Here's a script to extract telephone entries from a Windows AD via Net::LDAP (thanks g0n!) and output them to a LaTeX file to be process with pdflatex. The results aren't too terrible.

You'll probably need to customize it; we, for example, store "Mobile speed dial" numbers in the "Pager" field. We also deliberately separate based on the physical building — YMMV.

I'd recommend separating the template into a separate file, I included here inline because it's easier to download.

This one was more of a lark. It's only possible because the Win32::NetAdmin module does so much of the heavy lifting (and it comes with Activestate Perl or SFU's Perl). I wrote it as a quick and easy report to my boss for how many non-NT-based systems we have joined to our domain (we still have a number of 95/98 desktops in use).

The program picks up the domain controller for the system from which it is run. We don't have a multi-domain environment, so you might need to run it more than once (and append the domain name to the clients) if you do admin multiple domains. It could be the basis for more data gathering from the clients (drives, ram, specific windows versions, running services). We don't need that here, but it's nice to have it around as a building block.

The script builds an array of each of the following: primary domain controller, backup domain controller, NT servers (NT,2000,2003), unix servers, mssql servers, NT workstations (NT,2000,XP) and non-NT workstations (WFW,95,98,ME). Again, we didn't require specific versions. We just wanted a quick view of who is a *real* domain member, since they will be authenticating solely with the DC running the PDC FSMO service.

Because the array of NT domain members includes Unix and NT servers, those get added to a hash so that they won't be reported as NT-class workstations. Then it all barfs out to stdout.

By the way, if you're reading this for NT Admin stuff, the chances are good that you'll find a lotta useful information here: Wayne's NT Resources for Administrators and Users.

We needed a way to find and sort all domain users by account status (enabled, disabled, etc) and/or last logoff time. It could be cleaner, simpler and take less time to run (45 minutes with 7 domain controllers). This takes the logon, adds details from Exchange and calculates the most recent last logoff time before dumping the whole mess to stdout as a comma-delimited list.

The only variable you need to change is the $ldapsrv scalar near the beginning. Everything else will (hopefully) just work.

Good luck... hope it helps... muchos gracias to everyone who ever wrote something related... I'm sure I looked at it a dozen times... feel free to improve it!

2004-08-25: Added pdc/bdc lookup (so you don't have to manually change the array) and fixed a problem with the headers. Thanks to Marza's domain disk space check program for the pointer to the obvious routine for adding the pdc and bdcs generically.

2004-11-16: Tweaked a lot of little stuff

• Changed output to comma-separated from tab-separated
• Wrapped the data in double-quotes for the csv output
• Added password age variable (for auditing)
• Left my company-specific employee ID attrib in place with an explanation (since someone may find it useful)

I'd love to see some feedback, because this is my first large-scale utility script.

This script as the name implies is used to add ids or a list of IDs to a particular domain/AD group.

There is a logmsg subroutine which can be used for automation or history purposes. If it is not required, then comment it out.

I have not tested AD yet as we don't have an AD setup.

Finally, feel free to use it and mod it as you need. If you think something could be done better, please let me know.

spacecheck.pl

This script was originally written by an unknown author and was moded and traded a couple times. I rewrote it and streamlined it and got rid of a few cpu intensive approaches.

It will get a domain list of cpus and then list the drive, file system, capacity, used, free, and percent free.

It is simple so feel free to take it and mod it to your needs. If you think something can be done better, please let me know!

You will need AdminMisc PM from Dave Roth.

040402 - Major changes. As to suggestion, I rescoped the vars and got rid of the declare undefs as well as ptime.pl. I also added a ping check and an exclusion ability as well as cleaned a couple extranious variables.

040402 - Minor change. Error message was wrong and the computer print needed to be relocated.

This code was made to Scan a machine or list of machines, for get information about IIS Server, if active, on which port.

2002-03-13 Edit by Corion : Added CODE tags

Just some background so you know what's happening:

-Clients keep their web content in e:\web\{their directory}
-The logs are stored in e:\web\{their directory}\logs
-Access databases are stored on the d:\ drive
-SQL databases are stored on up to two data servers, with NetBIOS mappings to make this work (m:\ and n:\)

Obviously this is custom tailored for our needs, but it can serve as a pretty decent guideline for your own program. I'm just a hack; I'm very much a Perl novice, so this may look be a bit crude. However, it does its job for us, so I can't complain. :)

Comments and questions are welcome. Thanks.

Edit by dws for formating and code tags

\\perl\users\

- djw\
- redmist\
- danger\
- Macphisto\
- ar0n\
- CowboyNeal\
- boo_radley\

People's accounts are deleted when they leave your company, but are their home directories? Hopefully yes, but sometimes, no. This will allow you to be sure.

There are 2 scripts, because in my domain, getting all of the account information tends to take a very long time.

The 1st script pulls all of the usernames and home dirs to a text file called accounts.txt. The second reads the user directories from your servers and checks to see if they are being used as home directories by comparing them to the accounts.txt. If the home dir is not being used by an active account, it is considered "Orphaned" and will be printed to orphan.txt. Then, you can flag it for deletion.

Uses File::Find and Win32::FileSecurity to dump file permissions to a text file on shares that you specify.

Usage code.pl {share} {outputlog}

Output:server(tab)share(tab)account(tab)permission1(tab)permission2(tab)...(enter)

If the account does not have a permission, the script double tabs, for easy visual inspection.

By importing the resultant tab-delimited log into a spreadsheet program, you can sort by account(colC), then share(colB), then server(colA), to very simply compare directory rights across your file and prints.

Thanks to Tyke.

• System Attendant
• Directory
• Event Service
• Information Store
• Internet Mail Service
• Message Transfer Agent
• IIS Admin Service (for OWA)
• World Wide Web Publishing Service (for OWA)

Network failure notice
Network service notice

Message received
SMS from notice
SMS failure notice
SMS failure notice (cont'd)
SMS service notice

userdel modifies the system account files, deleting all entries that refer to login. The named user must exist.

TODO:

• Modify for Win2K, domains
• POD
• Testing Testing Testing

This script is very BETA, hense the use diagnostics. But, I posted this for the logonhours part (works like net user syntax) and for folks who want to reuse solaris useradmin scripts on NT.

The who utility can list the user's name and login time for each current system user.

users lists the login names of the users currently on the system in a compact, one-line format.

The uptime command prints the current time, the length of time the system has been up, and the number of users logged on.

REQUIRES: Date::Calc

shutdown is executed by the super-user to change the state of the machine.

By default, shutdown brings the system to a state ready for power off.

Before starting to shut down services and killing processes, shutdown sends a warning message via GUI pop-up with the warning message "The systemis shutting down. Please save all work in progress and log off. Any unsaved changes will be lost. This shutdown was initiated by ..." The bottom of the window pop-up contains the custom message included in the shutdown command. If the string contains more than one word, it should be contained within single (') or double (") quotation marks.

The warning message provides output detailing the time remaining before shutdown begins. See EXAMPLES .

No warning is sent to Remote Access Service (RAS) users or users connected via rcmd or telnet.

reboot restarts the hardware and operating system.

Although reboot can be run by the super-user at any time, shutdown is normally used first to warn all users logged in of the impending loss of service. See shutdown for details.

passwd changes the password or lists password attributes associated with the user's login name (userid) <- Not yet implemented.

When used to change a password, passwd prompts everyone for their old password, if any. It then prompts for the new password twice.

If executed by a user with USER_PRIV_ADMIN() privilege flag (i.e. super-user), the old password prompt does not appear.

Passwords must be constructed to meet the operating system requirements

TODO: Add password attribute listing

lastlogin displayes the last logon date for each user in the local host's user database.

UPDATE: Got rid of the exists test on scalars, per Re: lastlogin for NT/2K. THX frag! What ~was~ I thinking?

Cleans up the System and User-specific PATH persistent environment variables by removing duplicate and invalid entries. Can also add directories to the System PATH. Note that it has been wrapped by pl2bat for ease of use under Windows NT. This script does not work for Win9x. I've tested it under WinNT, Win2K, and WinXP.

Update: Now also fixes the value type having been set to REG_SZ instead of REG_EXPAND_SZ.

Update 2: Now also sets the PATH in the parent command shell, which can be very convenient. Code also cleaned up just a bit. See reply below for older version.

Update 3: (2007-01-20) Fixed but where "ARRAY(...)" written to change log rather than path strings, minor whitespace ajustments, and fix bug demerphq pointed out long ago.