Wednesday, February 28, 2018

Get DHCP Server in your Domain

In this post I will show you how to get all DHCP that are used in your Domain.


Show all DHCP Server using netsh
netsh dhcp show server


Show specific DHCP Server using netsh and findstr
netsh dhcp show server | findstr "dhcp01"

Show two DHCP Server using netsh
netsh dhcp show server | findstr "dhcp01 dhcp02"

Results could be exported with >%path%
netsh dhcp show server >C:\admin\dhcp.txt

You can use Powershell using get-adobject and export it with export-csv
$RootDSE = [System.DirectoryServices.DirectoryEntry]([ADSI]"LDAP://RootDSE")
$CfgNC = $RootDSE.Get("configurationNamingContext")
Get-ADObject -SearchBase "$CfgNC" -Filter "objectclass -eq 'dhcpclass' -AND Name -ne 'dhcproot'" | select name | Sort-Object -Property Name | Export-csv "C:\admin\Forest DHCP Servers.csv" -NoType

Or just using Get-DhcpServerInDC
Get-DhcpServerInDC


If you want to filter using Get-DhcpServerInDC you can do it like this
Get-DhcpServerInDC | where dnsname -like *dhcp02*


Thursday, February 22, 2018

PowerShell Versions over the years and the future of PowerShell

If you want to know your PowerShell Version just type in $PSVersionTable You can run this command on every system with PowerShell installed. So if you have PowerShell Core installed on you macOS or Linux system you can use $PSVersionTable. PS C:\> $PSVersionTable

Name                                         Value
----                                              -----
PSVersion                                   5.1.16299.98
PSEdition                                   Desktop
PSCompatibleVersions                {1.0, 2.0, 3.0, 4.0...}
BuildVersion                               10.0.16299.98
CLRVersion                                4.0.30319.42000
WSManStackVersion                  3.0
PSRemotingProtocolVersion        2.3
SerializationVersion                    1.1.0.1

Powershell Versions over the years.
PowerShell 1.0 started in November 2006 and was integrated in Windows Server 2008.

PowerShell 2.0  released October 2009 integrated in Windows 7 and Server 2008 R2.

PowerShell 3.0 released September 2012 integrated in Windows 8 and Server 2012.

PowerShell 4.0 released October 2013 integrated in Windows 8.1 and Server 2012 R2.

PowerShell 5.0 released February 2016 integrated in Windows 10.

PowerShell 5.1 released January 2017 integrated in Windows 10 Anniversary Update and Server 2016.

PowerShell Core 6.0 released January 2018 supported for Windows 7, 8.1, and 10,Windows Server 2008 R2, 2012 R2, 2016, Windows Server Semi-Annual Channel, Ubuntu 14.04, 16.04 and 17.04, Debian 8.7+ and 9, CentOS 7, Red Hat Enterprise Linux 7, OpenSUSE 42.2, Fedora 25, 26 and macOS 10.12+. The community also constributed package that not officially supported for Arch Linux, Kali Linux and AppImage. It was realeased experimental for Windows on ARM32/64 and Raspbian(Stretch). Donwload PS Core: https://github.com/PowerShell/PowerShell

Previous versions are also available to download.

V3 for Windows 7 SP1, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2
https://www.microsoft.com/en-us/download/details.aspx?id=34595

V4 for Windows 7, Windows Embedded Standard 7, Windows Server 2008 R2, Windows Server 2012
https://www.microsoft.com/en-us/download/details.aspx?id=40855

V5 for Windows 7 Service Pack 1, Windows 8.1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows Server 2012 R2
https://www.microsoft.com/en-us/download/details.aspx?id=50395

V5.1 for Windows 7 Service Pack 1, Windows 8.1, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2
https://www.microsoft.com/en-us/download/details.aspx?id=54616

What is the difference between PowerShell and PowerShell Core?
The most difference is that PowerShell Core is cross-platform and runs on Windows, Linux, and MacOS while the old one runs on Windows only. For now, PowerShell Core isn´t as powerful as the old PowerShell, cebause the new PowerShell uses the less feature-rich .NET Core and .NET Standard. The old one uses .NET Framework and .NET Standard. So .NET Core is pretty new and Microsoft needs some time to get it as powerful as .NET Framework.

The future is PowerShell Core?
Yea, as Microsoft announced PowerShell Core will be provided with new feature updates, while the old PowerShell will just get bug fixes and security updates. So the future belongs to PowerShell Core!
https://blogs.msdn.microsoft.com/powershell/2017/07/14/powershell-6-0-roadmap-coreclr-backwards-compatibility-and-more/

Thursday, February 15, 2018

Characters to escape in Active Directory in distinguishedName and canonicalName


In this post I want to show you which characters have to be escaped in AD in distinguishedName and canonicalName Attribute.


distinguishedName


Some characters in Active Directory have to be escaped with the backslash "\" character, if they appear in components of a distinguished name.

Characters that aren´t allowed in distinguished names:

# + < > ; , \ " = and SPACE


The space character must be escaped only if it is the leading or trailing character in any component of a distinguished name. The commas that separate components in a distinguished name are not escaped. The following table shows example relative distinguished names as they would appear

 

ADUC Name
Distinguished Name
Petun, Arnold J.
cn=Petun\, Arnold J.,ou=Sales,dc=Domain,dc=com
Dev\Services
ou=Dev\\Services,dc=Domain,dc=com
IT"Ext + Lab
cn=IT\"Ext \+ Lab,ou=IT,dc=Domain,dc=com
 Tim Black
cn=\ Tim Black \ ,ou=HR,dc=Domain,dc=com

 

In other AD attributes, like Name, Description, givenName, or even cn thos characters wouldn´t be escaped!

Find attached some characters that are allowed in distinguished names:

| @ $ % ^ ? : { } ! ' * ( ) . ` ~ & - _ [ ]

 


canonicalName


The escaping in canonicalName attribute  is different. The canonicalName is a constructed attribute, so you can´t modify this attribute. In this attribute slash and backslash characters are escaped using the backslash escape character.

/ \

Get available RIDs using dcdiag or Powershell


Using DCDIAG:


dcdiag /s:dc01.domain.com /test:ridmanager /v | find /i "Available RID"

Machine generated alternative text:
* Available RID Pool for the Domain is 191184 to 1873741823 
* Warning : There is less than 16% available RIDs in the current Pool

 

Using PowerShell to convert the parts of riDAvailablePool into issued and remaining RIDs.

 

$DomainDN = (Get-ADDomain).DistinguishedName

$property = get-adobject “cn=rid manager$,cn=system,$DomainDN” -property ridavailablepool -server (Get-ADDomain).RidMaster

$rid = $property.ridavailablepool   

[int32]$totalSIDS = $($rid) / ([math]::Pow(2,32))

[int64]$temp64val = $totalSIDS * ([math]::Pow(2,32))

[int32]$currentRIDPoolCount = $($rid) – $temp64val

$ridsremaining = $totalSIDS – $currentRIDPoolCount

Write-Host “RIDs issued: $currentRIDPoolCount”

Write-Host “RIDs remaining: $ridsremaining”

 

Machine generated alternative text:
RIDs issued: 191104 
RIDs remaining: 1073550719

DNS console missing for RSAT on Windows 10 1709

Microsoft posted a workaround on the following support page:
https://support.microsoft.com/en-us/help/4055558/rsat-missing-dns-server-tool-in-windows-10-version-1709