http://www.flobee.net/script-to-install-all-exchange-2010-prerequisites/

#Installs prerequisites necessary to install Exchange 2010 on
#Windows 2008 SP2 or Windows 2008 R2.
#Version 1.3
#Last modified: June 28, 2010
 
#Set installation source to same directory as script execution
$sourcePath = Split-Path -Parent $MyInvocation.MyCommand.Path
 
Write-Host 'Using ' -NoNewline
Write-Host $sourcePath -ForegroundColor DarkGreen -NoNewline
Write-Host ' as the installation source.'
 
# Detect correct OS here and exit if no match
if ((Get-WMIObject win32_OperatingSystem).Version -eq '6.1.7600')
    {$os = 'R2'}
elseif ((Get-WMIObject win32_OperatingSystem).Version -eq '6.0.6002')
    {$os = 'R1'}
else
    {
    Write-Host 'This script requires Windows Server 2008 with SP2, or R2, which this is not.' -ForegroundColor Red -BackgroundColor Black
    break
    }
 
#Installation files and properties (filename, shortname, displayname, download URL, size)
$fileWinRM = ('Windows6.0-KB968930-x64.msu','WinRM','Windows Remote Management Framework','http://download.microsoft.com/download/2/8/6/28686477-3242-4E96-9009-30B16BED89AF/Windows6.0-KB968930-x64.msu','14MB')
$fileNET35 = ('dotnetfx35.exe','.NET 3.5','.NET 3.5 SP1','http://download.microsoft.com/download/2/0/E/20E90413-712F-438C-988E-FDAA79A8AC3D/dotnetfx35.exe','235MB')
$fileNET35HF = ('NDP35SP1-KB958484-x64.exe','.NET 3.5 hotfix','.NET 3.5 hotfix','http://download.microsoft.com/download/B/4/2/B42197BD-AEE1-4FE6-8CB3-29D60D0C3727/Windows6.0-KB958483-x64.msu','1.4MB')
$fileOFP = ('2010FilterPack64bit.exe','Office 2010 Filter Pack','Office 2010/2007 Filter Pack','http://download.microsoft.com/download/0/A/2/0A28BBFA-CBFA-4C03-A739-30CCA5E21659/FilterPack64bit.exe','4MB')
 
Function InstallApp($app)
    {
    switch ($app)
        {
        'WinRM'
            {
            $appArray = $fileWinRM
            $kb = 'KB968930'
            }
        'NET35'
            {
            $appArray = $fileNET35
            $checkExpression = "test-path 'HKLM:Software\Microsoft\NET Framework Setup\NDP\v3.5'"
            }
        'NET35HF'
            {
            $appArray = $fileNET35HF
            $checkExpression = "test-path 'HKLM:SOFTWARE\Wow6432Node\Microsoft\Updates\Microsoft .NET Framework 3.5 SP1\SP1\KB958484'"
            }
        'OFP'
            {
            $appArray = $fileOFP
            $checkExpression = "test-path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\{95140000-2000-0409-1000-0000000FF1CE}'"
            }
        }
    trap
        {
        Write-Host ''
        Write-Host "There was a problem downloading or installing $($appArray[1])." -ForegroundColor Red
        Write-Host ''
        break
        }
    #Check for existing installation
    Write-Host "Verifying $($appArray[2]) is installed..." -NoNewline
    if ($app -eq 'WinRM')
        {
        $hfInst = Get-WMIObject Win32_QuickFixEngineering | where {$_.HotFixID -eq $kb}
        if ($hfInst)
            {
            $bInstalled = $true
            }
        else
            {
            $bInstalled = $false
            }
        }
    else
        {
        if (Invoke-Expression $checkExpression)
            {
            $bInstalled = $true
            }
        else
            {
            $bInstalled = $false
            }
        }
    if ($bInstalled)
        {
        Write-Host "$($appArray[2]) is installed." -ForegroundColor Green
        return
        }
    Write-Host "$($appArray[2]) is not installed." -ForegroundColor Red
    Write-Host "Installing $($appArray[2])..." -NoNewline
 
    #Install app:  Check for existing installation file.
    $fullPath = $sourcePath+"\$($appArray[0])"
    if (!(Test-Path $fullPath))
        {
        Write-Host ''
        Write-Host "$($appArray[0]) not found in source path." -ForegroundColor Yellow
        $dl = Read-Host "Do you want to download it now? ($($appArray[4]))(Y/N)"
        if ($dl -ne 'y')
            {
            Write-Host "You have chosen to not download the $($appArray[1]) installation file."
            Write-Host "Put $($appArray[0]) in the source directory and run the script again."
            break
            }
        else
            {
            Write-Host "Downloading $($appArray[1])..." -NoNewline
            $dlClient = New-Object System.Net.WebClient
            $dlClient.DownloadFile($appArray[3],$fullPath)
            if (!(Test-Path $fullPath))
                {
                Write-Host ''
                Write-Host "There was a problem downloading $($appArray[1])." -ForegroundColor Red
                Write-Host ''
                }
            else
                {
                Write-Host 'done.' -ForegroundColor Green
                }
            }
        }
 
    #Install app: Run installation.
    if ($app -eq 'WinRM')
        {
        $expression = "wusa $fullPath /quiet"
        Invoke-Expression $expression
        Write-Host 'External update process started...Be patient, it takes time.' -ForegroundColor Yellow
        Write-Host ''
        Write-Host 'When the WinRM installation is complete, the system will automatically reboot.'
        Write-Host 'Then you can rerun the script to continue.  This script will now end.'
        break
        }
    else
        {
        if ($app -eq 'NET35HF')
            {$arguments = '/passive /norestart'}
        else
            {$arguments = '/quiet /norestart'}
        $process = [System.Diagnostics.Process]::Start($fullPath,$arguments)
        $process.WaitForExit()
        Write-Host "$($appArray[1]) installation complete." -ForegroundColor Green
        }
    }  
 
Function InstallNET35()
    {
    InstallApp('NET35')
    InstallApp('NET35HF')
    }
 
Function SetTCPSharing()
    {
    trap
        {
        Write-Host ''
        Write-Host 'There was problem setting the NET TCP Port Sharing service to Automatic startup.' -ForegroundColor Red
        Write-Host 'The service must be set to Automatic for Exchange setup to be successful.' -ForegroundColor Red
        Write-Host ''
        return
        }
    #Set NETTCPPortSharing to Automatic
    Write-Host 'Configuring the NET TCP Port Sharing service...' -NoNewline
    Set-Service NetTcpPortSharing -StartupType Automatic
    Write-Host 'done.' -ForegroundColor Green
    }
 
Function EnableRemoting()
    {
    trap
        {
        Write-Host ''
        Write-Host 'There was problem configuring the system for remote PowerShell.' -ForegroundColor Red
        Write-Host ''
        return
        }
    #Enable Remote PowerShell for Exchange administration from workstations
    Write-Host 'Enabling system for remote PowerShell connections...'
    Enable-PSRemoting -force
    Write-Host 'Remote PowerShell configuration is done.' -ForegroundColor Green
    }
 
Function EnableFirewall()
    {
    trap
        {
        Write-Host ''
        Write-Host 'There was problem starting the Windows Firewall service.' -ForegroundColor Red
        Write-Host 'The firewall service must be running during Exchange setup.  It can be stopped after it completes.' -ForegroundColor Red
        Write-Host ''
        return
        }
    #Ensure Windows Firewall is running or Exchange install will fail
    Write-Host 'Starting the Windows Firewall service...' -NoNewline
    Set-Service 'MpsSvc' -StartupType Automatic -Status Running
    Write-Host 'done.' -ForegroundColor Green
    }
 
if ($os -eq 'R1')
    {
    $ht = '. ServerManagerCmd.exe -ip '+$sourcePath+'\Exchange-Hub.xml'
    $cas = '. ServerManagerCmd.exe -ip '+$sourcePath+'\Exchange-CAS.xml'
    $mbx = '. ServerManagerCmd.exe -ip '+$sourcePath+'\Exchange-MBX.xml'
    $um = '. ServerManagerCmd.exe -ip '+$sourcePath+'\Exchange-UM.xml'
    $edge = '. ServerManagerCmd.exe -ip '+$sourcePath+'\Exchange-Edge.xml'
    $typical = '. ServerManagerCmd.exe -ip '+$sourcePath+'\Exchange-Typical.xml'
    }
elseif ($os -eq 'R2')
    {
    $ht = 'Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server -restart'
    $cas = 'Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,NET-HTTP-Activation,RPC-Over-HTTP-Proxy -restart'
    $mbx = 'Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server -restart'
    $um = 'Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Desktop-Experience -restart'
    $edge = 'Add-WindowsFeature NET-Framework,RSAT-ADDS,ADLDS -restart'
    $typical = 'Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,NET-HTTP-Activation,RPC-Over-HTTP-Proxy -restart'
    Import-Module ServerManager
    }
$opt = 'None'
 
InstallApp('WinRM')
 
clear
if ($opt -ne 'None') {write-host 'Last command: '$opt -foregroundcolor Yellow}
write-host
write-host 'Exchange Server 2010 Prerequisites Installation'
write-host 'Please select which role you are going to install:'
write-host
write-host '1)  Hub Transport'
write-host '2)  Client Access Server'
write-host '3)  Mailbox'
write-host '4)  Unified Messaging'
write-host '5)  Edge Transport'
write-host '6)  Typical (CAS\HT\Mailbox)'
write-host '7)  Client Access and Hub Transport'
write-host
write-host '9)  Configure NetTCP Port Sharing service'
write-host '    Required for the Client Access Server role' -foregroundcolor yellow
write-host '    Automatically set for options 2,6, and 7' -foregroundcolor yellow
write-host '10) Install 2010 Office System Converter: Microsoft Filter Pack'
write-host '    Required if installing Hub Transport or Mailbox Server roles' -foregroundcolor yellow
write-host '    Automatically set for options 1,3,6, and 7' -foregroundcolor yellow
Write-Host '11) Enable PowerShell Remoting'
Write-Host '    Automatically set for options 1,2,3,4,6, and 7' -ForegroundColor Yellow
write-host
write-host '13) Restart the Server'
write-host '14) End'
write-host
Write-Host 'Note: Using ' -NoNewline
Write-Host $sourcePath -ForegroundColor DarkGreen -NoNewline
Write-Host ' as the installation source.'
$opt = Read-Host 'Select an option.. [1-14]? '
 
switch ($opt)
    {
    1{
        InstallNET35; InstallApp('OFP'); EnableFirewall; EnableRemoting
        Write-Host 'Beginning Windows components installation...'
        Invoke-Expression $ht
        }
    2{
        InstallNET35; EnableFirewall; EnableRemoting
        Write-Host 'Beginning Windows components installation...'
        Invoke-Expression $cas
        SetTCPSharing
        }
    3{
        InstallNET35; InstallApp('OFP'); EnableFirewall; EnableRemoting
        Write-Host 'Beginning Windows components installation...'
        Invoke-Expression $mbx
        }
    4{
        InstallNET35; EnableRemoting; EnableFirewall
        Write-Host 'Beginning Windows components installation...'
        Invoke-Expression $um
        }
    5{
        InstallNET35; EnableFirewall
        Write-Host 'Beginning Windows components installation...'
        Invoke-Expression $edge
        }
    6{
        InstallNET35; InstallApp('OFP'); EnableFirewall; EnableRemoting
        Write-Host 'Beginning Windows components installation...'
        Invoke-Expression $typical
        SetTCPSharing
        }
    7{
        InstallNET35; InstallApp('OFP'); EnableFirewall; EnableRemoting
        Write-Host 'Beginning Windows components installation...'
        Invoke-Expression $cas
        SetTCPSharing
        }
    9 { SetTCPSharing }
    10 { InstallApp('OFP') }
    11 { EnableRemoting }
    13 { Restart-Computer }
    14 {write-host 'Exiting...'}
    default {write-host "You haven't selected any of the available options."}
    }

The below script can be used to rename a computer and join it to a domain and specific OU without any reboots, except one reboot to complete the changes locally on the machine.

This script will popup a message box asking what you want to change the computer name to, then pop up message boxes with completed notifications or errors.

Be sure the change the domain, username and password at the top; as well change the OU further down, look for the comments in the code for where to change the information.

Const JOIN_DOMAIN = 1
Const ACCT_CREATE = 2
Const ACCT_DELETE = 4
Const WIN9X_UPGRADE = 16
Const DOMAIN_JOIN_IF_JOINED = 32
Const JOIN_UNSECURE = 64
Const MACHINE_PASSWORD_PASSED = 128
Const DEFERRED_SPN_SET = 256
Const INSTALL_INVOCATION = 262144
Dim message
Dim IP

'Change domain, username and password here
strDomain = "domain.com"
strUser = "usernamewithdomainprivs"
strPassword = "password"
 
Set objNetwork = CreateObject("WScript.Network")
strComputer = objNetwork.ComputerName
 
Set objWMIService = GetObject ("winmgmts:" & "!\" & strComputer & "rootcimv2")
Set colAdapters = objWMIService.ExecQuery ("Select * from Win32_NetworkAdapterConfiguration Where IPEnabled = True")

title = "Join computer to domain"
message = "Please enter computer name. Leave blank or press cancel to quit." & vbCrLf & vbCrLf & "Generated name: " & generatedName
newComputerName = InputBox(message, title)


If newComputerName = "" Then
    Wscript.quit
End If

areYousure = MsgBox("Are you sure you want t0 add computer to domain with name:" & vbCrLf & vbCrLf & newComputerName, vbYesNo + vbQuestion,"Add computer to domain")

If areYouSure = "7" Then
    MsgBox "Exiting script.",vbInformation
    Wscript.quit
End If 

Set objComputer = GetObject("winmgmts:{impersonationLevel=Impersonate}!\" & _
    strComputer & "rootcimv2:Win32_ComputerSystem.Name='" & _
        strComputer & "'")

'Change OU here (Default is "OU=Computers,DC=domain,DC=com")
ReturnValue = objComputer.JoinDomainOrWorkGroup(strDomain, strPassword, strDomain & "" & strUser, "OU=My Computers,OU=Computers,DC=domain,DC=com", _
        JOIN_DOMAIN + ACCT_CREATE)
        
If ReturnValue = 0 Then
    MsgBox "Computer added to domain under old name without error. proceeding to change computer name. "
Else
    MsgBox "Computer not added to domain successfully. Return value: " & ReturnValue
End If

strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\" & strComputer & "rootcimv2")

Set colComputers = objWMIService.ExecQuery _
    ("Select * from Win32_ComputerSystem")


For Each objComputer in colComputers
    MsgBox "About to rename computer to: " & newComputername
        ErrCode = objComputer.Rename(newComputerName, strPassword, strUser)
    If ErrCode = 0 Then
        MsgBox "Computer renamed correctly."
    Else
        MsgBox "Eror changing computer name. Error code: " & ErrCode
    End If

Next

After a bulk import of users I needed to set the displayname property for all 2k+ ad users based off the ad objects givenname and sn.

Add-PSSnapin Quest.ActiveRoles.ADManagement
Connect-QADService -Service "domain.com"

Get-QADUser -SizeLimit 0 -SearchRoot "domain.com/Users" | ForEach-Object{$_|Set-QADUser -DisplayName "$($_.givenname+' '+$_.sn)"}

Things Needed for Project:

GParted

Step 1: Donwload the GParted live CD

Step 2: Once GParted has finished booting, follow the steps in the picture down below.

1 – Click on “Resize/Move” and a new window will appear.
2 – Drag the right side of the partition bar to the left until the desired size is reached.
3 – Click on “Resize/Move” (the one on your current window)
4 – Click on “Apply” when done.

Operating System

Now that we have finished resizing our partition, let the computer boot so it can check the filesystem and fix any possible errors before we start to clone hard drive.

Clonezilla Backup

I am displaying detailed Clonezilla instructions because some people tend to panic when they  see text based menus.

Step 1: Download the Clonezilla Live CD and boot your computer with it, click on “Start_Cloenzilla” at the first screen of the wizard and click “Ok” to continue.

Step 2: Choose “Device-Image” and click “Ok“

Step 3: Choose “local-dev” and click “Ok“, make sure you have your USB external hard drive plugged in. If it was not, then plug it in now.

Step 4: Select you external hard drive from the list of available ones and click “Ok“

Step 5: Choose “top_directory_in_the_local_device“, this just means that you do not want to save your image inside any of the directories already created in the hard drive. Clonezilla will create a directory and store all image files there. Click “Ok“

Step 6: Select “saveparts” to save only the desired partition and not the entire drive. Click “Ok“

Step 7: Give the image a name and start cloning.

Clonezilla Restore

To restore the image, follow the same steps as in the “Clonezilla Backup” section in this tutorial and when you get to “step 6” select “restoreparts“, choose the hard drive image containing the partition you would like to restore and start the process.

I needed to enable LDAP over SSL (LDAPS) for some web apps I was writing for my local org.  I wanted to allow LDAPS not force it, so I was able to do it by completing the steps below.

• Setup Active Directory Certificate Services on a domain member server, not a DC.
• Open up the Server Manager and expand out to Roles -> Active Directory Certificate Services.
• Expand the tree till you see the Certificate Templates folder and look for the Domain Controller Authentication the default existing template.
• Then expand the CA server and check if its listed under its Certificate Templates folder as well. If the Domain Controller Authentication is listed in both places then it exists and is enabled. If it isn’t under the CA’s Folder then we need to enable the Domain Controller Authentication Certificate Template.
  • Right click Certificate Templates under the CA, Click New, then and Click Certificate Template to Issue. Select the Domain Controller Authentication and then click OK.

At this point you should be good to go and the CA should be setup and ready to do it’s thing.

Note: If you want to change how long the certificate is valid for or other values. You can edit the template before we enroll the Domain Controllers.

Obtain the “Domain Controller Authentication” Certificate on the Domain Controller

We need to enroll our Domain Controllers with the CA to obtain the new Domain Controller Authentication certificate. This will have to be configured on all of the Domain Controllers. But to start should tested on just one of them before continuing to configure it on all of them.

• Login into the Domain Controller you want to test the LDAP over SSL.
• Open a command prompt as an administrator. To open a command prompt as an administrator, click Start. In Start Search, type Command Prompt. At the top of the Start menu, right-click Command Prompt, and then click Run as administrator. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
• To open Microsoft Management Console (MMC), type mmc, and then press ENTER.
• Click File, click Add/Remove Snap-in, select Certificates from the available snap-ins, and then click Add.
• In the Certificates snap-in, click Computer Account, and then click Next.
• In the Select Computer, click Local Computer, and then click Finish and then OK.
• In the console tree, expand Certificates – Local Computer, expand Personal, and then expand Certificates.

Note: Trying to do this on a remote computers Cert store didn’t work as the options to enroll wasn’t there.

• Right Click and choose All Task, Click Request New Certificate. A Before You Begin window will prompt you. Click Next.
• Check Domain Controller and Domain Controller Authentication and click Next.
• In the Certificate Enrollment, a status window should show the Domain controller enrolling and then Status: Succeeded. Click Finish.

To test that LDAPS is working, follow these steps:

• Open the Ldp snap-in. To open Ldp, click Start. In Start Search, type ldp. Right-click the Ldp icon on the Start menu, and then click Run as administrator. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Yes.
• Click the Ldp Connection menu, and then click Connect. In Server, type the host name of the server to which you want to connect. Ensure that Port is set to 636, the Connectionless check box is cleared, and the SSL check box is selected, and then click OK. If you receive a message that says “Cannot open connection,” LDAP-over-SSL binding is not configured properly.
• Click the Connection menu, click Bind, and then click OK.
• The command output should display the user name and domain name that you used for binding, if LDAP over SSL is configured properly.

First, create a large empty file:

sudo dd if=/dev/zero of=/swap_file bs=1M count=1000

Replace 1000 with the size of the swap file desired, in MB. You can also put the swap_file in a different location if desired.

Next, we’ll secure the swapspace, so ordinary users cannot read the contents (potential security breach):

sudo chown root:root /swap_file

sudo chmod 600 /swap_file

Then, turn it into swap space:

sudo mkswap /swap_file

Next, turn it on:

sudo swapon /swap_file

To make it turn on at every bootup, open up /etc/fstab:

sudo nano /etc/fstab

Add this line to the end of the file:

/swap_file       none            swap    sw              0       0

In some of my previous posts I talk about logging user events such as logon and logoff to a database for history and an archive.

Below are very basic examples of a working VB Script that can be run via logon and logoff user GPO policies that simply gets some variables and passes them to a php page residing on a local web server via GET parameters.  The php script takes those GET parameters and writes them to a mysql DB.  This method is simple, effective and allows you to do whatever you want with your data.

PHP

<html>
<head>
<title>User Log Audit</title>
</head>
<body>
<?php

error_reporting(E_ALL);

$dbhostname = "1.1.1.1";
$dbdatabase = "db";
$dbusername = "un";
$dbpassword = "pass";

$conn = mysql_connect($dbhostname, $dbusername, $dbpassword) or die('Error connecting to database');
$db = mysql_select_db($dbdatabase, $conn) or die('Error connecting to defined database');

if(isset($_GET['submit']))
{
	if(!isset($_GET['u']) or !isset($_GET['c']) or !isset($_GET['e']))
	{
		die('u,c or e not set');
	}
	else
	{
		if(strlen($_GET['u']) <= 0 or strlen($_GET['c']) <= 0 or strlen($_GET['e']) <= 0)
		{
			die('u,c or e strlen<=0');
		}
		else
		{
			$username	=	$_GET['u'];
			$ip			=	$_GET['i'];
			$computer	=	$_GET['c'];
			$event		=	$_GET['e'];
	
			$iquery = "INSERT INTO auditlog (username, date, time, ip, computer, event) 
						VALUES (
						'".mysql_real_escape_string($username)."',
						CURDATE(),
						CURTIME(),
						'".mysql_real_escape_string($ip)."',
						'".mysql_real_escape_string($computer)."',
						'".mysql_real_escape_string($event)."'
						)";
			mysql_query($iquery, $conn) or die(mysql_error());
			exit;
		}
	}
}
else
{
	if(isset($_POST['submit']))
	{
		if(strlen($_POST['subusername']) > 0)
		{
			$subusername = "username = '".$_POST['subusername']."' ";
		}
		else
		{
			$subusername = null;
		}
		
		if(strlen($_POST['subcomp']) > 0)
		{
			if($subusername == null)
			{
				$subcomputer = "computer = '".$_POST['subcomp']."' ";
			}
			else
			{
				$subcomputer = "AND computer = '".$_POST['subcomp']."' ";
			}
		}
		else
		{
			$subcomputer = null;
		}

		if(strlen($_POST['subdate']) > 0)
		{
			if($subcomputer == null and $subusername == null)
			{
				$subdate = "date = '".$_POST['subdate']."' ";
			}
			else
			{
				$subdate = "AND date = '".$_POST['subdate']."' ";
			}
		}
		else
		{
			$subdate = null;
		}
		
		if(isset($_POST['event']))
		{
			$subevent = "AND event = '".$_POST['event']."' ";
		}
		else
		{
			$subevent = null;
		}
		
		if($subusername == null and $subcomputer == null and $subdate == null)
		{
			if($subevent == null)
			{
				$query = "SELECT * FROM auditlog ORDER BY date, time ASC" or die('Error: '.mysql_error());
			}
			else
			{
				$query = "SELECT * FROM auditlog WHERE event = '".$_POST['event']."' ORDER BY date, time ASC" or die('Error '.mysql_error());
			}
		}
		else
		{
			$query = "SELECT * FROM auditlog WHERE ".$subusername.$subcomputer.$subdate.$subevent."ORDER BY date, time ASC" or die('Error '.mysql_error());
		}
	}	
	else
	{
		$query = "SELECT * FROM auditlog ORDER BY date, time ASC" or die('Error: '.mysql_error());
	}
	$res = mysql_query($query, $conn);

	if(mysql_num_rows($res) > 0)
	{
?>
		<a href="index.php">No Filter</a>
		
		<br /><br />
		
		<b>Filter by username(eg. username):</b><br />
		<form method="post" action="<?php $_SERVER['PHP_SELF']; ?>">
			<?php if(isset($_POST['subusername']) and strlen($_POST['subusername']) > 0){$unv = $_POST['subusername'];}else{$unv = null;} ?>
			<input type="text" size="40" value="<?php echo $unv; ?>" name="subusername" maxlength="80" />
		<br />
		<b>Filter by computer (eg. pc01):</b><br />
			<?php if(isset($_POST['subcomp']) and strlen($_POST['subcomp']) > 0){$unv = $_POST['subcomp'];}else{$unv = null;} ?>
			<input type="text" size="40" value="<?php echo $unv; ?>" name="subcomp" maxlength="80" />
		<br />
		<b>Filter by date(yyyy-mm-dd):</b><br />
			<?php if(isset($_POST['subdate']) and strlen($_POST['subdate']) > 0){$unv = $_POST['subdate'];}else{$unv = null;} ?>
			<input type="text" size="40" value="<?php echo $unv; ?>" name="subdate" maxlength="80" />
			<br />
			<input type="radio" name="event" value="logon" <?php if(isset($_POST['event']) and $_POST['event'] == "logon"){echo "checked";} ?> />Logon Only
			<br />
			<input type="radio" name="event" value="logoff" <?php if(isset($_POST['event']) and $_POST['event'] == "logoff"){echo "checked";} ?> />Logoff Only
			<br />
			<input name="submit" type="submit" value="Submit" />
		</form>				
		<?php echo "<b>QUERY:</b> ".$query; ?>
		<br /><br />
		
		<table border="1">
		<thead>
		<tr>					
			<th>Username</th>
			<th>Date</th>
			<th>Time</th>
			<th>IP</th>
			<th>Computer</th>
			<th>Event</th>
		</tr>
		</thead>
		<tbody>
		
<?php
		while ($list = mysql_fetch_assoc($res))
		{
			echo "<tr>
				<td>".$list['username']."</td>
				<td>".$list['date']."</td>
				<td>".$list['time']."</td>
				<td>".$list['ip']."</td>
				<td>".$list['computer']."</td>
				<td>".$list['event']."</td>		
			</tr>";
		}
	}
	else 
	{
		echo $query;
		echo "<br />No results.";
	}
}
?>
	</tbody>
	</table>		
</body>
</html>

VBS

On Error Resume Next

Set WshShell = CreateObject("WScript.Shell")
Set objExplorer = CreateObject("InternetExplorer.Application")
Set WshNetwork = CreateObject("WScript.Network")

strUN = WshNetwork.UserName
strCOMPUTER = WshNetwork.ComputerName

strcomputer2="."
Set objWMIService = GetObject("winmgmts:" & strComputer2 & "rootcimv2")
 
Set colItems = objWMIService.ExecQuery("select * from win32_networkadapterconfiguration WHERE IPEnabled='TRUE' " _
   & "AND ServiceName<>'AsyncMac' " _ 
   & "AND ServiceName<>'VMnetx' " _
   & "AND ServiceName<>'VMnetadapter' " _
   & "AND ServiceName<>'Rasl2tp' " _
   & "AND ServiceName<>'msloop' " _ 
   & "AND ServiceName<>'PptpMiniport' " _ 
   & "AND ServiceName<>'Raspti' " _
   & "AND ServiceName<>'NDISWan' " _
   & "AND ServiceName<>'NdisWan4' " _ 
   & "AND ServiceName<>'RasPppoe' " _
   & "AND ServiceName<>'NdisIP' " _ 
   & "AND ServiceName<>'' " _ 
   & "AND Description<>'PPP Adapter.'",,48)
 
For Each objItem in colItems
   count_all = count_all + 1
 
   if objItem.IPAddress(0) <> "0.0.0.0" then
     count = count + 1
     if count = 1 then
        net_ip_address = objItem.IPAddress(0)
        'objOutputFile.WriteLine date & " " & time & " IP: " & net_ip_address
        net_mac_address = objItem.MACAddress
     end if
   end if
next

strIP = net_ip_address

objExplorer.Navigate "http://site.com?submit&u=" & strUN & "&i=" & strIP & "&c=" & strCOMPUTER & "&e=LOGON"
objExplorer.Visible = False

Do While objExplorer.Busy Or (objExplorer.READYSTATE<> 4)
	WScript.Sleep 100
Loop

objExplorer.Quit

So basically I was looking for a simple yet effective way to find what computer a user is logged into.  Now theres tons of ways this can be done, in one of my previous posts I describe a way to do it with a MySQL DB and some other trickery which works but is not reliable especially with the MySQL DSN installation via GPO.  Using a DB is great because then you have a log, using something similar to the MySQL DB method I have done is instead of having the script write to the DB, simply have the script call a php page and pass params to it via GET or POST and then the php script can write to the DB, would work much better.

Theres also things like True Last Login and the built in auditing in Windows Server which logs to the Security event viewer and that can be parsed using custom views in event viewer.

One of the things I do now is have a script run at user logon via GPO that writes the date, time, username and current ip to the AD computer objects’ description.  This requires creating a custom delegation for computer objects to allow authenticated user to write description which is not an issue in my org.  Works well, gives a quick and filter/sortable view for current information but provides not history or logging; thats where something like a script that runs at user logon that calls a php page and passes params to it and that writes to a DB.

On Error Resume Next

Set objSysInfo = CreateObject("ADSystemInfo") 'Bind to AD
Set objNet = CreateObject("WScript.Network")

strCompDN = objSysInfo.ComputerName 'DN for computer, e.g. "CN=VISTAWORKSTATION,OU=Child OU Name,OU=Parent OU Name,DC=domain,DC=com"
Set objComp = GetObject("LDAP://" & strCompDN) 'IADsComputer object

strUserDN = objSysInfo.UserName 'DN for user, e.g. "CN=John Smith,OU=Child OU Name,OU=Parent OU Name,DC=domain,DC=com"
Set objUser = GetObject("LDAP://" & strUserDN) 'IADsUser object

strUsrLogin = LCase(objNet.UserName)

strNow = Now
strDateStamp = DatePart("yyyy",strNow) & _
    Right("0" & DatePart("m",strNow), 2) & _
    Right("0" & DatePart("d",strNow), 2) & _
    "@" & _
    Right("0" & DatePart("h",strNow), 2) & _
    Right("0" & DatePart("n",strNow), 2)

'RegExp object used to perform a simple match on IP address
Set objRE = New RegExp
objRE.IgnoreCase = True
'Note this regexp pattern isn't "correct" for matching an IPv4 address properly, but since WMI will return an
'array of IP addresses, this is sufficient to distinguish IPv4 vs IPv6
objRE.Pattern = "^d+.d+.d+.d+$"

strIP = ""

'Connect to WMI and retreive all network adapters
Set objWMI = GetObject("winmgmts:")
Set colNICs = objWMI.ExecQuery("SELECT * FROM Win32_NetworkAdapterConfiguration")

'Get the IP(s) assigned to whichever network adapter has our default gateway
If colNICs.Count > 0 Then
    For Each objNIC in colNICs
    	If IsArray(objNIC.DefaultIPGateway) Then
    		arrIP = objNIC.IPAddress
    		For i = 0 To UBound(arrip)
    			If objRE.Test(arrIP(i)) Then strIP = strIP & " " & arrIP(i)
    		Next
    		strMAC = objNIC.MACAddress
    	End If	
    Next
End If

strIP = Trim(strIP)

objComp.Description = strDateStamp & " " & strUsrLogin & " " & strIP
objComp.Put "extensionAttribute1", strUsrLogin
objComp.Put "extensionAttribute2", strIP
objComp.Put "extensionAttribute3", strMAC

objComp.SetInfo

So recently I needed to remove MSSE from our entire organization to deploy a real solution.  Instead of touching EVERY computer, and since it was installed manually I could not use software deployment via GPO, I created a vbs script to run at user logon to uninstall silently.

Prior to V2 of MSSE the program file is “Microsoft Security Essentials” where as in V2 is “Microsoft Security Client” so the script can be easily modified for either or simple checking for one or the other ect, I just didn’t need that.

On Error Resume Next

Dim objShell
Set objShell = WScript.CreateObject ("WScript.shell")

objShell.run """%ProgramFiles%/Microsoft Security Essentials/setup.exe""" & "/x /s"

Set objShell = Nothing

Microsoft Exchange couldn’t find a certificate that contains the domain name mail.domainname.com in the personal store on the local computer. Therefore, it is unable to offer the STARTTLS SMTP verb for any connector with a FQDN parameter of mail.domainname.com. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for every connector FQDN.

This issue is typically just a simple certificate mismatch, often caused by the EMC itself when setting external domain names for services or when changing certificated on your Exchange server.  The way to fix this is to ensure you have a proper certificate on your Exchange server and then run the following powershell command using the EMS (Exchange Management Shell):

get-ExchangeCertificate

Copy down the thumbprint from the output of the above command, and then run the next command and substitute in your thumbprint for your cert:

Enable-ExchangeCertificate -Thumbprint 2afd26617915932ad096c48eb3b847fc7457662 -Services "SMTP"