Powershell – Blank AD Profile PATH

Posted on December 12, 2025 by Steven Whiting

<#
.SYNOPSIS
  Clear Home Folder (local path) for each AD user in an OU and export results to CSV.

.PARAMETER SearchBase
  Distinguished Name (DN) of the OU to search.

.PARAMETER WhatIfMode
  If supplied, no changes are actually made.

.PARAMETER CsvPath
  Output path for the CSV file.

#>

param(
    [string]$SearchBase = 'OU=.Users (Role Based),OU=Steven Whiting,DC=whiting-steven,DC=co,DC=uk',
    [switch]$WhatIfMode,
    [string]$CsvPath = ".\HomeFolder_Clear_Report_$(Get-Date -Format yyyyMMdd_HHmmss).csv"
)

# Import AD module
Import-Module ActiveDirectory -ErrorAction Stop

Write-Output "SearchBase: $SearchBase"
if ($WhatIfMode) { Write-Output "WHATIF MODE ENABLED — no changes will be made." }

# Retrieve users
$users = Get-ADUser -Filter * -SearchBase $SearchBase -SearchScope Subtree -Properties homeDirectory,homeDrive,DistinguishedName,SamAccountName

if (-not $users) {
    Write-Output "No users found under the specified OU."
    exit
}

# Results array
$results = @()

foreach ($u in $users) {
    $result = [PSCustomObject]@{
        SamAccountName = $u.SamAccountName
        DistinguishedName = $u.DistinguishedName
        PreviousHomeDirectory = $u.homeDirectory
        PreviousHomeDrive = $u.homeDrive
        Action = ""
    }

    if ($WhatIfMode) {
        $result.Action = "Would Clear"
        $results += $result
        continue
    }

    try {
        Set-ADUser -Identity $u.DistinguishedName -Clear homeDirectory,homeDrive -Confirm:$false -ErrorAction Stop
        $result.Action = "Cleared"
    } catch {
        $result.Action = "Failed: $($_.Exception.Message)"
    }

    $results += $result
}

# Export CSV
$results | Export-Csv -NoTypeInformation -Path $CsvPath

Write-Output "CSV report created: $CsvPath"
Write-Output "Completed."

Server 2022 Activate Directory – Exchange bits

Posted on December 10, 2025 by Steven Whiting

For SMTP bits in AD you need the exchange tools. These are for my notes so make sense to me.

Your account needs to be in the enterprise admins and schema admins group.
You need to install the exchange bits so run this command but you also need to mount an exchange ISO. I used Exchange 2019

d:\Setup.exe /IAcceptExchangeServerLicenseTerms_DiagnosticDataON /PrepareAD /OrganizationName:”Contoso Corporation”

We’re not installing or setting up exchange, just need it to put in all the extra exchange stuff in AD for the mailNickname bits

If you don’t need any of the exchange fields you can ignore all this.

Server 2022 – Disable reboot warning

Posted on December 10, 2025 by Steven Whiting

https://www.softwareok.com/?seite=faq-Windows-Server&faq=19

1.) Method: Group Policy

Open Group Policy Editor :

Press Win + R, type gpedit.msc and hit Enter .

Navigate to:
Computer Configuration → Administrative Templates → System .
Find the policy “Disable shutdown event logging” .
Double click on it and set the policy to “Enabled” .
Click OK and close Group Policy Editor.

SMTP/Alias

Posted on December 9, 2025 by Steven Whiting

For AD SMTP and Alias’

<#
.SYNOPSIS
    Export SMTP addresses (primary + secondary) from AD users.

.DESCRIPTION
    Uses Get-ADUser to collect the 'proxyAddresses' and 'mail' attributes.
    - Primary SMTP is the address with the "SMTP:" prefix (uppercase).
    - Other SMTP addresses are those with the "smtp:" prefix (lowercase).
    - If proxyAddresses is empty, the script will attempt to use the 'mail' attribute as primary.

.PARAMETER OutputCsv
    File path for exported CSV. Default: .\AD-SMTP-Addresses.csv

.PARAMETER SearchBase
    Optional AD container (distinguishedName) to restrict the search.

.PARAMETER IncludeDisabled
    If specified, include disabled accounts as well. By default disabled accounts are excluded.

.EXAMPLE
    .\Export-AD-SMTP.ps1 -OutputCsv C:\temp\smtp-addresses.csv

#>

param(
    [string]$OutputCsv = ".\AD-SMTP-Addresses.csv",
    [string]$SearchBase,
    [switch]$IncludeDisabled
)

# Ensure ActiveDirectory module is available
if (-not (Get-Module -ListAvailable -Name ActiveDirectory)) {
    Write-Error "The ActiveDirectory module is not installed or available. Install RSAT/Active Directory module and run again."
    exit 1
}

Import-Module ActiveDirectory -ErrorAction Stop

# Build filter
$filter = if ($IncludeDisabled) { { } } else { { Enabled -eq $true } }

# Properties we need
$properties = @("proxyAddresses","mail","distinguishedName","samAccountName","displayName","objectClass")

try {
    if ($SearchBase) {
        $users = Get-ADUser -Filter * -SearchBase $SearchBase -Properties $properties
    } else {
        $users = Get-ADUser -Filter * -Properties $properties
    }
}
catch {
    Write-Error "Failed to query Active Directory: $_"
    exit 1
}

$result = foreach ($u in $users) {
    # Some objects may not have proxyAddresses (or not be users) - handle safely
    $proxy = @()
    if ($u.proxyAddresses) {
        $proxy = $u.proxyAddresses
    }

    # Normalize and split SMTP addresses
    $primary = $null
    $others  = @()

    if ($proxy.Count -gt 0) {
        # find exact uppercase SMTP: for primary
        $primaryEntry = $proxy | Where-Object { $_ -like "SMTP:*" } | Select-Object -First 1
        if ($primaryEntry) {
            $primary = $primaryEntry -replace '^[sS][mM][tT][pP]:',''  # remove prefix (case-insensitive)
        } else {
            # no uppercase SMTP found -> try any smtp: entry as fallback
            $fallback = $proxy | Where-Object { $_ -match '^(smtp|SMTP):' } | Select-Object -First 1
            if ($fallback) { $primary = $fallback -replace '^[sS][mM][tT][pP]:','' }
        }

        $others = $proxy |
            Where-Object { $_ -match '^(smtp|SMTP):' } |
            Where-Object { ($_ -replace '^[sS][mM][tT][pP]:','') -ne $primary } |
            ForEach-Object { $_ -replace '^[sS][mM][tT][pP]:','' }
    }

    # If no proxyAddresses, fall back to mail attribute as primary (if present)
    if (-not $primary -and $u.mail) {
        $primary = $u.mail
    }

    # Build object for export
    [PSCustomObject]@{
        DistinguishedName = $u.DistinguishedName
        SamAccountName    = $u.SamAccountName
        DisplayName       = $u.DisplayName
        ObjectClass       = $u.ObjectClass
        PrimarySMTP       = $primary
        OtherSMTPs        = if ($others.Count -gt 0) { $others -join ";" } else { $null }
    }
}

# Export to CSV
try {
    $result | Export-Csv -Path $OutputCsv -NoTypeInformation -Encoding UTF8
    Write-Output "Export completed: $OutputCsv ('$($result.Count) records)'"
}
catch {
    Write-Error "Failed to export CSV: $($_)"
    exit 1
}

Proxmox and Tailscales

Posted on December 5, 2025 by Steven Whiting

Setting up Proxmox with Tailscale

https://tailscale.com/download/linux

curl -fsSL https://tailscale.com/install.sh | sh

Then

tailscale up –ssh

For SSL cert

https://tailscale.com/kb/1133/proxmox

sudo tailscale serve –bg https+insecure://localhost:8006

Boycott Rockstar

Posted on November 25, 2025 by Steven Whiting

Appears Rockstar, despite claiming their employees leaked info, fired their employees for unionising, it appears. This is illegal in the UK. They are based in Scotland but its increasingly looking like they are claiming leaked info when all fired also happened to be members who recently unisonised.

Claiming leaked info seems far fetched and they are doing more damage to their business now than just accepting the Union.

Everyone should Boycott Grand Theft Auto 6 and all Rockstar games until the staff are reinstated and the union is allowed.

Powershell – Get SAM name

Posted on November 15, 2025 by Steven Whiting

Gets the SAM name of users in a specific OU and then displays them as swhiting, jdoe, ldoe

etc, this was so I could then put them in another script.

(Get-ADUser -SearchBase "OU=FinanceTeams,OU=CustomerServices,OU=Operations,OU=.Users,OU=stevenwhiting,DC=stevenwhiting,DC=co,DC=uk" -Filter {Enabled -eq $true} |  Select-Object -ExpandProperty SamAccountName | ForEach-Object { "'$_'" }) -join ','