Powershell – Creating Active Directory User Accounts: with an Office 365 mailbox

Most IT admins know what a pain it is to set up Active Directory user accounts, especially when you need to setup a corresponding 365 mailbox.

Hopefully, this script is going to help you!

I’m going to guide you though using Powershell to create an Active Directory account, with a licenced Office 365 mailbox (in a hybrid Exchange 2013 environment).

I’m assuming you’re executing this script from an Admin Powershell prompt, on a Domain joined PC (It maybe useful for you to run this script in Powershell ISE).

This script will:

  • Create an Active Directory user account + allow you to assign a user password (securely).
  • Complete AD account details such as telephone number and address (useful if you are using my email signature script guide).
  • Create an Office 365 mailbox (this script assumes that you are running in Exchange hybrid mode (i.e. your business also has an on Premise Exchange server).
  • Turn on litigation hold enabled (for this to work, you will need the correct licences, ie: E3).
  • Assign a 365 licence (I’m also assigning an ATP licence, Windows 10 licence and PowerBI standard licence).

Continue reading


Windows 10 v1709 Deployment

***UPDATE*** Microsoft have also released MDT v8450 for Windows 10 v1709 deployment.  Get the latest installer here:

It’s been a while since I’ve played with Windows 10 Deployment…
One of the problems you may come across when upgrading your images to Windows 10 v1709 (fall creators update) is that to capture the gold master image, you’ll need to update your ADK installation.

On your deployment server, head to Control Panel, Programs and Features – then remove the old ADK program.

Download and install the new build of WDS from here:

Once installed; open the deployment workbench, right click on MDT Deployment Share and select update.  This can take some time.

When complete; open Windows Deployment Services; replace the boot image with one you’ve just generated.

Finally, head over to your gold master image; make sure its fully patched (and you’ve performed a disk clean up); and run the litetouch.vbs script (\\deploymentserver\deploymentshare$\scripts\litetouch.vbs).

News: Windows Server 2016 RTM. Now available on the MVLS portal!

Microsoft have overnight made Windows Server 2016 RTM to download from the MVLS portal. This is the final code, bar any last minute Windows Update patches.

After testing the Windows Server 2016 techincal preview, i think this is going to be a really exciting release (As a virtualization specialist, my particular favourite is the new Storage Spaces Direct feature!).

Storage Spaces Direct

Both the 180 day trial of Server 2016, and the final release of the free hypervisor, Hyper-V 2016 can be downloaded from Microsoft’s site.

tsn signoff

Unlimited business broadband from £15.99 a month

Windows Deployment: PXE booting between VLAN’s

If you’re looking to PXE boot between VLAN’s (ie. a vlan for servers and a vlan for clients), you’ll need to add a couple of extra options into your DHCP server settings.

Its an easy enough process, following these steps should get things working for you:

In Windows DHCP, expand your VLAN’s DHCP scope, and select scope options.


add option 66 – enter the FQDN of your deployment server.

add option 67 – enter \boot\x64\wdsnbp.com (or if you’re deploying 32bit images: boot\x86\wdsnbp.com). 

For reference you’ll find this file is in your deployment servers REMINST directory.


When you boot up your client computer, it will now receive the correct tftp response and will be able PXE boot!

tsn signoff

Unlimited business broadband from £15.99 a month

Defeat Ransomware: Use Microsoft File Server Resource Manager (FSRM) – with a twist!

You may have seen some advice floating about on the internet, showing  you how to use Microsoft’s File Server Resource Manager (FSRM) to prevent Ransomware.

The problem with these articles is that they all involve maintaining a block list. You’ll find those block lists rarely keep up with new variants of Ransomware. So, in this article, i’m going to show you how to defeat ransomware – with a twist!

Lemons... good for lemonade. Not so good at beating Ransomware!

Lemons… good for lemonade. Not so good at beating Ransomware!

Continue reading

Using a Raspberry Pi as a Squid proxy cache

I was looking to build *something* that would possibly benefit several customers that have slow or laggy internet access (ie 2mb broadband or satellite).

The solution needed to be cost effective and unobtrusive.

I did some research and decided to use Squid.

Squid (amongst other things) can cache web objects (such as images and executables), speeding up page load times and download times.


Next, I needed some hardware to run Squid on.

Squid can run on Linux and Windows computers, but i ruled out Windows as thats a paid licenced product, thus not cost effective.  I also didnt want to install Squid on a desktop computer, i’d either have to buy a new computer, or re-purpose an old computer – (which can be noisy and unsightly). Both options would also consume significant amounts of energy per year, again not very cost effective.


Enter the Raspberry Pi!

pi pic

Continue reading