I would like to create a remote folder inside Inbox with this command wit o365 exchange when execute the following command:
New-MailboxFolder -Parent 'username#domain.com:\Inbox\Folder1' -Name 'Folder1.1'
However, this command cannot be used to create folders on other user’s mailbox.
The error is:
The specified mailbox “username#domain.com” doesn’t exist
What's the exactly problem with this command? Anybody know any Workaround? Thanks!
The cmdlet you're trying to use is not supposed to work for mailboxes other than your own (even if you have proper rights). From the documentation:
Use the New-MailboxFolder cmdlet to create folders in your own mailbox. Administrators can't use this cmdlet to create folders in other mailboxes (the cmdlet is available only from the MyBaseOptions user role).
Some possible workarounds are:
Use Create MailFolder from Graph API
Use MFCMAPI (probably not trivial to be automated)
More detailed description can be found here.
Related
I want to switch 2 files in the SYSVOL Folder. For that I need to Invoke-Command a script on a Domain Controller from our schedule server.
$Server = Get-ADDomainController | select Name
Invoke-Command -ComputerName $Server.Name -ScriptBlock {
$Path = "c:\Windows\SYSVOL\sysvol\domain.com\scripts\Folder"
$Source = "$Path\backgrounddefault1.JPG"
$trg = "$Path\backgrounddefault.JPG"
Copy-Item -Path $Source -Destination $trg -Force
}
However if I do not promote the Service Account to Domain Admin, the script will get an access denied.
Are there any other ways I could do this, or other groups that give him that specific right?
The group is called "Remote Management Users". Obviously, however, you'll also need permissions on the folder. Create a new group for those rights specifically, and make it a member of RMU. Make the service account a member of the new group. (Note that none of this is specific to DCs.)
If you wanted to do this without changing any permissions on a Sysvol subdirectory, the cleanest thing I can think of would be to create a scheduled task on the DC running under local system that performs only this operation, and grant the service account permission to start this task. (There is no interface for this, but you can manipulate the SecurityDescriptor of what you get with Get-ScheduledTask; see this question, for example).
If this task needs parameters/input, it gets trickier since you'll need to supply these in a file somehow. Because that task effectively has domain admin permissions, you'd have to take very good care to check your inputs and make sure the task has no exploitable vulnerabilities. Just tweaking the permissions on that one specific folder seems a lot easier and also safer to me.
Last but not least, when performing operations like these it's always worth investigating if what you're trying to do can't be done with Group Policy somehow, because it leaves a clear statement of intent (and an audit trail).
I was looking a way to delete azure storage account using powershell.
There are powershell command to remove blob,container,table,queue, filed, directory. But I don't see any way to remove/delete azure storage account using powershell.
Through portal I can do it, but need to do it through powershell.
Anyone knows how to do this ?
Have you tried Remove-AzureRmStorageAccount or Remove-AzureStorageAccount depending on the deployment model you are using?
To find those you can always use Get-Command remove-azure*storage*
This article may help you -> scroll down to- To remove the whole storage account
This is the powershell command-
Remove-AzureRmResourceGroup -Name resourceGrouptest
where resourceGrouptest is the name of the resource group.
you also need to first login into your account using-
Login-AzureRmAccount
Powershell v3.0 Windows Server 2012
I am trying to use the Grant-NfsSharePermission cmdlet to grant read/write access to all users with local admins having full permissions to a NFS share.
Grant-NfsSharePermission -Name "LABS" -Path "C:\LABS" -ClientName "WIN-TGE0C741D5G" -ClientType "builtin" -Permission readwrite
The error I get is the parameter set cannot be resolved using the specified name parameters. It's in the InvalidArgument category. After looking at the built-in examples, I can't seem to see why this is a problem. I even tried replacing the clientname (which is my machine name) with localhost and 127.0.0.1 and same error.
The Grant-NfsSharePermission cmdlet expects either the name of the NFS share or the path to the share. You provided both and it doesn't like that. Provide either just -Name or just -Path, but not both and it should work.
As TheMadTechnician mentioned in the comments, you can see this by reviewing the online help or built-in help (with Get-Help Grant-NfsSharePermission) and seeing they provide two parameter sets and the examples only show the use of one or the other.
I am trying to copy one file from share in my custom dsc script. This code below works great in powershell, but not working in dsc resource.
PS C:\Users\user> $wc = New-Object System.Net.WebClient
PS C:\Users\user> $wc.DownloadFile("\\DC1\Downloads\en_sql_server_2012_enterprise_edition_with_service_pack_2_x64_dvd_
4685849.iso", "C:\SQL2012SP2.iso")
Powershell 4/5 has native commandlets for get files from smb share? Or any variants?
As #arco444 alluded to, the way you're doing this is bananas. Why not use Copy-Item?
That aside, I think you would have the problem with Copy-Item as well.
DSC runs under the context of SYSTEM, so you should make sure that your share allows access from the machine account of the machine on which the DSC is to be executed.
Alternatively, you can grant read access to Authenticated Users (which includes all other users as well), or Domain Computers if you're in a domain and want all of the computers to be able to read the contents.
The Credential parameter in file resource is used to connect to the source - so you can specify credentials for the share.
However make sure that credentials are secured as described in this article - [link] http://blogs.msdn.com/b/powershell/archive/2014/01/31/want-to-secure-credentials-in-windows-powershell-desired-state-configuration.aspx
I am trying to create a powershell script to automate user creation which is working great using ADSI. However I need to set the following properties and I am not sure how (or if ADSI can even do this):
Log on as a service
Allow logon locally
Any ideas how to do this?
The solution to working with GPO's in PowerShell is via a COM+ object called GPMgmt.GPM which is part of the Group Policy Management Console feature. The best article for information I could find on this is: http://technet.microsoft.com/en-us/magazine/cc162355.aspx
I have yet to be able to figure out how to set those specific values though.
This might be what you're looking for:
https://gist.github.com/ned1313/9143039
We can set the Logon As A Service right to user in powershell by importing the third party DLL ( Carbon ).
you can download dll from here https://bitbucket.org/splatteredbits/carbon/downloads
$Identity = "DomainName\Administrator"
$privilege = "SeServiceLogonRight"
$CarbonDllPath = "C:\Users\Administrator\Downloads\Carbon-1.5.1\Carbon\bin\Carbon.dll"
[Reflection.Assembly]::LoadFile($CarbonDllPath)
[Carbon.Lsa]::GrantPrivileges( $Identity , $privilege )