adaz posted:I don't use the AD cmdlets so this code might nto work but what you want to do is when you grab your users pipe them through Select-Object and grab the property you want, like CN or DN. then send that list to the Create-Uilist. When the list returns with the user's they have selected iterate through, bind to their AD object and perform whatever operation you want. I copied that into a .ps1 file and ran it in Powershell. Got the following error output (OU name and username were changed as needed, so it looks like that component is good to go) code:
MJP fucked around with this message at 15:51 on Nov 19, 2012 |
|
# ? Nov 19, 2012 15:49 |
|
|
# ? Jun 8, 2024 05:48 |
|
I'm trying to mess around with permissions, and I'm stuck on removing a user from a bunch of ACLs. This is the meat of what I'm using: code:
What am I doing wrong?
|
# ? Nov 20, 2012 16:06 |
|
AreWeDrunkYet posted:What am I doing wrong? Your script works fine, so I assume the rules you're trying to remove are inherited? If that's the case, they can not be directly removed from a subdirectory. You'd have to remove them from the source or remove inheritance from the subdirectory and copy over the rules you want to keep.
|
# ? Nov 20, 2012 17:44 |
|
kampy posted:Your script works fine, so I assume the rules you're trying to remove are inherited? If that's the case, they can not be directly removed from a subdirectory. You'd have to remove them from the source or remove inheritance from the subdirectory and copy over the rules you want to keep. That may end up being something I need to address later, but I believe I'm running into an issue before I even attempt to apply permissions. If I run the first two lines then display $acl.access, the entry for Authenticated users is still on the list with unchanged rights. Or is the problem that $access.IsInherited is True for Authenticated Users, which prevents the removeaccessrule method from removing the rule from $acl?
|
# ? Nov 20, 2012 17:51 |
|
I would recommend having a look at the NTFSSecurity module. I use it a to track down orphaned SIDs. Probably helpful for what you're after as well.
|
# ? Nov 21, 2012 09:36 |
|
MJP posted:So am I looking at this as a possible script: Are the servers 2008+? If so you can use WMI instead of delprof to remove the profiles. code:
|
# ? Nov 26, 2012 04:44 |
MJP posted:I copied that into a .ps1 file and ran it in Powershell. Got the following error output (OU name and username were changed as needed, so it looks like that component is good to go) Sorry to continue harping on this, but I did some research and couldn't quite find a native PS cmdlet to do this - there's a Scripting Guy entry about making an .hta to find it but I'm supposed to do this in one file alone. Anyone?
|
|
# ? Nov 28, 2012 14:41 |
|
MJP posted:Sorry to continue harping on this, but I did some research and couldn't quite find a native PS cmdlet to do this - there's a Scripting Guy entry about making an .hta to find it but I'm supposed to do this in one file alone. Judging from the error message you do not have the custom function Create-UiList that adaz posted copypasted in your DisplayUsers.ps1 or if you do, it is below the code that tries to execute it and therefore it can not be found. Either way you'll want to go and fix your script so that the function is correctly created above the $users line, go get it from: adaz posted:
|
# ? Nov 28, 2012 22:11 |
|
So this is kind of a stupid question: Company has a need to sign executable files with a cert and time stamp from verisign. This is handled by a relatively simple command line command, but it requires the use of a Windows SKD CMD Shell. Ideally, I would like to create a script that I can use to simply drag an executable to be signed over, and have poweshell work it's magic. I'm having a devil of a time finding out how to really DO this, however. Tips/Hints?
|
# ? Nov 29, 2012 00:59 |
|
Wicaeed posted:So this is kind of a stupid question: I'm pretty sure dropping things like that is equivalent to running code:
|
# ? Nov 29, 2012 02:33 |
|
Wicaeed posted:So this is kind of a stupid question: code:
edit: Grr...neither the ps1 nor the shortcut want to take an executable as a drag-drop. Quick and dirty, I'd have them drop the executable into a folder, have the script step through the files in there, do the signing magic, then move them somewhere else. GPF fucked around with this message at 17:58 on Nov 29, 2012 |
# ? Nov 29, 2012 17:50 |
|
In that situation, you can make a batch script that accepts the drag and drop, and have that pass the command line argument to the power shell script. See http://stackoverflow.com/questions/2819908/drag-and-drop-to-a-powershell-script Titan Coeus fucked around with this message at 20:36 on Nov 29, 2012 |
# ? Nov 29, 2012 20:29 |
|
Titan Coeus posted:In that situation, you can make a batch script that accepts the drag and drop, and have that pass the command line argument to the power shell script. I actually read that exact post on Stack Overflow and tried it, but for some reason whenever I drag and drop a file the batch script seems to die as it is passing the entire file contents instead of just the path to the powershell script
|
# ? Nov 29, 2012 20:43 |
Okay, so I'm taking the whole shpiel about needing to create a dropdown list of users a bit simpler. What I'm trying to do now is simply just get a working array of users. I've got the format of the individual cmdlets correct but I simply can't for the life of me figure out how to make one array with input from multiple cmdlets. Here's what I have thus far using this link to convert output to an array: http://blogs.msdn.com/b/powershell/archive/2009/02/27/converting-to-array.aspx code:
I saw somewhere that the $users += command was supposed to add to an existing array. I'm not sure if I've got the syntax wrong or placement of the +=, or if it just needs to go somewhere else. Any thoughts?
|
|
# ? Dec 10, 2012 19:30 |
|
Didn't really look over your code, but your += is definitely in the wrong place. The following statements are the same:code:
|
# ? Dec 10, 2012 21:49 |
Okay, so I think I got it - the syntax to add to an array is like this:code:
code:
The object of type "Microsoft.PowerShell.Commands.Internal.Format.FormatEndData" is not valid or not in the correct sequence. This is likely caused by a user-specified "format-*" command which is conflicting with the default fo rmatting. + CategoryInfo : InvalidData: ( [out-lineoutput], InvalidOperationException + FullyQualifiedErrorId : ConsoleLineOutputOutOfSequencePacket,Microsoft.PowerShell.Commands.OutLineOutputCommand For reference, here's my code thus far including the now successful array adds and now-failing alphabetical sort: code:
|
|
# ? Dec 12, 2012 15:09 |
|
Get-ChildItem, if I see you around I'm going to beat your rear end to a pulp. That is all.
evil_bunnY fucked around with this message at 21:56 on Dec 12, 2012 |
# ? Dec 12, 2012 18:12 |
|
MJP posted:
Ft is the error you are looking for. Format-Table converts objects to only little more than text strings. Specifically it converts whatever input you give it to another data type, the date type Microsoft.PowerShell.Commands.Internal.Format.FormatEndData! You can only act very superficially with data format-table creates, sort-objects for example can't do anything at all with this data type. I am not quite sure what the last two pipes of your command are supposed to accomplish. You should be able to create an array of your search results with only: code:
code:
code:
Edit: I just noticed something. Why are you manually creating an array in the first place? You can simply write: code:
code:
ZeitGeits fucked around with this message at 20:38 on Dec 12, 2012 |
# ? Dec 12, 2012 20:29 |
I'm coming from a background of "We have one client with Office 365, we must use Powershell to perform certain basic distribution list commands, but it looks like I can also do some quick exports from AD with it." Everything I know about PS I'm learning as I go. Anyway, I need to create an array of multiple OUs - there's upwards of 14, 15ish total. It's meant to list all basic users. If I did $users = blah blah blah for multiple lines and then just typed $users then pressed Enter, the array would only be the last OU. So if I had three get-aduser cmdlets as above, one for ATL, one for BOS, and one for NYC and I did $users = for each of them, I'd only get the NYC users. I reran my script without changes as my previous post and then manually entered the following commands: code:
code:
code:
code:
|
|
# ? Dec 12, 2012 21:49 |
|
Please reread my post. You get the error because of the cmdlet "ft" that you are calling in your script. ft is an alias for format-table. The cmdlet format-table converts you users into a data type that can not be sorted. Run the following commands exactly as written: code:
|
# ? Dec 13, 2012 10:55 |
Doing that just dumps a list of users with their individual attributes by DistinguishedName, a long list formatted like this:code:
|
|
# ? Dec 14, 2012 21:57 |
|
MJP posted:Doing that just dumps a list of users with their individual attributes by DistinguishedName, a long list formatted like this: Yes - what you're seeing here are the default display properties for a user object MJP posted:Problem is I just need the names, so I can then have whoever selects the name pipe the selected name to a cmdlet adding it to a security group at the end of this script. No, your problem is that you don't understand how PowerShell works. As soon as you do something like format-table, you're no longer working with the User objects that are returned by the get-aduser cmdlet. This means you're going to have to do a bunch of stupid work to turn strings back into user objects so you can do something with them. Build your array of user objects, like ZeitGeits told you to. When you have that array of objects, do stuff with the array of user objects. Do not try to convert it to a table of pretty names and then work with that, because at that point you've just lost the user objects.
|
# ? Dec 14, 2012 23:19 |
|
code:
code:
code:
You want to work with the object, you do not want to convert it to strings or formatting object with format-table. The reason is this: code:
|
# ? Dec 15, 2012 02:11 |
But the thing is it's still not sorted alphabetically by surname. Both ZeitGeits and my scripts do successfully list all users from the OUs but neither actually sorts it. The array builds both ways but it's still not sorted, which I'll need before I can even start on the "put the lastname, firstname in a dropdown box" part.
|
|
# ? Dec 17, 2012 14:27 |
|
Then just sort the list you have:code:
code:
|
# ? Dec 17, 2012 14:32 |
That did it! Below displays the output of the OUs in the $users array after it's sorted by surname in reference, with the aim of helping for the future should anyone ever need:code:
One step closer. Thanks to all who contributed, I don't like making GBS threads up threads with my lack of knowledge but my employers' understanding that I'm not academic with Powershell doesn't change their requirement for me to do it. At least I can learn as I go and do the academics concurrently.
|
|
# ? Dec 17, 2012 14:52 |
|
This thread's all about learning. Check out the Learn PowerShell in a Month of Lunches book, I hear it's pretty good. The biggest thing with PowerShell is understanding that commands return objects - not strings like normal Linux shell scripting, which everyone is used to. It's a big shift, but thankfully cmdlets are normally named intuitively (guess what 'get-aduser' does?).
|
# ? Dec 17, 2012 16:12 |
|
MJP posted:That did it! Below displays the output of the OUs in the $users array after it's sorted by surname in reference, with the aim of helping for the future should anyone ever need: Populating a Dropdown list with items in a collection: code:
ZeitGeits fucked around with this message at 16:22 on Dec 17, 2012 |
# ? Dec 17, 2012 16:14 |
Awesome, thanks - right now it's displaying a dropdown by CN. I'll do some digging on my own to figure out how to set it to call that CN for the add-adgroupmember function. Once it tests and works I'll go about just going by lastname, firstname - might as well make it work before I try to make it pretty. Thank you thank you thank you!
|
|
# ? Dec 17, 2012 18:03 |
|
ZeitGeits posted:This script might not run because it requires .NET 4.0. Altering the value after "Version" in the first line changes that. Any reason you can't just do code:
|
# ? Dec 17, 2012 18:17 |
|
Titan Coeus posted:Any reason you can't just do Load requires the long form of the library name to load (link). It is possible to use LoadWithPartialName like this: code:
Edit: A workaround is to use the cmdlet Add-Type, code:
ZeitGeits fucked around with this message at 19:45 on Dec 17, 2012 |
# ? Dec 17, 2012 19:18 |
|
A question about error handling for you guys. I'm working with the vmWare powerCLI, but the concepts I'm wondering about should be universal. So I have some try-catch blocks kind of like this:code:
I was planning to just add something like this to the try block: code:
|
# ? Dec 18, 2012 20:48 |
Okay, so I'm trying to add the button and get it to take input from the dropdown. Problem is I can't get a button added. I've taken my script and just below ZeitGeits' successful dropdown code, added the following: code:
code:
As to setting a command for the OK button, how would I change this line to say "when the OK button is clicked, run add-adgroupmember -identity AdminUsers -Members %selectionfromdropdownabove%"? Edit: changed the $OKbutton part to include the return-dropdown alias, which I'm hoping will be usable to take the dropdown selection and pipe to add-adgroupmember later. That alias is as follows: code:
MJP fucked around with this message at 16:20 on Dec 19, 2012 |
|
# ? Dec 19, 2012 15:08 |
|
Dude, I don't mean to offend you. But at this point in time you are practically doing cargo cult scripting, copy and pasting code found on the internet in the hope it might work without any deeper understanding what the code actually does. I recommend you buy the book "PowerShell in a month of lunches", it serves as a good entry point to scripting with PowerShell. We might help you to solve your problem this time, but what about the next time your boss assigns you a task requiring you to script in PowerShell? I will help you one last time in the hope you actually learn something from my examples: code:
code:
To get the item selected by the user you have to query the dropdown list object $DropDown. The attribute $Dropdown.SelectedItem returns the selected item; who would have thought? Knowing this a possible solution is something like this code:
|
# ? Dec 19, 2012 23:00 |
|
An easy place to start, to get a good feel for how powershell starts, is Don's youtube channel: http://www.youtube.com/user/powershelldon This is from the same author as the month of lunches book. This might help you get a good grip on the quirks that are specific to powershell. If you only watch one video, use this deep-dive (warning, it is 4 hours long) https://www.youtube.com/watch?v=-Ya1dQ1Igkc
|
# ? Dec 20, 2012 09:27 |
|
stubblyhead posted:A question about error handling for you guys. I'm working with the vmWare powerCLI, but the concepts I'm wondering about should be universal. So I have some try-catch blocks kind of like this: Define best? We can get into a huge argument about this but in general exceptions should only handle exceptional events. Should your dataStore pretty much always be available and it really would be something catastrophic if it wasn't? If so, then yeah go ahead and throw an exception. If, on the other hand, the datastore might intermittently be there depending on some factors I would wrap the getting a datastore in a function that returned a value and check the value.
|
# ? Dec 20, 2012 21:37 |
|
Disregard, I had code inside a comment block and could not figure out why it was not working.
AreWeDrunkYet fucked around with this message at 16:49 on Dec 21, 2012 |
# ? Dec 21, 2012 16:42 |
|
For baby's first PowerShell script, I'd like to take a folder full of files and zip them up by month (e.g. 2012-10.zip, 2012-11.zip...). This is actually baby's second script, my first was another zipping script, so that part I can handle. The problem is that when I group the files, I can no longer iterate with a foreach. I don't think I understand how groups are interacted with. Here's the line in question: code:
code:
code:
This: code:
*edit: removed inconsequential stuff to fix table breaking.
|
# ? Jan 4, 2013 20:16 |
|
I'm trying to use the following commands:code:
code:
code:
What am I doing wrong?
|
# ? Jan 4, 2013 21:18 |
|
|
# ? Jun 8, 2024 05:48 |
|
import-csv creates rows of columns. If you do a foreach over them, you still get an array of columns for each loop, even if it is a one-member array, and get-aduser expects a string. You either have to: $users = get-aduser -filter * -searchbase $variable.ColumnName -properties DisplayName,distinguishedname,description,mail or use foreach ($variable in (get-content variables.csv)) to loop over each line as string
|
# ? Jan 4, 2013 21:41 |