May 08

Powershell – Check All Group Objects for Managed by Update Check Box

I am using the Quest AD tools but the qad commands could be changed to use the native AD commands. This was created to look for the checkbox in Active Directory Users and Computers named: Manager Can Update Membership List just under the managed by on the group object.

$file = “C:\Workspace\groupslist.txt”
$groups = Get-qADGroup * -sizelimit 0
foreach ($item in $groups)
write-host “Checking AD Group: “$
if ($item.ManagedBy -ne $null) {
$check = Get-qadpermission $item -rights WriteProperty -account $item.ManagedBy -SchemaDefault
$fullline = ($ + “|” + $check.rights + “|” + $item.ManagedBy + “|” + $item.GroupType + “|” + $item.Description )
Add-Content $file $fullline

Apr 30

VGX.DLL Unregister Workaround for SCCM(2963983)

I am sure by now most people have heard of the IE all version vulnerability.   If you have not spend some time here.  Word on the street is the fix may not be around for several months so a workaround is in order.  I did not want to disable Flash(how would users waste time all day), so the next best thing is unregistering the VGX.DLL.   I put together a quick VBscript that can be imported into SCCM(all versions) and deployed to all Windows versions Servers/Workstations.    I know MS recommends doing this through GPO but I want some reporting on the change and have the ability to re-trigger on my schedule.

On a 64bit Windows OS the script unregisters the 32bit and 64bit VGX.dll.

On a 32bit Windows OS the script unregisters the 32bit VGX.dll.

The script can be run on all Windows systems in your environment, so far I have tested on 2008,2008r2,2003 and Windows 7.

Apr 25

Powershell Check-Service

Syntax: Check-service computername

I use this function to check all services on a machines for start state and if they are running.   Get-service does not include startmode so I need to get -wmiobject of each service first.    If the state is set to auto and the service is not running the script will prompt to start the service.   I put this in my $profile so if is already ready to go.    Enjoy

Apr 10

HeartBleed: List of services that were compromised and patched

So check this list, if you use a service and they have patched change your password. If they have not patched yet check back each day and change when they have. For the non-technical people that read my stuff it is simply boiled down to this. If you use these sites and they were vulnerable your password has been compromised, change it when they patch. If you have any questions let me know.

Sites and Status(Start Here!):

Here is a list of the top 1000 sites and if they were impacted:


Apr 03

Find disabled users with User folders still on network share

The purpose of this command is to find user folders on a network share that have most likely left the company.

This assumes the folder name = the users logon name