Need a certain PowerShell SnapIn? Make it required!
I started doing this on all my scripts that require something like the Quest Active Directory SnapIns. It is quick and simple and when the script runs it checks for it and displays a message indicating you are missing a requirement. Pretty cool if you ask me.
To require a SnapIn add the following line in the beginning of your script but replace it with the name of the SnapIn:
#Requires -pssnapin name_of_snapin
As an example, lets say you want to require Quest’s Active Directory SnapIn. You would add the following line in the beginning of your script
#Requires -pssnapin Quest.ActiveRoles.ADManagement
If you don’t have the snapin loaded, you will get an error like the one below.
This is a nice feature and hopefully you all start using it!
Happy Scripting!
How safe do you feel in a hotel?
When I travel I tend to lock every lock I see on a hotel door. I am very paranoid that something might happen while I am in there. I know it sounds weird, but I know some of you feel the same way.
Well here is a post by Barry Wels on how easy it is to defeat a chain lock on a hotel door. It is scary that this little trick actually works.
Enjoy!
PowerShell Script – Get-DiskOffset.ps1
###################################################### # Script Name: get-diskoffset.ps1 # Written By: Matt Johnson - powershell [at] mwjcomputing.com # Revision Date: 3/25/2010 # Version: 1.0 # Version History: # - 1.0: Initial Script # Description: This script displays the disk offset info. # Command Line: ./get-serverspace.ps1 # Example: ./get-diskoffset.ps1 MAGNET # Example: ./get-diskoffset.ps1 # Notes: # - Based on script located at http://braunblog.com/?p=32 ###################################################### param ( [string]$computerName = "localhost" ) # Formatting Options $OffsetKB = @{label=”Offset(KB)”;Expression= ` {$_.StartingOffset/1024 -as [int]}} $SizeMB = @{label=”Size(MB)”;Expression={$_.Size/1MB -as [int]}} # WMI Query $wmiObj = Get-WmiObject -ComputerName $computerName -Class ` "Win32_DiskPartition" -ErrorAction SilentlyContinue # Check for Results if(-not $wmiObj) { # Display Error "Can't connect to $computerName" } else { # Display Results $wmiObj | ft SystemName, Name, DiskIndex, $SizeMB, $OffsetKB -AutoSize }
Windows Time Service GP Settings Explained
The Windows Time Service blog posted early last year a list of the time related GP entries and explained them. A little old, but if you are running a Windows 2008 domain, this can be quite helpful.
http://blogs.msdn.com/w32time/pages/group-policy-settings-explained.aspx
PowerShell Script – Get-ServiceUser.ps1
This script gets the services that are running under the specified user.
You can download the script here.
###################################################### # Script Name: Get-ServiceUser.ps1 # Written By: Matt Johnson - powershell [at] mwjcomputing.com # Revision Date: 3/17/2010 # Version: 3.0 # Version History: # - 1.0: Initial Script # - 2.0: Enables use of | Out-File # - 3.0: Added ability to specify only one machine. # Description: This script gets a list of services that # are running as a particular user from # a text file. # Command Line: ./Get-ServiceUser.ps1 # Example: ./Get-ServiceUser.ps1 -userAccount 'LocalSystem' # -filePath "\\fileserver\data\servers.txt" # This checks for the user LocalSystem account # against names in the servers.txt file. # Example: ./Get-ServiceUser.ps1 -userAccount 'MWJ\service' # -pcName "MAGNET" # This checks for the user MWJ\service against # the server MAGNET. # Example: ./Get-ServiceUser.ps1 # This uses the default options of LocalSystem # against c:\fso\data\servers.txt. ###################################################### param ( [string]$userAccount = "LocalSystem", [string]$filePath = "c:\fso\data\servers.txt", [string]$pcName ) # Check to see if $pcName is populated. if (-not $pcName) { # Get content of text file. $servers = Get-Content -path $filePath } else { # Set list of servers to name of entered PC. $servers = $pcName } # Loop through each line of the text file. foreach ($server in $servers) { " " "Services running as $userAccount on $server" "-------------------------------------------" # Get Win32_Service WMI Class $services = Get-WmiObject -class Win32_Service ` -ErrorAction SilentlyContinue -computerName $server # Check to see if anthing is returned. if (-not $services) { # Write error message "Cannot connect to $computer" } else { # Loop through each service and display the name. foreach ($service in $services) { $service | where {$_.StartName -like $userAccount} ` | Select DisplayName } } }
PowerShell Script – Get-BEStatus.ps1
This PowerShell script displays the status of the Backup Exec services on a specified computer.
You can also download this here.
###################################################### # Script Name: Get-BEStatus.ps1 # Written By: Matt Johnson – powershell [at] mwjcomputing.com # Revision Date: 3/19/2010 # Version: 1.0 # Version History: # - 1.0: Initial Script # Description: This script gets the status of the # backup exec services. # Command Line: ./get-bestatus # Example: ./Get-BEStatus.ps1 magnet # Example: ./Get-BEStatus.ps1 -computerName magnet ###################################################### param( [string]$computerName = $(Throw ` "Please specify the computer name!") ) # Connect to Win32_WMIObject $wmiObj = Get-WmiObject Win32_Service -computerName $computerName # Check to see if anything was returned in WMI Query. if (-not $wmiObj) { # Display Error "Can't connect to $computerName" } else { # Get information and display it in a table. $wmiObj | where {$_.State -eq "Running" -and $_.DisplayName ` -like "Backup Exec*"} | Select DisplayName, State ` | Format-Table -force }
Version 2.0
I can now officially announce that v2.0 is coming to my family. It will be our first release after the union of our code. May more features will be announced closer to release.
Enjoy!
An introduction to PowerShell remoting – Part 2
This is part two in a series on PowerShell remoting. You can read part one here. Today we are going to cover setting up your environment for remoting.
Setting up remoting
After you have installed the required goodies or have Windows 7 / Windows 2008 R2 installed, you can proceed to setup remoting.
The command to enable remoting is Enable-PSRemoting. You will need to run this command with an account that has admin privileges on the machine you are enabling this on. As you can see below, running the Enable-PSRemoting command lets you know what the cmdlet will change on your PC. If you work in an environment that has system baselines, you will want to update your baseline to include the information for PSRemoting.
On PC’s that are x64, you will get an additional question asking if it should register the Microsoft.PowerShell32 session configuration. The entire chain of questions is below.
According to the Technet Article on Enable-PSRemoting, the following things are done when the command is run. (Enable-PSRemoting on Technet)
The Enable-PSRemoting cmdlet performs the following operations:
- Runs the Set-WSManQuickConfig cmdlet, which performs the following tasks:
- Starts the WinRM service.
- Sets the startup type on the WinRM service to Automatic.
- Creates a listener to accept requests on any IP address.
- Enables a firewall exception for WS-Management communications.
- Enables all registered Windows PowerShell session configurations to receive instructions from a remote computer.
- Registers the "Microsoft.PowerShell" session configuration, if it is not already registered.
- Registers the "Microsoft.PowerShell32" session configuration on 64-bit computers, if it is not already registered.
- Removes the "Deny Everyone" setting from the security descriptor for all the registered session configurations.
- Restarts the WinRM service to make the preceding changes effective.
The following is a screenshot of the firewall exception for the WS-Management communications.
To view the plugins that were added two WSMan, run the following command:
Get-ChildItem wsman:\localhost\plugin
The results on a fresh Windows Server 2008 R2 machine is below. Notice the two entries for PowerShell.
Note: We will go over WSMan on a separate post in this series.
Remoting is now turned on!
What do you do now? Well you have a couple of options. First you could run commands against that machine using PowerShell on another PC or you can adjust the configuration. In the next post, we will go over the configuration and running commands against a remote host.
Until next time! Happy Scripting!
- Matt
Link: Parse NMAP XML Output
I came across this while browsing around today. The post was released in June 2009, but still a cool way to use PowerShell.
http://blogs.sans.org/windows-security/2009/06/11/powershell-script-to-parse-nmap-xml-output/
I am a frequent user of NMAP and of course PowerShell and this seems like it will be really useful.
January 2010 Technet Magazine is out
The January 2010 Technet Magazine is out. You can read it here.
The disappointing part is how much content there is. Not a lot. Frustrating, but still has good content.
- Matt
2010 Scripting Games
Websites
Categories
- Active Directory
- Development
- General
- Hacking
- InfoSec
- Links
- Personal
- Physical Security
- PowerShell
- Random Thoughts
- Windows
Archives
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009