Monday, March 16, 2009

get-qaduser

Get-QADUser -sizelimit 100 | select lastname,firstname,logonname,lastlogon | sort {$_.lastlogon.value.ticks} |  convertto-html > test.htm

Saturday, March 7, 2009

import-csv



function get-currentScriptDir{

$b = & { $myInvocation.ScriptName }
#$b


# Write-Host '2d output'
$c = split-path $b


# Write-Host  'this is ' `t $c

return  $c

}

$d = get-currentScriptDir

$e = $d+'\testfile.txt'

Write-Host ' this is ' $e


$file2Chk = $d+'\testfile.txt'
$header = "Name","Department","Title"

Import-Csv $file2Chk -Header $header | foreach{

Write-Host $_.Name

}






http://www.scriptinganswers.com/forum2/forum_posts.asp?TID=2636
import-csv c:\tools\subnets.csv | foreach {

$sitename = $_.sitename
$subnetIP = $_.SubnetIP
$loc = $_.Location
$siteLink = $_.SiteLink

...
$link.save()

}


# http://www.leadfollowmove.com/archives/powershell/excel-powershell-and-the-import-csv-cmdlet
# http://www.leadfollowmove.com/archives/powershell/creating-groups-in-active-directory-with-powershell



# Constants from: http://msdn2.microsoft.com/en-us/library/aa772263.aspx
Set-Variable -Name ADS_GROUP_TYPE_DOMAIN_LOCAL_GROUP  -value 4      -option constant
Set-Variable -Name ADS_GROUP_TYPE_GLOBAL_GROUP      -value 2       -option constant
Set-Variable -Name ADS_GROUP_TYPE_LOCAL_GROUP      -value 4      -option constant
Set-Variable -Name ADS_GROUP_TYPE_UNIVERSAL_GROUP    -value 8       -option constant
Set-Variable -Name ADS_GROUP_TYPE_SECURITY_ENABLED    -value -2147483648  -option constant
 
Set-Variable -Name ADS_GROUP_TYPE_SECURITY_DOMAIN_LOCAL  `
  -value ($ADS_GROUP_TYPE_DOMAIN_LOCAL_GROUP  `
  -bor $ADS_GROUP_TYPE_SECURITY_ENABLED)  -option constant
 
Set-Variable -Name ADS_GROUP_TYPE_SECURITY_DOMAIN_GLOBAL  `
  -value ($ADS_GROUP_TYPE_GLOBAL_GROUP  `
  -bor $ADS_GROUP_TYPE_SECURITY_ENABLED)  -option constant
 
Set-Variable -Name ADS_GROUP_TYPE_SECURITY_UNIVERSAL  `
  -value ($ADS_GROUP_TYPE_UNIVERSAL_GROUP    `
  -bor $ADS_GROUP_TYPE_SECURITY_ENABLED)  -option constant
 
# ---------------------------------------------------------------------------------------------------
  
  # Bind to the root of the domain
  $root  = [adsi]""
  $rootdn  = $root.distinguishedname
 
# ---------------------------------------------------------------------------------------------------
function create-group
# ---------------------------------------------------------------------------------------------------
{
Param (
  $Location,
  $Group,
  $scope,
  $Description
  )
  # The domain DN is added so the OU location doesn't need to be a full DN  
  # This also doesn't tie you down to a specific Domain.
  $ou = [adsi]("LDAP://"+$Location+","+$rootDN)
  $newGroup = $ou.create("group", "cn="+$Group)
  $newgroup.put("sAmAccountName", $Group)
  $newGroup.Put("Description", $Description)
  
  switch ($scope)
  {
    "Security Domain Local"      {$Type = $ADS_GROUP_TYPE_SECURITY_DOMAIN_LOCAL}
    "Security Domain Global"    {$Type = $ADS_GROUP_TYPE_SECURITY_DOMAIN_GLOBAL}
    "Security Universal"      {$Type = $ADS_GROUP_TYPE_SECURITY_UNIVERSAL}
    "Distribution Domain Local"    {$Type = $ADS_GROUP_TYPE_DOMAIN_LOCAL_GROUP}
    "Distribution Domain Global"  {$Type = $ADS_GROUP_TYPE_GLOBAL_GROUP}
    "Distribution Universal"    {$Type = $ADS_GROUP_TYPE_UNIVERSAL_GROUP}
  }
  $NewGroup.put("grouptype", $Type)
  $newGroup.SetInfo()
}
 
# ---------------------------------------------------------------------------------------------------
 
# Create-Group "ou=Test OU" "Test Group" "Security Domain Local" "My Test Group"


$data = import-csv d:\coding\ps\groups.csv
foreach ($line in $data)
{
  write-host $line.GrpName $line.Desc $line.GrpType $line.DN
}


GrpName,Desc,GrpType,DN
Test Group1,PowerShell Test Group,Security Domain Local,"cn=users"




# PowerShell script create users in a named OU
# Author: Guy Thomas 
# Version 2.4 August 2008 tested on PowerShell v 1.0

$OuBorn = 'OU=PowerShell,DC=cp2,DC=mosel'
$Freshmen = 'E:\powershell\QAD\bunch4.csv'
import-csv $Freshmen |`
where {new-QADUser -ParentContainer $OuBorn `
-name $_.name -sAMAccountName $_.sAMAccountName `
; enable-QADUser $_.name }


# The Complete script looks like this : http://mow001.blogspot.com/2006/05/powershell-import-shares-and-security.html

# ImportShares.ps1  
# This script will Import the Shares from a CSV file   
# made by ExportShares.ps1 complete with securityInfo  
#   
# /\/\o\/\/ 2006      
# http://mow001.blogspot.com   

# Import the CSV file 

$ShareList = Import-Csv ShareInfo.csv 

# get the Unique Shares 

$sharelist | select -unique name,Path,Description |% { 

  $name = $_.name 
  $path = $_.Path 
  $description = $_.Description 
  "Processing : $name $path $description" 

  $sd = new-object system.management.managementclass Win32_SecurityDescriptor 
  $sd.DACL = @() 
  $ace = new-object system.management.managementclass Win32_ace 
  $Trustee = new-object system.management.managementclass win32_trustee 

  # Get all records in CSV file for the current share 

  $sharelist |? {$_.name -eq $name} |% { 

    # Convert SID to Binary version : 

    $sid = new-object security.principal.securityidentifier($_.sid) 
    [byte[]]$ba = ,0 * $sid.BinaryLength 
    $sid.GetBinaryForm($ba,0) 

    # Make Trustee Object 

    $Trustee.Domain = $_.Domain 
    $Trustee.get_Properties()['name'].set_Value($_.domain) 
    $Trustee.SID = $ba 

    # Make ACE Object 

    $ace.AccessMask = $_.AccessMask 
    $ace.AceType = $_.AceType 
    $ace.AceFlags = $_.AceFlags 
    $ace.trustee = $trustee.psobject.baseobject 
  
    # Add ACE to the DACL 

    $sd.DACL += $ACE.psObject.baseobject 
  } 

  $MC = new-object system.management.ManagementClass win32_share 
  $InParams = $mc.GetMethodParameters('Create') 

  # fill Parameters 

  $InParams["Access"] = $sd.PsObject.BaseObject 
  $InParams["Description"] = $_.Description 
  $InParams["Name"] = $_.name 
  $InParams["Password"] = [string] 
  $InParams["Path"] = $_.Path 
  $InParams["Type"] = 0 

  $R = $mc.InvokeMethod('Create', $inParams, $Null) 
  "Result : $($R.ReturnValue)" 
  
}



# You can use array slicing, get the rows from row 13 till the end of the file: http://en.wikipedia.org/wiki/Array_slicing#2006:_Windows_PowerShell


PS > $csv = get-content report.csv
PS > $csv[12..$csv.length] | out-file report1.csv 
PS > import-csv report1.csv  

Friday, March 6, 2009

count ad objects

PS C:\test> get-qadobject -SizeLimit 0 | where {$_.type -eq "user" -or $_.type -eq "group" -or $_.type -eq "computer" -or $_.type -eq "organizationalunit"} | sort type| group type | format-table Name,Count -auto 

Name               Count 
----               ----- 
computer               7 
group                 48 
organizationalUnit     7 
user                  53 



How Many Objects?

Monday, February 23, 2009

sever audit




check powerpacks: Local System (Local System / Local Users and Groups) and Network
$administratorsAccount = Get-WmiObject Win32_Group -filter "LocalAccount=True AND SID='S-1-5-32-544'"


$administratorQuery = "GroupComponent = `"Win32_Group.Domain='" + $administratorsAccount.Domain + "',NAME='" + $administratorsAccount.Name + "'`""
$user = Get-WmiObject Win32_GroupUser -filter $administratorQuery | select PartComponent |where {$_ -match $userToFind}
$user


 ENUMERATING users\GROUPS IN A COMPUTER

local accts

List the Local Users on a Set of Computers

Submitted by: Robert Cott


List Members of the Local Administrators Group

Submitted by: Anonymous Submission


Add Users to the Local Administrators Group or other local group

Submitted by Jimmy Godard



sub localAccts(strComputer)
Dim objNetwork,  objComputer, objUser 
Set objNetwork = CreateObject("Wscript.Network") 
strComputer = objNetwork.ComputerName 
'Set objComputer = GetObject("WinNT://" & strComputer) 
objComputer.Filter = Array("user") 
For Each objUser In objComputer 
    Wscript.Echo objUser.Name & ", " & objUser.Description 
Next 

end Sub








function Get-ScriptPath{     Split-Path $myInvocation.ScriptName 
}
cls
$a = Get-ScriptPath
$a


$b = & { $myInvocation.ScriptName }


$b
split-path $b   


split-path info


# PowerShell's Split-Path can do this for you: 
# parent path: 
split-path c:\myproject\Csharpproject\memo.txt -Parent 
# same as above, w/o the -Parent switch: 
split-path c:\myproject\Csharpproject\memo.txt 
# file name: 
split-path c:\myproject\Csharpproject\memo.txt -Leaf 

# ...and more: 
split-path c:\myproject\Csharpproject\memo.txt -Qualifier 
split-path c:\myproject\Csharpproject\memo.txt -NoQualifier 
split-path c:\myproject\Csharpproject\memo.txt -IsAbsolute 


Get the Data You Need

Select-Properties: a helper for exporting DirectoryEntry objects

Microcode: PowerShell Scripting Tricks: Select-Object (Note Properties) vs Add-Member (Script Properties)











ServerAuditReports

Day 7: Manage Users

scheduledTasks

powershellPing

# This is the key part

$ping = new-object System.Net.NetworkInformation.Ping
$Reply = $ping.send($strComputer)
if ($Reply.status –eq “Success”) 
{
# do somethine if online
}
else 
{
# do somethine if NOT online
}
$Reply = ""

Get-QADComputer -sizeLimit 0 -osName *Server* | Where-Object { (Get-WmiObject Win32_PingStatus -Filter "Address='$($_.DNSHostName)'").StatusCode -eq 0 } | Foreach-Object { 
  # Do your other work here
}

function Ping-Address {

  PROCESS {

    $ping = $false

    $results = Get-WmiObject -query `

    "SELECT * FROM Win32_PingStatus WHERE Address = '$_'"

    foreach ($result in $results) {

      if ($results.StatusCode -eq 0) {

        $ping = $true

      }

     }

     if ($ping -eq $true) {

       Write-Output $_

     }

   }

 }

 

 function Restart-Computer {

   PROCESS {

     $computer = Get-WmiObject Win32_OperatingSystem -computer $_

     $computer.Reboot()

   }

 }









performing-networking-tasks-pinging-from-powershell