Powershell Archives

Automate set up of first Active Directory DC with powershell

In my lab, I often have the need to quickly set up various servers from scratch. One type of server is an Active Directory Domain Controller. So I slapped together a simple script to completely automate (light touch) the process of setting up a complete AD DC in a new forest. I also did the…

Get Network card driver version remotely

# Get Network card driver version remotely and only for a specific vendor

$cred = Get-Credential domain\user
Invoke-Command -Credential $cred -ScriptBlock {Get-WmiObject Win32_PnPSignedDriver -Filter "DeviceClass = 'NET'" | Where-Object devicename -Match qlogic | ft DeviceName,DriverVersion} -ComputerName computernamehere

#sample output:
#DeviceName                                          DriverVersion
#----------                                          -------------
#QLogic FastLinQ QL45412H 40GbE Adapter (VBD Client) 8.37.6.0
#QLogic FastLinQ QL45412H 40GbE Adapter (VBD Client) 8.37.6.0
#QLogic FastLinQ QL45412H 40GbE Adapter (VBD Client) 8.37.6.0
#QLogic FastLinQ QL45412H 40GbE Adapter (VBD Client) 8.37.6.0

# Get Network card driver version remotely and only for a specific vendor

$cred = Get-Credential domain\user

Invoke-Command -Credential $cred -ScriptBlock {Get-WmiObject Win32_PnPSignedDriver -Filter "DeviceClass = 'NET'" | Where-Object devicename -Match qlogic | ft DeviceName,DriverVersion} -ComputerName computernamehere

#sample output:

#DeviceName DriverVersion

#---------- -------------

#QLogic FastLinQ QL45412H 40GbE Adapter (VBD Client) 8.37.6.0

Share folder with PowerShell

<# 
.SYNOPSIS
    Create a folder, share it and set permissions for several users or groups 
.DESCRIPTION 
    Create a folder, share it and set permissions for several users or groups
.NOTES 
    File Name : Create-Share.ps1
    Author : Jan Ryen (jan@janryen.com) 
    Copyright 2019 - Jan Ryen #>

# Which directory do you want the shared folder to be created in
$pathname = "D:\Shares"

# What is the name of the folder to be created and shared
$foldername = "TestFolder"

# Set path to be used in Set-Acl
$fullpath = "$pathname\$foldername"

# Create folder
New-Item $fullpath –type directory

#Create share and share permissions
New-SmbShare -Name "$foldername" -Path $fullpath -CachingMode None -FullAccess "Everyone"

#remove NTFS ACL inheretance and leave inherited permissions in place
#icacls.exe $fullpath /inheritance:d
$acl = Get-Acl $fullpath
$acl.SetAccessRuleProtection($true,$true)
$acl | Set-Acl $fullpath

#Purge unwanted User Permissions
# usually a good idea to get rid of CREATOR OWNER and BUILTIN\Users
$acl = Get-Acl $fullpath
$usersid = New-Object System.Security.Principal.Ntaccount ("CREATOR OWNER")
$acl.PurgeAccessRules($usersid)
$acl | Set-Acl $fullpath

$acl = Get-Acl $fullpath
$usersid = New-Object System.Security.Principal.Ntaccount ("BUILTIN\Users")
$acl.PurgeAccessRules($usersid)
$acl | Set-Acl $fullpath

#Define inheretance
$InheritanceFlag = [System.Security.AccessControl.InheritanceFlags]::ContainerInherit -bor [System.Security.AccessControl.InheritanceFlags]::ObjectInherit
$PropagationFlag = [System.Security.AccessControl.PropagationFlags]::None
$acType = [System.Security.AccessControl.AccessControlType]::Allow 

#foreach
$fullControllUsers = "TEST\user1", "TEST\group1"
$modifyUsers = "TEST\group2", "TEST\group3", "TEST\group4"

foreach ($item in $fullControllUsers) {
    # add FullControl users
    $acl = Get-Acl $fullpath
    $AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($item,"FullControl", $InheritanceFlag, $PropagationFlag, $acType)
    $acl.SetAccessRule($AccessRule)
    $acl | Set-Acl $fullpath

}

foreach ($item in $modifyUsers) {
    # add Modify users
    $acl = Get-Acl $fullpath
    $AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($item, "Modify", $InheritanceFlag, $PropagationFlag, $acType)
    $acl.SetAccessRule($AccessRule)
    $acl | Set-Acl $fullpath

}

#check what we have now
Get-Acl $fullpath | Format-Table -Wrap

.SYNOPSIS

Create a folder, share it and set permissions for several users or groups

.DESCRIPTION

Create a folder, share it and set permissions for several users or groups

.NOTES

File Name : Create-Share.ps1

Author : Jan Ryen (jan@janryen.com)

# Which directory do you want the shared folder to be created in

$pathname = "D:\Shares"

# What is the name of the folder to be created and shared

$foldername = "TestFolder"

# Set path to be used in Set-Acl

$fullpath = "$pathname\$foldername"

# Create folder

New-Item $fullpath –type directory

#Create share and share permissions

New-SmbShare -Name "$foldername" -Path $fullpath -CachingMode None -FullAccess "Everyone"

#remove NTFS ACL inheretance and leave inherited permissions in place

#icacls.exe $fullpath /inheritance:d

$acl = Get-Acl $fullpath

$acl.SetAccessRuleProtection($true,$true)

$acl | Set-Acl $fullpath

#Purge unwanted User Permissions

# usually a good idea to get rid of CREATOR OWNER and BUILTIN\Users

$acl = Get-Acl $fullpath

$usersid = New-Object System.Security.Principal.Ntaccount ("CREATOR OWNER")

$acl.PurgeAccessRules($usersid)

$acl | Set-Acl $fullpath

$acl = Get-Acl $fullpath

$usersid = New-Object System.Security.Principal.Ntaccount ("BUILTIN\Users")

$acl.PurgeAccessRules($usersid)

$acl | Set-Acl $fullpath

#Define inheretance

$InheritanceFlag = [System.Security.AccessControl.InheritanceFlags]::ContainerInherit -bor [System.Security.AccessControl.InheritanceFlags]::ObjectInherit

$PropagationFlag = [System.Security.AccessControl.PropagationFlags]::None

$acType = [System.Security.AccessControl.AccessControlType]::Allow

#foreach

$fullControllUsers = "TEST\user1", "TEST\group1"

$modifyUsers = "TEST\group2", "TEST\group3", "TEST\group4"

foreach ($item in $fullControllUsers) {

# add FullControl users

$acl = Get-Acl $fullpath

$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($item,"FullControl", $InheritanceFlag, $PropagationFlag, $acType)

$acl.SetAccessRule($AccessRule)

$acl | Set-Acl $fullpath

}

foreach ($item in $modifyUsers) {

# add Modify users

$acl = Get-Acl $fullpath

$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($item, "Modify", $InheritanceFlag, $PropagationFlag, $acType)

$acl.SetAccessRule($AccessRule)

$acl | Set-Acl $fullpath

}

#check what we have now

Get-Acl $fullpath | Format-Table -Wrap

Start SCCM WSUS IIS pool with PowerShell

Some times the WSUS server on SCCM can stop. If the WSUSPool in IIS Application pools is stopped, WSUS will not function and SCCM will not update any clients. In anticipation of further troubleshooting, here is a workaround script to check the Application Pool and start it if it is not running. This script can…

Get Dell ambient temperature in powershell

# Ambient temperature for Dell servers with Server Administrator installed
$a = get-wmiobject cim_temperaturesensor -namespace root\cimv2\dell; $a.Name + ': ' + ("{0:##}" -f $a.CurrentReading).Substring(0, 2) + ',' + ("{0:##}" -f $a.CurrentReading).Substring(2,1)

1 2	# Ambient temperature for Dell servers with Server Administrator installed $a = get-wmiobject cim_temperaturesensor -namespace root\cimv2\dell; $a.Name + ': ' + ("{0:##}" -f $a.CurrentReading).Substring(0, 2) + ',' + ("{0:##}" -f $a.CurrentReading).Substring(2,1)

Fun tip about powershell. You can pipe to the clipboard

<#
Fun tip about powershell. You can pipe to the clipboard:
#>
Get-Help Get-Command | clip

#or

Get-Help about_Functions_Advanced_Parameters | clip


#

Fun tip about powershell. You can pipe to the clipboard:

Get-Help Get-Command | clip

#or

Get-Help about_Functions_Advanced_Parameters | clip

Get last logged on user with PowerShell


# Get last logged on user on local computer
$UserProperty = @{n="User";e={(New-Object System.Security.Principal.SecurityIdentifier $_.ReplacementStrings[1]).Translate([System.Security.Principal.NTAccount])}}
$TypeProperty = @{n="Action";e={if($_.EventID -eq 7001) {"Logon"} else {"Logoff"}}}
$TimeProperty = @{n="Time";e={$_.TimeGenerated}}
Get-EventLog System -Source Microsoft-Windows-Winlogon | select $UserProperty,$TypeProperty,$TimeProperty | select -First 1

# Get last 100 logged on user entries on local computer
$UserProperty = @{n="User";e={(New-Object System.Security.Principal.SecurityIdentifier $_.ReplacementStrings[1]).Translate([System.Security.Principal.NTAccount])}}
$TypeProperty = @{n="Action";e={if($_.EventID -eq 7001) {"Logon"} else {"Logoff"}}}
$TimeProperty = @{n="Time";e={$_.TimeGenerated}}
Get-EventLog System -Source Microsoft-Windows-Winlogon | select $UserProperty,$TypeProperty,$TimeProperty | select -First 100

# Get last logged on user on local computer

$UserProperty = @{n="User";e={(New-Object System.Security.Principal.SecurityIdentifier $_.ReplacementStrings[1]).Translate([System.Security.Principal.NTAccount])}}

$TypeProperty = @{n="Action";e={if($_.EventID -eq 7001) {"Logon"} else {"Logoff"}}}

$TimeProperty = @{n="Time";e={$_.TimeGenerated}}

Get-EventLog System -Source Microsoft-Windows-Winlogon | select $UserProperty,$TypeProperty,$TimeProperty | select -First 1

# Get last 100 logged on user entries on local computer

$UserProperty = @{n="User";e={(New-Object System.Security.Principal.SecurityIdentifier $_.ReplacementStrings[1]).Translate([System.Security.Principal.NTAccount])}}

$TypeProperty = @{n="Action";e={if($_.EventID -eq 7001) {"Logon"} else {"Logoff"}}}

$TimeProperty = @{n="Time";e={$_.TimeGenerated}}

Get-EventLog System -Source Microsoft-Windows-Winlogon | select $UserProperty,$TypeProperty,$TimeProperty | select -First 100

Find SMTP addresses using ActiveDirectory module in PowerShell

# On a DC, in Powershell:
#See all smtp addresses for specific AD User
Get-ADObject -Properties proxyAddresses -Filter {samaccountname -eq "ADUserSamAccountName"} | select -ExpandProperty proxyaddresses

#See all smtp addresses by searching for parts of an smtp address
Get-ADObject -Properties mail, proxyAddresses -Filter {mail -like "*portionOfMailAddress*"} | select -ExpandProperty proxyaddresses


# If you have RSAT ( which you should ) on your own PC:
#get the credetial of an administrative user
$cred = Get-Credential DOMAIN\User

# Import the Active Directory Module
Import-Module ActiveDirectory

#See all smtp addresses for specific AD User
Get-ADObject -Credential $cred -Properties proxyAddresses -Filter {samaccountname -eq "ADUserSamAccountName"} | select -ExpandProperty proxyaddresses

#See all smtp addresses by searching for parts of an smtp address
Get-ADObject -Credential $cred -Properties mail, proxyAddresses -Filter {mail -like "*portionOfMailAddress*"} | select -ExpandProperty proxyaddresses

# On a DC, in Powershell:

#See all smtp addresses for specific AD User

Get-ADObject -Properties proxyAddresses -Filter {samaccountname -eq "ADUserSamAccountName"} | select -ExpandProperty proxyaddresses

#See all smtp addresses by searching for parts of an smtp address

Get-ADObject -Properties mail, proxyAddresses -Filter {mail -like "*portionOfMailAddress*"} | select -ExpandProperty proxyaddresses

# If you have RSAT ( which you should ) on your own PC:

#get the credetial of an administrative user

$cred = Get-Credential DOMAIN\User

# Import the Active Directory Module

Import-Module ActiveDirectory

#See all smtp addresses for specific AD User

Get-ADObject -Credential $cred -Properties proxyAddresses -Filter {samaccountname -eq "ADUserSamAccountName"} | select -ExpandProperty proxyaddresses

#See all smtp addresses by searching for parts of an smtp address

Get-ADObject -Credential $cred -Properties mail, proxyAddresses -Filter {mail -like "*portionOfMailAddress*"} | select -ExpandProperty proxyaddresses

How to get server core to always start with powershell on login

::server core always start with powershell ::in cmd type:

powershell

1	powershell

#After entering powershell, type (or if lazy = ‘copy’ + ‘paste’)

Set-ItemProperty -Path ‘HKLM:SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon’ -Name Shell -Value PowerShell.exe

1	Set-ItemProperty -Path ‘HKLM:SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon’ -Name Shell -Value PowerShell.exe

Now you will automatically have powershell open as the shell at logon.

Enable remote desktop using Powershell

#
#Enable remote desktop
(Get-WmiObject -Class "Win32_TerminalServiceSetting" -Namespace root\cimv2\terminalservices).SetAllowTsConnections(1)
(Get-WmiObject -class "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'").SetUserAuthenticationRequired(1)

#Enable PSRemoting
Enable-PSRemoting -Force
Winrm quickconfig

#Set firewall rules 
Set-NetFirewallRule -DisplayName "Remote Desktop*" -enabled true


#

#Enable remote desktop

(Get-WmiObject -Class "Win32_TerminalServiceSetting" -Namespace root\cimv2\terminalservices).SetAllowTsConnections(1)

(Get-WmiObject -class "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'").SetUserAuthenticationRequired(1)

#Enable PSRemoting

Enable-PSRemoting -Force

Winrm quickconfig

#Set firewall rules

Set-NetFirewallRule -DisplayName "Remote Desktop*" -enabled true