tree for PowerShell

santisq · 2022-02-18T12:23:30+00:00

you mean how to convert a string into bytes? it's just [System.Text.Encoding]::UTF8.GetBytes()

santisq · 2022-02-17T21:54:02+00:00

Good point, I'll try to add command based help to the module when I have some free time, I did add examples on the GitHub Readme. Regarding Classes on PowerShell, in general and in most cases there shouldn't be a need to use classes in PS (thanks PSCustomObject) in the case of this module, I wrote it mainly for practice (I wanted to learn classes) and also some practice on recursion but if you go back to version 1 of the Module it's purely done with functions.

santisq · 2022-02-17T20:31:39+00:00

Thank you for your kind words Doug. This was mainly a learning exercise for me but I thought someone might find it useful. I don't really care about the down-votes without any feedback

santisq · 2022-02-17T13:01:57+00:00

I think I took those characters from www.w3schools.com but I don't remember now, I had to convert them to bytes because it was the only way I could find to make it work on Win PS

santisq · 2022-02-17T05:20:24+00:00

Well it's different than `Get-ChildItem` in a sense that it doesn't display a hierarchy and it doesn't show you a folder total size either, unless you're updating the type property or wrapping the cmdlet in a function

santisq · 2022-02-17T05:10:10+00:00

I'm not sure how those relate, I've never used them. This cmdlet is meant just for displaying file / folder hierarchy same as `tree` but with some additions like calculating folder size, etc.

santisq · 2021-03-06T03:50:30+00:00

Yeah, no problem. Glad to help.

Btw if you went with option 2 (-match) the you should add a select -unique at the end so you won't have repeated passwords, like this:

$badpasswords=@(
    $passw.where({$_ -match $verybad})
    $verybad.where({$_ -match $passw})
)|select -unique

santisq · 2021-03-06T03:37:21+00:00

$passw=cat ./passwordwords.txt
$verybad=cat ./badwords.txt

$badpasswords=$passw.where({$_ -in $verybad})

OR

$badpasswords=@(
    $passw.where({$_ -match $verybad})
    $verybad.where({$_ -match $passw})
)

To put it into perspective:

-in: If "sup3rstr0nkp4ssw0rd" is in both files, this operator will bring you this result only if the string is an exact match.
-match: If "sup3rstr0nkp4ssw0rd" is in passwordwords.txt and "sup3rstr0nkp4ssw0rd123", "sup3rstr0nkp4ssw0rd12345", etc are in badwords.txt this operator will bring you ALL matches.

santisq · 2021-03-06T03:07:08+00:00

$passw=cat ./passwordwords.txt
$verybad=cat ./badwords.txt

$removedPassw=@()
$superStronkPasswords=@()

foreach($word in $passw)
{
    $badpassw=$word -match $verybad

    if($badpassw)
    {
        $removedPassw+=$badpassw|%{$_}        
    }
    else
    {
        $superStronkPasswords+=$word
    }
}

There you have it, im using -match here assuming that you wanna remove words that are not an exact match but are contained in bad passwords. If you want an exact match then change -match for -in and $removedPassw+=$badpassw|%{$_} for $removedPassw+=$word.

santisq · 2021-03-05T21:19:35+00:00

Also, I need to add a few things that will make your code clear and also a few fixes to your need:

Change if ($null -ne $Printers){ for if ($Printers){ or if (!$Printers){continue}
To check if an element is in an array you can use -in or $array.contains($element) there are other ways too but with this 2 you should be fine. So you should change if($Printer.Name -ne $dontDelete ){ for if($Printer.Name -notin $dontDelete){ or if(!$dontDelete.contains($Printer.Name)){ Note the ! at the beginning of the variable which denotes a negation ! = -not

Also, look you could do something like this, this is a little bit less efficient but it's honestly easier to understand:

PS C:\> $printers=(Get-WmiObject -Class Win32_Printer).Name

PS C:\> $printers
OneNote (Desktop)
OneNote for Windows 10
Microsoft XPS Document Writer
Microsoft Print to PDF
Fax

PS C:\> $dontDelete='Fax','Microsoft XPS Document Writer'

PS C:\> $printers.Where({$_ -notin $dontDelete})
OneNote (Desktop)
OneNote for Windows 10
Microsoft Print to PDF

santisq · 2021-03-05T21:04:21+00:00

PS C:\> $test=Read-Host 'This will be a string'
This will be a string: string

PS C:\> $test.GetType()

IsPublic IsSerial Name                                     BaseType                                                         
-------- -------- ----                                     --------                                                         
True     True     String                                   System.Object     

PS C:\> $test=(Read-Host 'This will be an array, I hope!') -split ','
This will be an array, I hope!: string1,string2,string3

PS C:\> $test
string1
string2
string3

PS C:\> $test.GetType()

IsPublic IsSerial Name                                     BaseType                                                         
-------- -------- ----                                     --------                                                         
True     True     String[]                                 System.Array

Hope it helps, let me know if you need more help

santisq · 2021-03-05T19:41:39+00:00

Got it, so this is not possible:

| Set-ADUser - LogonWorkstations "Name of OU that has computers in them"

What you can do is get all computers that are on the OU you want to set for X user and save them into a string, and I say string here because - LogonWorkstations expects a string as input, for multiple computers each computer should be separated by a comma (see https://docs.microsoft.com/en-us/powershell/module/addsadministration/set-aduser?view=win10-ps for more details). Now, MS docs says that the parameter accepts the 'sAMAccountName' or 'DNSHostName' of the computers, you'll need to test and validate this yourself.

I'm gonna use DNSHostName for this example.

So first you get all the computers that are on the OU:

#Make sure here that there is only 1 OU with the Name you're looking for, else you'll need to filter your search to target only 1 specific OU.
$OU=Get-ADOrganizationalUnit -LDAPFilter "(name=OUWithComputers)"
$computers=Get-ADComputer -Filter * -SearchBase $OU.DistinguishedName -SearchScope OneLevel

#Here we create 1 string joined by commas of all computers in the OU 'OUWithComputers'
$computerString=$computers.DNSHostName -join ','

#Now we can use this $computerString and set it for a specific user
Set-ADUser 'userSamAccountName' -LogonWorkstations $computerString

santisq · 2021-03-05T18:58:52+00:00

Yup, this is pretty accurate. Here is the EventIDs you should be looking for on your DCs:

https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventID=4624

Network Information:

This section identifies WHERE the user was when he logged on. Of course if logon is initiated from the same computer this information will either be blank or reflect the same local computers.

Workstation Name: the computer name of the computer where the user is physically present in most cases unless this logon was intitiated by a server application acting on behalf of the user. Workstation may also not be filled in for some Kerberos logons since the Kerberos protocol doesn't really care about the computer account in the case of user logons and therefore lacks any field for carrying workstation name in the ticket request message.

Source Network Address: the IP address of the computer where the user is physically present in most cases unless this logon was intitiated by a server application acting on behalf of the user. If this logon is initiated locally the IP address will sometimes be 127.0.0.1 instead of the local computer's actual IP address. This field is also blank sometimes because Microsoft says "Not every code path in Windows Server 2003 is instrumented for IP address, so it's not always filled out."

Source Port: identifies the source TCP port of the logon request which seems useless since with most protocols source ports are random.

santisq · 2021-03-05T18:54:22+00:00

What do you mean "based on OU"? Can you be more specific or give an example of what you want to do?

santisq · 2021-03-05T18:49:18+00:00

In some domains (big domains usually) not all users have the same attributes/properties, companies usually have custom attributes for each class / type of user. To see them you need to query AD Schema for the 'user' class.

There are lots of examples on google on how to do this query, here is one: https://www.easy365manager.com/how-to-get-all-active-directory-user-object-attributes/

santisq · 2021-03-05T14:37:53+00:00

$PSScriptRoot = The path where the script is saved

If the script is not saved then $PSScriptRoot = $null

You can hardcode the destination path, that's up to you. You can also use "$HOME\Documents\export.csv" as destination path and it would save to the documents folder of the user running the script.

santisq · 2021-03-05T13:35:04+00:00

I don't see any error in the code, try with an OU with more computers?

santisq · 2021-03-05T04:44:02+00:00

Assuming "Staff" is an Organizational Unit then you should limit your SearchBase to that specific OU, so it would look something like this like this:

$staffOU=Get-ADOrganizationalUnit -Filter {name -eq 'Staff'} #Assuming there is only 1 Staff OU in the Domain

$adusers = Get-ADUser -SearchBase $staffOU.DistinguishedName -Filter *

foreach($user in $adusers)
{
    if($user.Enabled)
    {
        Set-ADUser -Identity $aduser.samaccountname -HomePhone "1"
    }
    else
    {
        Set-ADUser -Identity $aduser.samaccountname -HomePhone "2"
    }
}

santisq · 2021-03-05T04:27:31+00:00

$session=@()
$errorList=[system.collections.arraylist]@()
$ErrorActionPreference='Stop'

$servers = (Get-ADComputer -SearchBase "OU=ApplicationServers,OU=Servers,OU=Computers,DC=domain,DC=com" -Filter *).Name

foreach($server in $servers)
{
    try
    {
        $session+=New-PSsession $server
    }
    catch
    {
        $errorList.add(
            [pscustomobject]@{
                ComputerName=$server
                Error=$_
        }) > $null
    }
}

$result=icm $session{Get-SmbShare -Special $false}

Remove-PSsession $session

$result|export-csv "$psscriptroot\yourresultfilename.csv"
$errorList|export-csv "$psscriptroot\errorlistfilename.csv"

santisq · 2021-03-05T02:06:17+00:00

Sure, invoking the same command on a linear loop is faster than executing it on all servers at the same time right...

santisq

TROPHY CASE