Use PowerShell to List Active Directory Extended Rights

PowerShell providers allow us to traverse various data stores we encounter, as IT professionals, as if they were file systems. There is a PSProvider that allows us to navigate the smooth seas of the Active Directory PSDrive.     Thinking about a file system, we can talk about Access Control Entries (ACEs) that make up Access Control Lists (ACLs) to govern…

0

Security Focus: User PowerShell to Obtain Microsoft Security Update Information

Want to use PowerShell to create a html report of Microsoft security updates? No problem. Read on…   Back in November 2016, the Microsoft Security Response Centre (MSRC) team announced the Security Update Guide portal. Furthering our commitment to security updates   This portal also provides a new RESTful API to obtain Microsoft security update…

0

Restart-Computer (with BitLocker Suspended)

Create a function called Restart-Computer. Use it to call the Restart-Computer cmdlet. Before you call the cmdlet, suspend bitlocker protection so you don’t get password-pestered at boot time…   function Restart-Computer { Suspend-BitLocker -MountPoint “C:” -RebootCount 1 Microsoft.PowerShell.Management\Restart-Computer }   Why does this work?   There are rules for command precedence…     These rules…

0

Fun & Frolics: Generate a 0 and 1 Screen Stream

What a ridiculous title! Believe me, the post gets even more ridiculous. Anyway, it’s a bit of fun!   I had to do the following for a conference I recently spoke at…   function ExfiltrateData { Write-Output ” ” 1..900 | % {Write-Host “$(Get-Random -Minimum 0 -Maximum 2)” -NoNewline } 1..14 | % {Write-Host “$(Get-Random…

0

Module Manifest – ScriptsToProcess

Here’s a nice little trick. When creating a PowerShell module you can specify a list of scripts to process when the module is loaded. You can use the scripts for validation or prerequisite checking. Here’s a nice little example… In the .psd1* file for the module, i.e. the manifest, add (or uncomment) a line to look…

0

Start-AzureCloudService

Here’s a function I use quite a lot. Now, I know it’s old-world (ASM rather than ARM) in terms of Azure, but I still have a lot of old-world, cloud services. In fact, a lot of them were built by the following script and the function should be considered as partner code.   Build an…

0

Security Focus: Get Mail Enabled Admin Users

Browsing the internet with an admin account is a very, very bad thing to do. Using an admin account to send / receive email is also a very, very bad thing. Why? Well you expose the credentials to a high risk of being stolen and used to compromise your enterprise. Want do to some checks against Active…

1

Try to Catch Error Exception Types

When error handling with Try, Catch, Finally you can create conditional catch statements to target specific exceptions. Here’s an example.   try { $wc = new-object System.Net.WebClient $wc.DownloadFile(“http://www.contoso.com/MyDoc.doc”) } catch [System.Net.WebException],[System.IO.IOException] { “Unable to download MyDoc.doc from http://www.contoso.com. } catch { “An error occurred that could not be resolved.” }   Look at the first…

1

Back to Basics: Generate Monthly Report Folders

I’m always using PowerShell to just, well, help out with day to day stuff I have to do. The other week I used PowerShell to generate a bunch of folders for 2017 that I’ll use to store my expense receipts in. All very mundane; all completed in milliseconds. $a = 1..12 | % {(Get-Date -Month $_ -f…

0