Test Layout

Get-ADUser includes a -Filter parameter that lets you define queries for users with specific characteristics. Today I was trying to figure out how to filter for $null values.  Here is my example of why you might care to do this...... Let's say that in your organization, that you always set the Department attribute to match the department that users work in. This could be required for dynamic groups or address books. You've just created 100 new users, but forgot to configure the department. You need to make a query for all of the users without a department configured. My first attempt was this: Get-ADUser -Filter {company -eq $null} However, this generates an error. You can't use $null in a filter. What finally worked was this: Get-ADUser -Filter {company -notlike "*"} The gets a list of users where the company attribute is not like anything. I should also note that if you try to query for not equal (-ne) then it will skip $null values when comparing. The above exa...

The editions for Windows Server 2012 are a lot different than they were for Windows Server 2008. For mid-sized and larger organizations, there are only two editions. Standard Edition license. For up to 2 processors and two virtual machines. Datacenter Edition license. For up to 2 processors and unlimited virtual machines. The only difference between these two licenses is the number of virtual machines you can use the license on. There is no functional difference between Standard and Enterprise editions. Standard edition now includes features such as failover clustering that were previously included only in Enterprise and Datacenter editions. There are also no limitations on memory based on edition. So, if you are going to run Windows Server 2012 directly on hardware, there is no difference between Standard and Datacenter editions. So, it makes sense to use Standard edition. If you are going to run lots of VMs on a 4 processor server, then it probably makes sense to buy 2 Datacenter lic...

I've done lots of work with PST files in the past, but recently got caught by surprise when we imported PST files that had been used by IMAP accounts as part of a migration to Exchange Server 2010. When you import a PST from and IMAP account, there are special IMAP views applied to the folders that prevent cached mailboxes from working properly. Basically, the view prevents Outlook from properly determining the presence of new messages. We identified this problem because users started to complain about copying items into subfolders and the items were not appearing in the new folders. When we viewed the mailbox in OWA, we could see the items. If you view the properties of the folder in Outlook, on the General tab, it shows that the folder contains IMAP items The fix for this is to change the type of folder so that Outlook uses the correct view and synchronizes the folder properly. You need to edit the folder properties in the Exchange database by using ExFolders. The high level proc...

You can use the Exchange Management Console to view the build number for an Exchange 2010 server. This is visible in the Server Configuration node. Unfortunately, there is no easy pattern to know what service packs or rollup updates have been installed. Fortunately, a list of build numbers and the corresponding service packs and rollup updates is maintained in the Exchange Server documentation. Exchange Server Build Numbers and Release Dates http://technet.microsoft.com/library/hh135098.aspx  There is also a Technet Wiki article with similar information that seems to be updated a bit faster http://social.technet.microsoft.com/wiki/contents/articles/240.exchange-server-and-update-rollups-build-numbers-en-us.aspx

A Windows-based network with Active Directory relies on time synchronization to allow authentication between computers. All of the domain members must have their time reasonably close to the domain controllers to allow for authentication. In early versions of Active Directory the limit was 20 minutes. I believe it may have been changed to 5 minutes. In most cases, a domain joined computer is automatically configured to obtain time from the PDC emulator in the domain. This is generally desired and simple. You can verify this configuration by using: w32tm /query /status The value listed for Source will be the name of the PDC emulator. If it is configured to use static time sources instead of the PDC emulator, you can reset it to use the PDC emulator with the following: w32tm /config /syncfromflags:domhier /update The PDC emulator should be configured to use a reliable time source. In most cases, this will be an NTP time source on the Internet. The NTP Pool project provides a set of NTP s...