Backtrack:  
Blog
 
showing posts tagged with 'powershell'
 
Using credentials in Powershell scripts securely
edited by on January 25th 2021, at 09:34
When using credentials in Powershell, you usually use Get-Credential, which essentially creates PSCredential objects. Creating such an object prompts the user to enter a username and password, which is not really usable in unattended scripts. There's a method where you can specify an unencrypted password but this is not secure. Fortunately, there's also a method where you can store the encrypted password in a file and use it to set the password.

Note
Note that the password is stored in the file using a computer-based encryption key. This means that the file would only work on the computer it was generated on. Trying to use it elsewhere would invalidate the password file.

To create a passwo  ...
 
Mass-unblock files via Powershell
edited by on December 3rd 2020, at 21:21
When downloading files from the internet or copying them from a (foreign) server, these files will be marked as blocked by default.



Each file can be unblocked by right-clicking the file and manually selecting unblock, but what if you have a whole bunch of files to unblock? In that case you can use Powershell:

Get-Item -Path "$env:windir\Fonts\*" -Stream "Zone.Identifier" -ErrorAction SilentlyContinue | % { Unblock-File -Path $_.FileName }

The oneliner above consists of two parts:

The flag that says whether or not a file is blocked is stored in a hidden NTFS-stream called Zone.Identifier, which is stored for each individual file. By looking for those hidden streams,   ...
 
Verifying the syntax of a Powershell script
edited by on November 25th 2020, at 10:12

There are many ways to verify the syntax of a Powershell script (other than running it of course), but the most simple and useful is this one:

Get-Command -Syntax 'path\to\script.ps1'

If the syntax is valid, it will simply return the name of the script. If there are errors, it will provide a detailed syntax error report.

 
Verify AD replication using Powershell
edited by on November 16th 2020, at 15:31

Using Powershell, you can quickly verify the status of the replication between domain controllers in Active Directory. This can be used in monitoring to verify a healthy AD replication. This can be run on any domain controller or on another system with RSAT or ActiveDirectory Powershell module.

Get-ADReplicationPartnerMetadata -Target "$env:USERDNSDOMAIN" -Scope Domain | FT -Auto Server,LastReplication*

To see forest-wide replication, replace -Scope Domain with -Scope Forest.

 
Enable SMB1 protocol through Powershell
edited by on November 13th 2020, at 13:30
While heavily deprecated and frowned upon, sometimes you'd still need to use the SMB1 protocol in Windows 10. You can effortless enable this through the GUI (Control Panel → Add/Remove Programs), it may be necessary to install it through scripting (e.g. for automated install). One of the methods is through Powershell.

Enabling the SMB1 client but not the server (or vice versa) is a multi-step process, as it's not possible to "only" enable the SMB1 client. First, you need to enable everything of SMB1, then disable the unneeded sub-features. An important item to disable is the SMB1 Deprecation option, as leaving this enabling could result in the automatic removal of all SMB1 fe  ...
 
Direct editing of policy files (registry.pol)
edited by on November 11th 2020, at 14:40
I ran into an issue where a local group policy had settings that were not accessible or editable using the conventional Local Group Policy editor (gpedit.msc), causing unwanted settings to be re-applied each time the group policy was refreshed. After a bit of searching around on the internet, I found a Powershell module with the ability to add, edit and remove individual items directly from Registry.pol policy files.

The module PolicyFileEditor can be downloaded and installed easily through Powershell:

Install-Module -Name PolicyFileEditor

As with everything from PSGallery, you need to have NuGet installed and updated.

The module comes with examples on how to use it. It can also be viewe  ...
 
Connect to Exchange Online PowerShell by using MFA
edited by on November 9th 2020, at 16:43
If you are using multi-factor authentication, it is not possible to use the old method of connecting to Exchange Online. You will have to install the Exchange Online PowerShell Module, and use the Connect-ExchangeOnline cmdlet to connect.

With the deprecation of Internet Explorer, the old method below no longer works. Use the method described here to install: Installing Exchange Online Management Powershell cmdlets

Old instructions
Log on to Exchange admin center.

In the left menu, click on hybrid.

Click the configure button for the Exchange Online Remote PowerShell Module. This will start the installation.

In the Application Install that appears, click the Install button.



When using  ...
 
Installing Exchange Online Management Powershell cmdlets
edited by on November 9th 2020, at 16:34

With the deprecation of Internet Explorer, it is currently no longer possible to install the Exchange Online Powershell module via ECP. But you can also install the Exchange Online Powershell module via Powershell itself:

First install the dependencies:

Install-PackageProvider -Name NuGet -Force
Install-Module -Name PowerShellGet -Force

Next install the Exchange Online Management module:

Install-Module -Name ExchangeOnlineManagement
 
Unable to install NuGet provider for PowerShell (on older OS'es)
edited by on October 22nd 2020, at 14:37
When attempting to install modules from the Powershell Gallery, you may get errors on older versions of Windows Server (2008-2012R2), even after updating PowerShell to more recent versions. The errors are concerning unable to install the NuGet provider, required to download packages from PSGallery.

Errors are similar to:

WARNING: Unable to download from URI.

WARNING: Unable to download the list of available providers. Check your internet connection.

Unable to find package provider 'NuGet'. It may not be imported yet.

The reason for this is a problem with the cryptographic providers enabled on your system. PowerShell 5.1 enables SSL 3.0 and TLS 1.0 for secure HTTP connections, which are  ...
 
Use Powershell to retrieve a list of Office 365 Global Admins
edited by on March 20th 2020, at 16:02

With the strong increase in hackers targeting Office 365 tenants, it may be useful to see who has Global Administrator access in your tenant. This can be done either via the Office 365 Portal but also through Powershell.

Note: be sure to install the required Powershell cmdlets before attempting this.

Connect to your Office 365 tenant:

Connect-MsolService

To retrieve a list of users with the Global Administrator role, run this:

Get-MsolRoleMember -RoleObjectId $(Get-MsolRole -RoleName "Company Administrator").ObjectId | Select DisplayName,EmailAddress

You can append Export-Csv to export the list to a CSV-file.

 
Exchange: configuring the TLS Certificate Name for receive connectors
edited by on March 17th 2020, at 09:26
If you wish to use TLS, or are using TLS authentication in a Office 365 Hybrid environment, and have manually changed or renewed the SSL certificate, you may still get errors about unable to initiate the TLS session (STARTTLS), even though the SSL certificate has been correctly renewed. Just setting the SSL certificate to be used with SMTP is not enough to make TLS work correctly. You also need to (re-)configure the TLS certificate name on your send and receive connectors.

As stated by the manual:

TlsCertificateName
The TlsCertificateName parameter specifies the X.509 certificate to use with TLS sessions and secure mail. Valid input for this parameter is [I]Issuer[S]Subject. The Issuer val  ...
 
Get Windows NTFS block size
edited by on September 24th 2019, at 16:37

You can use Powershell to get the block size of a Windows NTFS volume:

On newer systems:

Get-CimInstance -ClassName Win32_Volume | Select DriveLetter,Label, BlockSize | FT -AutoSize

On older systems, the Get-CimInstance may not be available, in which case you can use the (deprecated) Get-WmiObject:

Get-WmiObject -Class Win32_Volume | Select DriveLetter,Label, BlockSize | FT -AutoSize
 
Managing Office 365 and Exchange Online using Powershell
edited by on July 10th 2018, at 14:46
A few steps to enable management of your Office 365 subscription using Powershell. One uses Powershell because not all configuration is available through the Office 365 Portal, and it's also useful for automation.

Note that the old method of installing the Azure Active Directory Module is deprecated. The only supported way is to install the cmdlets directly through Powershell, as described below.

UPDATE (2018-07-09): removed all deprecated information.

UPDATE (2016-04-20): updated links and information.

Download and install the Microsoft Online Services Sign-In Assistant.

Download and install Windows Management Framework 5.1.

Open an elevated Powershell, and run the following comma  ...
 
Managing Exchange Online using Powershell (deprecated)
edited by on July 9th 2018, at 14:30
You can manage Exchange Online through Powershell in a similar fashion as you would an on-premise Exchange. There are some differences between available cmdlets and what they do between on-premise Exchange and Exchange Online, but the majority are the same.

Using multi-factor authentication
The method mentioned below is deprecated and only works for non-MFA usage. If you are using multi-factor authentication, you will have to use the Exchange Online Remote PowerShell Module to connect to Exchange Online. Instructions can be found in this article.

Using PS remoting, the cmdlets for Exchange Online are imported through the internet, so first, you need to change the Powershell execution polic  ...
 
Powershell: colorize output in Format-Table
edited by on March 12th 2018, at 08:27

Starting from Windows 10 Creators Fall Update, you can use VT escape sequences to colorize the output to console. You can use this to colorize columns in Format-Table, too.

A sample snippet, colorizing the output based on the contents of the "Status" field:

$somelist | FT FirstName,LastName,@{l="Status";e={
    switch ($_.Status) {
        "OK" {$color = 92; break}
        "NOT OK" {$color = 91; break}
        default {$color = 93}
    }
    "$e[${color}m$($_.Status)${e}[0m"
}}

A complete list of color codes can be found here: https://docs.microsoft.com/en-us/windows/console/console-virtual-terminal-sequences

 
Exchange mailbox delegations through Powershell
edited by on September 12th 2017, at 10:31

One of the most common Exchange admin tasks is setting mailbox delegations. Personally, I usually do this through EAC but once you're familiar with the Powershell counterparts, it can be quicker to use that instead. I've created this post as a reference to do just that.

In the reference below, the user "Ellen Somebody" requires access to the mailbox of "John Doe".

Send on Behalf

Set-Mailbox john.doe -GrantSendOnBehalfTo ellen.somebody

Send As

Add-ADPermission john.doe -ExtendedRights Send-As -user ellen.somebody

Full Access

Add-MailboxPermission -Identity john.doe -User ellen.somebody -AccessRights FullAccess -InheritanceType All
 
Office365: identify cloud-only and synced (on-premise) users in Powershell
edited by on April 6th 2017, at 10:35
Differentiating users that are synchronized from an on-premise AD and users created in Office 365 is easy when logged in through the Office 365 Portal. When using Powershell, it's another matter. While there's a parameter for Get-MsolUser to show only synchronized users, the ability to filter on only cloud users is missing. However, as cloud-only users do not have the ImmutableID set, you can build your own filter.

This one's obvious:

Get-MsolUser -All -Synchronized

You can filter on ImmutableID as it's not set for cloud-only users:

Get-MsolUser -All | ? ImmutableID -eq $null

If you want to filter out external users (i.e. if you shared something in Sharepoint Online with users that aren  ...
 
Importing the Exchange management module in a standard Powershell
edited by on January 23rd 2017, at 10:17

If you have the Exchange Management Tools installed, you can easily import the Exchange module into a standard Powershell by running the Add-PSSnapin cmdlet.

Depending on the Exchange version, the module to add is slightly different:

Exchange 2007Microsoft.Exchange.Management.PowerShell.Admin
Exchange 2010Microsoft.Exchange.Management.PowerShell.E2010
Exchange 2013Microsoft.Exchange.Management.PowerShell.SnapIn

If you're not sure about the version, you can also use wildcard characters:

Add-PSSnapin *Exchange*

If you don't want to install the management tools, you can also use PS remoting to remotely access the management shell from a standard Powershell.

 
Using Azure AD v2 to manage Office365 via Powershell
edited by on January 9th 2017, at 16:33
A new Powershell module, called Azure AD v2 is available to manage Office365 from Powershell, and is now the preferred method for managing Office365 tenants from Powershell. Unlike the older MSOnline module, you need to download and install this version from the Powershell Gallery, for which there is no direct download link.

Windows 10 already has the PowershellGet module needed to download modules from Powershell Gallery, so all you need to do is run the following in an elevated Powershell:

Install-Module AzureAD

You may get a message about NuGet provider is required to continue. You can safely confirm this.

Everything pre-Windows 10 and starting from Windows 7 SP1 and 2008R2 SP1, you n  ...
 
RemoteIPRanges is truncated in Get-ReceiveConnector
edited by on November 18th 2016, at 14:44

When running Get-ReceiveConnector, the contents of the RemoteIPRanges field may be truncated if there are a lot of entries. You can "expand" the list:

Get-ReceiveConnector MyConnector | Select -expand RemoteIPRanges | FT

This will expand each of the IP range objects and FT makes sure it's nicely formatted in a table. For single addresses, you only need the LowerBound column, but if ranges have been specified, you probably want both columns.

 
 
showing posts tagged with 'powershell'
 
 
« November 2024»
SunMonTueWedThuFriSat
     12
3456789
10111213141516
17181920212223
24252627282930
 
Links
 
Quote
« If the batteries of a TV remote run out, why do we press the buttons so much harder? »