Windows Powershell

From Ever changing code
Jump to navigation Jump to search

ISE - PowerShell IDE

Untitled.ps1 - when working in ISEv2 or v4 in a script edit section, you can select code and press F8 to execute it
$_ - substitute a singular record in array
-eq, -or -and - dash means operator

Test network connection

Testing from PowerShell if NFS port on remote server is open. The test takes around 5 seconds, them prints output. 

PS C:\> Test-NetConnection -ComputerName 10.1.20.1 -Port 2049
ComputerName           : 10.1.20.1
RemoteAddress          : 10.1.20.1
RemotePort             : 2049
InterfaceAlias         : Ethernet
SourceAddress          : 10.1.10.111
PingSucceeded          : True
PingReplyDetails (RTT) : 2 ms
TcpTestSucceeded       : True

PowerShell of linux commands

Tail
$ tail -f /mnt/c/scripts/test.log
PS1 C:\> Get-Content -Path "C:\scripts\test.log" -Wait
Curl
$ curl --header 'Host: api.example.com' http://127.0.0.1/
PS1 C:\> (Invoke-WebRequest -Headers @{"Host"="api.example.com"} -Uri http://127.0.0.1:8080 -UseBasicParsing).statuscode
PS1 C:\>  Invoke-RestMethod -Headers @{"Host"="api.example.com"} -Uri http://127.0.0.1/healthcheck
Wget
$ wget https://github.com/Example/package.zip -OutFile package.zip
#Optional enable latest TLS, by default it uses TLS1.0, use 'Ssl3' in edge cases
PS1 C:\> [Net.ServicePointManager]::SecurityProtocol = "tls12, tls11, tls" 
PS1 C:\> Invoke-WebRequest https://github.com/Example/package.zip -OutFile package.zip
Troubleshooting
Error: The request was aborted: Could not create SSL/TLS secure channel. - set SecurityProtocol

Modules

Load ActiveDirectory module to have access to AD, pre-requirement to execute most commands below 

Import-Module -Name ActiveDirectory

Extract from Active Directory

<syntaxhighlightjs lang="powershell"> get-aduser -Filter {Samaccountname -eq "Smith"} -properties Organization get-aduser -Filter {(Givenname -eq "Smithy") -and (Surname -eq "Smith")}

  1. Build array $users with all Samaccountname(loginnames) with additional properties: Name, Description

$users = get-aduser -Filter {Samaccountname -like "*"} -properties Name, Description

  1. Return array object count

$users.count

  1. Search array $users where $_ each object in array field samaccountname has a given string

$users | Where-Object {$_.samaccountname -eq "string_to_compare"}

  1. Build array of enabled and disabled accounts in AD where field Enabled equal $true ($true boolean is 1 $false is 0)

$enabledusers = $users | Where-Object {$_.Enabled -eq $true } $disabledusers = $users | Where-Object {$_.Enabled -eq $false}

  1. Filter array $disabledusers returning only Samaccountname, GivenName, Surname and display (ft = Format-table)

$disabledusers | Select-Object Samaccountname, GivenName, Surname | ft -AutoSize

  1. Build create new array from filter of $users array if name or description contains a string

$aausers = $users | Where-Object {( $_.Name -like "*aa*") -or ($_.Description -like "*bb*")} $aausers | Select-Object Samaccountname, GivenName, Surname, Enabled | Sort-Object Enabled | ft -AutoSize

  1. Print a table with records matching $aauser if another AD account has the same name and surname

foreach ($aauser in $aausers) { 

 $realuser = [array](get-aduser -Filter {((Givenname -eq $aauser.Givenname) -and (Surname -eq $aauser.Surname))}) 
 write-host $aauser.samaccountname "|" $aauser.name "|"  $aauser.enabled "|"$realuser[0].SamAccountname "|"$realuser[0].GivenName"|" $realuser[0].Surname"|" $realuser[0].Enabled

}

  1. Build array with GivenName, Surname that match filter of: Enabled field is false (disabled account)

$temp = Get-ADUser -Properties GivenName, Surname -filter {Enabled -eq $false}

  1. Export the array to CSV file

$temp | Export-Csv temp.csv </syntaxhighlightjs>

AD Extract 2

$reportdate = Get-Date -Format yyyyMMdd-HHmm 
$csvreportfile = "ADUsers-extract-$reportdate.csv" 
Get-ADUser -SearchBase "OU=Users,DC=corp,DC=local" -Filter * -ResultSetSize 5000 | Get-ADUser -Properties * | 
          select SamAccountName,EmailAddress,Givenname,Surname,Title,Department,Enabled | 
          Export-Csv -Path $csvreportfile -NoTypeInformation

Create users from csv

Csv file BulkAddADUsers.csv 

Name,GivenName,Surname,SamAccountName,UserPrincipalName,EmailAddress,AccountEnabled,AccountPassword,PasswordNeverExpires,Path
Full Name,Firstname,Surname,fsurname,fsurname@example.com,fsurname@example.com,$true,PassWord123,$true,"OU=Users,OU=Testing ,OU=USA,DC=corp-example,DC=io"

BulkAddADUsers.ps1 <syntaxhighlightjs lang="powershell">

  1. CSV headline: Name,GivenName,Surname,SamAccountName,UserPrincipalName,EmailAddress,Enabled,AccountPassword,PasswordNeverExpires,Path
  2. Script - CSV headline
  3. Name - first+last name
  4. GivenName - first name
  5. Surname - last name
  6. SamAccountName - username
  7. UserPrincipalName - it is user-logon-name, where you need to choose domain, eg. test@example.com or @corp-example.io
  8. Path - object location, use get-aduser <SamAccountName>

Import-Csv .\BulkAddADUsers.csv | % { ` New-ADUser -Name $_.Name -GivenName $_.GivenName -Surname $_.Surname -SamAccountName $_.SamAccountName ` 

 -UserPrincipalName $_.UserPrincipalName -EmailAddress $_.EmailAddress `
 -Enabled $true -AccountPassword (ConvertTo-SecureString $_.AccountPassword -AsPlainText -force) `
 -PasswordNeverExpires $true -Path $_.Path

}

  1. errors
  2. -Enabled cannot read $true value from CSV therefore it has been hard coded

</syntaxhighlightjs>

Get membership of a user

Get-ADPrincipalGroupMembership username| select name

IIS - create a website

Tested on Server 2012 R2 Data Centre in Azure <syntaxhighlightjs lang="powershell"> $SiteName = "WWW" $AppPoolName = "WWWAppPool" $SiteFolder = Join-Path -Path 'C:\inetpub\wwwroot' -ChildPath $SiteName $LogDir = "d:\Logs\iis_logs\$SiteName" $HostHeader = "www.example.com"

Import-Module WebAdministration

  1. create appPool

if(-Not (Test-Path IIS:\AppPools\$AppPoolName)) { New-WebAppPool -Name $AppPoolName -Force }

  1. create Site

if(-Not (Test-Path $SiteFolder -pathType container)) { md $SiteFolder } New-WebSite -Name $SiteName -PhysicalPath $SiteFolder -Force -ApplicationPool $AppPoolName Get-WebBinding -Name $SiteName -Port 80 | Remove-WebBinding New-WebBinding -Name $SiteName -Protocol http -Port 80 -IPAddress * -HostHeader $HostHeader New-WebBinding -Name $SiteName -Protocol http -Port 8080 -IPAddress * -HostHeader $HostHeader

  1. Logging dir

if (-Not (Test-Path $LogDir -pathType container)) { md $LogDir } Set-ItemProperty "IIS:\Sites\$SiteName" -name logFile.directory -value $LogDir Start-WebSite -Name $SiteName </syntaxhighlightjs>

File content

<syntaxhighlightjs lang="powershell"> $hostsFileContent = @" 127.0.0.1 example.com 127.0.0.1 example.local "@

Add-Content -Path "c:\Windows\System32\drivers\etc\hosts" -Value $hostsFileContent Set-Content -Path "c:\Windows\System32\drivers\etc\hosts" -Value $hostsFileContent </syntaxhighlightjs>

References

Retrieved from ‘http://wiki.ciscolinux.co.uk/index.php?title=Windows_Powershell&oldid=3760