
Mal ein
GUTES Buch über GPOs lesen?
NO THEY ARE NOT EVIL, if you know what you are doing:
Good or bad GPOs?
And if IT bothers me - coke bottle design refreshment :)) -
Prestage Computer Object in Subdomain
Trying to precreate a computer object in a subdomain. It works sometimes (1 in 15) with a "Directory Object Not Found" error. I'm doing this through a powershell workflow
(for WAP/SMA - hence the credential call). The credential has full access on the target OU. The if statement is for multiple domains I have but shortened up for sake of cleanliness here.
The best I can tell is it's some sort of error with how it's looking for the OU where the server should end up. Code below- anyone delt with this before?
workflow Precreate-Object
Param(
[Parameter(Mandatory=$True)][String]$servername,
[Parameter(Mandatory=$True)][String]$datacenter,
[Parameter(Mandatory=$True)][String]$ou
$PSUserCredAD = Get-AutomationPSCredential -Name "Automation Credential"
if ($datacenter -like "Subdomain")
$domaincontroller = "subdomain.location.domain.com"
InlineScript{
New-ADComputer -Name $using:servername -Path "$using:ou" -Server $using:domaincontroller -Credential $using:PSUserCredAD
Full error below:
8/11/2014 11:00:33 AM, Error: New-ADComputer : Directory object not found At Precreate-Object:28 char:28
+ + CategoryInfo : ObjectNotFound: (CN=Servername,CN=...domain,DC=com:String) [New-ADComputer], ADIdentityNotFoundException + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Mic rosoft.ActiveDirectory.Management.Commands.NewADComputerYour error is explicit. YOu are asking a specific dc for the info and it is saying it doesn't exist on the domain. IIt is not saying no access or anything else. The object does not exist as specified. Fix the DN and it will likely
work.
ObjectNotFound: (CN=Servername,CN=...domain,DC=com:String)
¯\_(ツ)_/¯ -
I am planning to create custom defined DSO Object & Info cube
Hi ,
i am planning to create custom defined DSO Object & Info cube.what ratio i can calculate what is the keyfields & what are the data fields in DSO.How can i calculate.
2. how can i create suitable dimensions, suitable characterstics for dimensions.what ratio i can decide.
Thanks,
chandu.Hi Diego Garu,
Thanks for your fast response.i
VBELN VBAP 2LIS_11_VAITM 0DOC_NUMBER
POSNR VBAP 2LIS_11_VAITM 0S_ORD_ITEM
KUNNR VBAK 2LIS_11_VAHDR 0SOLD_TO
VBELN VBRP 2LIS_13_VDITM 0BILL_NUM
FKDAT VBRK 2LIS_13_VDHDR 0BILL_DATE
INCO1 VBRK 2LIS_13_VDHDR(INCO1FieldNot Available in Data Source) 0INCOTERMS
ZTERM VBRK 2LIS_13_VDHDR(Payment terms field Not Available in Data Source) 0UCPYTERMS
NETWR VBRP 2LIS_13_VDITM 0NETVAL_INV.
here data is coming from the multible tables.that why i am planning to create custom defined data source based on view. here how can i calucate dso is suitable or cube is suitable.
suppose dso is suitable how can i decide which on is the data field and which one is the key field.
how can i decide how many dimensions are needed here.and which chara are suitable for that dimensions.
Thanks ,
chandu. -
i have recently moved from the uk to australia and cancelled my uk debit before the payment was processed for songs i bought in itunes. i have tried to edit my billing info with australian debit details but the site says 'invalid card' how can i fix this?
Contact iTunes Customer Service and request assistance
Use this Link > Apple Support iTunes Store Contact
Maybe you are looking for
-
I am trying to set up my new iphone but I don't want itunes to think it is my old phone. I would like to know how if I can set up my new phone so it is separate from my old one but still be able to load the songs and apps I want onto my new phone....
-
You can only use apple tv on a flat screen tv, is that correct?
I'm the only person in the world who still has a big TV.
-
Require a Function Module or a BAPI
Hi, Does anyone in here knows a FM or a BAPI(preferred) that would take the Material Number & Plant as input and return the available quantity available under different storage location for the plant. No logic is to be written. Strict usage of FM or
-
Can't download iTunes 7- no internet
I am trying to load my library from my old computer to my new. The problem is the instructions say that the old computer has to have iTunes 7. It doesn't. I'm unable to access the internet from my old computer (the reason for the new one). Is it poss
-
My keywords were part of my import from Elements into LR2. Some where in the process I developed some keyword errors. I have one keyword that shows 59 photos in the keyword list, a sub category with 5 photos and a sub-sub category with 2 photos. Al