Recently, I use gwmi win32_groupuser to find local PC adminstrator groups user
But in Network Packet capture, I found out that, it is going to use LDAP query DC, not only our DC, other trust domain also query?
Why???
↧
Query PC local Admin by win32_groupuser
↧
Set-ClusterStorageSpacesDirectDisk cmdlet
In PowerShell version 5.1.17763.1 the cmdlet Set-ClusterStorageSpacesDirectDisk parameter -PhysicalDiskIds changed to
-PhysicalDisk and -PhysicalDiskGuid
I'm trying to set -CanBeClaimed $false to specific disks, but the new parameters do not accept the physical disks IDs.
What are the required inputs for the new parameters? Thank you.
↧
↧
New-PSSession connection to compliance centre - Access is Denied
Hi,
I am attempting to connect to the Security & Compliance centre remotely. Last week this was working a lot of the time (optimistically >50% of the time), however, as of Monday (24th September) I am only getting errors - see below.
I have checked and eliminated the following as reason this isn't working:
- The username and password are 100% correct
- The account does not have MFA
- The account has the correct authorisation roles
I cannot use the Exchange Online PowerShell Module provided by Microsoft as this has to be done remotely.
A potential I may have identified is that the redirect isn't working or is being blocked, whether this is a Microsoft thing or an internal network thing I cannot be sure as I do not know what the ps.compliance.protection.outlook <g class="gr_ gr_46 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling ins-del multiReplace" data-gr-id="46" id="46">url</g> redirects to or how to connects to my domains centre.
So my Two Questions are:
- Has anyone ever come across this issue before and has a potential solution?
- What are the next steps in the connection process that occur in order to connect directly to my domain? i.e. URLs (generic) and/or ports?
Code used to connect
$session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.compliance.protection.outlook.com/powershell-liveid/ -Credential $cred -Authentication Basic -AllowRedirection
Error messge received:
New-PSSession : [ps.compliance.protection.outlook.com] Connecting to remote server ps.compliance.protection.outlook.com failed with the following error message : Access is denied. For more information, see the about_Remote_Troubleshooting Help topic. At line:31 char:16+ ... $session = New-PSSession -ConfigurationName Microsoft.Exchange -Conn ...+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotingTransportException+ FullyQualifiedErrorId : AccessDenied,PSSessionOpenFailed
↧
help: Import-Module ActiveDirectory from remote server share
So here's the rub: I don't want to enable constrained delegation on the target server (WS2012R2 with latest WMF/RSAT); I'm betting this is why I see errors about AD Web Services being unavailable when I actually import this module in a possession from client to this server.
What I WANT to do is simply load the ActiveDirectory module onto the client from a UNC share e.g. Import-Module -Name \\server\share\ActiveDirectory
Now...this will work on a client with RSAT tools installed, but on any client that does NOT have RSAT tools installed, I'm stuck with this error:
import-module : Could not load file or assembly
'file://\\server\share\ActiveDirectory\Microsoft.ActiveDirectory.Management' or one of its dependencies. The system
cannot find the file specified.
At line:1 char:1
+ import-module -Name \\server\share\ActiveDirectory\ActiveDirectory.psd ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [Import-Module], FileNotFoundException
+ FullyQualifiedErrorId : FormatXmlUpdateException,Microsoft.PowerShell.Commands.ImportModuleCommand
I'm assuming I could use Add-Type to similarly add the necessary file/assembly from a share, but I've had no luck figuring out exactly how to do so.
born to learn!
↧
Error in power shell
I am new to power shell, trying to follow some steps to replace rdp ssl certificate in Windows server 2012 and when running below command i get an error
Command being run is
$TSGeneralSetting = Get-WmiObject -class “Win32_TSGeneralSetting” -Namespace root\cimv2\terminalservices -Filter “TerminalName=’RDP-tcp'”)
Error obtained
at line:1 char:138
+... Name='RDP-tcp'")
+ ~
Unexpected token ')' in expression or statement.
+ CategoryInfo : ParserError:(:)[], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : UnexpectedToken error in powershell
What could be the cause?
↧
↧
Get-Aduser -filter not pulling the information I need
this is the script that I am using:
Get-Aduser -Filter * -Properties *|select name,SamAccountName,PasswordExpired,PasswordLastSet,LastLogonDate,Enabled,memberOf,employeeID,DisplayName,GivenName,SurName|export-csv C:\Users\dkapsner\Desktop\AD\output.csv
It is pulling all the information that I need except for the memberof. This property is just giving me the generic Microsoft.ActiveDirectory.Management.ADPropertyValueCollection for all users. I need it to list the groups that each user is a member of.
↧
Delete everything within a specific directory
I am somewhat ashamed to even be asking this. but I need some help.
If I start Windows Powershell and type the following it works. Note, the asterisk is within the quotes.
remove-item "$env:userprofile\appdata\local\test with Space\*" -recurse
However the same from a command prompt does not work. I have tried with the asterisk within the quote as well as without.Also tried with %userprofile%. Depending on the location of the asterisk I get different errors. I believe the following is almost correct, but I am missing something.
powershell.exe -command remove-item "$env:userprofile\appdata\local\test with Space\*" -recurse
Remove-Item : A positional parameter cannot be found that accepts argument 'with'.
+ FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell Commands.RemoveItemCommand
Thank you
↧
How to sendkey win+alt+right/left or how to do a script that switches between virtual screens?ctrl
Hey I want to do a script that switches between 5 virtual screens every 30 seconds. The key combination for it is ctrl+win+right/left. I know that the windows key is ^{ESC} But how can i combine this with another ctrl?
This is my script so far and I am aware that my syntax after the SendKey command is bullshit but I tried a lot and this is my latest version.
$a = "a"
$b=3
while ($a="a")
{
$b++
$wshell = New-Object -ComObject wscript.shell;
$c = $b/4
if ($c -is [int])
{
$d = $c
}
if ($d % 2)
{
$wshell.SendKeys("^(^{ESC}{RIGHT}")
}
else
{
$wshell.SendKeys("^(^{ESC}){LEFT}")
}
Sleep 30
}↧
use of *
Hey All,
I have started learning powershell scripting.
I want to create script to link GPO to my OU in my domain. I Have multiple OUs with long name with unique last three digits for each OU.
like OU1 Name is ABC123, OU2 Name is BCE456, OU3 Name is ABC789 likewise multiple OUs are there which shares the same property as their last 3 digits are unique.
So is there any way so that i can link the GPO by entering only those unique numbers. Something like *123 will link to ABC123 Or *789 will link it to ABC789.
script is like this
$input = read-host
new-gpolink -name test -target "ou=$input,dc=test,dc=com"
Thank You... :)
↧
↧
convert .eml to .msg
I have 500000 .eml files that needs to be converted to .msg file and save in local folder.
I want to know if we have any powershell command to do so?
Or any other efficient method to achieve this??(C#)
PS: Dont want to use third party converters.
↧
Powershell list logged in users and machines
Hi
from a list of machines inside of c:\scripts\VNCMachines.txt I am trying to generate an output of users currently logged on to these machines. The script generates this ok on screen , but i need to pipe into to a text file.
In this case the output needs to show both the user and to the right of it the machine name.
Any help with this would be most appreciated. I hope this makes sense
foreach ($Machine in $MachineList){
If (Test-Connection -ComputerName $Machine -Quiet -Count 1)
{
@(Get-WmiObject -ComputerName $Machine -Namespace root\cimv2 -Class Win32_ComputerSystem)[0].UserName;
}
}
↧
Add-ODBCDsn Remote Procedure Call Error
Hello,
I am trying to add a system dsn with the Add-ODBCDsn cmdlet. I am using the following script.
Add-OdbcDsn -Name "CellNoteData" -DriverName "Microsoft Access Driver (*.mdb, *.accdb)" -DsnType "System" -Platform "64-bit" -SetPropertyValue 'Dbq=C:\Users\micha\Desktop\Notes.accdb','Description=Basic Notes'
The script creates the DSN and I can see it in the ODBC Administrator. So everything seems to work except that I get the following error. I'd like things better if the DSN were created without the error. Can anyone offer a suggestion?
Add-OdbcDsn : The remote procedure call failed.At E:\imp\Ulta\NHToolkit\Admin\System\PowerShell\Make-DSN.ps1:4 char:1
+ Add-OdbcDsn -Name "CellNoteData" -DriverName "Microsoft Access Driver ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (MSFT_OdbcDsnTask:Root/Microsoft/...SFT_OdbcDsnTask) [Add-OdbcDsn], CimException
+ FullyQualifiedErrorId : HRESULT 0x800706be,Add-OdbcDsn
↧
Issue with Do until loop
I have used the below selection based script. If I type Q its returning & if I type anything else apart from 1,2,3 it will display 'wrong output'. But if I type 1 it moves to next stage but displays 'wrong input'.
My question is why the script is displaying 'wrong input' when my selection is 1?
cls
do
{
Write-Host "================ LIST ================"
Write-Host "Press 1 for A"
Write-Host "Press 2 for B"
Write-Host "Press 3 for C"
Write-Host "Press 'Q' to quit."
$selection = Read-Host "Please make a selection"
if ($selection -eq 'q') {return}
elseif ($selection -ne 1 -or $selection -ne 2 -or $selection -ne 3) { 'wrong input'}
}
until ($selection -eq 1 -or $selection -eq 2 -or $selection -eq 3)
Write-Host "================ List 2 ================"
Write-Host "Press 1 for ABC "
Write-Host "Press 2 for PQR"
Write-Host "Press 3 for XYZ"
SCRIPT OUTPUT:
================ LIST ================Press 1 for A
Press 2 for B
Press 3 for C
Press 'Q' to quit.
Please make a selection: 4
wrong input
================ LIST ================
Press 1 for A
Press 2 for B
Press 3 for C
Press 'Q' to quit.
Please make a selection: 1
wrong input
================ List 2 ================
Press 1 for ABC
Press 2 for PQR
Press 3 for XYZ
↧
↧
How to reset the Job Id ?
I have an infinite loop background code.
So Job Id is increase infinitely.
How to reset the Job Id?
**Code is delete all jobs that status is completed
↧
Script to get the disk usage and memory from a list of servers
I have a list of servers in a text file. I want a script to fetch the memory and the full disk space and free disk space and the percentage free space of the drives on these servers in a csv file.
↧
notification script
Hello everyone, I have a script which notificate users about their passwords, we need change some words in text which users recieve , we need some words will be red and highlight, how can I do this?
System administrator
↧
powershell script
I heve a script, How Can I change date in script I need user recieve notification in this format day/month/year/ but users recieve in this format month/day/year date in server change as I need but it not work:
#
PSPwdExpires.ps1
# PowerShell script to find all user accounts where the password
# is about to expire in a specified number of days.
#
# ----------------------------------------------------------------------
# Copyright (c) 2011 Richard L. Mueller
# Hilltop Lab web site - http://www.rlmueller.net
# Version 1.0 - March 23, 2011
# Version 1.1 - April 6, 2011 - Added email function.
#
# This program assumes there is one password policy for the domain. The
# program finds all users whose password will expire in the specified
# period.
#
# You have a royalty-free right to use, modify, reproduce, and
# distribute this script file in any way you find useful, provided that
# you agree that the copyright owner above has no warranty, obligations,
# or liability for such use.
Trap {"Error: $_"; Break;}
# Specify number of days. Any users whose passwords expire within
# this many days after today will be processed.
$intDays = 1
$intDays = 3
$intDays = 5
# Email settings.
$Script:From = "notifications@x.com"
$Script:Subject = "Password Expiration Notice"
$Server = "192.168.x.x"
$Port = 25
$Client = New-Object System.Net.Mail.SmtpClient $Server, $Port
# You may need to provide credentials.
$Client.Credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials
Function SendEmail($To, $Body)
{
$Message = New-Object System.Net.Mail.MailMessage `
$Script:From, $To, $Script:Subject, $Body
$Client.Send($Message)
}
# Retrieve Domain maximum password age policy, in days.
$D = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
$Domain = [ADSI]"LDAP://$D"
$MPA = $Domain.maxPwdAge.Value
# Convert to Int64 ticks (100-nanosecond intervals).
$lngMaxPwdAge = $Domain.ConvertLargeIntegerToInt64($MPA)
# Convert to days.
$MaxPwdAge = -$lngMaxPwdAge/(600000000 * 1440)
# Determine the password last changed date such that the password
# would just now be expired. We will not process any users whose
# password has already expired.
$Now = Get-Date
$Date1 = $Now.AddDays(-$MaxPwdAge)
# Determine the password last changed date such the password
# will expire $intDays in the future.
$Date2 = $Now.AddDays($intDays - $MaxPwdAge)
# Convert from PowerShell ticks to Active Directory ticks.
$64Bit1 = $Date1.Ticks - 504911232000000000
$64Bit2 = $Date2.Ticks - 504911232000000000
$Searcher = New-Object System.DirectoryServices.DirectorySearcher
$Searcher.PageSize = 200
$Searcher.SearchScope = "subtree"
# Filter on user objects where the password expires between the
# dates specified, the account is not disabled, password never
# expires is not set, password not required is not set.
# and password cannot change is not set.
$Searcher.Filter = "(&(objectCategory=person)(objectClass=user)" `
+ "(pwdLastSet>=" + $($64Bit1) + ")" `
+ "(pwdLastSet<=" + $($64Bit2) + ")" `
+ "(!userAccountControl:1.2.840.113556.1.4.803:=2)" `
+ "(!userAccountControl:1.2.840.113556.1.4.803:=65536)" `
+ "(!userAccountControl:1.2.840.113556.1.4.803:=32)" `
+ "(!userAccountControl:1.2.840.113556.1.4.803:=48))"
$Searcher.PropertiesToLoad.Add("sAMAccountName") > $Null
$Searcher.PropertiesToLoad.Add("DisplayName") > $Null
$Searcher.PropertiesToLoad.Add("pwdLastSet") > $Null
$Searcher.PropertiesToLoad.Add("mail") > $Null
$Searcher.PropertiesToLoad.Add("proxyAddresses") > $Null
$Searcher.SearchRoot = "LDAP://" + $Domain.distinguishedName
$Results = $Searcher.FindAll()
ForEach ($Result In $Results)
{
$Name = $Result.Properties.Item("sAMAccountName")
$DisplayName = $Result.Properties.Item("DisplayName")
$PLS = $Result.Properties.Item("pwdLastSet")
$Mail = $Result.Properties.Item("mail")
$Addresses = $Result.Properties.Item("proxyAddresses")
If ($PLS.Count -eq 0)
{
$Date = [DateTime]0
}
Else
{
# Interpret 64-bit integer as a date.
$Date = [DateTime]$PLS.Item(0)
}
# Convert from .NET ticks to Active Directory Integer8 ticks.
# Also, convert from UTC to local time.
$PwdLastSet = $Date.AddYears(1600).ToLocalTime()
# Determine when password expires.
$PwdExpires = $PwdLastSet.AddDays($MaxPwdAge)
# Determine email address.
If ("$Mail" -eq "")
{
ForEach ($Address In $Addresses)
{
$Prefix = $Address.SubString(0, 5)
If (($Prefix -ceq "SMTP:") -or ($Prefix -ceq "X400:"))
{
$Mail = $Address.SubString(5)
Break
}
}
}
If ("$Mail" -ne "")
{
$Notice = " Hello $DisplayName,
xxxxxxxxxxxxxxxxxxxxxxxxx $Name sssssssssssssssss $PwdExpires. "
SendEmail $Mail $Notice
"Email sent to $Name ($Mail), password expires $PwdExpires"
}
Else
{
"$Name has no email, but password expires $PwdExpires"
"DN: $DN"
}
}
System administrator
↧
↧
Install-WUUpdates but where is the help?
Ok so since 1709 there are some WindowsUpdate related cmdlets, but no documentation!?
Has anyone insight to this cmdlets or can provide help?
updating the help results in :
PS C:\WINDOWS\system32> Update-Help -Module WindowsUpdateProvider
Update-Help : Failed to update Help for the module(s) 'WindowsUpdateProvider' with UI culture(s) {en-US} : Unable to retrieve the HelpInfo XML file for UI culture
en-US. Make sure the HelpInfoUri property in the module manifest is valid or check your network connection and then try the command again.
At line:1 char:1
+ Update-Help -Module WindowsUpdateProvider
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ResourceUnavailable: (:) [Update-Help], Exception
+ FullyQualifiedErrorId : UnableToRetrieveHelpInfoXml,Microsoft.PowerShell.Commands.UpdateHelpCommand
↧
Request for a script to find SQL directory paths in and folder sizes
I'd like a script to search some specific SQL servers names beginning with dev* and pro* to find out which directories are in use for their tempdb and transaction logs and then tell me the folders sizes (MB) and for the results to be output to a csv?
Is anyone able to help with this?
Thanks
P
↧
Replace a line by finding a word
Hi,
I have a (easy) problem but not able to solve it. I create a New-PSSessionConfigurationFile with parameters but i'd like to replace a line because when I do the command as-is, it doesn't use the correct syntax. Look by yourself:
My command is :
New-PSSessionConfigurationFile -Path $FilePath -SessionType RestrictedRemoteServer -TranscriptDirectory 'C:\Transcript\' -RunAsVirtualAccount -Full
It generates a file but I want to change the line :
# VisibleCmdlets = 'Invoke-Cmdlet1', @{ Name = 'Invoke-Cmdlet2'; Parameters = @{ Name = 'Parameter1'; ValidateSet = 'Item1', 'Item2' }, @{ Name = 'Parameter2'; ValidatePattern = 'L*' } }by
"VisibleCmdlets=@{Name ='Restart-Computer'; Parameters=@{Name='ComputerName'}, @{Name='Credential'}, @{Name='Force'}}"So I did :
(Get-content -FilePath $file).Replace((Select-String -Path $FilePath -Pattern '# VisibleCmdlets' -SimpleMatch),"VisibleCmdlets=@{Name ='Restart-Computer'; Parameters=@{Name='ComputerName'}, @{Name='Credential'}, @{Name='Force'}}")didn't work, so I try :
$content -replace "^# VisibleCmdlets", "VisibleCmdlets=@{Name ='Restart-Computer'; Parameters=@{Name='ComputerName'}, @{Name='Credential'}, @{Name='Force'}}"But the output is
VisibleCmdlets=@{Name ='Restart-Computer'; Parameters=@{Name='ComputerName'}, @{Name='Credential'}, @{Name='Force'}} = 'Invoke-Cmdlet1', @{ Name = 'Invoke-Cmdlet2'; Parameters = @{ Name = 'Parameter1'; ValidateSet = 'Item1', 'Item2' }, @{ Name = 'Parameter2'; ValidatePattern = 'L*' } }It adds to the content not replacing it.
Can you help me ?
The key of learning is practice.
↧