Announcement

Collapse
No announcement yet.

LVR (Linked Value Replication)

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • LVR (Linked Value Replication)

    I am trying to convert our legacy groups into LVR using a windows 2008 domain.
    I am working on the domain controller trying to use the following script in powershell
    $groups = Get-content $("c:\metadata\groups.txt")
    Foreach ( $group in $groups ){
    @(dsget group "$group" -members | dsmod group "$group" -chmbr)}

    but when i run the command it states that the "directory object not found"

    However if i run this command in CMD, it works
    dsget group "CN_group_name" -members | dsmod group "CN_group_name" -chmbr

    i would like to script this and not execute the command for 9000 groups. BTW no group contains more than 1500 objects.

    Please help

  • #2
    Re: LVR (Linked Value Replication)

    Could you please post the first few lines from the CSV and also the exact CMD syntax that works? (do not obfusticate names)
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: LVR (Linked Value Replication)

      Try this:
      Code:
      $groups = Get-content $("c:\metadata\groups.txt")
      Foreach ( $group in $groups ){
        $groupsan = ($group -replace '"',"")
        CMD.EXE /C "dsget group `"$groupsan`" -members | dsmod group `"$groupsan`" -chmbr" 
      }
      Regards,
      Jeremy

      Network Consultant/Engineer
      Baltimore - Washington area and beyond
      www.gma-cpa.com

      Comment


      • #4
        Re: LVR (Linked Value Replication)

        Hi Jeremey.
        Thanks for your post, I used your code but now when i execute the script it states
        PS AD:\> C:\Users\userID\Desktop\LVRgroups\8_LVR-Groups.PS1
        dsget failed:A referral was returned from the server.
        type dsget /? for help.dsmod failed:The parameter is incorrect.
        type dsmod /? for help.dsget failedirectory object not found.
        type dsget /? for help.dsmod failed:The parameter is incorrect.
        All my LEGACY groups are in a text file called groups.txt and the 1st line starts like this:
        CN=DLM-DK0-FIRMAGONCHMPReps,OU=DK0-SecurityGroups-UC,OU=FEDK0-UC,OU=FEDKX-UC,OU=UC,DC=a,DC=b
        Any ideas?

        Comment


        • #5
          Re: LVR (Linked Value Replication)

          Hi Jeremey,
          I fixed the error, it seemed that whilst i was amending the output file i deleted to many spaces where they should have been there.

          However

          Distrubtion lists have a CN name of

          CN=#All Users Italy\, FEITX,CN=Users,DC=a,DC=b

          and when i try to run this command

          cls
          $PathFile = Split-Path -parent $MyInvocation.MyCommand.Definition
          $groups = Get-content $($PathFile+"\1_allgroups.txt")
          foreach ($group in $groups) {
          write-host $group
          $ngroup = $group -replace "\\",""
          repadmin /showobjmeta DC1.a.b $ngroup > "$PathFile\3_metadata\$ngroup.txt"
          }

          The output in the file states:
          DsReplicaGetInfo() failed with status 8350 (0x209e):
          The directory service encountered an error parsing a name.

          This happens for all distribution lists

          Comment


          • #6
            Re: LVR (Linked Value Replication)

            Originally posted by freaks126 View Post
            Hi Jeremey,
            I fixed the error, it seemed that whilst i was amending the output file i deleted to many spaces where they should have been there.
            Excellent

            Originally posted by freaks126 View Post
            However

            Distrubtion lists have a CN name of

            CN=#All Users Italy\, FEITX,CN=Users,DC=a,DC=b

            and when i try to run this command

            Code:
            cls
            $PathFile = Split-Path -parent $MyInvocation.MyCommand.Definition
            $groups = Get-content $($PathFile+"\1_allgroups.txt")
            foreach ($group in $groups) {
            write-host $group
            $ngroup = $group -replace "\\",""
            repadmin /showobjmeta DC1.a.b $ngroup > "$PathFile\3_metadata\$ngroup.txt"
            }
            The output in the file states:
            DsReplicaGetInfo() failed with status 8350 (0x209e):
            The directory service encountered an error parsing a name.

            This happens for all distribution lists
            Why are you using this line:
            Code:
            $ngroup = $group -replace "\\",""
            Why would there be a "" in the path? Why not edit the txt file so the syntax of the groups is already correct?
            Regards,
            Jeremy

            Network Consultant/Engineer
            Baltimore - Washington area and beyond
            www.gma-cpa.com

            Comment


            • #7
              Re: LVR (Linked Value Replication)

              is used in the command since its not possible to save the output with a \ sign. In step 3 the distrubtion list name is changed from a \ to a since the txt file cannot be saved in the metadata folder.
              These are the steps.

              1. To find all the groups / distribution lists
              Dsquery group /uco dc=a,dc=b/limit 0 > 1_allGroups.txt

              2. Remove all built-in groups and groups that are created by default during a fresh installation since I didn't want to "touch" them.

              3. Get objMeta of all groups in the text file: (metadatais the folder where I saved the output files to)

              cls
              $PathFile = Split-Path -parent $MyInvocation.MyCommand.Definition
              $groups = Get-content $($PathFile+"\1_allgroups.txt")

              foreach ($group in $groups) {
              write-host $group
              $ngroup = $group -replace "\\",""
              repadmin /showobjmeta SERVER.A.B$ngroup > "$PathFile\3_metadata\$ngroup.txt"
              }


              4. using the content in the Metadata folder in need to search for the LEGACY contents:
              cls
              $PathFile = Split-Path -parent $MyInvocation.MyCommand.Definition
              get-childitem $($pathfile+"\3_metadata") | select-string LEGACY -list | %{copy-item -path $_.path -destination $($pathfile+"\5_searchResult")}

              5. So all the files in the search result folder contact LEGACY items


              6. From the search result folder i then execute
              cls
              $PathFile = Split-Path -parent $MyInvocation.MyCommand.Definition
              Get-Childitem $($pathfile+"\5_searchResult") | select -property name > $($pathfile+"\7_groups.txt")

              so i have the final output of groups that need to be converted to LVR

              7. this command is used for the conversion
              $PathFile = Split-Path -parent $MyInvocation.MyCommand.Definition
              $groups = Get-content $($PathFile+"\7_Groups.txt")
              Foreach ( $group in $groups ){
              $groupsan = ($group -replace '"',"")
              $ngroup = ($groupsan -replace "","\\")
              CMD.EXE /C "dsget group `"$ngroup`" -members | dsmod group `"$ngroup`" -chmbr"
              }

              for some reason i also lose the

              hope this helps you to understand

              Comment


              • #8
                Re: LVR (Linked Value Replication)

                Originally posted by freaks126 View Post
                is used in the command since its not possible to save the output with a \ sign. In step 3 the distrubtion list name is changed from a \ to a since the txt file cannot be saved in the metadata folder.
                I see, so when you run the dsquery you get "\\" in the DN of the groups?


                Originally posted by freaks126 View Post
                cls
                $PathFile = Split-Path -parent $MyInvocation.MyCommand.Definition
                $groups = Get-content $($PathFile+"\1_allgroups.txt")[/COLOR]
                [COLOR=#000000]foreach ($group in $groups) {
                write-host $group
                $ngroup = $group -replace "\\",""
                repadmin /showobjmeta SERVER.A.B$ngroup > "$PathFile\3_metadata\$ngroup.txt"
                }
                Well it looks like this line might be your issue:
                Code:
                repadmin /showobjmeta SERVER.A.B$ngroup > "$PathFile\3_metadata\$ngroup.txt"
                Try changing it to:
                Code:
                repadmin /showobjmeta SERVER.A.B$group > "$PathFile\3_metadata\$ngroup.txt"
                Regards,
                Jeremy

                Network Consultant/Engineer
                Baltimore - Washington area and beyond
                www.gma-cpa.com

                Comment

                Working...
                X