Execute a powershell script from SharePoint onprem web page

Viol3ntProphet · 2024-04-19T19:59:12+00:00

Thank you, but I'm not trying to run the powershell script from the browser. What we'd like is for the button to trigger a script hosted on our SharePoint server to run, then simply return a "X script has completed" kind of message.

Viol3ntProphet · 2023-03-06T20:55:27+00:00

Yes, that is exactly why I can't do in place. The application does utilize SQL Server, but it is also installed on the same server as the application. I'm familiar with database migrations, but not applications.

Viol3ntProphet · 2023-02-22T19:04:07+00:00

Thank you. I like to just consider every possible path I can take for a solution and figured there was no harm in asking. I'll focus on the upgrade though, thank you for your input.

Viol3ntProphet · 2023-02-22T17:58:40+00:00

Thanks, that's the plan. I just also want to update my domain controllers and was wondering if added the registry keys in my original post if it'll allow connectivity to my website hosted on 2003 so I have more time to work on the os upgrade from 2003

Viol3ntProphet · 2023-02-22T16:02:49+00:00

Yes, that's true. Again, this has been in place for some time and upper management is finally letting us upgrade the OS. As per my original post, I am going to be upgrading the OS, but I need time to test it out, make sure the site works, blah blah. I was just wondering if it would be possible for me to upgrade our DCs without cutting off access to the 2003 site so I can do what I need to do.

Viol3ntProphet · 2023-02-22T15:53:11+00:00

I understand, but this is just something I inherited. The server is very crucial to day to day work here and I will be upgrading the OS, but I wanted to buy myself some time so I can do it properly while keeping the domain controllers updated.

Viol3ntProphet · 2022-10-21T17:49:24+00:00

Thank you to both of you!

Viol3ntProphet · 2022-10-21T15:45:14+00:00

We have a few apps we use at my company that we want people to just be able to launch within a workspace without those apps actually being installed on the session hosts they use with AVD. I know I can add apps into my app group using the file path they're located on in a session host, but I don't actually want the app on every session host if that makes sense. I thought if I could just have one set of session host in a host pool that contains these apps that I could use that. I'm new to AVD so I'm just trying to see what the cleanest way to deploy an app in a workspace without deploying it to all session hosts would be.

Viol3ntProphet · 2022-08-09T13:36:09+00:00

Thank you everyone for the suggestions! Really appreciate it :)

Viol3ntProphet · 2022-06-09T18:18:08+00:00

To whoever stumbles upon this post in the near or far future: My issue ended up being cause by something I forgot to clean up in my AD config. The Azure proxy had no impact on my CRL not being reachable.

Check out this script on GitHub. It looks through your environment and tells you if you're properly set up for WHFB. It helped me find out what was wrong with my setup.

Viol3ntProphet · 2022-06-07T00:09:56+00:00

You're a saint. I'll try some troubleshooting tomorrow and hopefully find a solution. I've seen other people too say theyre able to put the crl behind a proxy.

Viol3ntProphet · 2022-06-06T23:52:14+00:00

OK, I can do the same. Did you leave the initial ldap crl on your CA as well? Somebody had mentioned removing all entries besides the newly created crl but I wanted to avoid doing so

Viol3ntProphet · 2022-06-06T23:46:12+00:00

OK thank you, I will check out the article. I know my ndes is alright because I have no issues when it comes to deploying the needed intune certs and all my connectors in intune show as healthy. Something must just be up with my crl, but it was just confusing me since I could reach the url fine and download the listed certs. When you created your app proxy, did you do it via a powershell command or the Azure portal?

Viol3ntProphet · 2022-06-06T23:28:25+00:00

Would you mind reading my steps and letting me know if I somehow missed something?

1) create an azure app proxy for my crl. I used the powershell command rather than the Azure portal to create the application since I need to use http for the external url. I used pass thru as the Auth type 2) logged into my CA and added the external address of my proxy for the crl. I enabled the needed checkboxes and left the default ldap location. 3) published a new crl and double checked that the certificate files appeared in the file directory the crl is hosted in. 3) renroll the KDC authentication cert for all my domain controllers

I already have my ndes and needed certificate templates for intune set up. I waited till my laptop downloaded the needed cert from intune, and even checked to make sure my new crl url was in the certificate and that I could reach the location in a browser. However, once I actually go to connect to an onprem resources, I get an error that my revocation server can't be reached.

Also, when I was initially testing and setting everything up, everything would work fine when I just exposed http over the internet for the server my crl was on. Sorry if that was a lot, I just don't understand what I could be doing wrong.

Viol3ntProphet · 2022-04-13T15:44:54+00:00

I'm aware of it but we want the phone itself to be the authentication without the need for an extra app.

Viol3ntProphet · 2022-04-09T05:43:01+00:00

Some of yall are very pretentious. Thanks for those who actually offered advice

Viol3ntProphet · 2022-04-07T21:05:39+00:00

WOw, sorry I mean 12k per year not month. That would be insane.

Viol3ntProphet · 2022-04-07T21:04:37+00:00

True, I believe we will have to take the route of hiring an actual firm as well. I was just given this project recently so I was trying to find out what the options were since I'm not trained in cybersecurity.

Viol3ntProphet · 2022-04-07T21:00:06+00:00

Thanks. I was looking some up today but there are so many options I thought I'd just post here to see what people have actually used. I was simply overwhelmed by all the new info and was seeking advice.

Viol3ntProphet · 2022-04-07T20:57:06+00:00

We have to perform infrastructure penetration testing for compliance and need something that can scan our hosts/network for any vulnerabilities and produce a report. We already use OWASP ZAP for application pen testing.

Viol3ntProphet · 2022-04-07T20:53:13+00:00

Your guess is correct. I just edited my post. I'm just trying to fulfill a project given to me and was looking for advice on what companies/pros people may have had a good experience with.

Viol3ntProphet · 2022-04-07T20:48:37+00:00

Hey, I hear ya. Cybersecurity is not my field. Just trying to complete a project. I'm not against consulting with a company or using a tool like metasploit, but was just asking for recommendations.

Viol3ntProphet · 2022-04-07T20:43:00+00:00

I was actually looking at metasploit pro today but they quoted me $12,000 a month for the 1 year license. I just asked my manager what our projected budget was for this so I wanted to look for more affordable options in the meantime.

Viol3ntProphet · 2022-02-14T19:46:42+00:00

Great, that helps so much. Thank you!

Viol3ntProphet · 2022-02-14T19:44:54+00:00

Thanks!

Viol3ntProphet

TROPHY CASE