Monthly Archives: April 2013

Restore Domain Trust – No Reboot

Sometimes computers fall off the domain. Either you deleted a computer object (oops!) or you restored a VM snapshot in which you forgot to disable computer object password updates. Most domain rejoin methods require a machine reboot, but not this command:

netdom resetpwd /server:<domain_server> /userD:<user> /passwordD:*

Simply log off and then you can log on again with your domain account.

via ImplBits.com

Additionally, you can test the status of domain trust with this PowerShell commandlet:

Test-ComputerSecureChannel

via MCTExpert Blog

WSUS: Get Superceded Status of Updates

I create Windows Server images and like to ensure they are patched up to date, but in the most efficient way possible. One approach would be to install every patch ever released, but that might take forever. Instead, I only want to install the latest patches for anything, i.e. ones that have not been superseded. To that end, I put together the following PowerShell snippet to run through the list of patches I currently install (exported to a text file) and show me the ones that are superseded. This snippet targets Server 2008 R2 patches only at the moment, but can easily be tweaked for other platforms.

The interesting parts are connecting to and searching the WSUS server.

[Reflection.Assembly]::LoadWithPartialName(
                       "Microsoft.UpdateServices.Administration") | Out-Null
$wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::GetUpdateServer(
                       "mywsus.server.net", $false)

Get-Content .\patches.txt | % {
        $wsus.SearchUpdates($_) |
        Where {$_.legacyname -like '*2008R2*SP1-X64*'} |
        Select KnowledgebaseArticles, IsSuperseded
}

via Hey, Scripting Guys! Blog