Virtualization, Cloud, Infrastructure and all that stuff in-between

My ramblings on the stuff that holds it all together

Category Archives: Uncategorized

POSH1Liner Query Azure Active Directory – AAD from PowerShell

You need to install the module (it’s not installed by default) – full cmdlet list is hereĀ

this is the new version, seems to use connect-azureAD rather than the connect-MSOLservice you may have used in the past and will work with MFA accounts as it pops a browser window for credentials

Install-Module AzureAD

For example;



will list out all the users synchronised to your AAD, and if you are wondering how to check how many have sync’d from your on-prem AD to AAD you can do

$data = Get-AzureADUser -All $True

Then checking the contents of the $data.count variable will tell you the total number of users in AAD





POSH1Liner – Enable Exchange mailboxes for all users in a specific OU

Inside the Exchange Management Shell..

Get-User -OrganizationalUnit "NAME_OF_OU" | Enable-Mailbox

Note: can just be the name of the OU, doesn’t need to be the full DN



Get-User -OrganizationalUnit "NZ" | Enable-Mailbox

will just enable all the users in the NZ OU (which in my case is a sub-OU of ‘demo users’


POSH 1-Liners: Count the number of enabled Active Directory accounts in PowerShell

(get-aduser -filter *|where {$_.enabled -eq “True”}).count


Also – another useful post to create a load of valid-looking AD accounts for your lab..

No recent password sync error shown in Office365 portal but Directory synchronization is ok

I ran into this, my dirsync was running ok (new objects copied out from on-prem AD to AAD ok) but password changes on-prem were not going out.

Weird, wasn’t related to this post as no recent password change of the admin account used in the lab.

I can highly recommend using the built-in PowerShell diagnostics tool on your AAD Sync server – just run it by using Invoke-ADSyncDiagnostics in a PowerShell session and follow the prompts.. in my case, it discovered the the password hash sync service wasn’t running, script restarted it.

Not sure if this was some hiccup due to me recently enabling password write-back and some MFA config. but it fixed it for me.

POSH1Liner: Find files modified in the last n days and export as a formatted table with full path

Adjust the minus ( AddDays(-8) value to how many days back you want to check and run, it will output a list of files (with full path) that have a modified date later than the number you specified, handy for sorting out complex data merge issues.

$lastdate = get-date.AddDays(-8) ‘set the minus number to how many days you want to go back
Get-ChildItem -Recurse -File | Where-Object { $_.LastWriteTime -ge $lastdate } | format-table -autosize -property FullName

How to find which port a device MAC address is plugged into on a Cisco switch

I have to do this every so-often to reverse engineer the cabling in my lab (which isn’t easily accessible, well.. without some walking and moving things), and by the time I have to do it, I’ve invariably forgotten the command fro the last time and waste time googling the many variants to do so, so – parking it here for reference!

show mac address-table | include

note: MAC needs to be in aaaa.bbbb format (don’t ask me why, you can also search for partial MACs, e.g the last 2 digits)

show mac address-table | include e50d

Will give you an output like..

100 0418.d6ac.e50d DYNAMIC Fa0/44

Troubleshoot IaaS performance problems in Azure

Given in the public cloud you’ve not got much visibility of what’s going on under the hood in your IaaS VMs this is a handy tool from MSFT – instructions and downloads here

Or you can install it from the Azure portal by following these steps (You’ll need the name and key for one of your storage accounts.

If you install it via the portal you don’t have to login to the VM to enable it.

POSH1Liner:Configure all hosts in a cluster

ok, a little more than a 1-liner; but a shell loop that you can use to do *something* to all hosts in a given cluster (in this case the cluster is called L2-C2; 2nd level of virtualization, e.g. not physical which is L1, 2nd cluster if you’re interested in my naming convention)

in this case it’s adding an iSCSI software adapter and pointing it at some targets – pause is optional (assumes you’re already connected to a vCenter via connect-vihost)

# Generic shell
$cluster = get-cluster L2-C2 | get-vmhost
foreach ($hypervisor in $cluster) {

write-host Doing config for $hypervisor
#Do stuff here for each host in the cluster $hypervisor is the hostname variable
Get-VMHostStorage -VMHost $hypervisor | Set-VMHostStorage -SoftwareIScsiEnabled $True
get-vmhost -name $hypervisor | Get-VMHostHba -Type iScsi | Where {$_.Model -eq “iSCSI Software Adapter”}
Get-VMHost -name $hypervisor | Get-VMHostHba -Type iScsi | New-IScsiHbaTarget -Address “”
Get-VMHost -name $hypervisor | Get-VMHostHba -Type iScsi | New-IScsiHbaTarget -Address “”
get-vmhost -name $hypervisor | get-VMhostStorage -refresh -RescanAllHba -RescanVmfs
write-host “————————————————————————————-”
pause #wait for keypress

POSH1Liner: Set NTP server on all hosts attached to a vCenter

Get-VMHost | Add-VMHostNtpServer -ntpserver “”
Get-VMHost | Get-VMHostFirewallException | where {$_.Name -eq “NTP client”} | Set-VMHostFirewallException -Enabled:$true
Get-VMHost | Get-VmHostService | Where-Object {$_.key -eq “ntpd”} | Start-VMHostService
Get-VMhost | Get-VmHostService | Where-Object {$_.key -eq “ntpd”} | Set-VMHostService -policy “automatic”

Original script from this blog post Modified to add -ntpserver parameter and public NTP server name incase you don’t have your own

POSH1Liner:Deploy VM from template

Populate variables

$targetdisk = Get-Datastore -name vd03*
$target = get-vmhost -name

#Deploy VM from template
new-vm -name L2-C2-NXX -Template TPL_vESXI -vmhost $target -Datastore $targetdisk -runasync

#rinse & repeat