Difference between revisions of "Windows Powershell"
Jump to navigation
Jump to search
| Line 1: | Line 1: | ||
= ISE - PowerShell IDE = | |||
<tt>Untitled.ps1</tt> - when working in ISEv2 or v4 in a script edit section, you can select code and press F8 to execute it <br> | <tt>Untitled.ps1</tt> - when working in ISEv2 or v4 in a script edit section, you can select code and press F8 to execute it <br> | ||
<tt>$_</tt> - substitute a singular record in array <br> | <tt>$_</tt> - substitute a singular record in array <br> | ||
<tt>-eq, -or -and</tt> - dash means operator <br> | <tt>-eq, -or -and</tt> - dash means operator <br> | ||
= PowerShell of linux commands = | |||
;Tail | |||
<source lang="bash"> | |||
$ tail -f /mnt/c/scripts/test.log | |||
PS1 C:\> Get-Content -Path "C:\scripts\test.log" -Wait | |||
</source> | |||
;Curl and Wget | |||
<source lang="bash"> | |||
$ curl --header 'Host: api.example.com' http://127.0.0.1/ | |||
PS1 C:\> (Invoke-WebRequest -Headers @{"Host"="api.example.com"} -Uri http://127.0.0.1:8080 -UseBasicParsing).statuscode | |||
PS1 C:\> Invoke-RestMethod -Headers @{"Host"="api.example.com"} -Uri http://127.0.0.1/healthcheck | |||
</source> | |||
== Modules == | == Modules == | ||
Revision as of 15:30, 4 October 2018
ISE - PowerShell IDE
Untitled.ps1 - when working in ISEv2 or v4 in a script edit section, you can select code and press F8 to execute it
$_ - substitute a singular record in array
-eq, -or -and - dash means operator
PowerShell of linux commands
- Tail
$ tail -f /mnt/c/scripts/test.log
PS1 C:\> Get-Content -Path "C:\scripts\test.log" -Wait
- Curl and Wget
$ curl --header 'Host: api.example.com' http://127.0.0.1/
PS1 C:\> (Invoke-WebRequest -Headers @{"Host"="api.example.com"} -Uri http://127.0.0.1:8080 -UseBasicParsing).statuscode
PS1 C:\> Invoke-RestMethod -Headers @{"Host"="api.example.com"} -Uri http://127.0.0.1/healthcheck
Modules
Load ActiveDirectory module to have access to AD, pre-requirement to execute most commands below
Import-Module -Name ActiveDirectory
Extract from Active Directory
get-aduser -Filter {Samaccountname -eq "Smith"} -properties Organization
get-aduser -Filter {(Givenname -eq "Smithy") -and (Surname -eq "Smith")}
Build array $users with all Samaccountname(loginnames) with additional properties: Name, Description
$users = get-aduser -Filter {Samaccountname -like "*"} -properties Name, Description
Return array object count
$users.count
Search array $users where $_ each object in array field samaccountname has a given string
$users | Where-Object {$_.samaccountname -eq "string_to_compare"}
Build array of enabled and disabled accounts in AD where field Enabled equal $true ($true boolean is 1 $false is 0)
$enabledusers = $users | Where-Object {$_.Enabled -eq $true}
$disabledusers = $users | Where-Object {$_.Enabled -eq $false}
Filter array $disabledusers returning only Samaccountname, GivenName, Surname and display (ft = Format-table)
$disabledusers | Select-Object Samaccountname, GivenName, Surname | ft -AutoSize
Build create new array from filter of $users array if name or description contains a string
$aausers = $users | Where-Object {( $_.Name -like "*aa*") -or ($_.Description -like "*bb*")}
$aausers | Select-Object Samaccountname, GivenName, Surname, Enabled | Sort-Object Enabled | ft -AutoSize
Print a table with records matching $aauser if another AD account has the same name and surname
foreach ($aauser in $aausers)
{
$realuser = [array](get-aduser -Filter {((Givenname -eq $aauser.Givenname) -and (Surname -eq $aauser.Surname))})
write-host $aauser.samaccountname "|" $aauser.name "|" $aauser.enabled "|"$realuser[0].SamAccountname "|"$realuser[0].GivenName"|" $realuser[0].Surname"|" $realuser[0].Enabled
}
Build array with GivenName, Surname that match filter of: Enabled field is false (disabled account)
$temp = Get-ADUser -Properties GivenName, Surname -filter {Enabled -eq $false}
Export the array to CSV file
$temp | Export-Csv temp.csv
AD Extract 2
$reportdate = Get-Date -Format yyyyMMdd-HHmm
$csvreportfile = "ADUsers-extract-$reportdate.csv"
Get-ADUser -SearchBase "OU=Users,DC=corp,DC=local" -Filter * -ResultSetSize 5000 | Get-ADUser -Properties * |
select SamAccountName,EmailAddress,Givenname,Surname,Title,Department,Enabled |
Export-Csv -Path $csvreportfile -NoTypeInformation
Create users from csv
Csv file BulkAddADUsers.csv
Name,GivenName,Surname,SamAccountName,UserPrincipalName,EmailAddress,AccountEnabled,AccountPassword,PasswordNeverExpires,Path Full Name,Firstname,Surname,fsurname,fsurname@example.com,fsurname@example.com,$true,PassWord123,$true,"OU=Users,OU=Testing ,OU=USA,DC=corp-example,DC=io"
BulkAddADUsers.ps1
# CSV headline: Name,GivenName,Surname,SamAccountName,UserPrincipalName,EmailAddress,Enabled,AccountPassword,PasswordNeverExpires,Path
# Script - CSV headline
# Name - first+last name
# GivenName - first name
# Surname - last name
# SamAccountName - username
# UserPrincipalName - it is user-logon-name, where you need to choose domain, eg. test@example.com or @corp-example.io
# Path - object location, use get-aduser <SamAccountName>
Import-Csv .\BulkAddADUsers.csv | % { `
New-ADUser -Name $_.Name -GivenName $_.GivenName -Surname $_.Surname -SamAccountName $_.SamAccountName `
-UserPrincipalName $_.UserPrincipalName -EmailAddress $_.EmailAddress `
-Enabled $true -AccountPassword (ConvertTo-SecureString $_.AccountPassword -AsPlainText -force) `
-PasswordNeverExpires $true -Path $_.Path }
#errors
#-Enabled cannot read $true value from CSV therefore it has been hard coded
Get membership of a user
Get-ADPrincipalGroupMembership username| select name