Moving FSMO Roles with Powershell

Another article about a command that I can never remember the syntax when I need it.

The information here is from: https://social.technet.microsoft.com/wiki/contents/articles/6736.move-transfering-or-seizing-fsmo-roles-with-ad-powershell-command-to-another-domain-controller.aspx

To transfer all roles use:

Move-ADDirectoryServerOperationMasterRole -Identity “Target-DC” -OperationMasterRole SchemaMaster,RIDMaster,InfrastructureMaster,DomainNamingMaster,PDCEmulator

To seize the roles append -Force.

You can also substitute the role names with numbers, making a more manageable:

Move-ADDirectoryServerOperationMasterRole -Identity “Target-DC” -OperationMasterRole 0,1,2,3,4 -Force

Much easier to remember than trying to remember which bit of the gui does which role.

Older servers use ntdsutil.exe:

https://support.microsoft.com/en-gb/help/255504/using-ntdsutil.exe-to-transfer-or-seize-fsmo-roles-to-a-domain-controller

Gamma SIP Trunks on 3CX

Love using Gamma SIP trunks on 3CX, but it does annoy me that the built in SIP provisioning template doesn’t work well out to the box. I’m probably being finickity, but it would be nice if the templates just asked you what they need to work and put it where it should be.

So here is how we set up Gamma trunks.

3CX Gamma SIP trunk settings
3CX Gamma SIP trunk settings

First part is done for you out of the template. Use the Registrar server from the SBC section on the Gamma portal. They do have several, so don’t assume all your clients are the same.

3CX SIP trunk Authentication settings
3CX SIP trunk Authentication settings

Note format of Authentication ID. This is the main number that Gamma assign to the SIP trunk. We use E.164 format, not sure if changing that would change the format of this. Gamma authenticate using IP, but still need this to be correct.

3CX SIP Trunk Routing
3CX SIP Trunk Routing

Main trunk number is the main CLI that Gamma have given you routing is obviously your own.

SIP trunk default Caller ID
SIP trunk default Caller ID

We use CLI Flexibilty on most of our Gamma trunks which allows us to define the outgoing CLI that we present. Useful if, like us, you are using a non-geographic number, or are migrating to Gamma and want to use your existing numbers whilst they port.

We define our default caller ID here. This is the default, you can define individual ones under a users extension settings.

P-Asserted Identity settings in Outbound Parameters
P-Asserted Identity settings in Outbound Parameters

I’ve truncated most of the image because the template is correct, but to use CLI Flexibility you have to present a P-Asserted Identity to Gamma. This passes your authentication DDI as the From part of the SIP conversation will show the CLI you set above.

This is on 3CX v15, but the settings are the same for previous versions.

http://www.gamma.co.uk/partners/

3CX Logo

Using subst to map a drive to help restore from a volume shadow copy

I needed to copy only missing files from a volume shadow copy back to a clients share after clearing out crypto malware encrypted files, and I found a new favourite command:
subst drive1: drive2:path
Substitutes a path for a drive letter, for example:
subst x: c:\users\adam\desktop

maps x: to my desktop in my profile.

Where this came in particular handy for me we using robocopy to restore files an folders out of a volume shadow copy (previous version).

I wanted to run robocopy a: b: /xc /xn /xo /s which only copies missing files, and does not copy existing files – regardless of age or difference, to extract missing files from the shadow copy.

So first I found the path to the file by right clicking on a file in the shadow copy and copying the location then running subst:

subst x: "\\localhost\C$\@GMT-2016.10.24-14.01.30\Server Shares\Company"

I could then run my robocopy from the x: drive.

Finished off with subst x: /d to remove the drive mapping.

Useful write up here:

https://chaoliu12.wordpress.com/2013/02/11/restore-files-from-shadow-copy/

And subst technet article here:

https://technet.microsoft.com/en-gb/library/bb491006.aspx

User Shell Folders location in the registry

I’m always having to look this up, for some reason the registry location just doesn’t stick in my head.

User Shell Folders (i.e. My Documents, Desktop, Favorites):

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders

Useful if you want to know if Folder Redirection is working.

Extracting useful user information from Exchange 2010 with Powershell

Finishing a migration to Office 365 and want to send the client a list of remaining user mailboxes that need moving (or deleting!).

get-mailbox and get-mailboxstatistics both have their uses, but I really needed to use something that combined them both.

I found the solution at https://www.experts-exchange.com/questions/28399371/Combining-Get-Mail-Get-Mailboxstatistics-To-Pull-UsageLocation-LastLogonTime.html

And adapted it to my own means:

Get-Mailbox -ResultSize Unlimited | sort-object | Select-Object Name, primarysmtpaddress, @{n="Mailbox Size";e = {$MBXstat = Get-MailboxStatistics $_.name; $MBXstat.TotalItemSize}}, @{n="LastLogonTime";e = {$MBXstat = Get-MailboxStatistics $_.name; $MBXstat.LastLogonTime}} | Export-Csv C:\temp\LastLogonTime.csv

This outputs the User name, Primary SMTP Address from get-mailbox and Mailbox size (formatted to MB) and last logon time from get-mailboxstatistics.

Port forwarding on a Yamaha NVR500 Router in Japanese

Recently had to set up port forwarding on a Yamaha NVR500 router in Japan (the router was in Japan, I was not!).

Google Translate was definitely my friend, as was http://alex.goodchilduk.com/2012/04/05/port-forwarding-on-a-yamaha-nvr500-for-ssh/ which pointed me in the right direction.

 

Capture1

 

Find the Advanced options and Advanced Settings and Information – detailed setting of the basic connection.

Capture2

You can either set basic port forwards, or as I have here used a DMZ host to forward everything to the Sonicwall behind it.

The button with Japanese characters on is the OK button. Router did reboot, or at least re-connect its internet connection, as I was kicked off, but it reconnected pretty quickly.

Reconnecting an Office 365 mailbox with an on-premise user

Hybrid Office 365 setup. User account is created on-premise, AD is synced, and then the user is licenced as an Office 365 user. Exchange won’t create the Remote User forwarder, so the user will only receive email from Office 365 (and external if the MX record has been switched to Office 365).

You can join the account up with the command:

Enable-RemoteMailbox Username -RemoteRoutingAddress “username@tennent.mail.onmicrosoft.com”

That will create the Remote Mailbox on Exchange with the forwarder email address.