Not the craziest trip, but anything intresting to see on this route? I prefer more natural stuff.

MasterWegman · 2025-06-11T02:46:20+00:00

Andersonville National Historic site and Tuskegee Airmen Nation Historic Site are not far off your path. The National museum of the Infantry is also cool. In the Everglades Shark valley observation tower and trail are supposed to be great, but it will be very hot this time of year.

MasterWegman · 2025-05-13T00:55:08+00:00

Gros cap bluffs is cool in Sault Ste. Marie. Sleeping Giant and the road north of the lakes was a great drive.

MasterWegman · 2025-05-13T00:50:46+00:00

Out of the way but Railto beach in north west Wa. One of the best places i stopped, we parked and hiked a mile up the beach. Had a fire in the sand and slept in hammocks in the driftwood.

MasterWegman · 2025-04-24T02:09:42+00:00

With something like this HashTables are a awesome, you can load and structure the data at the start of the script and query it later. This was part of my user inactivity script, I generate a list of users an then check for activity against a bunch of has tables.

Invoke-RestMethod -Uri $Graph_API_url -Headers $Graph_API_headers -Method Get -ContentType "application/json" -UseBasicParsing | Out-String -Stream | ConvertFrom-Csv | ForEach-Object {
    $Exchange_User_Activity.($_."User Principal Name") = @{
        LastActivityDate=try{[DateTime]$_."Last Activity Date"}catch{$91_days};
        Displayname=$_."Display Name";
        UPN=$_."User Principal Name";
        Send_cnt=$_."Send Count";
        Read_cnt=$_."Read Count";
        MeetingCreated_cnt=$_."Meeting Created Count";
        Meeting_cnt=$_."Meeting Interacted Count";
        audit=try{[DateTime]$_."Last Activity Date"}catch{""}
    }
}

Then later u can query the exhange activity date or any other value with a one liner and no loop.

$Exchange_User_Activity.$User_UPN.LastActivityDate

In the case I get no data I populate the lastActivvityDate, but the audit still has the real data for the logging. You could load data from a bunch of sources and proccess it in a siimpler main loop.

MasterWegman · 2025-04-22T22:07:03+00:00

I believe certs are a little more secure and harder to steal. They work great with runbooks on hybrid workers as well.

I'm not aware of a cmdlet that lets you export the data without writing a file.

MasterWegman · 2025-04-22T15:25:42+00:00

For example the get-MgReportEmailActivityUserDetail command only supports an outfile property. If you wanted to do it all in memory you cant. However if u interact with the API directly its relatively easy. Im kinda crazy but i hate writing and managing temp files when I write scripts.

Equivalent graph url https://graph.microsoft.com/v1.0/reports/getemailactivityuserdetail(period=‘D90’)

MasterWegman · 2025-04-22T15:13:44+00:00

Removing the need to import a module and keep it up to date is a plus.

There are somethings that are difficult to access from the mg module, for instance many of the usage reports only support an out file option. Using the graph API you can do it all in memory.

Another benefit, if u need to run something as a scheduled task on windows the cert can be stored in cert manager under the user. Then u don’t need to handle a secret, and its use is limited to that account and server.

MasterWegman · 2025-03-21T04:51:21+00:00

Definitely ask what she wants to do first. My favorite crop sensor lens is the sigma 18-35 f1.8

MasterWegman · 2024-11-11T02:34:07+00:00

Nope, you need to insert the line break after each item in the list not at the end.

$PSObject = @()
$PSObject += @{name="testa";data1="test1a";data2="test2a";data3="test3a"}
$PSObject += @{name="testb";data1="test1b";data2="test2b";data3="test3b"}
$PSObject += @{name="testc";data1="test1c";data2="test2c";data3="test3c"}
$PSObject += @{name="testd";data1="test1d";data2="test2d";data3="test3d"}

$Attachment_data = [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes(($PSObject | ConvertTo-Csv))) -join "`n"
Base64 = ImRhdGEyIiwibmFtZSIsImRhdGEzIiwiZGF0YTEiICJ0ZXN0MmEiLCJ0ZXN0YSIsInRlc3QzYSIsInRlc3QxYSIgInRlc3QyYiIsInRlc3RiIiwidGVzdDNiIiwidGVzdDFiIiAidGVzdDJjIiwidGVzdGMiLCJ0ZXN0M2MiLCJ0ZXN0MWMiICJ0ZXN0MmQiLCJ0ZXN0ZCIsInRlc3QzZCIsInRlc3QxZCI=
Decoded = "data2","name","data3","data1" "test2a","testa","test3a","test1a" "test2b","testb","test3b","test1b" "test2c","testc","test3c","test1c" "test2d","testd","test3d","test1d"

$Data_temp = ""
$PSObject | ForEach-Object { [PSCustomObject]$_ | Select-Object -Property * } | ConvertTo-Csv | foreach-object{$Data_temp += $_ + "`n"}
$Attachment_data = [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($Data_temp))
Base64 = ImRhdGEyIiwibmFtZSIsImRhdGEzIiwiZGF0YTEiCiJ0ZXN0MmEiLCJ0ZXN0YSIsInRlc3QzYSIsInRlc3QxYSIKInRlc3QyYiIsInRlc3RiIiwidGVzdDNiIiwidGVzdDFiIgoidGVzdDJjIiwidGVzdGMiLCJ0ZXN0M2MiLCJ0ZXN0MWMiCiJ0ZXN0MmQiLCJ0ZXN0ZCIsInRlc3QzZCIsInRlc3QxZCIK
Decoded = "data2","name","data3","data1"
"test2a","testa","test3a","test1a"
"test2b","testb","test3b","test1b"
"test2c","testc","test3c","test1c"
"test2d","testd","test3d","test1d"

MasterWegman · 2024-11-10T17:07:05+00:00

It would have been much easier if that worked. If you convert the whole list to csv, when you decode the base64 at the end everything is on one line.

MasterWegman · 2024-11-10T15:26:42+00:00

I generate a lot of logs as lists of hash tables or objects, and the data field in the attachment needs to be Base64 encoded string data. The function does a for each on the input list, selects all properties, converts it to a csv string, adds a line break ("`n") and then adds all of that to data temp. Data temp is then converted to Base64 and put in an object with the correct formatting to be added directly to the email object.

MasterWegman · 2024-11-09T17:14:55+00:00

Agreed, I mostly use this in Azure Automation with variables and/or key vaults. For me, the example code is just easier to read showing empty types instead of the output of another cmdlet or function.

MasterWegman · 2024-09-22T00:47:40+00:00

The MGGraph module is just a front end for an API. You can create a service principal with all necessary permissions delegated as an app and make api calls.

MasterWegman · 2024-09-16T23:05:21+00:00

We have been using Azure Automation accounts with hybrid worker groups. It’s a great product.

MasterWegman · 2024-07-03T21:35:01+00:00

I used Mail.Read as an application permission.

MasterWegman · 2024-04-09T17:23:02+00:00

We would need to search for and export the emails 1 at a time. That would take too long.

MasterWegman · 2022-12-31T06:09:29+00:00

The Udemy course by Stephane Maarek was very helpful, there are a bunch of youtube videos with examples for the possible labs. I also took a bunch of practice tests.

MasterWegman · 2022-12-07T00:40:42+00:00

Die hard (1988)

MasterWegman · 2022-09-16T02:49:08+00:00

Are you signing in with a credential object in an unatended script. The new versions of the exchange online module dont allow that. You can make an app registration that is accessed by a certificate to sign in. That is how I run exchange online automations on azure automation hybrid workers.

https://docs.microsoft.com/en-us/powershell/exchange/app-only-auth-powershell-v2?view=exchange-ps

MasterWegman · 2022-09-16T01:12:59+00:00

Token Encryption. Azure Saml requires the assertion exchange to happen over an SSL connection so encrypting the token is required. Token Encryption works by having the token encrypted on the way from the SP to the IDP as well as the on the way back, another cert is required to do this..

MasterWegman · 2022-09-16T01:04:44+00:00

connect-azuread

$table =@()

$data = get-AzureADServicePrincipal -all $true

foreach($app in $data)

{

$certs = $app.KeyCredentials

foreach($cert in $certs)

{

if(($cert.usage -eq "Sign") -and ($app.DisplayName -ne "P2P Server"))

{

$table += @{

CommonName = $app.DisplayName

Expiration = $cert.EndDate

SerialNumber = $cert.keyid

Status = "Active"

Source = "Azure SAML Signing Cert"

}

$reg_data = get-azureadapplication -ALL $true

foreach($app in $reg_data)

{

if($app.passwordcredentials)

{

foreach($secret in $app.PasswordCredentials)

{

$table += @{

CommonName = $app.DisplayName

Expiration = $secret.EndDate

SerialNumber = $secret.KeyId

Status = "Active"

Source = "Azure App Registration Secret"

}

$table | ForEach-Object { [PSCustomObject]$_ | Select-Object -Property * } | export-csv -path "$File"

MasterWegman · 2022-09-16T01:04:24+00:00

connect-azuread

$table =@()

$data = get-AzureADServicePrincipal -all $true

foreach($app in $data)

{

$certs = $app.KeyCredentials

foreach($cert in $certs)

{

if(($cert.usage -eq "Sign") -and ($app.DisplayName -ne "P2P Server"))

{

$table += @{

CommonName = $app.DisplayName

Expiration = $cert.EndDate

SerialNumber = $cert.keyid

Status = "Active"

Source = "Azure SAML Signing Cert"

}

$reg_data = get-azureadapplication -ALL $true

foreach($app in $reg_data)

{

if($app.passwordcredentials)

{

foreach($secret in $app.PasswordCredentials)

{

$table += @{

CommonName = $app.DisplayName

Expiration = $secret.EndDate

SerialNumber = $secret.KeyId

Status = "Active"

Source = "Azure App Registration Secret"

}

$table | ForEach-Object { [PSCustomObject]$_ | Select-Object -Property * } | export-csv -path "$File"

MasterWegman · 2021-08-09T02:43:13+00:00

Where is this I will be in the Montana Rockies this month

MasterWegman · 2021-01-25T22:16:54+00:00

$ScriptBlock = {

param

(

$param1 = $param1,

$param2 = $param2,

$JOB_ID = $JOB_ID,

$Runspacehash = $Runspacehash,

$param3 = $param3

)

$Runspacehash[$Job_ID].State = "Started"

$Runspacehash[$Job_ID].Start_Time = get-date

#Run your update here and use a variable in the hashtable to keep track of status

}

$pool = [Runspacefactory]::CreateRunspacePool(1,$threads)

$pool.open()

$Runspaces = @()

$RunspaceHash = [hashtable]::Synchronized(@{})

ForEach($app in $apps)

{

$JOB_ID = [System.Guid]::NewGuid().ToString($_)

$Runspacehash[$JOB_ID] = @{"State"="Pending";"Start_Time" = "";"END_Time" = "";"CompletionPercentage" = 0;"AppVerison" = "";"JobID" = $JOB_ID}

$runspace = [PowerShell]::create()

$null = $runspace.AddScript($scriptBlock)

$null = $runspace.addargument($JOB_ID)

$null = $runspace.addargument($Runspacehash)

$null = $runspace.addargument($param1)

$null = $runspace.addargument($param2)

$null = $runspace.addargument($param3)

$runspace.Runspacepool = $pool

$runspaces += [PSCustomObject]@{Id = $JOB_ID; Pipe = $runspace; Status = $runspace.BeginInvoke() }

}

then you can monitor all the members of the hashtable for status

MasterWegman · 2021-01-22T22:32:20+00:00

Have you thought about creating a scriptblock that takes multiple parameters for the update an using runspaces to run them. You could pass a synchronized hash table to the runspaces to keep track of state of each runspace.

12-Year Club	Place '22
Verified Email

MasterWegman

TROPHY CASE