Zum Inhalt

Kategorie: Scripting

PHP LDAP Pagination (Solution for PHP5.4+)

Because Active Directory restricts returning all results fetched by LDAP Query, I found a solution to get around this problem, without changing anything in Active Directory.

The root cause for this problem is: AD has a pagesize limit for returning elements through LDAP (default is 1000). As every good Admin / Dev knows, systemwide hardlimits should not be changed by a client system, which sends requests, because this could end up in hugh desaster. Why? Because everyone would set these limits as high as he can to prevent his software from crashing itself (better burn server cpu)

That means, we can’t set any pagelimit in PHP above the pagelimit from the server. What we need to do is to iterate through all results, check if there are more pages left and start another request until we fetched everything.

There are two functions we need to focus on. ldap_control_paged_result and ldap_control_paged_result_response

The first function enables the pagination for the current connection. The second function retrieves the information if more paged data is available (more than 1000 results). After we put everything together, we have something like that:

Weiterlesen PHP LDAP Pagination (Solution for PHP5.4+)

Powershell – Script automation with jobs (AD Quota)

After working a while with Powershell and doing some time expensive jobs like getting the quota of all Microsoft servers I came to the point when i was looking for some parallelisation in Powershell. My problem was the quota script, that executes the following command for each file server:

Actually we have a couple of servers and need to get the quota from all servers to calculate the file system usage and built a daily statistic. The first script collected the data from each server. Since this is a boring job, because reading a file stream and writing it to a local file is really boring, even for a computer. I wanted to accelerate this step. So i got in touch with Powershell and jobs. Jobs are (dont kill me) distantly related with multithreading in .NET. Indeed, multithreading in .NET has many more advantages and features than in powershell, but as a beginner (some years ago 🙂 ) in development i didn’t do anything more than just starting threads and wait until they are finished (Yep, invokation was a foreign concept to me). So this relation is not so far out. Anyway, jobs do a great job if you…

Weiterlesen Powershell – Script automation with jobs (AD Quota)

Powershell – Colorize string output with colorvariables in the output string

The other day I saw a script output that was colored with magenta. I was a bit impressed by the readability of the output messages. As I looked to the source code I saw something (ugly) like:

The output looked like: The Output is not so bad, but the effort is enormous. I came to the idea to encode the colorsettings within the output string. So I ended up with the following Script:

Now it’s possible to use a single string to encode the color by seperating each color with a hashtag (#). Here is an example: The syntax is very simple. Choose a color for the next characters and put it into hashtags (#). To stop coloring the characters just put another hashtag behind the colored characters to reset the foreground color to its default.

If you want to use any other charater, or command for the coloring, just replace the hashtag of the split function in line 20 with your character/command. I think this is a usefull function, because script output is often needed and coloring the important parts of the output is sometimes very helpful 🙂 Edit: I edited the script to work even…

Weiterlesen Powershell – Colorize string output with colorvariables in the output string

Powershell – Rename domain computer remotely (within an active directory domain as well)

I wanted to rename a couple of computers within our active directory. After some research i figured out thats it seems to be nearly impossible to rename a computer by just touching one object: the ad computer object, or the computer (client) itself. My first thought was „ok, you have to rename both objects, rejoin the computer and hope everything works“. But that’s no solution, that makes me happy, because the more steps you do, the more problems can occure. For examples, what happens if the computer has to reboot, after renaming to get correct rejoined? Do i have to create a local admin account at the clientside to have permissions after the computer lost his connection to ad? And so on… I played around, renamed the ad object, rebooted it – negative, the computer has to be joined again. After that i tried it the „bottom up“ way by renaming the computer by hand, and rebooted it instantly. While the computer was shutting down i noticed, that the computerobject in active directory was renamed before the computer was finished with its shutdown process. So i tried this several times and every time the ad computerobject was renamed properly. YAY!…

Weiterlesen Powershell – Rename domain computer remotely (within an active directory domain as well)

Powershell – SCCM – Readvertise a previously installed softwarepackage remotly (not from console)

Ever came to the situation, that you have to rerun an advertisement on a computer after a failed installation with SCCM? This could happen if you want to install flashplayer or adobe acrobat or some kind of software that is frequently used by the user. We had problems on installing software while wsus was installing its updates and the msi installer said „Hmm… perhaps, another installation is running already, so I cant do anything for you (BLAME!), sorry“. I hate this message, because its a pain in the ass to readvertise these failed softwarepackages on a single computer. As some posts earlier mentioned, I am writing an administration webapplication to administrate our environment. This includes softwaredeployment too. We address our softwarepackages by Active Directory groups. Every time we create a new softwarepackage, we create a seperate computer collection in SCCM and link it to a newly created ad group. Every member of this ad group (computers for instance) gets the linked software by SCCM. While it’s a bit difficult to get some automation into the readvertisement with all these groups and links, we wrote a script, that is triggered by my webgui and does this job on the client computer…

Weiterlesen Powershell – SCCM – Readvertise a previously installed softwarepackage remotly (not from console)