|
That seems really terrible, but if I were forced at gunpoint to write and maintain something like that I would probably just usecode:
|
#
?
Feb 6, 2016 04:14
|
|
|
|
| # ? May 10, 2024 14:15 |
|
|
Reiz posted:That seems really terrible, but if I were forced at gunpoint to write and maintain something like that I would probably just use Definitely! I'm in a big room mostly full of people writing code for Puppet. The idea though is that instead of updating the code every time things change, you can update configuration files. A huge chain of if-then statements is much harder to maintain.
|
|
#
?
Feb 7, 2016 01:09
|
|
|
I'm writing some performance monitoring scripts, stuff to check CPU, Memory, etc. I can think of a few ways to do any check, but I'm wondering if there's already some good work done on this subject that I can just use. I'm thinking of using performance counters so I can get a better idea of performance over time if I'm only checking once every five minutes. Any ideas on how to approach this?
|
|
#
?
Feb 9, 2016 20:07
|
|
|
I've got an odd powershell question that I can't seem to find an answer on. When I run this locally on HostName: Get-ChildItem HKCU:\Software\Microsoft\Windows\CurrentVersion\Uninstall | foreach-object {Get-ItemProperty $_.PsPath} I get the exact results I'm looking for. When I try the same command from my computer using "Invoke-Command -computer HostName {*above command*}" it says the path does not exist. Except I know it exists because I can run the same thing from the target computer and get my result. Is there a limitation with remote powershell that can't access this registry path? Or do I need to edit the HKCU path to specifically aim it at that computer?
|
|
#
?
Feb 11, 2016 16:42
|
|
|
Judge Schnoopy posted:I've got an odd powershell question that I can't seem to find an answer on. My gut is that the Invoke-Command isnt picking up on the pipeline properly. Can you try this command via invoke-command, but without the "| foreach-object.... " ?
|
|
#
?
Feb 11, 2016 16:46
|
|
|
Judge Schnoopy posted:I've got an odd powershell question that I can't seem to find an answer on. HKCU (HKEY_CURRENT_USER) only really exists for interactive logon sessions. When you remote to another machine, which user is "current"? If you want to enumerate Uninstall entries for local user accounts on another machine, your best bet is really to force the system user account service to load the profile. That should in turn cause the user hive to appear under HKEY_USERS (named after the account SID), where you might then be able to access it with remoting. As for forcing the user account service to load a profile, remotely, no idea.
|
|
#
?
Feb 11, 2016 17:03
|
|
|
Well this got more interesting as I did more digging. I ran: Get-ChildItem HKCU:\Software\Microsoft\Windows\CurrentVersion On HostName and got a list of subkeys. Then I ran: Invoke-Command -computer Hostname {Get-ChildItem HKCU:\Software\Microsoft\Windows\CurrentVersion} And got the same list of subkeys, except the uninstall subkey is missing. It's the only difference between the two outputs. Maybe Microsoft blocks access to the uninstall subkey when using powershell remote, maybe it's a bug, but it's a huge hindrance to my script here.
|
|
#
?
Feb 11, 2016 17:08
|
|
|
Are you sure it's the same user hive you're looking at with both commands? Really sure?
|
|
#
?
Feb 11, 2016 17:18
|
|
|
nielsm posted:Are you sure it's the same user hive you're looking at with both commands? Really sure? ... gently caress Thank you. Digging in to other subkeys I'm finding subtle differences in values. So now I'm back to square 1 where I cannot check which of the 4 OneClick applications are installed on remote machines. I guess I could just shotgun the uninstall string and let it error out if the application isn't there.
|
|
#
?
Feb 11, 2016 17:30
|
|
|
Judge Schnoopy posted:... Try, on the remote (I think it must be done on the remote at least) to set up HKEY_USERS as a PSDrive and then check what profiles are available there: code:Just keep in mind this will only get you user hives for profiles that are loaded on that machine right now. Usually means you'll see them for system accounts, service accounts, whatever account you're remoting in with, and then any users that have logged locally on to the machine after last boot. (Profiles of logged off users tend to stay loaded, at least for a while.)
|
|
#
?
Feb 11, 2016 18:08
|
|
|
Is there a good way to like schedule or delay something in Powershell on the magnitude of days? Like if I get notice that an employee is leaving in a few weeks, would I be able to run a script to disable their mailboxes on their last day? Or what do most people typically do?
|
|
#
?
Feb 12, 2016 21:48
|
|
|
beepsandboops posted:Is there a good way to like schedule or delay something in Powershell on the magnitude of days? Windows task scheduler
|
|
#
?
Feb 12, 2016 22:04
|
|
|
Scheduled tasks can be created with New-ScheduledTask Check the examples.
|
|
#
?
Feb 12, 2016 23:08
|
|
|
beepsandboops posted:Is there a good way to like schedule or delay something in Powershell on the magnitude of days? Set-ADAccountExpiration?
|
|
#
?
Feb 13, 2016 21:31
|
|
|
Ask me about expiring staff who decide to stay on for a few extra days.
|
|
#
?
Feb 15, 2016 01:22
|
|
|
beepsandboops posted:Is there a good way to like schedule or delay something in Powershell on the magnitude of days? PS has a built in job creator but I don't trust it. Windows Task Scheduler GUI, set your trigger, and the action is launch c:\windows\system32\powershellv1\powershell.exe, arguments "-file 'c:\path\to\script.ps1' -NoProfile -ExecutionPolicy Bypass -Noninteractive"
|
|
#
?
Feb 16, 2016 19:54
|
|
|
Jeoh posted:Set-ADAccountExpiration? We've generally not deleted user accounts in AD as a rule (it seems many orgs do this), so I can use Set-ADAccountExpiration, but then have to circle back around for the Exchange mailbox anyway. I might be spending too much time trying to automate this, but learning about the Powershell side of scheduled tasks has been interesting.
|
|
#
?
Feb 16, 2016 21:17
|
|
|
The disable-mailbox exchange cmdlet removes the mailbox but only disables the AD user. *please check this is correct before running it.
|
|
#
?
Feb 17, 2016 01:19
|
|
|
I made a script to install Flash Plugin, which works great when downloading the file from the internet. Our remote branches have a 1.5 meg pipe to us for internet access. Downloading that file takes 5 minutes and bogs operations for the duration. I'd love to host the install file on a local PC at each branch, then have the script copy the file from that local PC to the target PC. Everything I do to try reaching another PC results in "Cannot find path". I'm clearly doing something wrong. I can't even do a "Get-ChildItem -Path \\server\share" successfully. Here's the rundown: Script asks for target PC. Regex match sets $location to one of 4 UNC paths, depending on $target. Invoke-Command is passed through a PSSession to that computer, with the rest of the install script. code:I can't find what I'm missing here. Any help?
|
|
#
?
Feb 17, 2016 21:02
|
|
|
I'm not sure, but I think when you start doing sessions like that, sometimes permissions get all screwed up. There are ways to fix it, but maybe try making a folder that's shared to "Everyone" and see if you can access it. That would prove it's a credential issue.
|
|
#
?
Feb 17, 2016 21:09
|
|
|
I'm trying to create a script that will take 1-3 inputs from a user and then search mailboxes for emails that match that criteria and ultimately delete from the user's mailbox and forward to a blackhole mailbox. I can make it work if I run -SearchQuery with 1 variable, but things get a little wacky when I try to do a search query with 3 variables. I found some information about variables not exapanding within scriptblocks, so I've tried to fix that with the $search variable but now I'm getting a "keyword isnt supported" error so I'm certain I've just mangled the formatting. Anyone got any tips? code:Edit: Also- search-mailbox creates a really obnoxious folder structure for each of the results it finds, showing which mailbox and folder the email was found in. Is there a way to just send the email to the blackhole without creating that directory structure? The thought of catching like 100 emails and having a huge tree for all of them seems crazy. Doug fucked around with this message at 22:38 on Feb 17, 2016 |
|
#
?
Feb 17, 2016 22:30
|
|
|
Dr. Arbitrary posted:I'm not sure, but I think when you start doing sessions like that, sometimes permissions get all screwed up. Don't worry I'm a loving idiot and wasn't in an elevated powershell console. Rule 1 of powershell: If you know you're running as admin and something obvious doesn't work, you're wrong and need to close / reopen the console as admin.
|
|
#
?
Feb 17, 2016 22:50
|
|
|
Follow up from my earlier post. I've fixed the query kind of. If I populate all 3 variables the search completes without issue but I'm still having trouble doing partial searches. If I search for full email(which I've required) , full subject and partial body, I get the desired result. If I search partial subject, suddenly it fails. I'm wondering if the search I want to do is even possible with KQL. I want to take input from the user and do a search but the input could be the beginning, middle, end or complete of any or all of the three fields. Is this possible or am I just outside of Powershell scope at this point?
|
|
#
?
Feb 18, 2016 22:49
|
|
|
Doug posted:Follow up from my earlier post. I've fixed the query kind of. If I populate all 3 variables the search completes without issue but I'm still having trouble doing partial searches. If I search for full email(which I've required) , full subject and partial body, I get the desired result. If I search partial subject, suddenly it fails. I'm wondering if the search I want to do is even possible with KQL. I want to take input from the user and do a search but the input could be the beginning, middle, end or complete of any or all of the three fields. Is this possible or am I just outside of Powershell scope at this point? I would think you could use a wildcard in some way to do it, I'm not well versed in powershell but in prior coding experience I've used wildcards to do what you're describing. Depending on your dataset you could do *string* or something similar although it could return too many results....
|
|
#
?
Feb 22, 2016 13:39
|
|
|
Alright goons, I'm diving into Powershell head first. Right now what I'm trying to do is a short script that checks if a computer is online via DNS, and eventually write to an output file (Haven't quite gotten to that point yet). So far what I've gotten stuck on a bit is test-connection: PowerShell code:As you can see I have the original $test_ping to see what I"m doing. Gothmog1065 fucked around with this message at 15:18 on Feb 22, 2016 |
|
#
?
Feb 22, 2016 15:04
|
|
|
Alternative solution, perhaps: Use the Start-Job and Wait-Job cmdlets to create a job for each computer on your list, and have them run in parallel. Look up the about_Jobs help file to get some examples. If you go that way, you should probably not use "echo" or similar direct output, but rather have the jobs return one or more objects with the result, which you can then collate and process afterwards.
|
|
#
?
Feb 22, 2016 15:21
|
|
|
MF_James posted:I would think you could use a wildcard in some way to do it, I'm not well versed in powershell but in prior coding experience I've used wildcards to do what you're describing. Depending on your dataset you could do *string* or something similar although it could return too many results.... Yeah, I'm familiar with wildcards and you would think that would work, but it seems the problem is due to using KQL for the search. In KQL the * character is used as a prefix delimiter. So things like foo* work when searching for things that start with 'foo' but *bar doesn't work because it looks for the stuff behind the * as the prefix. Actually, reading this technet again, I see it says explicitly that suffix matching is not supported.
|
|
#
?
Feb 22, 2016 17:48
|
|
|
If you let the error continue without stopping, $test_ping is probably returning as true even if it fails. You want the error to break the process, and then you can catch it and return something elsePHP code:
|
|
#
?
Feb 22, 2016 18:08
|
|
|
Roargasm posted:If you let the error continue without stopping, $test_ping is probably returning as true even if it fails. You want the error to break the process, and then you can catch it and return something else I turned it back to the commented out test_ping (Test connection) for now. It takes a bit but works properly. Gothmog1065 fucked around with this message at 15:24 on Feb 23, 2016 |
|
#
?
Feb 22, 2016 21:31
|
|
|
Gothmog1065 posted:Alright goons, I'm diving into Powershell head first. I actually did something very similar to this once. I made a powershell module for testing DNS. Then in another script I called the defined functions and would run hostnames/IPs against the functions. http://pastebin.com/j4xFDEkF The DNS functions module. http://pastebin.com/mmDUiTPA The script My way was kind of slow and not that great but you might be able to somehow parallelize the DNS readings with a workflow. Maybe something like Methanar fucked around with this message at 20:26 on Feb 23, 2016 |
|
#
?
Feb 23, 2016 01:13
|
|
|
Well, I think I got something that works reasonably well now. The csv-export could be handled much better (IE correctly) but when trying to build the variable to export, it does really stupid things. PHP code:
|
|
#
?
Feb 23, 2016 15:27
|
|
|
There's a -quiet parameter for test-connection that might be more appropriate here.
|
|
#
?
Feb 23, 2016 15:36
|
|
|
You also don't need to construct the output CSV manually if you don't want to, and echo isn't normally necessary, as it's just an alias for Write-Output.code:As you get more used to PowerShell, you might be able to use Get-CimInstance Win32_UserProfile (or Get-WmiObject Win32_UserProfile) to see who's currently logged in. There have been a few cases at work where the user has subsequently been renamed, so I had to get their SID and run Get-ADUser based on that.
|
|
#
?
Feb 25, 2016 13:44
|
|
|
I'm looking to do archives of OneDrive accounts via Powershell for work purposes. Is it even possible? I know you can do a Get-ChildItem on it and download 1 file or possible 1 folder worth of items but I'm trying to automate it. I'm just not skilled enough in the scripting department to accomplish it. Any pointers would help a ton.
|
|
#
?
Feb 25, 2016 18:29
|
|
|
Venusy posted:You also don't need to construct the output CSV manually if you don't want to, and echo isn't normally necessary, as it's just an alias for Write-Output. They just changed the web filter (to Websense) at work, which means SA is blocked because it's "tasteless". It's a pretty apt description, but it really hurts my ability to ask questions here. I'll definitely work your information into my updated code. I'm pulling directly from a spreadsheet and am trying to some basic file error handling. Thanks for all the help!
|
|
#
?
Feb 26, 2016 03:29
|
|
|
Okay, edit for clarity. here is my full code. Basically what is happening is the entire list is shown as it is created which is fine, but when the csv is created, it only creates a .csv with three lines: #TYPE System.Management.AUtomation.PSCustomObject CTAG,Username C27999,ERROR The last one is the last hostname (which is unpingable. Any ideas? E2: helps if I add all of the suggested code. Thanks guys. Gothmog1065 fucked around with this message at 17:38 on Mar 1, 2016 |
|
#
?
Feb 29, 2016 14:42
|
|
|
How would you completely remove a group's permissions from a folder? This is the closest I have:code:
|
|
#
?
Mar 3, 2016 02:46
|
|
|
beepsandboops posted:How would you completely remove a group's permissions from a folder? This is the closest I have: code:Your code is trying to build a NEW access rule to overwrite the existing one rather than actually removing it. As an aside, you may want to do some checking to see if it's an inherited permission before you remove it, just in case.
|
|
#
?
Mar 3, 2016 03:44
|
|
|
Zaepho posted:As an aside, you may want to do some checking to see if it's an inherited permission before you remove it, just in case. code:
|
|
#
?
Mar 3, 2016 18:58
|
|
|
|
| # ? May 10, 2024 14:15 |
|
|
beepsandboops posted:Earlier in the script I have this: Do you actually WANT to block inheritance? if so, then no issue and converting everything to explicit is fine. If you don't mean to block permission inheritance then you might rework that a bit (maybe only block inheritance when you encounter an instance of inherited permissions than causes you an issue).
|
|
#
?
Mar 4, 2016 01:01
|
|