Scripting & Command line
cheesecoupons
Member Posts: 19 ■□□□□□□□□□
Hi all,
Hope everyone is doing well and studying hard.
I am in the area of my studies that deals with scripting. I have been out of the admin area for a while and have a question....
In practical application (real life) how often do you use scripting or the command line to add users, modify permissions?
thanks
Hope everyone is doing well and studying hard.
I am in the area of my studies that deals with scripting. I have been out of the admin area for a while and have a question....
In practical application (real life) how often do you use scripting or the command line to add users, modify permissions?
thanks
Comments
You can get away with not scripting much in an environment but it just makes your life harder and really takes away the power that your IT infrastructure could have.
You may learn something!
Also want to mention your username made me chuckle.
profile: linkedin.com/in/astorrs
Thanks for the responses! Okay so the part I am studying is probably for exposure (as far as adding users). I can see using a script to implement a group policy or something - but to add users seemed labor intensive and ,as mentioned, too much room for error.
Seem like any script, in the generic sense, has been written and all they need is some modification.
I'm just looking to be a jr sys admin so hopefully I will get a job someday and have one of you high spped folks to mentor me a bit
btw, the name is an unfortunate side effect of needing Chuck e Cheese coupons sent to something other than my mail mail box (Spam city)
Any other comments or tips would be wonderful.
Take care and good luck all!
I've only ever scripted once. The organisation I work for acquired another business and we needed to import the users' (inc. e-mail addresses) from their existing server onto one of ours. Each user had approx. 10 e-mail addresses so this was going to be a bit of a ball ache. I used the following script as a template to complete this task:
Ldifde -d "DC=domain,DC=co,DC=uk" -r "(&(mailnickname=*))" -l proxyAddresses -f emailaddresses.txt
Apart from that I personally don't tend to script but can definately see the advantages if you know what you're doing.
Andy
Oh god, I've sunk to a new low..why am I endorsing for free?
Hope this helps
The solution I came up with was to create a PowerShell script that runs once a week, deleting any XWall log files that are more than a day old. The script also writes an entry in the event log every time it runs, notifying of a successful delete or if there was an error. Because of this, we are able to monitor this script through our management software, [url=]Kaseya[/url], and I don't have to log into the machine every week just to look at a script. If I didn't know any scripting, I'd have to go an delete those logs every week. . . or, I'd have to rebuild the server in order to get everything working again.
Free Microsoft Training: Microsoft Learn
Free PowerShell Resources: Top PowerShell Blogs
Free DevOps/Azure Resources: Visual Studio Dev Essentials
Let it never be said that I didn't do the very least I could do.
I only use the command line/script permissions when there is a large problem. For example a few weeks ago we migrated to a new domain. We recreated each and every user account and did not create any sort of trust relationship. So the problem became how to reset the permissions on users' home directories... 150 users... That's A LOT of time. So I wrote a Perl script that read the user profile root into an array. Since the name of the uers' folders was the same as their username I used that to call cacls in the Perl script and reset the permissions so that only the domain admin and the user had any permissions on the folders. Worked pretty well. There were some errors and a few had to be done by hand.
I also use cacls when I am doing data recovery on a foreign disc. Attach the drive to my PC, run cacls on the root and walk away. Much faster than using the GUI.
I wrote a C# application that managed all of our user accounts for the school district I was working for. I would export all of the relevant student data from our student information system nightly. I would then export all of our employee data from our personnel database nightly.
After the exports I executed a series of logic statements that would:
- disable user accounts if they were no longer employees or students
- move users to the correct OU if they changed schools or positions
- create user accounts for new students or employees
After that process completed I used more dstool commands to repopulate security groups so users modified from previous steps had the correct permissions when they showed up in the morning.
This can be very powerful!