Jason's Notes

I prefix this line on all PowerShell scripts that I know will be running on older PCs. Needed for Send-MailMessage, Invoke-WebRequest, Invoke-RestMethod, and probably more.

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

You can store and recall password with Windows Credential manger. Great to enter saved password to be used within batch scripts.

Base command is: cmdkey

Documentation on microsoft’s website

For Powershell use CredentialManger module

https://www.powershellgallery.com/packages/CredentialManager/2.0

Invoke-WebRequest

Invoke-WebRequest -Uri https://example.com/files/myfile.exe -OutFile $env:USERPROFILE\Downloads\myfile.exe

Reference this documenation for more commands and options. This works only in Windows 10
https://docs.microsoft.com/en-us/powershell/module/printmanagement/?view=win10-ps

here are some example commands to add port, view printers, and update their port configurations. These are running from batch shell.

powershell -Command "Add-PrinterPort -Name "10.3.0.50" -PrinterHostAddress "10.3.0.50" -SNMP 1 -SNMPCommunity public"
powershell -Command "Add-PrinterPort -Name "10.3.0.51" -PrinterHostAddress "10.3.0.51" -SNMP 1 -SNMPCommunity public"
powershell -Command "get-printer"
powershell -Command "Set-Printer -Name CanonBW -PortName "10.3.0.51""
powershell -Command "Set-Printer -Name CanonColor -PortName "10.3.0.50""

Get-ChildItem 'C:\path\to\files'  | Where-Object {($_.LastWriteTime -lt (Get-Date).AddDays(-7))} | Remove-Item

Function Test-ADAuthentication {
    param($username,$password)
    (new-object directoryservices.directoryentry "",$username,$password).psbase.name -ne $null
    }
 
 
Test-ADAuthentication "dom\myusername" "mypassword"

$Report = "C:\Temp\report.CSV"
$STR = "Group, Member, Enabled"
Clear-Content $Report
Add-Content $Report $STR
 
$groups = get-adgroup -filter * | sort name | select Name
Foreach ($group in $groups) 
{
$curgroup = $group.name
$members = Get-AdGroupMember -identity $group.name | select name
Foreach ($member in $members)
{
$name = $member.name
$enabled = Get-ADUser -Filter {name -eq $name} -Properties * | Select-Object Enabled
$STRNew = $curgroup+","+$name+","+$enabled.Enabled
Add-Content $Report $STRNew
}
 
}

Path has to exist for the Backup-GPO command to work.

Import-Module GroupPolicy
Backup-GPO -All -Path "C:\GPOs

dir D:\Shares\Shared | ForEach-Object {
    # Try/catch here would let you save the path to files/folders that you can't view...
    $_ | Get-Acl | select @{N="Path"; E={Convert-Path $_.Path}} -ExpandProperty Access
} | Export-Csv D:\Shares\Shared\ntfs_perms.csv -NoTypeInformation

This powershell function is not mine, but I kept it as I found it useful from time to time.

function Send-WOL
{
<# 
  .SYNOPSIS  
    Send a WOL packet to a broadcast address
  .PARAMETER mac
   The MAC address of the device that need to wake up
  .PARAMETER ip
   The IP address where the WOL packet will be sent to
  .EXAMPLE 
   Send-WOL -mac 00:11:32:21:2D:11 -ip 192.168.8.255 
#>
 
[CmdletBinding()]
param(
[Parameter(Mandatory=$True,Position=1)]
[string]$mac,
[string]$ip="255.255.255.255", 
[int]$port=9
)
$broadcast = [Net.IPAddress]::Parse($ip)
  
$mac=(($mac.replace(":","")).replace("-","")).replace(".","")
$target=0,2,4,6,8,10 | % {[convert]::ToByte($mac.substring($_,2),16)}
$packet = (,[byte]255 * 6) + ($target * 16)
  
$UDPclient = new-Object System.Net.Sockets.UdpClient
$UDPclient.Connect($broadcast,$port)
[void]$UDPclient.Send($packet, 102) 
 
}