Have you ever looked at your Active Directory and wondered, “Why do I still have computers listed that haven’t been turned on since World Cup 2016?” Yeah, we’ve all been there. Keeping AD clean and up-to-date is like trying to organize your garage—it’s easy to put off until it becomes a total mess.
PowerShell
Active Directory replication is a critical process that ensures the consistent and up-to-date state of directory information across all domain controllers in a domain. Monitoring this process is important as it helps identify any issues that may arise and resolve them quickly. One way to monitor Active Directory replication is by using the Repadmin command-line tool. Repadmin provides a wealth of information about the replication status and health of a domain. However, manually checking the Repadmin output can be time-consuming and tedious, and running it manually every 30 minutes just to check if everything is great doesn’t seem like a great idea. While PowerShell has its own commands around replication I’ve not found something as fast and reliable as repadmin /replsummary.
Hey there! Today, I wanted to introduce you to one of the small but excellent module I’ve created called the O365Synchronizer. This module focuses on synchronizing contacts and users. If you’ve ever been tasked with synchronizing Global Address Lists (GAL) across different Office 365 tenants or just wanted to sync GAL with user mailboxes so they can access contacts directly on their phones, this tool is for you.
Active Directory (AD) is crucial in managing identities and resources within an organization. Ensuring its health is pivotal for the seamless operation of various services. Today, I decided to look at Microsoft Entra Connect Health (Azure AD Connect Health) service, which allows monitoring Azure AD Connect, ADFS, and Active Directory. This means that under a single umbrella, you can have an overview of three services health. But is it worth it?
In today’s digital age, the ability to create compelling and informative HTML reports and documents is a crucial skill for professionals in various fields. Whether you’re a data analyst, a system administrator, a developer, or simply someone who wants to present information in an organized and visually appealing manner, having the right tools at your disposal can make all the difference. That’s where the PSWriteHTML PowerShell module steps in, offering an array of possibilities to suit your reporting needs.
As part of my daily development, I create lots of code that I subsequently comment on and leave to ensure I understand what I tried, what worked, and what didn’t. This is my usual method of solving a problem. Sure, I could commit it to git and then look it up, and I do that, but that doesn’t change my behavior where I happen to have lots of “junk” inside of my functions that stay commented out. While this works for me, and I’ve accepted this as part of my process, I don’t believe this should be part of the production code on PowerShellGallery or when the code is deployed.
Today I saw an article from Christian Ritter, “PowerShell: Creating an “empty” PSCustomObject” on X that got me curious. Do people create empty objects like Christian proposes? I want to offer an alternative to Christian’s article, which uses OrderedDictionary and converts to PSCustomObject.
I was scrolling X (aka Twitter) today and saw this blog post, “PowerShell: Report On-Premises Active Directory Accounts that are Synchronized with Azure AD Connect” by Kevin Trent. I like reading blog posts as I tend to learn some new things and see how people tend to solve their problems.
I had a long day today when my long-running script (10 hours) gave me weird errors with Microsoft Graph for Teams. Finally, I solved my mistakes and reran the hand to see if the report would be complete this time. Surprisingly, it gave me an error I’d never seen before. “Function cannot be created because function capacity 4096 has been exceeded for this scope”. The error is at least weird because it’s shown on a production server where I’ve just a handful of PowerShell modules installed, and I’ve never seen it on my development machine where I’ve over 200 modules.
I had this little issue today when I tried to schedule the Microsoft Graph script to run as a service account on a certificate. To my surprise, even tho I had all permissions required, I was getting this error message: Connect-MgGraph: Keyset does not exist. Something that didn’t show up for my user.