Reading, modifying and deleting attributes of Active Directory Objects with Powershell

March 31, 2009 09:23 by hiho

I just thought i'd do a quick one on Powershell, and how it can be used to modify Active Directory attributes, especially regarding multi-valued ones. In this example, i'm using the [ADSI] accelerator for direct access to AD. I'm also utilizing the .putex method, for more granular control. For more information on .putex, please see http://support.microsoft.com/kb/260251.

And there you go....

------------------------------------------------------------------------------

#Scripting example of using PS and [ADSI] accelerator to modify AD attributes
#This example reads, modifies and deletes all the values in the "proxyaddresses"-attribute of an user object.
#
#USE THIS CODE AT YOUR OWN RISK. DO PROPER LAB TESTS. NO WARRANTIES IMPLIED. LEGAL BLAH.
#(c) 2009, Georg Hinterhofer

#Clear Screen
cls

#Dim array to hold multi-valued attributes
[array] $proxy

#Set LDAP path
$LDAPPath ="LDAP://CN=test,CN=Users,DC=forest1,DC=local"
$ADUser = [ADSI]"$LDAPPath"

#Read multi-valued properties
$proxy = $aduser.proxyAddresses

#Delete a multi-valued properties
$ADUser.putex(1,"proxyAddresses",$null)
$ADUser.setinfo()

#Set a multi-valued property
[Array] $newProxy = "SMTP:test@microsoft.at","smtp:test2@test.at"
$ADUser.putex(2,"proxyAddresses",$newProxy)
$ADUser.setinfo()

#Add a property to multi-valued
[array] $smtpToAdd = "smtp:test3@test.at"
$ADUser.putex(3,"proxyAddresses",$smtpToAdd)
$ADUser.setinfo()

#Remove a property from multi-valued
[array]$smtpToRemove = "smtp:test2@test.at"
$ADUser.putex(4,"proxyAddresses",$smtpToRemove)
$ADUser.setinfo()

------------------------------------------------------------------------------

So enjoy this one,

Regards,

Georg


Currently rated 5.0 by 3 people

  • Currently 5/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5
Tags: , , , , , ,
Categories: Exchange 2007 | General | Microsoft | Windows
Actions: E-mail | Permalink | Comments (11) | Comment RSSRSS comment feed

Exchange 2003/Windows 2003 SMTP tar pitting

August 13, 2008 15:30 by hiho

So you ask: What is tar pitting?

IMHO,  tar pitting is a very suitable way to stop misuse of your Windows 2003 / Exchange 2003 SMTP Virtual Server by delaying SMTP responses for 5.x.x errors. This efficiently stops DoS and harvesting attacks on your SMTP servers.

For example: Hacker A continously sends mail to your server, named yourserver.mail.net, the simple purpose being to gather valid e-mail-addresses from your domains. This Brute-Force-Attack is called a "Directory Harvest Attack". 

Have a look at this telnet-screenshot, where a simple SMTP-communication is depicted: 



Normally, this kind of communication would just take a view milliseconds of time on your SMTP server. With tar pitting enabled, SMTP Virtual Server will freeze the connection for a configurable  amount of time before returning "550 5.7.1 Unable to relay". More...


Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5
Tags: , , , ,
Categories: Microsoft | Exchange 2003 | Windows
Actions: E-mail | Permalink | Comments (8) | Comment RSSRSS comment feed