Back to Basics: Generate Monthly Report Folders

I’m always using PowerShell to just, well, help out with day to day stuff I have to do. The other week I used PowerShell to generate a bunch of folders for 2017 that I’ll use to store my expense receipts in. All very mundane; all completed in milliseconds. $a = 1..12 | % {(Get-Date -Month $_ -f…

0

Security Focus: Enable / Disable MFA on Azure AD Admin Account

Last week I presented a little function that I use to reset my Azure AD admin account passwords. This week I want to show how to enable / disable Multi Factor Authentication on an Azure AD account.   Enable $St = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement $St.RelyingParty = “*” $Sta = @($St) Set-MsolUser -UserPrincipalName ifarr@contoso.com -StrongAuthenticationRequirements $Sta…

1

Security Focus: Update Azure AD Admin Account Password

Got to love this cmdlet – Update-AzureADSignedInUserPassword ! I use it to update admin credentials on Azure AD instances that I only occasionally use. This avoids expiry aches and pains.   Want to take a look? First up, go get yourself a copy of the AzureAD module from PSGallery… Find-Module -Name AzureAD Install-Module -Name AzureAD -Verbose   Now, I…

1

Get-OneMillionDigitsofPi

After showing a customer the PI static method of System.Math, they asked, “how do I get more digits?”.   A quick bit of lateral-thinking, i.e. cheating, later and a with more than a nod to the hard work done by the folks at angio.net, here’s the wonderfully named Get-OneMillionDigitsOfPi function.   function Get-OneMillionDigitsOfPi { (Invoke-WebRequest -Uri “http://www.angio.net/pi/digits/pi1000000.txt”).Content…

0

One-Liner: Find a Renamed and Relocated AD Guest Account WITHOUT using the Well-Known SID

So… someone decided to rename and move the domain’s Guest account. You could find searching via the well-know SID… SID: S-1-5-21domain-501 Name: Guest Description: A user account for people who do not have individual accounts. This user account does not require a password. By default, the Guest account is disabled. Or… you could try this little trick…  …

0

Use PowerShell to Show User Rights Assignments Set by Group Policy

Here’s one I came across whilst performing some Group Policy troubleshooting…   Get-CimInstance -Query “Select * from RSOP_UserPrivilegeRight where precedence=1” -Namespace root\rsop\computer | Select-Object UserRight,AccountList   13   It shows the UserRight set by Group Policy and who has it.  

0

Stop PowerShell.exe from Starting!

What!? “Have you gone mad?“, I hear you cry! Last month (and year), I posted about limiting the functionality of PowerShell – Security Focus: Set ConstrainedLanguage Mode on My Machine. This month (and this year), I’ve found an oddity with this particular technique…   Warning: Don’t Try This At Home! Whilst playing around with the __PSLockdownPolicy setting, I discovered that…

0

Janus…

The second post in my two-part series that is a departure from my blogging norm… Looking back, the last year has been amazing. Watching the PoSh children grow, enjoying family and friends, succeeding at work, being healthy and happy and safe. We should all take time to take stock. Appreciate now. Looking forward, I wish for…

1

Happy Holidays 2016!

I’m going to take a blogging holiday for the next couple of weeks. Well, kind of… I’ll post something but it won’t be PowerShell related. Well, sort of… This week’s ‘departure’ below. If you’re celebrating at this time of year, or also if you’re not celebrating at this time of year, then I wish you all the very…

0

Security Focus: Set ConstrainedLanguage Mode on My Machine

Whilst doing some research, for a presentation on Security and PowerShell, I came across this cheeky one-liner: [Environment]::SetEnvironmentVariable(‘__PSLockdownPolicy’, ‘4’, ‘Machine’)   After running it, look what happens when I try and start PowerShell. Damn, my profile script won’t run… but, what’s this? I can’t do other stuff, too? Damn!   If you’ve never come across…

0