Useful Applications For IT Administration

Like everything else in the world of IT all admins will have their preferences and what works for some will not always work for others. I’ve played around with a number of different tools for various uses and have compiled a short list on both the Windows and Mac platforms that I’ve found to be helpful. I’ll list them below and provide a brief description of the tool and what I use it for. I’d also love to see what tools you’re using as well, feel free to comment below with your own helpful tools. This is in no way comprehensive, just at top 5 favorite tools


Windows IT Tools

1. mRemoteNG

mRemoteNG is a fantastic combination RDP/SSH client that allows you to RDP and SSH into multiple boxes using saved presets and tabs for each. A few gotchas with this application are that to add SSH entries, you will first need to save them in Putty, as the program retrieves the list of saved SSH servers from the registry keys. For RDP you have plenty of options to choose whether or not to forward the keyboard shortcuts and the clipboard to the remote machine. Additionally if you move around between multiple machines you can save you mRemoteNG configuration file to a file share or cloud service like OneDrive for Business.

2. Putty/Puttygen/Pageant

By now this tool is sort of a default go to tool for most admins. Putty is well known for being a great SSH and telnet client, however it does have some other helpful features. Among these features if the ability to do port tunneling, allowing you to connect to a server over SSH and redirect a local port such as 9090 to the remote machine’s port 80. Puttygen is a tool used to generate SSH keypairs on Windows either from scratch or converting a Linux/Mac generated keypair into a .ppk private key for use with Pageant. Pageant is a tool that allows you to load one or more private SSH keys so that you can login to remote servers over SSH using private/public key pairs. One of the lesser discussed facts regarding Putty is that you can export a list of your saved servers and import it into another machine. This can be done by opening the registry editor and searching for the SimonTatham key or by going to HKCU>Software>SimonTatham and exporting this entire key. To add it to a new machine simply copy the registry file and double click to merge the key. I haven’t tested this on a system that already has existing entries saved in Putty so use with caution.

3. cPutty

If you’ve ever had the wonderful task of applying updates on a ton of Linux boxes, this process is enough to make you want to shoot yourself or create a cron job to update weekly and live with the consequences. A better solution is to download cPutty, which can be acquired from GitHub. This application when double clicked appears to do nothing, but it actuallly allows you to open multiple putty sessions and press ctrl+alt+insert to link your keyboard input to all open SSH windows so that you can type the same command simultaneously into all of them.

4. Exchange Reports

While the built in tools for Exchange message tracking work reasonably well, this application adds additional functionality allowing you to export csv files of the message tracking results. The application currently works with all modern releases of on prem Exchange and is supposed to support Office 365 as well.

5. Sublime Text

While I’ve been a long time user of Notepadd++ and still use it for comparing diffs, I have really come to enjoy using Sublime Text as my go to application for writing scripts (with the exception of Powershell in which case Powershell ISE is hard to beat). Sublime text has options to enable highlighting based on code type, which is akin to using vim. Also when creating a ( or { character, the trailing character is also created one character ahead of the cursor. This is fantastic for people like myself who have often been guilty of forgetting to close a ) or } especially in situations where these are nested. The Ruby setting for highlighting also works fantastically for writing Puppet manifests and has been a real favorite of mine. This is technically a paid application but does work uncrippled with occasional nag messages to purchase.


1. Microsoft Remote Desktop

While there are a number of RDP clients for Mac (2 from Microsoft even!) the newer Microsoft RDP client available in the Apple app store is fantastic. While I generally prefer applications like RDC Manager and mRemoteNG on Windows, I’ve had no such luck finding a client of that nature for Mac. However the MS RDP client opens full screen, allows you to save presets and RDP into multiple boxes at once. You can also toggle between your Mac and the other boxes using ctrl + arrow key left/right. This functionality is simple and easy to use and offers substantial improvements of the RDP client included with the MS Office suite for Mac.


2. Tmux

tmux is an excellent application for multiplexing the terminal. Much like the PC counterpart cPutty or the Linux Cluster SSH, you can simultaneously enter standard input into multiple terminal at once. This tool is incredibly useful in saving time when performing the same task across many remote servers.

3. Sublime Text

Sublime text as described earlier is a fantastic text editor, especially for code and scripting. Some of the awesome features aside from code highlighting is that on the right hand side of the page there’s a full length preview of the document. This functionality works nicely with long scripts or lengthy configuration files. Just as for PC, this application is technically a paid application but it does work uncrippled with occasional nags to purchase

4. iTerm

iTerm is what I refer to as terminal on steroids. This application builds on the basic functions of the built in terminal. Among its features are the ability to recall previous clipboard items, use multiple tabs, and the ability to support bookmarks and profiles. All of the features you always wanted and never had in terminal all pretty well covered in this application.

5. Homebrew

Homebrew is an application for Mac that allows you to install packages from repositories using brew install. Many Linux applications traditionally not available on Mac are available using Homebrew. contains a list of a many of the applications that can be installed using brew.


Well, that’s my short list, there are certainly many more applications. I’d love to hear what some of your favorites are. Particularly if you’ve found something better than MySQL workbench on Mac.

Practical Powershell Part 2 of 2

It has been almost a month since the first installment of practical powershell. It’s been an incredibly busy month of finishing my Linux + and LPIC 1 certifications. Now that those are all out of the way it’s time to get back to blogging! For this post I’ll cover several powershell topics that range from the everyday to the not so everyday including adding MAC addresses to DHCP allow lists on DHCP servers configured using the integrated DHCP failover architecture in Server 2012 and later, Adding DNS records, Backing up GPOs, and pulling some important info from Exchange 2010 such as Mailbox size listing and listing whether or not distribution lists are hidden from the global address list.


DHCP Whitelisting

While you can manually log into your DHCP server, open the MMC and add the second DHCP server into the MMC, this results in redundant data entry and can be prone to human error. As illustrated in the previous post we will again use the invoke-command and -scriptblock cmdlets to accomplish this task. For the same of demonstration we will refer to the DHCP servers and Server1 and Server 2. Below is an example Powershell one-liner to add this:

Invoke-Command -Computername Server1,Server2 -ScriptBlock {Add-DhcpServerv4Filter -List Allow -MacAddress 00-00-00-00-00-00 

Note that the MAC address must be written in a hyphen separated format, if you attempt to enter this with colons it will fail. Additionally if you wish to keep your DHCP allow list organized you can optionally add a description (personally I use the computer’s hostname) by adding -Description “somehostname” at the end of the above Powershell statement.


Adding DNS Records

While not exactly a common everyday scenario, you may find yourself in a place where you need to rapidly create numerous DNS records, perhaps this is for a new zone or you are rolling out a series of servers that will need to be added to DNS. While it is arguably easier to use the dnsmgmt.msc GUI tools, Powershell wins if you decide to script this out. The  basic powershell cmdlet for all DNS records is Add-DnsServerResourceRecord(A,CNAME,MX,etc). This most common usage will be A records since these are often the most common record types entered into DNS. The below example shows the creation of an A record for a server named DAL-MEM27 in the zone named

Add-DnsServerResourceRecordA -Name “DAL-MEM27” -ZoneName “” -AllowUpdateAny -IPv4Address “” -TimeToLive 01:00:00

Additional resource record types can be created in powershell as well. For more information on this, refer to any of the Microsoft technet articles associated with the topic.


Backing up GPOs

Let’s face it, if you’ve been a Windows administrator in an environment with more than 10 client machines, you’re inevitably using group policy to some extent. Whether it’s a handful of IE settings, mapping network drivers, running scripts, installing software, etc, your group policies have take some time, thought, and finessing. Whether it’s to protect yourself from accidental changes or deletions or GPOs or part of your DR strategy, it’s a good idea to periodically take backups of your GPOs. The first way I will illustrate below is taking a backup of all GPOs and dumping them on a share via UNC path or by referencing a local destination. If you want to automate this process, you could turn this into a powershell script and leverage task scheduler to run this backup periodically for you.

Backup-Gpo -All -Path \Fileservermygpobackups -Comment “Scheduled GPO Backup”

If you’re interested in backing up a single GPO, this can be done one either by explicitly calling the GPO by its name or by referencing it’s GUID. To find the GUID of the GPO in question, you can go to \domain.localsysvolpolicies to view the GPOs in their folder titles by the GUID name. In the example below we’ll look at backing up the GPO by GUID to a local location, followed by an example of backing up a GPO by name to file share.

Backup-Gpo -GUID yourguidhere -Domain “” -Server DC-01 -Path C:BackupRepoGPOBackup

Backup-Gpo -Name DriveMapScript -Path \Fileserverdrivemapscriptgpobackup 

To restore your backed up GPOs, you can either import them or use the Restore-GPO or Import-GPO cmdlets.


Exchange Mailbox Size Report

For the past year and half I have worked for an organization that has ridiculously large volumes of email. This has lead to the need to audit mailbox sizes about once per quarter to identify mailboxes with extreme space usage to see if we can reduce some space either through archival or deletion of mail. The below Powershell cmldet needs to be run on the Exchange Shell (please note I have only used this in Exchange 2010 but it should also work for Exchange 2013):

Get-Mailbox | Get-MailboxStatistics | Sort-Object TotalItemSize -descending | ft displayname,totalitemsize | Export-Csv -Path C:MailboxSizeAudit.csv

If you don’t want a CSV file to be created you an simply leave off the final pipe and everything after it.


Exchange Distribution List Hidden From GAL True/False

In many organizations, it’s commonplace to create distribution lists for former employees and direct their mail to a supervisor and possibly anyone else who will be taking on that individuals work. However most of the time we don’t want these ex-employees cluttering up the global address list. However auditing whether or not the option to hide from exchange address book is checked or not for each distribution list is a very tedious manual process involving a great deal of clicking, cursing, and drinking coffee. Another common attribute in my environment is to ensure the require sender authentication option is disabled for ex-employee distrubtion lists. However we do want this enabled or large internal DLs to prevent spam. This simple Powershell command string below will export a CSV list that you can import into Excel and filter using table formatting to quickly and effectively audit your distribution lists and associated attributes.

Get-DistributionGroup -ID “*” | Select Name,OrganizationalUnit,HiddenFromAddressListEnabled,RequireSenderAuthenticationEnabled | Export-Csv -Path C:ReportsDL_Hidden_Status.csv


I’m sure this will not be the last Powershell blog post, as Powershell is a topic near and dear to my heart. Thanks for sticking with me through my almost month long absence from blogging. I look forward to dedicating more time to more frequent blogging.

Practical Powershell Part 1 of 2

I began my journey with Powershell rather causally as an easy way to kill out of control processes on Windows systems. When I began my journey towards MCSA certification for Windows Server 2012 R2, I dove deep into the world of Powershell and really began to understand the full range of possibilities. Being that Powershell is a topic near and dear to my heart, there will be far too much to cram into one lengthy blog post, rather this will be the beginning of a short series on practical Powershell for everyday. Powershell is written in verb-noun structured statements and takes a variety of flags, allows for piping into other commands, and has the ability to output a variety of different files.


Using Powershell to Manage Processes and Services

I think every Windows admin has found themselves in the position of dealing with a process or service that has hung and just won’t stop, even when killed from task manager. To be completely honest now that I’ve started using Powershell heavily, I hardly ever kill processes in task manager, as I’ve found Powershell to be more efficient and direct.

To list processes use the get-process or gps command. This will all processes on the system whether they are running or not. Similarly the get-service command will list all services. If you are trying to list a specific service such as VSS you can use get-service VSS. If you are interested in seeing only the services or processes that are running, you can pipe the get statement into a where object statement such as get-service | where-object status -eq running. To kill a running service (such as the Spooler in this example) use the syntax stop-service spooler, please note you will need have launched Powershell as administrator or you may get a permissions error. The same method can be used to Stop-Process, or you can use the shortened version (to kill Firefox in this example) with the following syntax ps firefox | kill.


Using Powershell to Install Windows Features

With the growing popularity of Windows Server Core installations, it can be handy to know how to install and manager Windows server Roles and Features through Powershell. This becomes particularly advantageous if you are working with clustering where you need to install multiple roles or features across multiple servers. The syntax to view all roles and features is Get-WindowsFeature. To view only features that installed on a system you can use Get-WindowFeature | where-object InstallState -eq Installed. To install a role or feature use the Install-WindowsFeature featurename command. You can also include the -IncludeAllSubFeature and or -IncludeManagementTools flags to install additional options. If you need to install the same feature on multiple servers you can string these together using the Invoke-Command functions, see the example below where we are installing Active Directory Domain Services on DC1 and DC2:

Invoke-Command -ComputerName DC1,DC2 -ScriptBlock {Install-WindowsFeature AD-Domain-Services -IncludeManagementTools}

Common Active Directory Tasks

If you administer a domain with account lockout policies, you will no doubt run across cases where users will lock themselves our of their accounts. A simple query will tell you if there are any accounts locked out and if so which ones using the syntax Search-ADAccount -LockedOut. Once you’ve identified the accounts that are locked out you can unlock them by using Unlock-ADAccount username or you can simply hit the up arrow and pipe the unlock statement to the original query ex: Search-ADAccount -LockedOut | Unlock-ADAccount.

You can also use Powershell to add users into groups. I find that for most practical cases ADUC or ADAC works sufficiently for this task, however if you’re doing this remotely on a touchscreen device like a smartphone it can be difficult to navigate either of these tools. Instead I leave a Powershell window open on one of my DCs all the time so that I can handle these requests on the go. The syntax is as follows Add-ADGroupMember -Identity nameofadgroup -members username1,username2. Where this method becomes extremely useful is when batch adding users through scripting.

Similarly if you ever get requests to pull reports regarding the membership of a specific group, Powershell makes quick and easy work out of this. You can use the following quick one liner Get-ADGroupMember -Identity groupname | ft Name | Out-File -FIlePath C:GroupNameMembers.txt

Moving FMSO Roles

If you’ve ever had the pleasant task of having to migrate FSMO roles from one DC to another or worse yet seizing FSMO roles from a failed DC, you understand the fun of having to use multiple different GUI tools to accomplish this task. Powershell makes this task a lot easier using the Move-ADDirectoryServerOperationMasterRole -Identity DCtohostrole -OperationMasterRole FSMONameorNumber. If you are seizing the role from a failed DC use the -Force flag at the end of the line. Note that to move forest wide roles you should be a member of Enterprise Admins security group and to move the Schema Master you need to be part of the Schema Admins security group. Powershell also allows you to specify numbers instead of role names when moving a FSMO role. FSMO names and numbers are listed below:

PDCEmulator 0

RIDMaster      1

InfrastructureMaster 2

SchemaMaster 3

DomainNamingMaster 4

Restarting or Shutting Down Multiple Machines

The Stop-Computer cmdlet is used to shutdown, and the Restart-Computer cmdlet is used to reboot. If other users are logged in you may need to issue the -Force flag to reboot or shutdown anyways. Using the Invoke-Command statement we used earlier you can restart multiple servers or shut them down by leveraging this syntax. See the example below:

Invoke-Command -ComputerName Server1,Server2,Server3 -ScriptBlock {Restart-Computer -Force}

Thanks for reading, I hope you find Powershell to be as useful of a tool as I do. It’s quite powerful in its use for simple one liner commands, but becomes even more powerful as you start building out scripts leveraging Powershell’s ability to create variables and process some fairly complex scripting logic. In the next session we will cover some additional topics related to Powershell.