IMPORTANT ANNOUNCEMENT FOR OUR READERS!
AskPFEPlat is in the process of a transformation to the new Core Infrastructure and Security TechCommunity, and will be moving by the end of March 2019 to our new home at https://aka.ms/CISTechComm (hosted at https://techcommunity.microsoft.com). Please bear with us while we are still under construction!
We will continue bringing you the same great content, from the same great contributors, on our new platform. Until then, you can access our new content on either https://aka.ms/askpfeplat as you do today, or at our new site https://aka.ms/CISTechComm. Please feel free to update your bookmarks accordingly!
Why are we doing this? Simple really; we are looking to expand our team internally in order to provide you even more great content, as well as take on a more proactive role in the future with our readers (more to come on that later)! Since our team encompasses many more roles than Premier Field Engineers these days, we felt it was also time we reflected that initial expansion.
If you have never visited the TechCommunity site, it can be found at https://techcommunity.microsoft.com. On the TechCommunity site, you will find numerous technical communities across many topics, which include discussion areas, along with blog content.
NOTE: In addition to the AskPFEPlat-to-Core Infrastructure and Security transformation, Premier Field Engineers from all technology areas will be working together to expand the TechCommunity site even further, joining together in the technology agnostic Premier Field Engineering TechCommunity (along with Core Infrastructure and Security), which can be found at https://aka.ms/PFETechComm!
As always, thank you for continuing to read the Core Infrastructure and Security (AskPFEPlat) blog, and we look forward to providing you more great content well into the future!
Hello all. Jacob Lavender here once again for the Ask PFE Platforms team to give you an update on the little sample tool that I put together at the end of last year.
The original post is located here:
But before you fly off to read that post – as good as it was, let me just inform you that I’ve made some significant updates which include two major improvements:
- Multiple Target Computers – Yes, now we can target multiple computers at the same time using this tool (single computer still supported)
- Enhanced Logic for credential validation.
There are a number of other improvements which are made as well, which I’ll continue to tweak as time passes and post in the gallery.
As a note: While you review the sample tool, if you opt to run it and stop it without completing or choosing a provided exit option, make sure that you always run the Clear-Variables function in the sample script. Why you might ask? Simple, you just don’t want those variables lying around – especially the one’s with credentials in them.
As a final note: The report provided no longer includes any data on processes. Instead, that is performed on the remote machine and stored in a text file on the machine – and moved to the central file share upon completion of the script.
Where is the tool:
My original post has a great deal of details on the value of NETSH TRACE and New-NetEventSession, so give it a look if you need some clarification. There are lots of great reference articles provided by other tech guru’s way above my level – so make sure to check them out too!
Limitation: PowerShell 3.0 or above is required for full functionality. If you are using PowerShell 2.0 on a target machine, then the trace files will not be moved to the central file share. But c’mon! PowerShell 6.0 is here! Why would you still be hanging on to 2.0? (Yes, I know that there are some applications for it – I get it. Sigh.)