PowerShell Script to Set AD User Password from List

05. March 2012 · Write a comment · Categories: howto, Microsoft, Scripts, Servers, Short, Windows · Tags: , ,

We’re moving to a new system on our public access computers that will require that staff provide a password for clients to login to the computers. Rather than training staff to change the password daily, I decided it would be easier to write a PowerShell script that runs as a Scheduled Task on the server every morning. It changes the password to one randomly selected from a word list (one word per line in a .txt file), and then writes the password to a file in a location only staff have access to so that they will know what it is.

To use this, copy the section below to a text file and save it as ChangePass.ps1 - note that you will need to allow scripts to be executed before this will work. Information about running .ps1 as a scheduled task is available here.

#Import the Active Directory Module
Import-Module ac*

#Grabs a random line from WordList.txt (enter the full path, in quotes if the path contains a space)
$pwd = Get-Content C:\Script\WordList.txt | Get-Random

#Uncomment the next line to print the selected password to the console
#Write-Host $pwd

#Convert the selected password to a Secure String so it can be accepted by the commandlet
$secure = convertto-securestring $pwd -asplaintext -force

#Set the password – replace username
Set-ADAccountPassword -Identity username -NewPassword $secure -reset

#Write the password to a file so the staff will know what it is – add your own path
$pwd | Out-File “C:\Share\Todays Password.txt”

So when the script is down, the text file located in C:\Share (or whatever you’ve changed it to) will contain the password. Be aware that this file will be overwritten every time the script is run, so don’t edit the file – you’re changes will be lost.

Short: Sticky Group Policies That Just Won’t Leave You Alone

07. July 2011 · Write a comment · Categories: "It's a Feature", Makes Sense, Microsoft, Short, Windows · Tags: , ,

The other day I was testing a Group Policy Object (GPO) on a system and resides in an isolated Organizational Unit (OU) with Block Inheritance set. After I finished testing, I applied the GPO to the production OUs and promptly forgot about it.

Fast forward to today. I was messing around on that system and discovered that I left that one particular GPO in place. I fired up the Group Policy Management tool and removed the link to that GPO, did a gpupdate /force on that system, rebooted and went about my business. A few minutes later, I discovered that GPO was still in effect. I double-checked that the GPO wasn’t linked to that OU anymore, and that inheritance was still blocked, and did another gpupdate /force, but to no avail. A quick check of HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy\History showed that yes, the GPO was still being applied.

I did a little head scratching, and then found the answer. As it turns out, after linking the GPO to the other production OUs, I selected the ‘Enforce’ option. By doing that, even after unlinking a GPO from an OU it will continue to be applied. I simply disabled the ‘Enforce’ option, ran yet another gpupdate /force, and all was well.

TL;DR Version: If you unlink a GPO from an OU, update the system, and the GPO is still being applied, disable the ‘Enforce’ option on that policy and do another gpupdate.

Short: Sneaky Microsoft Isn’t So Sneaky

22. March 2011 · Write a comment · Categories: Microsoft, Short · Tags: , ,

 

Sneaky-Sneaky

They aren't subtle, either.

As pointed out by @lukec on Twitter earlier today, Microsoft apparently paid to be listed as the top result when you search for ‘firefox’ on Twitter. What an odd coincidence, considering Firefox 4 was just released.

 

Short: Mopier HP Printers Make Me Sad

15. March 2011 · 2 comments · Categories: "It's a Feature", Short, Troubleshooting · Tags: , , ,

After setting up a few users on yet another HP Laserjet P4015dn, one person complained that when they told Microsoft Word to print 10 copies (or any number, really) only 1 copy would actually print. The printer wouldn’t report any errors, and neither would the computer – everything would just report normal.

A closer look revealed that the printer driver had Mopier Mode enabled. As per HP, this mode is used when the printer has an EIO hard disk installed. If the printer doesn’t have one, it will only print one copy. To disable Mopier Mode, do the following:

  1. Open the (Devices and) Printers Control Panel.
  2. Right-click on the printer, and choose (Printer) Properties.
  3. Click the Device Settings tab.
  4. Scroll to the bottom of the list, and change “Mopier Mode” to “Disabled”, then click OK.

Easy, right?

TL;DR Version: If your HP Printer is only printing one copy when told to do more, make sure Mopier Mode is disabled in the Printer Properties.

Short: A Small Problem with TrueCrypt and Toshiba Fastboot

15. March 2011 · 2 comments · Categories: "It's a Feature", Hardware, Makes Sense, Short, Troubleshooting · Tags: , , , ,

Yesterday, I decided to encrypt my Toshiba Satellite C650D laptop with TrueCrypt – I opted for Full System Drive encryption, which involves TrueCrypt adding its own bootloader. After answering the usual questions from the setup wizard, it prompted me to reboot to test the settings. After Windows restarted, I was prompted to enter the password I had specified earlier. The only problem was, when I started typing, nothing happened – I also couldn’t use ESC to bypass the password prompt, or CTRL+ALT+DEL to reboot. My only option was to power off. When I turned the laptop back on, though, I was able to enter the password without issue.

After the encryption process finished, I rebooted the laptop again, only to find that keyboard input still wasn’t working when I needed to enter the bootloader password. Again, though, after powering it off and back on everything worked fine. On a hunch, I shut down the laptop completely, then turned it back on, and was able to enter the password without issue.

As it turns out, if you have Toshiba’s ‘Fastboot’ feature enabled in BIOS (allows for < 1 second from power button to bootloader, bypassing the BIOS splash screen and, apparently, some hardware initialization steps), TrueCrypt won’t recognize your internal keyboard (unfortunately, I didn’t have a USB keyboard handy to see if that would work) – but only on a reboot. From a cold boot, the keyboard is apparently initialized differently and works fine.

TL;DR Version: If you use TrueCrypt to encrypt your System Drive and have Toshiba Laptop, don’t use the Fastboot option in BIOS or you will not be able to enter your bootloader password when you reboot and will be force to cold boot every time.

Cheat: How to get Custom Routes on Google Maps for Android

16. December 2010 · 3 comments · Categories: "It's a Feature", Android, Google, Hack, howto, Short · Tags: , ,

One of my few complaints about the Maps app on Android, even the newly released 5.0 version, is that if you use the Directions feature there is no Alternate Route option. There isn’t even an option to manually re-draw the route, or to enter a second destination like in the web version.

So I found myself faced with an issue – I was about to go on a fairly long trip, however I was planning on taking a route different from the one Google had suggested. While I could use the web version of Google Maps on my phone, I wanted to use the actual app. The solution, as it turns out, is very simple.

The trick is to set everything up on the web version of Maps first. This gets tricky, depending on how sever the changes to the route are. I my case, I only needed to drag one route marker to change the route to go where I wanted it. Here’s the before route, and the after (not my real start and destination, just an example).

So the cheat is actually very straight forward – after finalizing your route in web Maps, copy the link for the map (don’t use the address bar – use the Link button in the top-right corner of the map) and paste it in to a URL shortener like Is.Gd, then enter that URL on your Android phone. The browser will ask if you want to open the link in Maps or another program, so just choose maps and your custom route will appear, with full directions, right before your eyes.

Edit: I should clarify that Google Navigation for Android has a ‘Recalculate Route’ option, however if you aren’t planning on using it, or it isn’t available in your area, this is the solution.

Short: How to Lose a Sale and Alienate Potential Customers

10. December 2010 · 2 comments · Categories: Makes Sense, Non-Tech, Short · Tags: , , , ,

My day job has me doing a wide variety of tasks, from desktop publishing to web development to systems and network administration. Occasionally, I get called on by other managers to consult on projects they’re working on and review things from a technical perspective. It was on one of these consulting gigs where I came across the ultimate anti-sales-pitch.

The project itself was a type of community portal focused on local businesses, and had been in operation for a few months. Things were going swimmingly and the site was starting to take off with nearly a thousand local businesses registered. This got the attention of two local SEO (Search Engine Optimization) firms who desperately needed work (or at least, that’s how they ended up coming across). The salesman from the first firm was offensive to the point where the project manager simply refused to repeat the conversation they had and will only reference them by referring to them with a nickname. The second one, though, I got to hear the story of.

Mid-afternoon, the project manager gets a phone call from (as we’ll call her) Diane. Diane gets straight to the point. “I don’t want to offend you,” she starts, already oozing marketing slime through the phone, “but I don’t like your site. It’s going straight to search engine hell.”

Here’s a Pro Tip for those of you in the marketing/sales industry: If you have to start off by saying “I don’t mean to offend”, you’re going to, and the potential customer won’t appreciate it.

“See, when I search for <name of our region>, you’re nowhere near the first page on Google. With my help, you can be for local and global searches! I don’t know who made the site, but they screwed up, and we want the contract!”

Another Pro Tip: Research, research, research! The name of the developer is plastered all over the site, and was featured prominently during a news spot on the local news a few days prior, so if they had bothered to even look at the site they would have know who to call out. Secondly, had they bothered to look a little further in to the purpose of the site, they would have seen that global positioning of the site on search engines wouldn’t be a priority anyways, as the primary means of driving people to the site is via local advertising or by searching for keywords/the name of the business and the region, which already results in first-page rankings for the businesses in the directory.

The rest of the conversation went downhill from there. She attacked branding, overall design, and basically made an ass of herself. When the project manager finally got her off the phone and came to ask me if there was any merit to the criticisms. I did a quick review of the site, did some sample searches, and showed that the site lived up to all of the expectations and that the designers followed proper SEO techniques when building the site.

The SEO lady eventually sent a few followup emails which, thanks to her ‘marketing techniques’ were moved immediately to the trash.

So, for those of you who are tempted to start out a sales call by pointing out each-and-every flaw in the potential customers product: Stop. Don’t “don’t mean to offend”. And research. Then, if you are nice enough and craft your pitch well enough, you just may be able to skip the “???” step and jump right to “Profit!”.

Solution: Fonts Not Available in Adobe Products

05. November 2010 · Write a comment · Categories: howto, Short, Software, Troubleshooting, Windows · Tags: , , ,

Last month our in-house web-dev/graphic-designer moved across the country and I ended up taking over most of her responsibilities. This afternoon our General Manager asked me to put together a news paper ad, so I fired up Adobe Illustrator and grabbed a copy of our branding guide. After figuring out that I needed a few variants of Helvetica, I proceeded to hunt through the metric ton of fonts in Illustrators type menu, only to find all of my Helvetica fonts were missing.

Thinking this odd, I popped in to Microsoft Word and saw that yes, all of my fonts were there. Photoshop, though, wouldn’t show a number of them either. In fact, all of the missing fonts were Type 1.

As it turns out, Adobe doesn’t play nice with Type 1 fonts, and requires that you place them in following folder:

C:Program FilesCommon FilesAdobeFonts

Important: If you’re using a 64-bit version of Windows, place them in:

C:Program Files (x86)Common FilesAdobeFonts

Once you’ve copied the fonts to that folder (note that if you already have them in another folder, you can just add a shortcut to them instead), restart the Adobe product and it should show all of your fonts!

Short: Hide Twitter’s “Who To Follow” ‘Feature’

29. August 2010 · Write a comment · Categories: "It's a Feature", Short, Twitter · Tags: , ,

One of the reasons I deleted my Facebook accountTwitter Logo was because of all of the useless ‘features’ they threw in, one of which was a box suggesting who to be friends with. Well, Twitter recently added a similar feature called ‘Who To Follow” that suggest people you should follow based on people that are followed by the people you follow. Right.

Well, fortunately this ‘feature’ is easy to disable if you use Firefox or Google Chrome. Simply install the Adblock Plus extension for Firefox (or Adblock for Chrome), subscribe to a filter list, and then manually add the following filter:

twitter.com###wtf-inner

Done! No more “Who To Follow” box!

Hidden Messages in Twitter Trending Topics

23. August 2010 · Write a comment · Categories: Non-Tech, Short · Tags: ,

I’ve always suspected that there were hidden messages in Twitter’s trending topics, and today I found a perfect example via the Canadian trends:

Trending Topics

The order wasn't edited - only the boxes and snarky comments added.

« Older articles