|
I recently joined a team that's trying to remediate thousands of legacy and/or non-standard systems. Two of us are using Powershell to automate software deployments, maintenance, and updates. Thanks to the nature of the environment we have a random mix of 32- and 64-bit systems and have to push and invoke different installers for each. This morning the other scripture asked how I was detecting processor architecture. It turns out, his way code:A quick code:
|
#
¿
Jan 30, 2019 05:59
|
|
|
|
| # ¿ Apr 29, 2024 07:42 |
|
|
Irritated Goat posted:Help me save my own sanity. I’m trying to scrape for a specific device on specific PCs using WMI wrapped in an invoke-command. If I do it manually PC by PC, it works. It’s only when I add in Import-CSV file.csv | does it return nothing. Is that a scope issue ? Yeah, that's probably scope. At a guess, you're probably importing the CSV in one function and trying to do something with the contents in another.
|
|
#
¿
Feb 20, 2019 07:36
|
|
|
You should totally be using VS Code. I'm as shocked as anyone that Microsoft is releasing cross-platform (Win, Mac, Linux) development tools that are actually good. I need to argue with the debugger some more to get good at it, but just having multiple editors open at once is a loving godsend (I do a lot with telling machine X to run a script hosted on file share Y). I do Powershell on Windows, and have it on my Mac laptop for my occasional foray into Python (BBEdit is good enough for bash).
|
|
#
¿
May 7, 2019 08:06
|
|
|
So today I'm updating our new-ish director about the reporting I'm running to find Win7 and XP machines that have their patches for the current massive gaping exploit. He puts in "So you're using PowerShell Sessions to gather the info, right ?" Bitch please. The next machine I find in that domain that allows PS Remoting will be the first one. There's a reason almost every script I write calls psexec at some point. Speaking of which, does anyone have any handy techniques for getting information back from psexec ? I rarely get an error that shows up in a catch{} block, but an accurate count on "Access Denied" would have been just loving super today.
|
|
#
¿
May 21, 2019 06:07
|
|
|
You'll also want to look into Read-Host, and also the Get-Content/foreach paradigm.
|
|
#
¿
Jun 18, 2019 05:48
|
|
|
Toast Museum posted:Has anyone got a favorite primer on working with REST APIs and/or tips for using Invoke-RestMethod effectively? Have a copy of Postman installed to help build your API calls, and possibly Fiddler to see what's actually going in and out for https calls. For the edit, I don't believe you can get at the password. The user name is accessible, but that probably isn't all of what you need. I do know from experience that the user context your script is running in is sued for remote calls that don't take a -credentials parameter. We have a lot (hundreds) of systems in an unknown or degraded state, so my management scripts use Get-Service -computerName to test if a system will listen to what we need to tell it to do. Running that as the appropriate secondary account is important. I got to look like a wizard today. Our interns wanted a list of all the user IDs in use at all of our sites as opposed to the parent company's sites that coexist in the same domain. I had him list those off, put them in a text file, loaded that into a variable with Get-Content, and then did a get-ADUser in a foreach loop over all of our sites. Two lines. Three if you count piping all the .names to a text file.
|
|
#
¿
Aug 22, 2019 03:54
|
|
|
mystes posted:Yeah you don't need to set a passphrase for the key. All it does is encrypt the private key file in case it gets stolen from your computer somehow. This is crossing into territory where you're better off setting up Ansible instead of rolling your own. Two prime reasons are, Ansible is a resume keyword that's good to have, and it has a password vault that you can access from the command line or a script/playbook. One of the things I like about Ansible is that it's a central configuration store for how you do things to remote systems. All the clients need is a consistent way to run remote commands. If only we had that in our environment.
|
|
#
¿
Dec 4, 2019 06:12
|
|
|
mystes posted:I wasn't even clear on whether Toast Museum currently had a way of sshing in to the servers at all, but I guess if they were set up for passphrase authentication and you really wanted to you could put all the passphrases in ansible, use it to copy the id file to each server and then ideally disable passphrase authentication? That would be a very good first use of a one-to-many system ! I've got 2600-ish desktops in my part of the environment. I ran my Check-Hosts script against every system on the list. My hit rate for the PowerShell Remoting test was 30. I have Work To Do. Check-Hosts takes a text file full of hostnames, a folder, and admin credentials (Get-Credential) to save reports in. It starts with a DNS lookup for each one, saving hostnames into DNS-Yes.txt and DNS-No.txt. It then takes DNS-Yes.txt and runs Test-Connection on all of those hosts and saves out Pingable.txt and Not-Pingable.txt. The pingable machines are then tested with Get-Service -computername and Enter-PSSession, saving results as before, plus I'm specifically catching authentication errors and saving those off into an extra file. I'm planning to add a psexec test to write something simple to a unique text file, and a Test-Path to see if it got created. These tests helped us get the number of machines we could remotely push Acronis and KACE to from 45% of a random sample to 85%. Now I don't have to rely on hand-rolled tools to manage my network !
|
|
#
¿
Dec 5, 2019 04:14
|
|
|
Pile Of Garbage posted:Well poo poo. That's pretty wild. Intuitively I would have thought NTFS symlinks would transparently redirect all writes including those to attributes. I suspect that it's possible in WSL due to the weird POSIX emulation or whatever it does. Willing to admit that I'm wrong here and not 100% sure. A lot of Unix commands have an absurd amount of parameters for how they should handle symlinks this time.
|
|
#
¿
Jan 2, 2020 03:27
|
|
|
Djimi posted:Here's the code and the error I'm getting: If that's a copy n' paste of all your code, there's your problem. You've got one reference to $extx, which has an assigned value, and one to $ext which doesn't.
|
|
#
¿
Mar 6, 2020 07:15
|
|
|
I've got a script that uninstalls a package, sets a scheduled task to reboot the machine, and then returns 0 to KACE. On the PS2 machines where the scheduled task stuff isn't supported, I just put in a catch block to just reboot the machine. There's probably a better way to do it, but this gets the job done.
|
|
#
¿
Mar 7, 2020 04:25
|
|
|
Pile Of Garbage posted:So on the non-v2 machines if the scheduled task creation fails for whatever reason it just straight reboots? The scheduled task is a reboot. I want to do an exit 0 so KACE knows the script actually finished. On the v2 machines the task creation fails, so gently caress it, reboot the machine to activate SEP, and I'll worry about the machines stuck in 'Running' state in KACE later. If brute force didn't work, you weren't using enough of it. In this case, I think I'm using just the right amount of brute force.
|
|
#
¿
Mar 10, 2020 03:56
|
|
|
e. Didn't read the last post.
|
|
#
¿
May 30, 2020 05:44
|
|
|
Nth Doctor posted:Without giving any thought to what you're asking, I see you have a typo: Fix this first, then keep asking questions if that wasn't the only thing wrong.
|
|
#
¿
Jun 14, 2020 06:15
|
|
|
Potato Salad posted:consider maintaining your infrastructure from a vm at the relevant site I've long maintained a stack of old machines in my cube that I use for testing scripts and as jump boxes for AD administration, or for letting scripts run overnight. A VM or an old PC on-site that you control can be a blessing when you're remote. Several times jump boxes have let the team fire off push scripts for a deployment at 5pm Friday and then go the gently caress home.
|
|
#
¿
Sep 19, 2020 04:02
|
|
|
FISHMANPET posted:Get-Variable Oh hey, thing I can use in my lunch n' learn in a couple weeks. I'm doing an introductory thing, so I'll start with some simple console tricks and show off how it remembers your variables. Then some Active Directory stuff, ending up with adding a user to a group, then make it easier to type with variables, then the Get-Content/foreach() combo. After that, spend as much time as I've got to turn it into a real script with parameters and functions for logging, timestamps, and verifying that everything that was supposed to happen got done. Basically taking people from maybe knowing a few commands to being able to turn a one-liner into a resuable script.
|
|
#
¿
Feb 25, 2021 02:54
|
|
|
Pile Of Garbage posted:A good thing to add at the end might be a brief mention of how all objects are .NET classes and how to discover functionality using Get-Member, the GetType() method and Googling class names. Also make sure they know about the PowerShell "about" topics. They're core to defining how PowerShell behaves and yet a lot of people I meet who're just starting out have no idea that they exist. Some of that's getting saved for the "intermediate" session, but thanks !
|
|
#
¿
Feb 28, 2021 04:03
|
|
|
For a lot of things you can do with PowerShell, you can just RunAs the terminal window. User context matters a lot in Windows, make it work for you if you can.
|
|
#
¿
Apr 22, 2023 08:29
|
|
|
I'm getting twitchy seeing a Switch construct used instead of a dictionary. Set the dictionary up with values of $office as keys, and folder names as values. This is both cleaner code, but when they open a new office you only have to add a key/value pair instead of adding a line to the switch.
|
|
#
¿
Jun 5, 2023 06:48
|
|
|
|
| # ¿ Apr 29, 2024 07:42 |
|
|
Boywhiz88 posted:Would that be looking at the hash tables example in this article? https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_hash_tables?view=powershell-7.3 Yeah, that's the stuff. Stuff all your office-specific stuff into hash tables, use a variable as an index, operate on the value returned. I once found a use for a dictionary of dictionaries in Python and I'm still smug about it.
|
|
#
¿
Jun 27, 2023 03:11
|
|