Archive for the ‘Windows’ Category.

Windows – Test AD Credentials in Powershell

Function Test-ADAuthentication {
    param($username,$password)
    (new-object directoryservices.directoryentry "",$username,$password).psbase.name -ne $null
    }
 
 
Test-ADAuthentication "dom\myusername" "mypassword"

Windows – C:\ disk usage stats over CLI/Powershell

Useful with resource monitor wont load due to excessive load. Runs over PSremote or psexec with “powershell -Command” prefixed.

$counters = (Get-Counter -List PhysicalDisk).PathsWithInstances | Select-String 'C:';foreach($counter in $counters){Get-Counter -Counter $counter}

To view only specific counters

Get-Counter -Counter '\PhysicalDisk(0 C:)\% Disk Time'
Get-Counter -Counter '\PhysicalDisk(0 C:)\Avg. Disk sec/Transfer'
Get-Counter -Counter '\PhysicalDisk(0 C:)\Current Disk Queue Length'
Get-Counter -Counter '\PhysicalDisk(0 C:)\% Disk Time'
Get-Counter -Counter '\PhysicalDisk(0 C:)\Avg. Disk Queue Length'

Windows – Clean up all users Appdata Local Temp Folders

Could easily expand for other folders within user directory for better clean up. A simple btch one liner.

for /D %a in (C:\users\*) do del /S /Q %a\appdata\local\temp
for /D %a in (C:\users\*) do del /S /Q "%a\AppData\Local\Google\Chrome\User Data\Default\Cache"

Windows AD – Get list of groups and members and output to csv

$Report = "C:\Temp\report.CSV"
$STR = "Group, Member, Enabled"
Clear-Content $Report
Add-Content $Report $STR
 
$groups = get-adgroup -filter * | sort name | select Name
Foreach ($group in $groups) 
{
$curgroup = $group.name
$members = Get-AdGroupMember -identity $group.name | select name
Foreach ($member in $members)
{
$name = $member.name
$enabled = Get-ADUser -Filter {name -eq $name} -Properties * | Select-Object Enabled
$STRNew = $curgroup+","+$name+","+$enabled.Enabled
Add-Content $Report $STRNew
}
 
}

Run MSI installer on a remote PC with psexec

This will require psexec. You can get it from microsoft. Works best with Windows AD where user running command is an administrator granting access to remote workstation and file server path where MSI install resides.

psexec.exe \\remote-pc-hostname -d -s cmd /c "msiexec /I "\\remote-server\path\to\installer.msi" /quiet /qn /norestart"

Windows AD – Backup all GPOs with PowerShell.

Path has to exist for the Backup-GPO command to work.

Import-Module GroupPolicy
Backup-GPO -All -Path "C:\GPOs

Windows 10 – Disable Auto update of sponsored apps (e.g. Candy Crush)

Windows 10 Sponsored apps suck. Depending on your OEM some are worse than others. This wont fix all sponsored crud, but its a start.

reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /f /v DisableWindowsConsumerFeatures /t REG_DWORD /d 0x00000001

Windows – Export list of ACL Permission on folder and files to a csv

dir D:\Shares\Shared | ForEach-Object {
    # Try/catch here would let you save the path to files/folders that you can't view...
    $_ | Get-Acl | select @{N="Path"; E={Convert-Path $_.Path}} -ExpandProperty Access
} | Export-Csv D:\Shares\Shared\ntfs_perms.csv -NoTypeInformation

Send WOL (wake on LAN) with powershell

This powershell function is not mine, but I kept it as I found it useful from time to time.

function Send-WOL
{
<# 
  .SYNOPSIS  
    Send a WOL packet to a broadcast address
  .PARAMETER mac
   The MAC address of the device that need to wake up
  .PARAMETER ip
   The IP address where the WOL packet will be sent to
  .EXAMPLE 
   Send-WOL -mac 00:11:32:21:2D:11 -ip 192.168.8.255 
#>
 
[CmdletBinding()]
param(
[Parameter(Mandatory=$True,Position=1)]
[string]$mac,
[string]$ip="255.255.255.255", 
[int]$port=9
)
$broadcast = [Net.IPAddress]::Parse($ip)
  
$mac=(($mac.replace(":","")).replace("-","")).replace(".","")
$target=0,2,4,6,8,10 | % {[convert]::ToByte($mac.substring($_,2),16)}
$packet = (,[byte]255 * 6) + ($target * 16)
  
$UDPclient = new-Object System.Net.Sockets.UdpClient
$UDPclient.Connect($broadcast,$port)
[void]$UDPclient.Send($packet, 102) 
 
}

Windows AD – Get list of users, enabled status, and time of last logon. (PowerShell)

Get-ADUser -Filter * -Properties * | `
    Select-Object Name,Enabled, @{Name="Last Successful Logon";Expression={[datetime]::FromFileTime($_.'lastLogonTimeStamp')}} | `
    Sort-Object "Last Successful Logon"