sever audit

Get-ServiceAccounts posh

check powerpacks: Local System (Local System / Local Users and Groups) and Network
$administratorsAccount = Get-WmiObject Win32_Group -filter "LocalAccount=True AND SID='S-1-5-32-544'"

last login

$administratorQuery = "GroupComponent = `"Win32_Group.Domain='" + $administratorsAccount.Domain + "',NAME='" + $administratorsAccount.Name + "'`""
$user = Get-WmiObject Win32_GroupUser -filter $administratorQuery | select PartComponent |where {$_ -match $userToFind}
$user

Binding to Active Directory objects with the WinNT provider

 ENUMERATING users\GROUPS IN A COMPUTER

local accts

List the Local Users on a Set of Computers

Submitted by: Robert Cott

List Members of the Local Administrators Group

Submitted by: Anonymous Submission

Add Users to the Local Administrators Group or other local group

Submitted by Jimmy Godard

sub localAccts(strComputer)

Dim objNetwork,  objComputer, objUser 

Set objNetwork = CreateObject("Wscript.Network") 

strComputer = objNetwork.ComputerName 

'Set objComputer = GetObject("WinNT://" & strComputer) 

objComputer.Filter = Array("user") 

For Each objUser In objComputer 

    Wscript.Echo objUser.Name & ", " & objUser.Description 

Next 

end Sub

Dude, where’s my script ?

function Get-ScriptPath{     Split-Path $myInvocation.ScriptName 

}

cls

$a = Get-ScriptPath

$a


$b = & { $myInvocation.ScriptName }


$b

split-path $b   


split-path info


# PowerShell's Split-Path can do this for you: 
# parent path: 
split-path c:\myproject\Csharpproject\memo.txt -Parent 
# same as above, w/o the -Parent switch: 
split-path c:\myproject\Csharpproject\memo.txt 
# file name: 
split-path c:\myproject\Csharpproject\memo.txt -Leaf 

# ...and more: 
split-path c:\myproject\Csharpproject\memo.txt -Qualifier 
split-path c:\myproject\Csharpproject\memo.txt -NoQualifier 
split-path c:\myproject\Csharpproject\memo.txt -IsAbsolute 


Get the Data You Need

Select-Properties: a helper for exporting DirectoryEntry objects

Microcode: PowerShell Scripting Tricks: Select-Object (Note Properties) vs Add-Member (Script Properties)

ServerAuditReports

Day 7: Manage Users< 

scheduledTasks

powershellPing

# This is the key part

$ping = new-object System.Net.NetworkInformation.Ping

$Reply = $ping.send($strComputer)

if ($Reply.status –eq “Success”) 

{

# do somethine if online

}

else 

{

# do somethine if NOT online

}

$Reply = ""

Get-QADComputer -sizeLimit 0 -osName *Server* | Where-Object { (Get-WmiObject Win32_PingStatus -Filter "Address='$($_.DNSHostName)'").StatusCode -eq 0 } | Foreach-Object { 

  # Do your other work here

}

function Ping-Address {

  PROCESS {

    $ping = $false

    $results = Get-WmiObject -query `

    "SELECT * FROM Win32_PingStatus WHERE Address = '$_'"

    foreach ($result in $results) {

      if ($results.StatusCode -eq 0) {

        $ping = $true

      }

     }

     if ($ping -eq $true) {

       Write-Output $_

     }

   }

 }

 

 function Restart-Computer {

   PROCESS {

     $computer = Get-WmiObject Win32_OperatingSystem -computer $_

     $computer.Reboot()

   }

 }

Ping-Address and Restart-Computer

.net ping

Finding Services Using non-System Accounts With PowerShell

What functions are there in powershell to determine when password was last set. 

google search results 4 powershell pwdLastSet "get-qadcomputer"

performing-networking-tasks-pinging-from-powershell

Master-PowerShell | With Dr. Tobias Weltner - PowerShell.com

Master-PowerShell With Dr. Tobias Weltner - PowerShell.com

Domain Password Report & How Long Until My Password Expires?

How Long Until My Password Expires?

Domain Password Report

count events

function CountEvents{


BEGIN {

$errors = 0

$warnings = 0

$info = 0

}

PROCESS {

switch -wildcard ($_.entrytype) {

"err*" {$errors++}

"warn*" {$warnings++}

"info*" {$info++}

default {}

}#switch block

}#process block

END {

"The System log contains " + $errors + " error messages."

"The System log contains " + $warnings + " warning messages."

"The System log contains " + $info + " information messages."

}#end block

}#function block

#get-eventlog "System" -newest 100 CountEvents


======================= anothe approach ==============


$events = get-eventlog "System" -newest 100

function CountEvents{

$count = 0

foreach ($event in $args[0]) {

if ($event.entrytype -like $args[1]) {$count++}

}#foreach block

return $count

}#function block

$errors = CountEvents $events "err*"

$warnings = CountEvents $events "warn*"

$info = CountEvents $events "info*"

"The System log contains " + $errors + " error messages."

"The System log contains " + $warnings + " warning .messages."

"The System log contains " + $info + " information messages."

webcasts 2 watch

TechNet Webcast: Advanced Windows Powershell Scripting (Level 400)

MSDN Virtual Lab: Creating Windows PowerShell V2 Script Cmdlets

TechNet Virtual Lab: 10 Cool Powershell Scripts

TechNet Virtual Lab: Using Microsoft Windows PowerShell for Administration and Customization of Microsoft Windows SharePoint Services 3.0

TechNet Virtual Lab: Using PowerShell in Windows Server 2008 Beta 3

Pinging a Server from a Server you are not logged in to

Pinging a Server from a Server you are not logged in to

So if you wanted server remote1 to ping server remote3 you could do something like this:


Get-WmiObject Win32_pingstatus –filter “Address =’remote3’” –computername remote1.| statuscode,address,_server

convert vbscript to powershell

Automating admin scenarios using PowerShell

PowerShell Scriptomatic V1.0

Another Pre-Memorial bonus for PowerShell fans is that Windows PowerShell Scriptomatic V1.0 now avaliable and you can download it Here

create AD accts & exchange 2003 mail boxes links

Enterprise Powershell: Creating Mailboxes in Exchange 2003

Find all mailboxes with quota limit is NOT set to default. & more

Creating new AD user accounts from a csv-file data has become even easier



Manage Exchange Server 2003 Using Windows PowerShell and WMI



More About Using PowerShell to Manage Exchange Server 2003


PowerShell Tutorial 12 - Part 1: Active Directory Management
WMI PowerShell for Exchange 2003

How to write a LDAP search filter

Searching Active Directory with Windows PowerShell

Objective 2 - QAD Script to Change Passwords




http://mow001.blogspot.com/2005/12/g...able-from.htmlhttp://mow001.blogspot.com/2006/03/w...-part-one.htmlgr /\/\o\/\/

Prof. PowerShell

date & time



READ MORE: Prof. PowerShell
• Show What You Learned About PowerShell
Homework Assignment #1: Creating a formatted report of a selected scoped of peak paged memory.
by Jeffery Hicks
January 2009
• Give Me Time
PowerShell's DateTime object will leave you with time on your hands to do other things.
by Jeffery Hicks
January 2009
• Stringing Along
Use a PowerShell object's methods to do many of the same tasks for which you'd write VBscript code in long form.
by Jeffery Hicks
January 2009
• Get-Unique -- Same But Different
I still prefer the Select-Object cmdlet, but Get-Unique has a way of weeding out the dupes that's, well, different.
by Jeffery Hicks
December 2008
• Uniqueness Counts
PowerShell's Select-Object command has a -unique switch that lest you sort through the riffraff.
by Jeffery Hicks
December 2008
• Command Performance
The Get-Command cmdlet reveals all that you need to know about PowerShell.
by Jeffery Hicks
December 2008
• Reading Assignment
My secret for learning Powershell? Check out these blogs.
by Jeffery Hicks
November 2008
• Just DO It!
Lesson in Logic #3: The secret to getting your script block to execute at least one time is the DO loop.
by Jeffery Hicks
November 2008
• WHILE You Were Away...
Lesson in Logic #2: The WHILE statement keeps things rolling in your PowerShell scripts.
by Jeffery Hicks
November 2008
• Lessons in Logic
Lesson 1: Using an IF



Do You Read Me?
Even sans GUI, Powershell can be made to work interactively. The trick is the Read-Host cmdlet.
by Jeffery Hicks
October 2008
• PowerShell to XML
That nifty trick I showed you last time that exports data to CSV? This time, get more with an export to XML.
by Jeffery Hicks
October 2008