How To Create Users and Login in Cisco Router Or Switch

How To:

This Guide will show you how to create a new user account on your Cisco Router\switch.
By doing this you can grant access to other administrators and monitor changes made on the device.


In order to make this work we need to follow two steps:
1.    Create a new account
2.    Configure the device (router or switch to authenticate  users from the local users db).

1.Create Users

Create a new user with the right privilege level.

Router# service password-encryption
Router(config)# username admin priv 15 pass password


Router(config)# line vty 0 5
Router(config)# login local

Router(config)# line con 0
Router(config)# login local

Router(config)# line aux 0
Router(config)# login local

Save configuration and try to log on.

You do not have sufficient privileges to delete OU, or this object is protected from accidental deletion

Windows Server 2008 has a new feature to protect OU from accidental deletion.

if you try to delete an OU which was marked with the special protection option you will get the following error message when trying to delete the object:

“You do not have sufficient privileges to delete OUNAME, or this object is protected from accidental deletion”


In order to disable the object protection and delete the object we need to follow the steps below:

enable Advanced Features in Active Directory Users and Computers (go to view and tick advanced feature)

Then Right click on the Object and go to the security tab.

Un tick the explicit Deny permission set for Everyone.

Delete object


How To Setup Banner display On A Cisco Router \ Switch

How To:
On Cisco Routers and Switches we have the option to set up a banner display when people log in to the device.

To setup welcome banner on a cisco device we need to use the banner command:

Banner Command:

switch(config)#banner ?
LINE            c banner-text c, where ‘c’ is a delimiting character
config-save     Set message for saving configuration
exec            Set EXEC process creation banner
incoming        Set incoming terminal line banner
login           Set login banner
motd            Set Message of the Day banner
prompt-timeout  Set Message for login authentication timeout
slip-ppp        Set Message for SLIP/PPP

Example on how to set up a login banner:

switch#config t
Enter configuration commands, one per line.  End with CNTL/Z.
VSW2(config)#banner login Z ########### MY SWITCH ########## Z

Connect To A Remote Server Console When All Session Are Used

Sometimes when a few administrators logs on the the same server the server is maxed out all sessions.

When this happens we need to log off the idle sessions, however we can also just connect to the server console session and log of the inactive sessions.

to do so, go to start -> Run and type the following command:
MSTSC /v:MyServer /f /console

How To Set Group Policy To log Off Remote Desktop Session

In order to make the servers log of idle RDP session automaticity using group policy we need edit the group policy that the servers are using.

Under the Local Computer Policy\Computer Configuration\Administrative Templates\Windows Components\Terminal Services\Sessions folder, the following settings can be made:

• Set time limit for disconnected sessions
• Set time limit for active sessions
• Set time limit for idle sessions
• Terminate session when time limits are reached

Once you edit the settings refresh the group policy, using the following command:
Gpupdate /force

Check and Auto Refresh Exchange Server Mail Queue Using Exchange Shell

Ever since I started using Exchange Shell I wanted to write a script that check the Exchange server mail queue using Exchange shell and auto refresh theresult

So today I manged to get it done.

All you need to do is run it from your PC.

Save the script as .ps1 and change the server name to your Exchange server.

You can change the sleep time if you like.
$i =1
while ($i -le 2)  {Get-Queue -Server SERVER_NAME | ft;
sleep 4 ;
write-output “————”
write-output “Microsoft Exchange Server Email queue”
write-output “————”
Write-Host `n


How To Assign Mailbox Permission In Exchange 2007 Using The Shell

In order to grant a user read access permission to other user mailbox we need to use the:

Add-mailboxpermission cmdlet in Exchange 2007 Shell

In this example I’ll give User A, a read access permission to User B mailbox.

[PS] C:\>Add-MailboxPermission -Identity “UserA” -AccessRights

readpermission –user “UserB”

We can also assign the following permission with the –AccessRight :

-AccessRights <MailboxRights[]>

* FullAccess

* SendAs

* ExternalAccount

* DeleteItem

* ReadPermission

* ChangePermission

* ChangeOwner

Microsoft PowerShell Command Guide – Part 1

As PowerShell become more and more important tool in our day to day administration I have put up most of the basic commands that are being used by administrators and engineers.

Part 1 will give cover the basic commands and what they are doing.

Part 1


Cmdlets – command built into PowerShell

Get command – this command show us information about an item

Set command – this is the modifying command

; – semicolon commands

>> – append to existing file

Alias – create shortcut to a command

Basic Commands

Cd – open dir

Dir – show working directory

Md – make \ create a directory

Pwd – show path

Rmdir – remove directory

Mkdir – create directory

Display command




Get – command

Get-process – show running process

Get-process processname – check specific process name

Get-process name* – will search for a process start with the name

Stop-process -id number – stop a process

Whatif – tell you what heppan before you run a cmdlet

Sample Stop-process -id number – whatif – stop a process

-confirm – ask for conformation before executing a command

Get-help – help command

Get-eventlog – show event log

Samples and Commands

Ipconfig \all > ipconfig.txt – Pipe result to text file

Notepad ipconfig.text – Launch file to screen

Piping a few commands

ipconfig /all > test.txt ; route print >> test.txt

Help Commands

Get-help get-help – help command

Get-help get* – will show all the get commands

Get-help set* – will show all the set commands

Get-help * – show all commands

Get-help get-psdrive –example – show you the syntax

Get-commands – display all the get commands


Get-alias – show all alias in use

Set-alias – create an alias

Get-alias |sort – sort all alias names

Set Alias

Set-alias gh get-help – set gh as an alias to get-help

How To Set Session Timeout On A Cisco Router

Setting the session timeout parameter in a cisco router or switch is an easy task that will make your day to day work easy.

How to set the session timeout:

log on to the router and type:

router#configure t

router(config)#line vty 0 4

router(config-line)#session-timeout 10       —- 10 is the amount of minutes we want to configure before timeout.

router(config-line)#exec-timeout 0                    — this is when we log in exec mode ( 0 is never)

router(config-line)#end                                      –  exit the config line mode

router#copy run start

router#copy run start

Create New User \ Mailbox Script Using Exchange 2007 Shell

With Exchange 2007 we have the option to manage our Exchange Server using the Exchage Managment shell which done using commands (cmdlts).

This script is for creating a single user mailbox and an AD user using the shell.

The script called newuser.ps1

Just copy and save the file as newuser.ps1 and don’t forget to change the server and OU details.

$UPN=Read-Host “upn”                 -System.String
$Alias=Read-Host “Alias”              -asPlainText
$Name=Read-Host “Enter Name”   -asPlainText
$Password=Read-Host “Enter Password” -AsSecureString

new-mailbox -userPrincipalName $upn -alias $alias -name $name  -database “exchange server name\Mailbox Database name”  -OrganizationalUnit ‘yourdomain/your_ou_name’ -Password $Password


The script will ask you to provide a password,Alias,name and UPN (the email address).