Dec 082013

Don’t you hate when you have large distribution groups in your environment with enabled and disabled accounts as members and when you send email messages to the account NDRs are sent throughout the environment. As may or may not know, there are options in Exchange on how to handle NDRs for distribution groups. My issue is with the options provided by Exchange, for example enabling certain features against a DG could remove valid NDRs or create a lot of false positives. To combat this problem in environments we put together a script that will only look in DG, not security groups, and remove disabled user accounts. This script will remove all groups from disabled users within a particular OU.  You have to specify the OU that you want to search for the disabled mailboxes. This will also write out the removed groups of each user to a log.

The script can be found on our Tools page or directly at this link:

BTW, if you are looking for the same functionality but with Security Groups, it wouldn’t take much to modify this script to that effect.

119 total views, 4 views today

Dec 052013

A request came up in a newsgroup for a script which would automate the creation of a primary zone on one DNS server, enable zone transfers, and then configure a secondary zone on another DNS server.  A first generation release of a script was posted today.  If there is interest for a more flexible script which has more options for things like where the zone is stored, what the zone security is, etc, then I will gladly revise the script.

For now, it’s fully functional and a link to the very simple CMD code can be found here:

This sample code can be used to create primary and secondary zones.  The primary zone will be created as an AD-integrated zone, configured for secure updates and aging with the default values.  The zone will allow zone transfers only to the server that is provided as an argument at the command line.  The secondary zone will be created to pull from the server where the AD-integrated zone was created.  The secondary zone will have a zone file with the same name created at %systemroot%system32dns, by default.

Simply copy the text below and paste it to notepad.  Save the file as createPrimaryAndSecondaryZone.cmd.  This can be run from any workstation that has DNSCMD.  DNSCMD is part of the Support Tools and the latest version as of this writing can be found here.

If you have any other requests please feel free to post them in the comments or email them to and I’ll be glad to attempt to add them.

NOTE:  Please remember that this is sample code and while it has been tested multiple times under a variety of conditions, no two environments are exactly alike.  It is important that you test all code first to make sure that it is functional as you desire it to be for your environment.

29 total views, no views today