How to Empty the Active Directory Recycling Bin

One of the coolest new features in Server 2008 R2 and 2012 is the ability to recover deleted Active Directory objects. Your forest functional level must be at least 2008 R2 in order to activate this feature. Server 2008 R2 introduced the AD Administrative Center which provides a nice GUI to restore deleted objects after activated.  However, eventually one might want to permanently empty the contents of this recycling bin. There is no way to do this via the GUI. The following PowerShell line will do just that.

Get-ADObject -Filter 'isDeleted -eq $true -and Name -like "*DEL:*"' -IncludeDeletedObjects | Remove-ADObject -Confirm:$false

If you want to see what it is going to remove, only use the Get-ADObject section of the command prior to the pipe. Remove -Confirm:$false if you want to see and confirm each deletion individually. Only run this command in the form seen here if you are absolutely sure you want to empty the trash!

Advertisements

Apple Profile Manager – Mountain Lion Migration

Recently I had the pleasure of migrating an OSX Lion server to Mountain Lion.  It’s primary function was an MDM server for Apple devices.  Basically, the upgrade process involves upgrading to Mountain Lion followed by installing the updated Lion Server app.

Primarily, my interactions with the Apple Server have been for Profile Manager functionality.  In Lion, the Profile Manager utilized a PostgreSQL backend with a datastore located in /usr/share/devicemgr/backend/.  iOS applications and other push to device material were located in the ‘/backend/file_store/’ directory named as their MD5 checksum equivalent.  Logs for the devicemgr service were located in the ‘/backend/logs/’ directory.

In Mountain Lion Server, what used to be located in /usr/share/ is now packed into the Server Application itself.  For example, the same ‘/devicemgr/backend/’ is now located at ‘/Applications/Server.app/Contents/ServerRoot/backend/file_store/’.  The iOS applications and other push material are now located at ‘/var/devicemgr/ServiceData/Data/FileStore/’.

This knowledge is critical if you encounter an issue with the Profile Manager; there is not much info to go on if you have a problem.  In Lion, I had seen cases where the Profile Manager would for an unknown reason delete applications I was trying to push, causing managed devices to be unable to receive the application.

In the case of Mountain Lion Server, I encountered the following issue with devices post-upgrade when trying to upload an updated version of an application.

ProfileManager[217] <Error>: Caught unhandled exception undefined method `get_all_devices’ for nil:NilClass at …’

To me, this sounded like a nonexistent remnant of Lion was being referenced to.  To some people, this might sound like a good time to reset the Profile Manager with the wipeDB.sh script.  However, this would require you to rejoin all devices to the MDM.  In this case, there was only a single application which the MDM was being used to deploy, so I figured I would try clearing the Postgres tables containing the application information and see what happened.  After running the following commands, I was able to upload my application and push without the ‘undefined method’ error as show above.

sudo psql –U _postgres –d device_management
DELETE from public.ios_applications; SELECT setval('ios_applications_id_seq', 1); DELETE from ios_application_library_item_relations; SELECT setval('ios_application_library_item_relations_id_seq', 1);
/q
serveradmin stop devicemgr
serveradmin start devicemgr

VMware vSphere Client – Clear Recent Connections (RDP Also)

Today I figured out how to empty the recent connections for the VMware vSphere Client.  After a while, these begin to add up and I do not like having useless IP addresses and DNS names from experimental ESXi boxes appearing in my client when I attempt to log in.  I searched the registry for some no longer functional servers and I found some keys in HKCU which contained the recently connected hosts.  Below I have listed the two values inside PowerShell commands which can be used to delete them.

Remove-ItemProperty -Path ‘HKCU:\Software\VMware\Virtual Infrastructure Client\Preferences\UI\ClientsXml’ -Name * 
Remove-ItemProperty -Path ‘HKCU:\Software\VMware\VMware Infrastructure Client\Preferences’ -Name RecentConnections

Update – Remote Desktop Connections

I figure many people interested in clearing the vSphere Client may also be interested in clearing their Remote Desktop connections list.  To accomplish this, you would remove the file “Default.rdp” from the users Documents directory.  To accomplish this, utilize one of the following PowerShell or shell commands.

Remove-Item $Env:UserProfile\Documents\Default.rdp -Force
del %userprofile%\Documents\Default.rdp /A H