Being the proactive kind of administrator, I created a great VB script that goes through my OUs and marks computer that haven't updated their password as disabled, and modifies the description of of the computer to show why it was disabled (Disabled after 90 days of inactivity.) The goal was to cleanup stale computer accounts, and it worked spledlidly.
Fast forward about a year, it's time to run the script again. This time around we've joined about 25 OS X 10.4 clients to Active Directory. The script disabled every, single, 10.4 computer object. Picture me pulling my hair out. Somewhere in the back of my mind I remember something:
Tiger (10.4) doesn't update it's computer password in AD, but Apple fixed this in Leopard (10.5).
Yeah I knew it, but slipped my mind completely. Argh. Eenable the accounts in ADUC and removed the scripts comments and all is fine.
Possible work around using Samba's net use command to update the password periodically. Need to try it on a test computer one of these days. Or just upgrade all the clients to Leopard, but that costs money.
Monday, March 9, 2009
Monday, September 29, 2008
VirtualBox on OS X 10.5
My wife fell asleep during Heros tonight as she missed most of Season 2 and had no clue what's going on. Not even a handful of episodes are available on NBC.com and Hulu.com, but all are available via Netflix's watch instantly service, but despite rumors as far back as last year Netflix doesn't offer Mac support.
I remembered reading that the Netflix player worked in VMWare and Parrallels on a Mac, but if I was going to pay $80 for one of these products just to watch a few instant movies, I may as well Roku Netflix Player for $100.
Instead of spending money (leveraging a MSDN subscription for the Windows OS) I downloaded VirtualBox for Mac OS. After a couple hours of installing and patching, I had Windows XP Pro ready to go in VirtualBox. The result: really close. Playing a watch instantly movie on a 2.4 GHz MacBook looks fine. So far so good, but how about going full screen mode? First VirtualBox went full screen, and then I started a new a new Netflix movie and entered full screen mode on teh Netflix player. The video playback was noticably pixilated and choppy.
Well it was worth a shot and now I have a functional Windows XP virtual machine on the MacBook to play with...
I remembered reading that the Netflix player worked in VMWare and Parrallels on a Mac, but if I was going to pay $80 for one of these products just to watch a few instant movies, I may as well Roku Netflix Player for $100.
Instead of spending money (leveraging a MSDN subscription for the Windows OS) I downloaded VirtualBox for Mac OS. After a couple hours of installing and patching, I had Windows XP Pro ready to go in VirtualBox. The result: really close. Playing a watch instantly movie on a 2.4 GHz MacBook looks fine. So far so good, but how about going full screen mode? First VirtualBox went full screen, and then I started a new a new Netflix movie and entered full screen mode on teh Netflix player. The video playback was noticably pixilated and choppy.
Well it was worth a shot and now I have a functional Windows XP virtual machine on the MacBook to play with...
Wednesday, May 28, 2008
Taking over the world
People worry about computers becoming really smart and taking over the world. The reality is computers are really stupid and they already have taken over the world.
Tuesday, April 29, 2008
Microsoft releases the long-anticipated Windows XP SP3
Microsoft has officially announced the availability of Service Pack 3 for Windows XP. Computer Administrators around the world breath a sigh of relief. Now get to it and update those installation images!
read more | digg story
read more | digg story
Friday, April 25, 2008
Windows XP Service Pack 3 Released to Manufacturing
According to Chris Keroack on the Microsoft TechNet forums Windows XP Service Pack 3 was Released to Manufacturing 21 Apr 21, 2008.
It appears that SP3 will be released for download on April 29th via Windows Update and the Microsoft Download Center. Automatic Update distribution for home users is set to begin in early summer.
Great news. A freshly imaged Windows XP SP2 computer is currently installing 92 updates from the internal WSUS servers. SP3 is just in time for a large roll out of new computers around here.
It appears that SP3 will be released for download on April 29th via Windows Update and the Microsoft Download Center. Automatic Update distribution for home users is set to begin in early summer.
Great news. A freshly imaged Windows XP SP2 computer is currently installing 92 updates from the internal WSUS servers. SP3 is just in time for a large roll out of new computers around here.
Friday, March 7, 2008
If you can't afford to loose it back it up.
I don't remember where I found this little adaptation of "If You're Happy and You Know It," but I never forgot it after reading or hearing it for the first time.
Sung to the tune of "If You're Happy and You Know It:"
If you can't afford to loose it back it up!
*clap*clap*clap*
If you can't afford to loose it back it up!
*clap*clap*clap*
If you can't afford to loose it
then there's no way to excuse it.
If you can't afford to loose it back it up!
*clap*clap*clap*
Silly maybe, but also true.
Sung to the tune of "If You're Happy and You Know It:"
If you can't afford to loose it back it up!
*clap*clap*clap*
If you can't afford to loose it back it up!
*clap*clap*clap*
If you can't afford to loose it
then there's no way to excuse it.
If you can't afford to loose it back it up!
*clap*clap*clap*
Silly maybe, but also true.
Monday, March 3, 2008
Check status of a user's password
Thanks to PCI requirements we recently formalized the the password aging policy in our Active Directory domain and unchecked the Password does not expire flag on all users accounts. I quickly found that I needed a way other than using Active Directory Users and Computers to check to see if a user's password is expired as users ignored the message to change their password.
I also found it helpful to see when the password was last changed and how long until the password expired. It seems the "Your password will expire in X days..." message was causing the odd issue with Outlook Web Access and Entourage (Mac Exchange Client) and having the user change their password resolved the issues.
So instead of always turning to Active Directory Users and Computers, I turned to scripting. Turns out you need the full LDAP distinguished name of the user in order to query password information. Typing in the full DN is a chore, but a bit of searching turned up a method for finding the a DN using the logon name.
And thus a simple script was born.
Script Username prompt.
Script Output.
Download VB Script Code
I also found it helpful to see when the password was last changed and how long until the password expired. It seems the "Your password will expire in X days..." message was causing the odd issue with Outlook Web Access and Entourage (Mac Exchange Client) and having the user change their password resolved the issues.
So instead of always turning to Active Directory Users and Computers, I turned to scripting. Turns out you need the full LDAP distinguished name of the user in order to query password information. Typing in the full DN is a chore, but a bit of searching turned up a method for finding the a DN using the logon name.
And thus a simple script was born.
Script Username prompt.
Script Output.
Download VB Script Code
Subscribe to:
Posts (Atom)