|
LODGE NORTH posted:I don't even know if this is the right place to ask this, but I'm dealing with a dilemma. Here's a quick verbose attempt at what you're asking for: PowerShell code:
PowerShell code:
PierreTheMime fucked around with this message at 14:15 on Jul 18, 2019 |
# ? Jul 18, 2019 14:11 |
|
|
# ? May 15, 2024 10:36 |
|
PierreTheMime posted:Here's a quick verbose attempt at what you're asking for: PowerShell code:
|
# ? Jul 18, 2019 16:31 |
|
sloshmonger posted:This would depend on the OP's problem, but would miss files if Folder3 has subfolders that need to be checked they'd be missed. While true, that wasn't in the requirement. I was basing the behavior based on the original shell, which only acted on files. Good to point out though, if they did actually need that step. VVV That's a fair point as well. PierreTheMime fucked around with this message at 18:46 on Jul 18, 2019 |
# ? Jul 18, 2019 17:33 |
|
Yo stop using string concatenation/interpolation to construct file system paths! Best practice is to use Join-Path which can handle joining ambiguous path elements (Basically identical to os.path.join() in Python).
|
# ? Jul 18, 2019 18:33 |
|
Pile Of Garbage posted:Yo stop using string concatenation/interpolation to construct file system paths! Best practice is to use Join-Path which can handle joining ambiguous path elements (Basically identical to os.path.join() in Python). Holy crap, I have been missing out. That is so much more elegant.
|
# ? Jul 19, 2019 20:38 |
|
Dirt Road Junglist posted:Holy crap, I have been missing out. That is so much more elegant. There's also Split-Path which can be used to extract specific parts of a file system path string: code:
Edit: all three *-Path cmdlets also work with UNC paths. Pile Of Garbage fucked around with this message at 08:32 on Jul 20, 2019 |
# ? Jul 20, 2019 08:26 |
|
Can I use Revoke-AzureADUserAllRefreshToken for ALL users in a given tenant, or do I have to do it by individual? Is it as easy as Get-AzureADUser -all $true | Revoke-AzureADUserAllRefreshToken? my cat is norris fucked around with this message at 20:03 on Jul 29, 2019 |
# ? Jul 29, 2019 19:56 |
|
my cat is norris posted:Can I use Revoke-AzureADUserAllRefreshToken for ALL users in a given tenant, or do I have to do it by individual? I've never done it, but the docs for Revoke-AzureADUserAllRefreshToken say it supports pipeline input, so it should work.
|
# ? Jul 29, 2019 20:03 |
|
Thank you for confirming that for me! I'm always so afraid of these little scripts that have big impact.
|
# ? Jul 29, 2019 20:31 |
|
my cat is norris posted:Thank you for confirming that for me! I'm always so afraid of these little scripts that have big impact. What, you don't test your code in prod? I mean, uh...I follow best practices and never do anything that might result in wiping out an entire OU's membership perms.
|
# ? Jul 29, 2019 20:43 |
|
Man, okay. Second half of that question. I'm not having any luck forcing a password change on myself via PowerShell. I want to prompt users to change their passwords the next time they log into Office 365. I'm trying this on my own account: code:
|
# ? Jul 31, 2019 13:25 |
|
If you're trying to pass by pipeline, I think you should be using "Get-AzureADUser".
|
# ? Jul 31, 2019 14:14 |
Wizard of the Deep posted:If you're trying to pass by pipeline, I think you should be using "Get-AzureADUser". Yeah, if it's at all similar to Set-ADUser then Set-AzureADUser does not return anything, unless you also give it the -PassThru flag. If you aren't actually setting anything you should just use Get-AzureADUser instead.
|
|
# ? Jul 31, 2019 14:25 |
|
Omg thank you, that should have been so obvious!! Whoooa errors: code:
|
# ? Jul 31, 2019 14:36 |
|
While set-azurradpassword does support the pipeline, it's expecting an objectid string not a user object.
|
# ? Jul 31, 2019 14:44 |
|
Okay, I've got that sorted out; thank you. Is there a way to leave the -Password parameter blank so that I don't actually set anyone's passwords, or do I have to provide something? I really just want to force people to change their existing passwords.
|
# ? Jul 31, 2019 14:58 |
|
Not with set-azureradpassword, but set-msoluserpassword will.
|
# ? Jul 31, 2019 16:43 |
|
Ahhh maybe I went down the wrong rabbit-hole, then. Thank you, I'll get more information about that and give it a shot.
|
# ? Jul 31, 2019 18:12 |
|
I have zero experience with Azure AD, but in regular AD, I've used something like this before to scramble PWs and check the "User must change password on next logon" box.code:
|
# ? Aug 1, 2019 00:39 |
|
Is the book referenced in the OP still relevant? I am semi comfortable with powershell but its a lot of hacking and copying existing code and I want to become more well rounded. Also any reccomendations for getting learned up in PowerShell+PowerCLI?
|
# ? Aug 6, 2019 18:22 |
|
I couldn't find a direct reference to any book in the OP, but you should get Learn PowerShell in a Month of Lunches, 3rd Ed. poo poo's changed a lot since the OP was last updated in 2010, and a bunch of that stuff is even easier now.
|
# ? Aug 6, 2019 19:29 |
|
Wizard of the Deep posted:I couldn't find a direct reference to any book in the OP, but you should get Learn PowerShell in a Month of Lunches, 3rd Ed. poo poo's changed a lot since the OP was last updated in 2010, and a bunch of that stuff is even easier now. Yeah, v5 has added a lot of nice-to-haves. Seconding the PS in a Month of Lunches as a good book to learn from.
|
# ? Aug 6, 2019 19:37 |
|
I keep hearing good things about that one, I'll grab it. Thanks!
|
# ? Aug 6, 2019 19:58 |
|
Wizard of the Deep posted:I couldn't find a direct reference to any book in the OP, but you should get Learn PowerShell in a Month of Lunches, 3rd Ed. poo poo's changed a lot since the OP was last updated in 2010, and a bunch of that stuff is even easier now. 'Powershell in Action' https://www.amazon.com/Windows-Powershell-Action-Bruce-Payette/dp/1932394907
|
# ? Aug 6, 2019 19:59 |
|
cr0y posted:'Powershell in Action' Ah, I see it now. If anything, get the 3rd edition, because the first edition linked in the OP is a dozen years old. I haven't read it, though. Don't take this as a recommendation.
|
# ? Aug 6, 2019 20:46 |
|
Month of Lunches is a goddamn institution. Like the Camel Perl book or some poo poo.
|
# ? Aug 7, 2019 00:34 |
|
Pile Of Garbage posted:Yo stop using string concatenation/interpolation to construct file system paths! Best practice is to use Join-Path which can handle joining ambiguous path elements (Basically identical to os.path.join() in Python). I love Join-Path but its syntax can be cumbersome when you have to use it for may path components: code:
code:
In PowerShell Core, they added a parameter to help, but it's a still little meh to me because you still need a singular child: code:
|
# ? Aug 11, 2019 19:21 |
|
So I'm stumped about the behavior Outlook.Application ComObject. Code snippet below looks in a folder in Outlook for emails received in the last 15 minutes. It sometimes works (returns a count) and sometimes it doesn't (even though there is a message received in the time frame). That is $count is 0 even though it shouldn't be. code:
|
# ? Aug 14, 2019 21:07 |
|
Djimi posted:We're hosted in Office365 - is there a better method or object I can use, that can do the same thing but directly connect to MS, and leave Outlook.App out of it? Thank you Check the Microsoft.Exchange.WebServices.Data namespace. Unfortunately I don't have any good example code for you. you will need a O365 username/password pair you can get to to pass into the objects. I haven't had to try to get a 2FA protected account to work with this method.
|
# ? Aug 14, 2019 21:25 |
|
Zaepho posted:What you're looking for is EWS Note that non-OAuth EWS is going to be sunset soon: https://techcommunity.microsoft.com/t5/Exchange-Team-Blog/Upcoming-changes-to-Exchange-Web-Services-EWS-API-for-Office-365/ba-p/608055 Well, within a year, but you might want to consider coding ~for the future~ and use Graph now to avoid headaches.
|
# ? Aug 14, 2019 21:27 |
|
PierreTheMime posted:Note that non-OAuth EWS is going to be sunset soon: https://techcommunity.microsoft.com/t5/Exchange-Team-Blog/Upcoming-changes-to-Exchange-Web-Services-EWS-API-for-Office-365/ba-p/608055 Well Crap.. Luckily the customer's AD migration should be done by then. We're making EWS Calls to on On-Prem Exchange and O365 Exchange to copy Mail Contacts from user's mailboxes. The customer didn't want to do full email migration. I guess I'm going to have to learn Graph then.
|
# ? Aug 14, 2019 22:01 |
This is not strictly a PowerShell question, but I suspect the regulars here tend to have experience with working with AD programmatically... The UserAccountControl field on AD accounts has two flags that seem to never be set: LOCKOUT and PASSWORD_EXPIRED Did they only get set by older versions of AD or even NTDS? If new versions don't set these flags, what's the best way to detect these states?
|
|
# ? Aug 15, 2019 08:02 |
|
nielsm posted:This is not strictly a PowerShell question, but I suspect the regulars here tend to have experience with working with AD programmatically... I haven't played with that field myself, but it looks like a somewhat newer field is ms-DS-User-Account-Control-Computed, though that page doesn't indicate implementation beyond 2012, and I'm not sure what has superseded it. In any case, Search-ADAccount should do what you need with the -LockedOut or -PasswordExpired parameters.
|
# ? Aug 15, 2019 12:19 |
Ah that computed field is probably what I want then. I'm not actually working in PowerShell for this, but rather using the System.DirectoryServices API from .NET in a C# desktop application, and later after making my previous post discovered that to use the msDS computed properties you have to explicitly request them. Requesting "all properties" in particular does not return them.
|
|
# ? Aug 15, 2019 16:30 |
|
Zaepho posted:What you're looking for is EWS PierreTheMime posted:Note that non-OAuth EWS is going to be sunset soon: https://techcommunity.microsoft.com/t5/Exchange-Team-Blog/Upcoming-changes-to-Exchange-Web-Services-EWS-API-for-Office-365/ba-p/608055
|
# ? Aug 15, 2019 16:55 |
|
Djimi posted:
The other answers are probably where you should go with this, but something that trips me up sometimes is that when there's only one object it won't be be in a container, and so it may not have a count property. If you're curious about making this code work, I'd see what happens when there's only one email returned by mydir.items.Restrict($sFilter) and see if it has a count property or not. FISHMANPET fucked around with this message at 06:46 on Aug 16, 2019 |
# ? Aug 16, 2019 06:39 |
Pipe to Measure-Object to count zero, one, and many objects correctly.
|
|
# ? Aug 16, 2019 06:44 |
|
You can also just force it into an array:code:
code:
|
# ? Aug 16, 2019 06:50 |
Toast Museum posted:I haven't played with that field myself, but it looks like a somewhat newer field is ms-DS-User-Account-Control-Computed, though that page doesn't indicate implementation beyond 2012, and I'm not sure what has superseded it. Yeah definitely. These Computed properties are neat but you need to know they are available and only exist when you request them explicitly. code:
C# code:
nielsm fucked around with this message at 09:30 on Aug 16, 2019 |
|
# ? Aug 16, 2019 09:27 |
|
|
# ? May 15, 2024 10:36 |
|
FISHMANPET posted:You can also just force it into an array: I typically force results into an array by typing the variable. code:
|
# ? Aug 16, 2019 16:18 |