Remove all disabled user from an Active Directory Group with Power Shell using Quest Active Roles AD Management

The following code snippet which I ran through PowerShell ISE (learn how to get it on Windows Server) will remove all disabled users from a particular group.  Useful for the end of year / start of year clean up in a school environment.

You will need the ActiveRoles Management Shell for Active Directory, available by clicking here which were made by Quest Software, now DELL.

Add-PSSnapin Quest.ActiveRoles.ADManagement

Get-QADGroup -SearchRoot "" | Foreach-Object {
     $group = $_
     Get-QADGroupMember -Identity $group -Disabled -Type User | Foreach-Object{
         Write-Host "Removing '$($_.Name)' from group '$group'" -Foreground Green
         Remove-QADGroupMember -Identity $group -Member $_ 

Swap out with a distinguished name of the group you want to remove disabled users from.  Once you execute it, it will run through the group and remove any user objects that are disabled.

Getting Folder Sizes and number of items in a Mailbox for a particular user on Microsoft Exchange using PowerShell

Recently one of our high-end users was going over their mailbox limit. In helping them to cut down I like to let them know what folders are using up the most of their quota (generally it is their sent items folder, but sometimes not). Executing the below PowerShell command in an Exchange Administration Shell gave me a nice ordered list (see output below) of folders in their mailbox along with an associated size and number of items.

Get-MailboxFolderStatistics -Identity <username> | Sort-Object FolderSize 
-Descending | FT folderpath, foldersize, ItemsinFolder -autosize

After executing the above PowerShell you’ll get an output similar to the below

FolderPath                    FolderSize                  ItemsInFolder
----------                    ----------                  -------------
/Inbox                        32.89 MB (34,486,717 bytes)           158
/Carbon Copies                16.9 MB (17,725,567 bytes)            168
/Sent Items                   685.3 KB (701,797 bytes)               14
/Deleted Items                554.4 KB (567,723 bytes)              189
/Calendar                     27.6 KB (28,267 bytes)                  7
/Contacts                     1.492 KB (1,528 bytes)                  4
/Drafts                       138 B (138 bytes)                       1
/Sync Issues/Local Failures   0 B (0 bytes)                           0
/Sync Issues/Conflicts        0 B (0 bytes)                           0
/Sync Issues                  0 B (0 bytes)                           0
/Sync Issues/Server Failures  0 B (0 bytes)                           0

From this I can could then give to the user so they could clear out their mailbox. Hope that helps someone out.

Get-MessageTackingLog cmdlet for Exchange 2010 Returns Cannot process argument transformation on parameter ‘Start’. Cannot convert value to type “System.DateTime” because String was not recognized as a valid DateTime.

Recently, I was conducting some investigative work around mail delivery for a client.  PowerShell cmdlets for Exchange are awesome and give us as administrators some real power in trying to figure out what is wrong.  Some things in PowerShell though don’t take into account the regional language settings of the machine you’re working on.  One example of this that left me scratching my head a little was when I was running Get-MessageTackingLog. Being in Australia we do our date as dd/mm/yyyy so I had the following command ready to run

Get-MessageTrackingLog -Server SRV-MBX-02 -Start "14/08/2014 08:00:00" 
-End "14/08/2014 15:00:00" -Sender "[email protected]" | 
ConvertTo-Html > "C:\Scripts\MsgTrack.html"

When I ran this I got an error around trying to convert a DateTime, I was sure I had entered the right format (also trying – and .)

Cannot process argument transformation on parameter 'Start'. Cannot convert value "14/08/2014 08:00:00" to type "System
.DateTime". Error: "String was not recognized as a valid DateTime.
    + CategoryInfo          : InvalidData: (:) [Get-MessageTrackingLog], ParameterBindin...mationException
    + FullyQualifiedErrorId : ParameterArgumentTransformationError,Get-MessageTrackingLog

After a few minutes, I worked out the date needed to be in US Date/Time format of mm/dd/yyy. Swaping around my month and day got the command to work correctly and pipe out what I was after to a html page.

Interestingly, if you copy and paste a command out of the Tracking Log explorer the date and time format in there is based on the regional settings of the computer you are on, but run them through the Exchange Management Shell and you’ll also receive the above date/time error.

An error occurred while attempting to start the selected virtual machine(s) The security ID structure is invalid (0x80070539)

So I was recently working with some really old Virtual machines in a development environment that came across from another organisation. One particular virtual machine gave me an error message when I tried to start it up “An error occurred while attempting to start the selected virtual machine(s)… The security ID structure is invalid (0x80070539)”.  When this happens, Hyper-V basically doesn’t have permission to start the selected virtual machines under the user.  A quick administrative PowerShell cmdlet will grant me or a user permission and allow us to start the VM up;

Grant-VMConnectAccess -VMName "Name of VM not starting" -UserName 
"DOMAIN\Username of current user"

Changing -VMName to match the virtual machine giving you the error and a DOMAIN\Username of the user you are now logged on as.

Once you issue this command the virtual machine will start without any issues.