|
Dirt Road Junglist posted:Also, if you don't have a test environment, using -WhatIf at the end of a command can tell you what it's going to do without it actually committing any actions. Don't rely on this, unfortunately. It's too random when the command decides to ignore it.
|
#
?
May 17, 2019 23:37
|
|
|
|
| # ? May 13, 2024 22:05 |
|
|
xsf421 posted:Don't rely on this, unfortunately. It's too random when the command decides to ignore it. It's not random, but WhatIf support is sporadic, even in first-party modules. This is a reasonable way to get a list of cmdlets that don't support whatif in a given module. code:
|
|
#
?
May 17, 2019 23:45
|
|
|
The bottom line is that even if a CmdletBinding declaration includes SupportsShouldProcess you should never assume that it will work in the way you expect it to as it depends entirely on how the cmdlet has been written. Always worth testing behaviour beforehand.
|
|
#
?
May 19, 2019 06:27
|
|
|
All the AD cmdlets had broken support for -whatif They might still idk.
|
|
#
?
May 21, 2019 05:14
|
|
|
So today I'm updating our new-ish director about the reporting I'm running to find Win7 and XP machines that have their patches for the current massive gaping exploit. He puts in "So you're using PowerShell Sessions to gather the info, right ?" Bitch please. The next machine I find in that domain that allows PS Remoting will be the first one. There's a reason almost every script I write calls psexec at some point. Speaking of which, does anyone have any handy techniques for getting information back from psexec ? I rarely get an error that shows up in a catch{} block, but an accurate count on "Access Denied" would have been just loving super today.
|
|
#
?
May 21, 2019 06:07
|
|
|
So I'm having an odd issue where adding an AD user to an ACL usually works but occasionally only adds them as an unresolved SID, so usage based on the account name fails. Any ideas? Here's the function I wrote. Like I said, works most of the time, but occasionally generates the user as a S-1-5-21* SID and I'm sure it's something I'm doing. code:
|
|
#
?
May 24, 2019 18:30
|
|
|
you can pass via the AD user's sid rather than their sAm Also (if it's working this probably doesn't matter) but powershell has get-acl and set-acl so you don't need to use the .*AcessControl() methods. Otherwise have you noticed if your intermittent failures are where the user already has permissions? I had a project shelved just adding permissions since it could potentially be too resource intensive if the stars aligned to gently caress up backups. I may have also been fed a crock of poo poo.
|
|
#
?
May 24, 2019 19:41
|
|
|
It’s primarily been used as a part of a larger script for creating and applying new users to an SFTP share/service. I can try redoing it using the applets instead of accessing the ACL directly, but like I said it works most of the time. 
|
|
#
?
May 24, 2019 20:06
|
|
|
Sometimes powershell just fucks up. I have the following:code:
|
|
#
?
May 25, 2019 18:06
|
|
|
I think filter is more reliable if you use the string "True"
|
|
#
?
May 25, 2019 21:24
|
|
|
My company moved to ~The Cloud~ and I'm learning this powershell thing. I made a pretty neato script to do some standard AAD stuff with, but I want to know is there a way to take arguments in to your script? Consider a really basic script named script.ps1 code:
|
|
#
?
Jun 13, 2019 16:12
|
|
|
Defenestrategy posted:Consider a really basic script named script.ps1 param([string]$Name) $name is now a usable variable in your script.
|
|
#
?
Jun 13, 2019 16:22
|
|
|
Defenestrategy posted:My company moved to ~The Cloud~ and I'm learning this powershell thing. I made a pretty neato script to do some standard AAD stuff with, but I want to know is there a way to take arguments in to your script? Not trying to be a jerk, but did you google this first? The phrase "powershell script arguments" brings up dozens of results that answer your question.
|
|
#
?
Jun 13, 2019 16:56
|
|
|
You'll also want to look into Read-Host, and also the Get-Content/foreach paradigm.
|
|
#
?
Jun 18, 2019 05:48
|
|
|
I need to figure out whose mailboxes are being forwarded to OldGuy, and instead forward them all to NewGuy. On-prem Exchange 2013. Where do I begin?
|
|
#
?
Jun 19, 2019 15:59
|
|
|
Google Create a forwarding rule and scroll past the Outlook resulta
|
|
#
?
Jun 19, 2019 16:23
|
|
|
I'm looking for things to poke at with this generic double-hop error message I'm getting while trying to use vagrant to provision a Windows VM:quote:Program 'python.exe' failed to run: A specified logon session does not exist. It may already have been terminated. Everything I see about the nature of the error implies the double hop problem. I don't understand why I would be seeing that since I should just be running a single hop here. Furthermore, it specifically only pukes when running python scripts from the shell. To add even more wrinkles, I'm using Python's pip command to install some commands beforehand. In fact, any other kind of command I run before that python command will be fine. It'll puke on that command wherever it is in my provision steps that Vagrant is running. It's even stranger that I can run "python -m pip" to invoke pip and also be okay. Vagrant is using WinRM to access the remote VM and there are some specific instructions to use it that disable some strictness: https://www.vagrantup.com/docs/boxes/base.html#base-winrm-configuration That doesn't bother me because the VM is isolated to this machine and doesn't, say, provide services to the outside or anything. Still, I am getting problems like this. Is there anything else to consider beyond classic double hop stuff? For one, I am running vagrant from Linux so some of the procedures--particularly involving running PowerShell commands on the host as if it were a Windows box--don't even apply. I'm also not, say, connecting to this VM just to connect to some other session elsewhere. So I am very confused about it. It also looks like this error does not happen on the second attempt to provision the same VM instance. So it could very well be some vagrant shenanigans, but I wanted to isolate the possibilities with Windows remoting.
|
|
#
?
Jun 24, 2019 21:00
|
|
|
Powershell is p cool. I haven't messed with it seriously in quite a while but in a couple hours I just set up: - A scheduled task that runs every 10 mins - Checks when last run successfully (using Get-ScheduledTask) - Builds an SQL query string using date stamp acquired from above if greater than 10 minutes - Connect to logging database and get info (using System.Data.SqlClient.SQLConnection) - Parse results, build string out of exceptions - If exception string <> "" log event to EventViewer (using Write-EventLog) - If exception string <>"" email exceptions (using Net.Mail.SmtpClient and System.Net.Mail.MailMessage) - If exception string <>"" post exceptions to dedicated Slack channel (using Invoke-RestMethod and hooks.slack.com) It's real neat!
|
|
#
?
Jun 24, 2019 23:03
|
|
|
Is there a better way of parsing AWS S3 metadata values other than using the s3api and playing with the JSON? I wrote this as it works, but it's a bit clunky:PowerShell code:PierreTheMime fucked around with this message at 17:14 on Jun 25, 2019 |
|
#
?
Jun 25, 2019 15:35
|
|
|
So here's a thing. I'm building JSON fulfillment requests from a CSV file. It's not exact, but it's roughly this:code:But what I've been told now, is that the data isn't normalized very well. I might have cases where order_id is not unique, so like: code:- All SKUs belonging to an order_id and - Sum up Qty when a SKU is indicated for that order_id over multiple rows (e.g. BLEH-X above should be one entry for Qty 2) I would in turn use this information to make one JSON request for the order, that keeps adding to tracking_number / items array for that order_id instead of multiple individual requests against the same order_id the current method would do. I'm pretty sure I'd know how to do this in C#/VB, but am wondering if there's some wow neato thing like | Combine-ByKey "order_id" or something like that in PowerShell I'm not aware of. If it helps, I can ensure that the CSV file is sorted by order_id, e.g. the next row would always be either the same order or a new one. EDIT-And if you want to make cool pre/code tables like the above you can go here: https://github.com/ozh/ascii-tables EDIT EDIT-Hmm Group-Object -> Select-Object Scaramouche fucked around with this message at 08:38 on Jun 26, 2019 |
|
#
?
Jun 26, 2019 08:28
|
|
|
Bug #2607 on cyclic dependences probably isn't going to be fixed in ps5.1 It's okay, I I love making weird hacky module manifests 
|
|
#
?
Jun 26, 2019 19:34
|
|
|
PierreTheMime posted:Is there a better way of parsing AWS S3 metadata values other than using the s3api and playing with the JSON? I wrote this as it works, but it's a bit clunky: New lines and intermediary variables are free
|
|
#
?
Jun 27, 2019 03:14
|
|
|
fishmanpet are you a pester contributor
|
|
#
?
Jun 27, 2019 05:00
|
|
|
I did contribute about 4 or 5 lines so technically yes.
|
|
#
?
Jun 27, 2019 13:18
|
|
|
PierreTheMime posted:Is there a better way of parsing AWS S3 metadata values other than using the s3api and playing with the JSON? I wrote this as it works, but it's a bit clunky: It's weird to mix the powershell toolkit and awscli like this IMO. If you're using the powershell toolkit, can you pipe into Get-S3ObjectMetadata? That will come back with something that powershell is more readily equipped to deal with (an instance of Amazon.S3.Model.MetadataCollection), and then you can use normal powershell stuff to grab attributes of the response without having to fight with json. For an awscli-only approach I would recommend piping into jq.
|
|
#
?
Jun 27, 2019 16:34
|
|
|
12 rats tied together posted:It's weird to mix the powershell toolkit and awscli like this IMO. If you're using the powershell toolkit, can you pipe into Get-S3ObjectMetadata? That will come back with something that powershell is more readily equipped to deal with (an instance of Amazon.S3.Model.MetadataCollection), and then you can use normal powershell stuff to grab attributes of the response without having to fight with json. I tried that originally, but the Get-S3ObjectMetadata cmdlet only contains a MetadataCollection, which contains keys, not the values. Frustratingly, MetadataEntry is right below this in the SDK doc and has the obviously-more-useful key/value pair, but it's not used here. This is especially annoying because the Java SDK can get values just fine. It's always possible I'm missing something (because I often do), but I cannot find a way to get the metadata value from the non-cli cmdlets. The object event adds the key/value pair in the .Add() method but the collection returned is just the key.  
PierreTheMime fucked around with this message at 17:41 on Jun 27, 2019 |
|
#
?
Jun 27, 2019 17:31
|
|
|
Great point -- looking closer at this cmdlet, it looks like they're bubbling the keys/values up into GetObjectMetadataResponse? For example, if you need ETag, it's right there (key and value) in the response object, not the metadata collection. Same thing with Last-Modified, ContentLength, etc. It is super confusing that they would not exist, keys and values, in the metadata collection though. I do not like the powershell toolkit and I generally just use awscli/boto3. 
|
|
#
?
Jun 27, 2019 17:41
|
|
|
Yeah, I need to get around to learning Python. For that reason I'm setting aside time to convert some of my AWS-specific Java SDK stuff to boto3, half for experience and half because others around here are more comfortable with it. I've come to the conclusion that working with Java and PowerShell primarily has given me a serious case of verbosity-poisoning, as the abbreviated/succinct style of Python just bothers me in a way I can't describe.
|
|
#
?
Jun 27, 2019 17:53
|
|
|
It looks like you can just read values by square-bracket indexing with the key, but this is documented as the Item property since that's the underlying CLR property name: https://github.com/aws/aws-sdk-net/blob/1a5187e0dcddadba10a6b90fd827f2e485af0f9c/sdk/src/Services/S3/Custom/Model/MetadataCollection.cs#L38
|
|
#
?
Jun 28, 2019 01:07
|
|
|
Mario posted:It looks like you can just read values by square-bracket indexing with the key, but this is documented as the Item property since that's the underlying CLR property name: Ugh, that's so awkward but okay. Thanks for pointing that out. This works: PowerShell code:
|
|
#
?
Jun 28, 2019 02:07
|
|
|
Does AWS Powershell support you know, actually querying the table in some fashion? Or is it just a meta-organizer tool? I'm part through hooking one up (I can't seem to be able to provide a sort key that satisfies "the provided key element does not match the schema") and I saw this on a related StackOverflow: code:
|
|
#
?
Jul 3, 2019 22:07
|
|
|
AWS Powershell is definitely the bastard offspring. IDK if the rest of the API documentation is as terrible as the Powershell one is, but its frequently wrong. Also much of their getting started documentation says "Here's how to do it in AWS CLI" and then ignores Powershell. Furthermore there's no (official?) API to Powershell lookup table - I've had to click on my best guesses for the cmdlets I want and then read the body text to see what API calls it makes. Also don't get me started on parameters that are documented as optional but are in fact mandatory and only have one allowed value.
|
|
#
?
Jul 7, 2019 14:57
|
|
|
Yeah it really is surprising how long AWS has been around and still they’re cleaning up basic things, even in their most popular interfaces.
|
|
#
?
Jul 7, 2019 15:10
|
|
|
I sort of got it working using aws-cli but as mentioned the documentation is pretty dire for the powershell specific stuff. I got like 90% of the way there and will probably revisit it using native PS objects; the biggest stumbling block to me is that you must use the existing indexes as part of any query object, and it never really specifies where/how you should do that, so some random guess and test was involved. I'd probably have it working in PS, but one of the bright sparks who made the table (and didn't make any useful indexes) made one of the columns a reserved AWS keyword, and normal Powershell escaping doesn't work for getting around that. I think there might be something to this guy's approach but I gave up fixing it halfway through as the impression I get is that it's no longer current: https://www.powershellgallery.com/packages/domainAwsPowershellTools/1.0.2/Content/domainAwsPowershellTools.psm1
|
|
#
?
Jul 8, 2019 19:56
|
|
|
Anyone have experience working with Google API service accounts? I can read Sheets data easily enough using an API key, but writing needs an OAuth token and it’s a pretty annoying process. I’ve had everything else working just fine using Invoke-RestMethod, but if I need to install the Google module I guess I can.
|
|
#
?
Jul 15, 2019 03:38
|
|
|
Google "umn-Google powershell" and you'll find our module that includes oauth stuff, either authenticating as you or as a service account token. It's only in a github branch right now, but something like gshit drop down (I made a typo in the branch name and never fixed it!) includes code that will do a lot of the work for you to create it, you still have to create the "application" or whatever in the Google developer console, but once you've got your client secret and app id and setup your redirect uri properly, it'll do the rest of the work.
|
|
#
?
Jul 15, 2019 07:00
|
|
|
FISHMANPET posted:Google "umn-Google powershell" and you'll find our module that includes oauth stuff, either authenticating as you or as a service account token. It's only in a github branch right now, but something like gshit drop down (I made a typo in the branch name and never fixed it!) includes code that will do a lot of the work for you to create it, you still have to create the "application" or whatever in the Google developer console, but once you've got your client secret and app id and setup your redirect uri properly, it'll do the rest of the work. Thanks, got it working from that. I was also trying to use the JSON credential it provided (as it was recommended), but I gave in and have a dependency on the .p12 cert now. Having worked with other oauth functions like Keycloak this still seems overly complicated, but it'll have to do.
|
|
#
?
Jul 15, 2019 16:11
|
|
|
I don't even know if this is the right place to ask this, but I'm dealing with a dilemma. I have this script to run here: code:However, I need to get this to run on 100 separate folders. The way I do it now is Folder1/Folder2/Folder3/files where Folder 3 is where I cd to in order to make the split folders with the filenames etc etc. The branches where things separate are beneath Folder 1. Folder 1 houses 100 folders (collectively referred to as Folder(s) 2), but in each of those folders is a folder (Folder 3) with the files within them that I need to run the command above on. LODGE NORTH fucked around with this message at 01:04 on Jul 18, 2019 |
|
#
?
Jul 18, 2019 00:58
|
|
|
Are you looking to extend your current script in shell or do you want it extended/converted to Powershell?
|
|
#
?
Jul 18, 2019 01:32
|
|
|
|
| # ? May 13, 2024 22:05 |
|
|
LODGE NORTH posted:I don't even know if this is the right place to ask this, but I'm dealing with a dilemma.
|
|
#
?
Jul 18, 2019 01:38
|
|
