Aperture Script Memos

From Datateknik
(Difference between revisions)
Jump to: navigation, search
Line 21: Line 21:
 
*Disable recursive queries  
 
*Disable recursive queries  
 
*Use the following script
 
*Use the following script
<blockquote><code>hello.  
+
<blockquote><code># Script for allowing internal hosts to send recursive queries to a public DNS server<br># Adding internal network IP addresses to the client subnet<br># Creating a scope to enable recursion and where to send queries<br># Creating policy for recursion matching client subnet and recursion scope<br>Add-DnsServerClientSubnet -Name InternalNetworkIP -IPv4Subnet 1.2.3.4 /n
&nbsp;&nbsp;&nbsp;&nbsp;Hello again.
+
-IPv6Subnet aaa:bbbb:ccc::/64<br>Add-DnsServerRecursionScope -Name InternalRecursionScope -EnableRecursion $true
 +
-Forwarder 8.8.8.8, 2001:4860:4860::8888<br>Add-DnsServerQueryResolutionPolicy -Name InternalQueryPolicy -Action ALLOW -ApplyOnRecursion -ClientSubnet "EQ,InternalNetworkIP" -RecursionScope InternalRecursionScope<br># Confirm configuration by showing DNS recursion policy, DNS recursion scope, and our query policy.<br>Get-DnsServerClientSubnet<br>Get-DnsServerRecursion<br>Get-DnsServerRecursionScope<br>Get-DnsServerQueryResolutionPolicy
 
</code></blockquote>
 
</code></blockquote>

Revision as of 07:57, 20 October 2020

Creating users with CSV file on Windows Server 2019 AD

  • Create the CSV file with ";" as delimiter
  • Create an OU container in your Active Directory server and record the location
  • Create a PowerShell script in the same location as the CSV file is located
  • Use the following script
# Import Active Directory module and import CSV File to list
Import-Module Active Directory
$import_users = Import-Csv -Path .\Users.csv -Header "FirstName","LastName","Password" -Delimiter ";"
# Start a loop and send each line of the CSV file to create a user
$import_users | ForEach-Object{
New-ADUser `
    -Name $($_.FirstName + " " + $_.Lastname) `
    -GivenName $_.FirstName `
    -SurName $_.LastName `
    -DisplayName $($_.FirstName + " " + $_.Lastname) `
    -SamAccountName $($_.FirstName.Substring(0,3).ToLower() + $_$.LastName.Substring(0,3).ToLower()) `
    -UserPrincipalName $($_.FirstName.ToLower() + "." + $_.LastName.ToLower() + "@example.com") `
    -AccountPassword $(ConvertTo-SecureString $_.Password -AsPlainText -Force)`
    -Path "OU=ExampleUsers,DC=example,DC=com" `
    -Enabled $True `
}

Blocking open resolver and enabeling WSUS Service on Windows Server 2019 AD

  • Disable recursive queries
  • Use the following script
# Script for allowing internal hosts to send recursive queries to a public DNS server
# Adding internal network IP addresses to the client subnet
# Creating a scope to enable recursion and where to send queries
# Creating policy for recursion matching client subnet and recursion scope
Add-DnsServerClientSubnet -Name InternalNetworkIP -IPv4Subnet 1.2.3.4 /n -IPv6Subnet aaa:bbbb:ccc::/64
Add-DnsServerRecursionScope -Name InternalRecursionScope -EnableRecursion $true -Forwarder 8.8.8.8, 2001:4860:4860::8888
Add-DnsServerQueryResolutionPolicy -Name InternalQueryPolicy -Action ALLOW -ApplyOnRecursion -ClientSubnet "EQ,InternalNetworkIP" -RecursionScope InternalRecursionScope
# Confirm configuration by showing DNS recursion policy, DNS recursion scope, and our query policy.
Get-DnsServerClientSubnet
Get-DnsServerRecursion
Get-DnsServerRecursionScope
Get-DnsServerQueryResolutionPolicy
Personal tools
Namespaces

Variants
Actions
Navigation
Tools