From 0e58b4395725d160cc97c41d64138bcd98a7d3c2 Mon Sep 17 00:00:00 2001 From: Adam Bertram Date: Sat, 26 Mar 2016 08:55:13 -0500 Subject: [PATCH] added AD scripts and cleaned propriety information --- ActiveDirectory/Add user to local group.ps1 | 2 + ActiveDirectory/Bulk-AD-User-Creation.ps1 | 16 +++ ActiveDirectory/CompareIEGPO.ps1 | 53 ++++++++++ ActiveDirectory/Copy-AD-User-Account.ps1 | 38 +++++++ ActiveDirectory/FindUnusedUserAccounts.ps1 | 48 +++++++++ ActiveDirectory/Get-All-Docs-Password-Age.ps1 | 21 ++++ ActiveDirectory/Get-Empty-Groups.ps1 | 31 ++++++ ActiveDirectory/Get-Empty-OUs.ps1 | 35 +++++++ ActiveDirectory/Get-GPO-Reg-Settings.ps1 | 44 +++++++++ .../Get-GPOs-Linked-To-Empty-OUs.ps1 | 51 ++++++++++ ActiveDirectory/Get-Gpo-Setting.ps1 | 60 +++++++++++ ActiveDirectory/Get-Inactive-Ad-Users.ps1 | 99 +++++++++++++++++++ ActiveDirectory/Get-Inactive-GPO-Settings.ps1 | 48 +++++++++ ActiveDirectory/Get-Inactive-GPOs.ps1 | 24 +++++ ActiveDirectory/Get-Old-Computer-Accounts.ps1 | 51 ++++++++++ ...GetAdUsersWithPasswordLastSetOlderThan.ps1 | 13 +++ .../GetPasswordResetCountXDaysOld.ps1 | 3 + .../Remove-Disabled-Ad-Computers.ps1 | 4 + ActiveDirectory/TestSiteReplicationMod.ps1 | 39 ++++++++ DNS/Convert-DynamicDnsRecordToStatic.ps1 | 6 +- DNS/Get-RecordsToBeScavenged.ps1 | 4 +- .../Add-UserToLocalGroup.ps1 | 3 + Networking/Send-WolProxyRequest.ps1 | 2 +- SCCM/New-CMMyApplication.ps1 | 4 +- SCCM/Start-PostConfigmgrBackupTasks.ps1 | 8 +- 25 files changed, 695 insertions(+), 12 deletions(-) create mode 100644 ActiveDirectory/Add user to local group.ps1 create mode 100644 ActiveDirectory/Bulk-AD-User-Creation.ps1 create mode 100644 ActiveDirectory/CompareIEGPO.ps1 create mode 100644 ActiveDirectory/Copy-AD-User-Account.ps1 create mode 100644 ActiveDirectory/FindUnusedUserAccounts.ps1 create mode 100644 ActiveDirectory/Get-All-Docs-Password-Age.ps1 create mode 100644 ActiveDirectory/Get-Empty-Groups.ps1 create mode 100644 ActiveDirectory/Get-Empty-OUs.ps1 create mode 100644 ActiveDirectory/Get-GPO-Reg-Settings.ps1 create mode 100644 ActiveDirectory/Get-GPOs-Linked-To-Empty-OUs.ps1 create mode 100644 ActiveDirectory/Get-Gpo-Setting.ps1 create mode 100644 ActiveDirectory/Get-Inactive-Ad-Users.ps1 create mode 100644 ActiveDirectory/Get-Inactive-GPO-Settings.ps1 create mode 100644 ActiveDirectory/Get-Inactive-GPOs.ps1 create mode 100644 ActiveDirectory/Get-Old-Computer-Accounts.ps1 create mode 100644 ActiveDirectory/GetAdUsersWithPasswordLastSetOlderThan.ps1 create mode 100644 ActiveDirectory/GetPasswordResetCountXDaysOld.ps1 create mode 100644 ActiveDirectory/Remove-Disabled-Ad-Computers.ps1 create mode 100644 ActiveDirectory/TestSiteReplicationMod.ps1 create mode 100644 Local Account Management/Add-UserToLocalGroup.ps1 diff --git a/ActiveDirectory/Add user to local group.ps1 b/ActiveDirectory/Add user to local group.ps1 new file mode 100644 index 0000000..b97db5b --- /dev/null +++ b/ActiveDirectory/Add user to local group.ps1 @@ -0,0 +1,2 @@ +$de = [ADSI]"WinNT://a-xp-2/administrators,group" +$de.psbase.Invoke("Add",([ADSI]"WinNT://apollo/support").path) \ No newline at end of file diff --git a/ActiveDirectory/Bulk-AD-User-Creation.ps1 b/ActiveDirectory/Bulk-AD-User-Creation.ps1 new file mode 100644 index 0000000..c67e92e --- /dev/null +++ b/ActiveDirectory/Bulk-AD-User-Creation.ps1 @@ -0,0 +1,16 @@ +$aPcs = Get-Content dddd.txt | where +foreach ($oPc in $aPcs) { + $sUser = $oPc.ToLower(); + if ($sUser -eq 'isspare23') { + $sLName = 'spare23' + $sLName = "spare23" + $sDisplayName = "spare23 spare23"; + $sDesc = 'med cart laptop autologin'; + } else { + $sLName = $sUser.substring($sUser.length - 4, 4); + $sLName = "Cart $sLName" + $sDisplayName = "Medication Cart $sLName"; + $sDesc = $sDisplayName; + } + New-AdUser $sUser -Path "" -accountpassword (ConvertTo-SecureString -AsPlainText "password" -Force) -Enabled $true -GivenName 'Medication' -Surname $sLName -DisplayName $sDisplayName -PasswordNeverExpires $true -CannotChangePassword $true -Description $sDesc; +} \ No newline at end of file diff --git a/ActiveDirectory/CompareIEGPO.ps1 b/ActiveDirectory/CompareIEGPO.ps1 new file mode 100644 index 0000000..bfa7835 --- /dev/null +++ b/ActiveDirectory/CompareIEGPO.ps1 @@ -0,0 +1,53 @@ +#requires -version 3 + +[xml]$golden_gpo = gc '.\IE Settings.xml' +$gpos = Get-GPOReport -All -ReportType XML + +$golden_gpo_computer_registry_settings = ($golden_gpo.GPO.Computer.ExtensionData | ? {$_.Name -eq 'Registry'}).childNodes.Policy | select name,state +$golden_gpo_user_ie_pref_settings = ($golden_gpo.GPO.User.ExtensionData | ? {$_.Name -eq 'Internet Options'}).childNodes.InternetOptions.IE8.Properties.Reg +$golden_computer_ie_settings = ($golden_gpo.GPO.Computer.ExtensionData | ? { $_.Name -eq 'Registry' }).childNodes.Policy | ? {$_.Category -like 'Windows Components/Internet Explorer*'} | select name,state + +foreach ($gpo in $gpos){ + [xml]$gpo = $gpo + + $gpo_computer_registry_settings = ($gpo.GPO.Computer.ExtensionData | ? {$_.Name -eq 'Registry'}).childNodes.Policy | select name,state + $gpo_user_ie_pref_settings = ($gpo.GPO.User.ExtensionData | ? {$_.Name -eq 'Internet Options'}).childNodes.InternetOptions.IE8.Properties.Reg + if ($gpo_computer_registry_settings) { + $Compare = Compare-Object -ReferenceObject $gpo_computer_registry_settings -DifferenceObject $golden_gpo_computer_registry_settings -Property Name -IncludeEqual -PassThru | ? {$_.SideIndicator -eq '=='} + if ($Compare) { + $Compare | % { + $properties = @{'MatchingGPO' = $gpo.GPO.Name; 'GPOSetting' = 'Computer'; 'CompareType' = 'Match'; 'Setting' = "$($_.Name) = $($_.State)"} + New-Object -TypeName PSObject -Property $properties + } | Export-Csv Matching-IE-GPO-Settings.txt -NoTypeInformation -Append + } + + } + if ($gpo_user_ie_pref_settings) { + $Compare = Compare-Object -ReferenceObject $gpo_user_ie_pref_settings -DifferenceObject $golden_gpo_user_ie_pref_settings -Property Name -IncludeEqual -PassThru | ? {$_.SideIndicator -eq '=='} + if ($Compare) { + $Compare | % { + $properties = @{'MatchingGPO' = $gpo.GPO.Name; 'GPOSetting' = 'User'; 'CompareType' = 'Match'; 'Setting' = "$($_.Key)\$($_.Name)"} + New-Object -TypeName PSObject -Property $properties + } | Export-Csv Matching-IE-GPO-Settings.txt -NoTypeInformation -Append + } + + $Compare = Compare-Object -ReferenceObject $gpo_user_ie_pref_settings -DifferenceObject $golden_gpo_user_ie_pref_settings -Property Name -PassThru | ? {$_.SideIndicator -eq '=>'} + if ($Compare) { + $Compare | % { + $properties = @{'MatchingGPO' = $gpo.GPO.Name; 'GPOSetting' = 'User'; 'CompareType' = 'Difference'; 'Setting' = "$($_.Key)\$($_.Name)"} + New-Object -TypeName PSObject -Property $properties + } | Export-Csv Matching-IE-GPO-Settings.txt -NoTypeInformation -Append + } + } + + $diff_computer_ie_settings = ($gpo.GPO.Computer.ExtensionData | ? { $_.Name -eq 'Registry' }).childNodes.Policy | ? {$_.Category -like 'Windows Components/Internet Explorer*'} | select name,state + if ($diff_computer_ie_settings) { + $Compare = Compare-Object -ReferenceObject $golden_computer_ie_settings -DifferenceObject $diff_computer_ie_settings -Property name -PassThru | ? {$_.SideIndicator -eq '=>'} + if ($Compare) { + $Compare | % { + $properties = @{'MatchingGPO' = $gpo.GPO.Name; 'GPOSetting' = 'Computer'; 'CompareType' = 'Difference'; 'Setting' = "$($_.Name) = $($_.State)"} + New-Object -TypeName PSObject -Property $properties + } | Export-Csv Matching-IE-GPO-Settings.txt -NoTypeInformation -Append + } + } +} \ No newline at end of file diff --git a/ActiveDirectory/Copy-AD-User-Account.ps1 b/ActiveDirectory/Copy-AD-User-Account.ps1 new file mode 100644 index 0000000..34f8758 --- /dev/null +++ b/ActiveDirectory/Copy-AD-User-Account.ps1 @@ -0,0 +1,38 @@ +$samaccount_to_copy = 'abertram' +$new_samaccountname = 'aaaa' +$new_displayname = 'displayname' +$new_firstname = 'firstname' +$new_lastname = 'lastname' +$new_name = 'namehere' +$new_user_logon_name = 'logonname' +$new_password = 'password' +$new_description = 'description' +$new_ou_DN = '' +$enable_user_after_creation = $true +$password_never_expires = $false +$cannot_change_password = $false + + +$ad_account_to_copy = Get-Aduser $samaccount_to_copy -Properties memberOf + +$params = @{'SamAccountName' = $new_samaccountname; + 'Instance' = $ad_account_to_copy; + 'DisplayName' = $new_displayname; + 'GivenName' = $new_firstname; + 'SurName' = $new_lastname; + 'PasswordNeverExpires' = $password_never_expires; + 'CannotChangePassword' = $cannot_change_password; + 'Description' = $new_description; + 'Enabled' = $enable_user_after_creation; + 'UserPrincipalName' = $new_user_logon_name; + 'AccountPassword' = (ConvertTo-SecureString -AsPlainText $new_password -Force); + } + +## Create the new user account +New-ADUser -Name $new_name @params + +## Mirror all the groups the original account was a member of +$ad_account_to_copy.Memberof | % {Add-ADGroupMember $_ $new_samaccountname } + +## Move the new user account into the assigned OU +Get-ADUser $new_samaccountname| Move-ADObject -TargetPath $new_ou_DN \ No newline at end of file diff --git a/ActiveDirectory/FindUnusedUserAccounts.ps1 b/ActiveDirectory/FindUnusedUserAccounts.ps1 new file mode 100644 index 0000000..24efb4a --- /dev/null +++ b/ActiveDirectory/FindUnusedUserAccounts.ps1 @@ -0,0 +1,48 @@ +## Set a variable to give control over the script where to just find the users +## or find and also remove them. +$remove_users_found = $false + +## Set today's date as a variable now since this will not change (today) +## If this were in the Where-Object scriptblock the Get-Date cmdlet would be executed +## once for every user object that's retrieved +$today_object = Get-Date + +## Find the date in a string to write to the log +$today_string = get-date -Format 'MM-dd-yyyy hh:mm tt' + +## Create the Where-Object scriptblock ahead of time. This is done for easy reading +## The AD Filter is not used due to the complexity of the conditions +$unused_conditions_met = { + ## Ensure no built-in AD user objects are removed inadvertantly + !$_.isCriticalSystemObject -and + ## The account is disabled (account cannot be used) + (!$_.Enabled -or + ## The password is expired (account cannot be used) + $_.PasswordExpired -or + ## The account has never been used + !$_.LastLogonDate -or + ## The account hasn't been used for 60 days + ($_.LastLogonDate.AddDays(60) -lt $today_object)) +} + +## Query all Active Directory user accounts with all of the conditions we defined above +$unused_accounts = Get-ADUser -Filter * -Properties passwordexpired,lastlogondate,isCriticalSystemobject | Where-Object $unused_conditions_met | + Select-Object @{Name='Username';Expression={$_.samAccountName}}, + @{Name='FirstName';Expression={$_.givenName}}, + @{Name='LastName';Expression={$_.surName}}, + @{Name='Enabled';Expression={$_.Enabled}}, + @{Name='PasswordExpired';Expression={$_.PasswordExpired}}, + @{Name='LastLoggedOnDaysAgo';Expression={if (!$_.LastLogonDate) { 'Never' } else { ($today_object - $_.LastLogonDate).Days}}}, + @{Name='Operation';Expression={'Found'}}, + @{Name='On';Expression={$today_string}} + +## Create the log file of what the script found +$unused_accounts | Export-Csv -Path unused_user_accounts.csv -NoTypeInformation + +## If set, remove all of the accounts found and append to the log +if ($remove_users_found) { + foreach ($account in $unused_accounts) { + Remove-ADUser $account.Username -Confirm:$false + Add-Content -Value "$($account.UserName),,,,,,Removed,$today_string" -Path unused_user_accounts.csv + } +} \ No newline at end of file diff --git a/ActiveDirectory/Get-All-Docs-Password-Age.ps1 b/ActiveDirectory/Get-All-Docs-Password-Age.ps1 new file mode 100644 index 0000000..64c026f --- /dev/null +++ b/ActiveDirectory/Get-All-Docs-Password-Age.ps1 @@ -0,0 +1,21 @@ +Import-Module ActiveDirectory +try { + $uap_docs = Import-Csv C:\scripts\All-Doc-2013-Password-Policy\all-docs-2013-password-policy.csv + $ad_pw_ages = @(); + foreach ($user in $uap_docs) { + $ad_pw_ages += Get-AdUser $user.Username -Properties passwordlastset | % {"$($_.Givenname) $($_.Surname), $($_.PasswordLastSet)`n"} + } + + ## Email + $oFrom = New-Object system.net.Mail.MailAddress 'adbertram@gmail.com','Adam Bertram'; + $oTo = New-Object system.net.Mail.MailAddress 'jdoe@email.com', 'John Doe' + $oMsg = New-Object System.Net.Mail.MailMessage $oFrom, $oTo + $oMsg.Subject = 'Daily Doc Password Changes' + $oMsg.Body = "Here is the most recent list of docs and their password ages.`n`n$ad_pw_ages" + $sSmtpServer = 'smtp.email.com'; + $oSmtpClient = new-object Net.Mail.SmtpClient($sSmtpServer); + + $oSmtpClient.Send($oMsg); +} catch [System.Exception] { + return $_.Exception.Message; +}##endtry \ No newline at end of file diff --git a/ActiveDirectory/Get-Empty-Groups.ps1 b/ActiveDirectory/Get-Empty-Groups.ps1 new file mode 100644 index 0000000..1f9e398 --- /dev/null +++ b/ActiveDirectory/Get-Empty-Groups.ps1 @@ -0,0 +1,31 @@ +$aExclude = @('Cryptographic Operators', +'Distributed COM Users', +'Domain Computers', +'Domain Controllers', +'Domain Guests', +'Enterprise Read-only Domain Controllers', +'Event Log Readers', +'Incoming Forest Trust Builders', +'Network Configuration Operators', +'Performance Log Users', +'Performance Monitor Users', +'Print Operators', +'Replicator', +'Read-only Domain Controllers', +'Allowed RODC Password Replication Group', +'RAS and IAS Servers', +'Certificate Service DCOM Access'); + + +$aEmpty = Get-ADGroup -Filter * -Properties * | where { $_.Members.Count -eq 0 -and $_.Name -notlike 'KAV*' -and $_.Name -notlike 'KL*' -and $_.Name -notlike 'vpn.*' -and $_.Name -ne 'CTX ISU EMR' }; +$i = 0; +$aRemove = @(); +foreach ($oGroup in $aEmpty) { + if ($aExclude -notcontains $oGroup.Name) { + #$aRemove += $oGroup; + $oGroup.Name + $i++ + } +} +$i +#$aRemove | Remove-ADGroup \ No newline at end of file diff --git a/ActiveDirectory/Get-Empty-OUs.ps1 b/ActiveDirectory/Get-Empty-OUs.ps1 new file mode 100644 index 0000000..3baa781 --- /dev/null +++ b/ActiveDirectory/Get-Empty-OUs.ps1 @@ -0,0 +1,35 @@ +$remove_ous = $false + +$ous_to_keep = @('UAP - PEAP TLS','UAP - PEAP TLS Only','Disabled Users'); + +$ad_objects = Get-ADObject -Filter "ObjectClass -eq 'user' -or ObjectClass -eq 'computer' -or ObjectClass -eq 'group' -or ObjectClass -eq 'organizationalUnit'"; + +$aOuDns = @(); +foreach ($o in $ad_objects) { + $sDn = $o.DistinguishedName; + if ($sDn -like '*OU=*' -and $sDn -notlike '*LostAndFound*') { + $sOuDn = $sDn.Substring($sDn.IndexOf('OU=')); + $aOuDns += $sOuDn; + }##endif +}##endforeach + +$a0CountOus = $aOuDns | Group-Object | Where-Object { $_.Count -eq 1 } | % { $_.Name }; +$empty_ous = 0; +$ous_removed = 0; +foreach ($sOu in $a0CountOus) { + if (!(Get-ADObject -Filter "ObjectClass -eq 'organizationalUnit'" | where { $_.DistinguishedName -like "*$sOu*" -and $_.DistinguishedName -ne $sOu })) { + $ou = Get-AdObject -Filter { DistinguishedName -eq $sOu }; + if ($ous_to_keep -notcontains $ou.Name) { + if ($remove_ous) { + Set-ADOrganizationalUnit -Identity $ou.DistinguishedName -ProtectedFromAccidentalDeletion $false -confirm:$false; + Remove-AdOrganizationalUnit -Identity $ou.DistinguishedName -confirm:$false + $ous_removed++ + }##endif + $ou + $empty_ous++; + }##endif + }##endif +}##endforeach +echo '-------------------' +echo "Total Empty OUs Removed: $ous_removed" +echo "Total Empty OUs: $empty_ous" \ No newline at end of file diff --git a/ActiveDirectory/Get-GPO-Reg-Settings.ps1 b/ActiveDirectory/Get-GPO-Reg-Settings.ps1 new file mode 100644 index 0000000..70b2d5b --- /dev/null +++ b/ActiveDirectory/Get-GPO-Reg-Settings.ps1 @@ -0,0 +1,44 @@ +#$ErrorActionPreference = "SilentlyContinue" +$error.PSBase.Clear() + +$aRegRoots = @('HKCU\Software','HKLM\System','HKLM\Software'); +$aGpos = Get-Gpo -All; +$aUniqueSettings = @(); +$aUniqueDups = @(); + +function findRegValues($sName,$sId,$sKeyPath,$aKeyPathHistory = $null) { + $aPath = Get-GPRegistryValue -GUID $sId -Key $sKeyPath -ErrorAction 'silentlycontinue' + $aKeyPathHistory = @(); + foreach ($oKeyPath in $aPath) { + if ($oKeyPath) { + if (Test-Member $oKeyPath Value) { + if ($aKeyPathHistory -notcontains $oKeyPath.FullKeyPath) { + $o = New-Object System.Object; + $o | Add-Member -type NoteProperty -Name 'GUID' -Value $sId; + $o | Add-Member -type NoteProperty -Name 'Name' -Value $sName; + $o | Add-Member -type NoteProperty -Name 'Key' -Value $sKeyPath; + $o | Add-Member -type NoteProperty -Name 'Value' -Value $oKeyPath.Value; + if ($aUniqueSettings -notcontains "$sKeyPath|$($oKeyPath.Value)") { + $aUniqueSettings += "$sKeyPath|$($oKeyPath.Value)"; + } elseif ($aUniqueDups -notcontains "$sKeyPath|$($oKeyPath.Value)") { + "$sName|$sKeyPath|$($oKeyPath.Value)"; + $aUniqueDups += "$sKeyPath|$($oKeyPath.Value)"; + } + } + } elseif (Test-Member $oKeyPath FullKeyPath) { + $aKeyPathHistory += $oKeyPath.FullKeyPath; + findRegValues $sName $sId $oKeyPath.FullKeyPath $aKeyPathHistory + } + } + } +} + +$aRegValues = @(); + +foreach ($oGpo in $aGpos) { + $sGuid = $oGpo.Id; + $sName = $oGpo.DisplayName; + foreach ($sRegRoot in $aRegRoots) { + findRegValues $sName $sGuid $sRegRoot + } +} \ No newline at end of file diff --git a/ActiveDirectory/Get-GPOs-Linked-To-Empty-OUs.ps1 b/ActiveDirectory/Get-GPOs-Linked-To-Empty-OUs.ps1 new file mode 100644 index 0000000..bf2bdee --- /dev/null +++ b/ActiveDirectory/Get-GPOs-Linked-To-Empty-OUs.ps1 @@ -0,0 +1,51 @@ +function convertDsnToPathFormat($sDsn) { + $sDsn = $sDsn.Replace(',',''); + $sDsn = $sDsn.Replace('OU=',''); + $aDsn = $sDsn.Split(','); + [array]::Reverse($aDsn); + $sPath = $aDsn -join '/'; + return '/' + $sPath; +}##endfunction + +$aAllGpos = Get-GPOReport -all -ReportType XML; +$aFilteredGpos = @(); +$aLinkedOuGPos = @(); +foreach ($xGpo in $aAllGpos) { + $xGpo = ([xml]$xGpo).GPO; + if (Test-Member $xGpo 'LinksTo') { ## GPO links to at least one OU + $sGpoName = $xGpo.Name; + if ($xGpo.LinksTo -is [array]) { ## Links to more than on OU + $aLinkedOus = $xGpo.LinksTo | Select-Object SOMPath | % { $_.SOMPath } + } else { + $aLinkedOus = , @($xGpo.LinksTo.SOMPath); + }##endif + $aLinkedOuGPos += , @($sGpoName,$aLinkedOus); + }##endif +}##endforeach + +$aObjects = Get-ADObject -Filter "ObjectClass -eq 'user' -or ObjectClass -eq 'computer' -or ObjectClass -eq 'group' -or ObjectClass -eq 'organizationalUnit'"; + +$aOuDns = @(); +foreach ($o in $aObjects) { + $sDn = $o.DistinguishedName; + if ($sDn -like '*OU=*') { + $sOuDn = $sDn.Substring($sDn.IndexOf('OU=')); + $aOuDns += $sOuDn; + }##endif +}##endforeach + +$a0CountOus = $aOuDns | Group-Object | Where-Object { $_.Count -eq 1 } | % { $_.Name }; +$aFiltered0CountOUs = @(); +foreach ($sOu in $a0CountOus) { + if (!(Get-ADObject -Filter "ObjectClass -eq 'organizationalUnit'" | where { $_.DistinguishedName -like "*$sOu*" -and $_.DistinguishedName -ne $sOu })) { + $aFiltered0CountOUs += convertDsnToPathFormat $sOu; + }##endif +}##endforeach + +foreach ($aGpo in $aLinkedOuGpos) { + foreach ($i in $aFiltered0CountOUs) { + if (($aGpo[1] -contains $i) -and ($aGpo[1] -notcontains '')) { + $aGpo[0]; + } + } +} \ No newline at end of file diff --git a/ActiveDirectory/Get-Gpo-Setting.ps1 b/ActiveDirectory/Get-Gpo-Setting.ps1 new file mode 100644 index 0000000..7db98ba --- /dev/null +++ b/ActiveDirectory/Get-Gpo-Setting.ps1 @@ -0,0 +1,60 @@ +$sDefaultGpoGuid = '{F6FE3FDE-4CD0-455D-B9BC-D134111BBF09}'; + +$sDefaultGpoGuid = "*$($sDefaultGpoGuid)*"; +$ErrorActionPreference = "Stop"; +#$aComputerGPOs = Get-ADObject -Filter {(ObjectClass -eq "groupPolicyContainer") -and (Name -eq '{F6FE3FDE-4CD0-455D-B9BC-D134111BBF09}')} +$aComputerGPOs = Get-ADObject -Filter {(ObjectClass -eq "groupPolicyContainer")} +#$aUserGPOs = Get-ADObject -Filter {(ObjectClass -eq "groupPolicyContainer") -and (gPCUserExtensionNames -like $sDefaultGpoGuid)} + + +$test = @(); + +if ($aComputerGpos -ne $null) { + $aReport = @() + foreach ($oGpo in $aComputerGpos) { + [XML]$xGpoReport = Get-GPOReport -Guid $oGpo.Name -ReportType XML; + try { + if (($xGpoReport.GPO.Computer.Enabled -eq 'true') -and (Test-Member $xGpoReport.GPO.Computer 'ExtensionData')) { + $aSettings = @(); + foreach ($oExt in $xGpoReport.GPO.Computer.ExtensionData) { + $aSettings += $oExt.Extension.ChildNodes + }##endforeach + if ($aSettings.Count -ne 0) { + echo '11111111' + echo "======NAME:$($xGpoReport.GPO.Name)=========" + $aSettings + echo '22222222' + foreach ($oSetting in $aSettings) { + if ($oSetting.Name -match '^q\d+:RegistrySetting') { + $xGpoReport.GPO.Name + #$oSetting.ChildNodes + #$sSetting = ($oSetting.ChildNodes).Item(0).InnerText + #$sSetting + #echo '22222222222222' + #$sSetting = 'N/A - Actual setting is deeper in XML tree'; + #$($oSetting.ChildNodes | Select-Object -ExpandProperty '#text')[0]; + #echo '-----------start---------' + #$oSetting.Name + #$oSetting.ChildNodes + #echo '-----------end---------' + } elseif ($oSetting.Name -notmatch '^q\d+') { + #$sSetting = $oSetting.Name; + }##endif + +# $aReportItem = New-Object -TypeName PSObject -Property @{ +# Name = $xGpoReport.GPO.Name +# GUID = $oGpo.Name +# SettingName = $sSetting +# }##endnewobject +# $aReportItem +# $aReport += $aReportItem + }##endforeach + }##endif + }##endif + } catch { + Write-Error $_.Exception + }##endtrycatch + }##endforeach +}##endif + +$test | Select -Unique \ No newline at end of file diff --git a/ActiveDirectory/Get-Inactive-Ad-Users.ps1 b/ActiveDirectory/Get-Inactive-Ad-Users.ps1 new file mode 100644 index 0000000..46f38e8 --- /dev/null +++ b/ActiveDirectory/Get-Inactive-Ad-Users.ps1 @@ -0,0 +1,99 @@ +## Specify all file paths and configuration values +$sUnionEmployeesFilePath = 'Union Lawson Employees.csv'; +$sUapEmployeesFilePath = 'UAPEmployees.csv'; +$sOutputFilePath = 'old-non-employee-AD-user-accounts.tsv'; +$iDefinedOldDays = 90; +$dDaysAgo = [DateTime]::Now.Subtract([TimeSpan]::FromDays($iDefinedOldDays)); + +## Normalize both the Union and UAP spreadsheets into standard properties to match +## AD property names and ensure all alpha characters are lowercase to simplify matching +## Properties: EmployeeId,GivenName,SurName,Department +$aUnionContent = Get-Content $sUnionEmployeesFilePath; +$aUnionNoHeader = Get-Content $sUnionEmployeesFilePath | Select-Object -Skip 1; +$aUapContent = Get-Content $sUapEmployeesFilePath; +$aUapNoHeader = Get-Content $sUapEmployeesFilePath | Select-Object -Skip 1; + +## Rename all interesting header columns in Lawson content +$sHeaderRow = $aUnionContent[0]; +$sHeaderRow = $sHeaderRow.Replace('EMPLOYEE','EmployeeID'); +$sHeaderRow = $sHeaderRow.Replace('LAST_NAME','Surname'); +$sHeaderRow = $sHeaderRow.Replace('FIRST_NAME','GivenName'); +$sHeaderRow = $sHeaderRow.Replace('R_NAME','Department'); +$sHeaderRow = $sHeaderRow.Replace('MIDDLE_INIT','Initials'); +$sHeaderRow = $sHeaderRow.Replace('LAWSON_PAPOSITION.DESCRIPTION','Title'); +$sHeaderRow = $sHeaderRow.Replace('LAWSON_EMSTATUS.DESCRIPTION','HireStatus'); +Set-Content $sUnionEmployeesFilePath -Value $sHeaderRow,$aUnionContent[1..($aUnionContent.Count)]; + +## Add the HireStatus column to the UAP content (if necessary) +$sHeaderRow = $aUapContent[0]; +if ($sHeaderRow -notmatch "^.*,HireStatus$") { + $sHeaderRow = "$sHeaderRow,HireStatus"; +}##endif +Set-Content $sUapEmployeesFilePath -Value $sHeaderRow,$aUapContent[1..($aUapContent.Count)]; + +## Bring in the first data sources +$aUnionEmployeesCsv = Import-Csv $sUnionEmployeesFilePath; +$aUapEmployeesCsv = Import-Csv $sUapEmployeesFilePath; + +## Merge both UAP and Union employee lists to simplify comparision +$global:aEmployeesFromCsv = $aUnionEmployeesCsv + $aUapEmployeesCsv; +$global:iEmpCount = $aEmployeesFromCsv.Count; + +## Bring in the second data source for comparison +$aOldUsers = Get-ADUser -Filter {(Enabled -eq 'True') -and (LastLogonDate -le $dDaysAgo) -and (PasswordLastSet -le $dDaysAgo)} -Properties EmployeeID,LastLogonDate,PasswordLastSet,Department,Initials; +## The last element is always null for some reason +$iAdUserCount = $aOldUsers.Count; + +function isActiveEmployee($oAdUser) { + for ($i = 0; $i -lt $iEmpCount; $i++) { + if ($oAdUser.EmployeeID -and $aEmployeesFromCsv[$i].EmployeeID) { + if ($oAdUser.EmployeeID -eq $aEmployeesFromCsv[$i].EmployeeID) { + return @($true,$oAdUser,$aEmployeesFromCsv[$i].HireStatus); + }##endif + }##endif + if ($aEmployeesFromCsv[$i].Surname -and $aEmployeesFromCsv[$i].GivenName) { ## Ensure we're not trying to match on a blank + if ($oAdUser.GivenName -match '^[^0-9]*$') { ## No numbers in first name field + if ($oAdUser.Surname -match '^[^-]*$') { ## No dashes in the last name field + $sLNameLike = '*' + $aEmployeesFromCsv[$i].Surname.Trim() + '*'; + $sFNameLike = '*' + $aEmployeesFromCsv[$i].GivenName.Trim() + '*'; + if ($oAdUser.Surname -like $sLNameLike) { # If the employee last name is anywhere in the AD last name + if ($oAdUser.GivenName -like $sFNameLike) { ## If the employee first name is anywhere in the AD first name + return @($true,$oAdUser,$aEmployeesFromCsv[$i].HireStatus); + }##endif + }##endif + }##endif + }##endif + }##endif + }##endfor + return @($false,$oAdUser,$null); +}##endfunction + +function createCustomObject($oAdUser,$sHireStatus) { + $hProps = @{ + EmployeeID=$oAdUser.EmployeeID; + LastLogonDate=$oAdUser.LastLogonDate; + PasswordLastSet=$oAdUser.PasswordLastSet; + SamAccount=$oAdUser.SamAccountName; + FirstName=$oAdUser.GivenName; + LastName=$oAdUser.Surname; + Department=$oAdUser.Department; + HireStatus=$sHireStatus + }; + + $obj = New-Object -TypeName PSObject -Property $hProps; + return $obj; +}##endfunction + +for ($i = 0; $i -lt $iAdUserCount; $i++) { + $aIsActiveEmployee = isActiveEmployee $aOldUsers[$i]; + if (!$aIsActiveEmployee[0]) { + $oUser = createCustomObject $aOldUsers[$i] 'N/A'; + } elseif ($aIsActiveEmployee[2] -eq 'TERMINATED') { + $oUser = createCustomObject $aOldUsers[$i] 'Terminated'; + } else { + $oUser = createCustomObject $aOldUsers[$i] 'Active'; + }##endif + Write-ObjectToCsv -Object $oUser -CsvPath $sOutputFilePath -Delimiter "`t"; +}##endfor + +Write-Host 'Done' -ForegroundColor Green \ No newline at end of file diff --git a/ActiveDirectory/Get-Inactive-GPO-Settings.ps1 b/ActiveDirectory/Get-Inactive-GPO-Settings.ps1 new file mode 100644 index 0000000..1416893 --- /dev/null +++ b/ActiveDirectory/Get-Inactive-GPO-Settings.ps1 @@ -0,0 +1,48 @@ +################################################################################ +# +# Script Name: Get-Inactive-GPO-Settings.ps1 +# Date: 8/2/2012 +# Author: Adam Bertram +# Purpose: This script finds all GPOs in the current domain which have +# either the user or computer configuration section enabled yet have no +# settings enabled in that section. +# +################################################################################ + +if (!(Get-Module 'GroupPolicy') -or !(Get-Module 'Internal')) { + Write-Error 'One or more required modules not loaded'; + return; +}##endif + +$bRemediate = $false; + +## Create an array of default Active Directory GPOs +$aDefaultGpos = @('Default Domain Controllers Policy'); + +$aGposToRead = Get-GPOReport -ReportType XML -All; + +foreach ($sGpo in $aGposToRead) { + $xGpo = ([xml]$sGpo).GPO; + if ($aDefaultGpos -notcontains $xGpo.Name) { ## Do not report on default AD GPOs. We don't want to change these + $o = New-Object System.Object; + $o | Add-Member -type NoteProperty -Name 'GPO' -Value $xGpo.Name; + if ($xGpo.User.Enabled -eq 'true' -and !(Test-Member $xGpo.User ExtensionData)) { + $o | Add-Member -type NoteProperty -Name 'UnpopulatedLink' -Value 'User'; + if ($bRemediate) { + (Get-GPO $xGpo.Name).GPOStatus = 'UserSettingsDisabled'; + echo "Disabled user settings on GPO $($xGpo.Name)"; + } else { + $o + }##endif + }##endif + if ($xGpo.Computer.Enabled -eq 'true' -and !(Test-Member $xGpo.Computer ExtensionData)) { + $o | Add-Member -type NoteProperty -Name 'UnpopulatedLink' -Value 'Computer' -Force; + if ($bRemediate) { + (Get-GPO $xGpo.Name).GPOStatus = 'ComputerSettingsDisabled'; + echo "Disabled computer settings on GPO $($xGpo.Name)"; + } else { + $o + }##endif + }##endif + }##endif +}##endforeach diff --git a/ActiveDirectory/Get-Inactive-GPOs.ps1 b/ActiveDirectory/Get-Inactive-GPOs.ps1 new file mode 100644 index 0000000..eb475d4 --- /dev/null +++ b/ActiveDirectory/Get-Inactive-GPOs.ps1 @@ -0,0 +1,24 @@ +$aOutput = @(); +$aDisabledGpos = Get-GPO -All | Where-Object { $_.GpoStatus -eq 'AllSettingsDisabled' }; +foreach ($oGpo in $aDisabledGpos) { + $oOutput = New-Object System.Object; + $oOutput | Add-Member -type NoteProperty -Name 'Status' -Value 'Disabled'; + $oOutput | Add-Member -type NoteProperty -Name 'Name' -Value $oGpo.DisplayName; + $aOutput += $oOutput; +}##endforeach + + +$aAllGpos = Get-Gpo -All; +$aUnlinkedGpos = @(); +foreach ($oGpo in $aAllGpos) { + [xml]$oGpoReport = Get-GPOReport -Guid $oGpo.ID -ReportType xml; + if (!(Test-Member $oGpoReport.GPO LinksTo)) { + $oOutput = New-Object System.Object; + $oOutput | Add-Member -type NoteProperty -Name 'Status' -Value 'Unlinked'; + $oOutput | Add-Member -type NoteProperty -Name 'Name' -Value $oGpo.DisplayName; + $aOutput += $oOutput; + }##endif +}##endforeach +$aOutput.Count + +$aOutput | Sort-Object Name | Format-Table -AutoSize \ No newline at end of file diff --git a/ActiveDirectory/Get-Old-Computer-Accounts.ps1 b/ActiveDirectory/Get-Old-Computer-Accounts.ps1 new file mode 100644 index 0000000..7bd947a --- /dev/null +++ b/ActiveDirectory/Get-Old-Computer-Accounts.ps1 @@ -0,0 +1,51 @@ +function findOldADComputers () { + $aOldComputers = @(); + $aAllAdComputers = Get-ADComputer -Filter * -Properties LastLogonDate,PasswordLastSet | Where { $_.Enabled -eq $true }; + foreach ($oAdComputer in $aAllAdComputers) { + if ($oAdComputer.lastLogonDate -ne $null) { + if ($oAdComputer.lastLogonDate -lt [DateTime]::Now.Subtract([TimeSpan]::FromDays(60))) { + if ($oAdComputer.PasswordLastSet -lt [DateTime]::Now.Subtract([TimeSpan]::FromDays(60))) { + $aOldComputers += $oAdComputer.Name; + }##endif + }##endif + }##endif + }##endforeach + return $aOldComputers; +}##endfunction + +$sOldPcFilePath = 'C:\Users\abertram\desktop\projects\ad_cleanup\Get-Old-Ad-Accounts-Files\old_computer_accounts.txt'; +$sOnlinePcFilePath = 'C:\Users\abertram\desktop\projects\ad_cleanup\Get-Old-Ad-Accounts-Files\online_pcs.txt'; + +if (Test-Path $sOnlinePcFilePath) { + $aPastOnlinePcs = Get-Content $sOnlinePcFilePath; +} else { + $aPastOnlinePcs = @(); +}##endif + +if (Test-Path $sOldPcFilePath) { + Remove-Item $sOldPcFilePath -Force +}##endif + +$aCurrentOldPcs = findOldAdComputers; + +$aDnsQueryResults = Get-DnsARecord $aCurrentOldPcs; +foreach ($i in $aDnsQueryResults) { + $sPc = $i[0]; + $bResult = $i[1]; + if ($bResult) { ## The PC has a DNS record + if (!(Test-Ping $sPc)) { ## The PC is offline + if ($aPastOnlinePcs -notcontains $sPc) { ## The PC has never been shown to be online + Write-Debug "$sPc has a DNS record but is offline"; + Add-Content $sOldPcFilePath $sPc; + }##endif + } else { + Write-Debug "$sPc has a DNS record and is online"; + if ($aPastOnlinePcs -notcontains $sPc) { + Add-Content $sOnlinePcFilePath $sPc; + }##endif + }##endif + } else { + Write-Debug "$sPc has no DNS record" + Add-Content $sOldPcFilePath $sPc; + }##endif +}##endforeach \ No newline at end of file diff --git a/ActiveDirectory/GetAdUsersWithPasswordLastSetOlderThan.ps1 b/ActiveDirectory/GetAdUsersWithPasswordLastSetOlderThan.ps1 new file mode 100644 index 0000000..ecae7c4 --- /dev/null +++ b/ActiveDirectory/GetAdUsersWithPasswordLastSetOlderThan.ps1 @@ -0,0 +1,13 @@ +## Union (Get-ADUser -filter {enabled -eq $true} -Properties employeenumber,passwordlastset | ? {$_.Employeenumber -and ($_.PasswordLastSet -gt [DateTime]::Now.Subtract([TimeSpan]::FromDays(180)))}).Count +## UAP (Get-ADUser -filter {enabled -eq $true} -Properties employeenumber,passwordlastset | ? {$_.Employeenumber -and ($_.DistinguishedName -like '*AP&S*') -and ($_.PasswordLastSet -gt [DateTime]::Now.Subtract([TimeSpan]::FromDays(180)))}).Count + +$MaxAge = 180 + +$rules = @( + { $_.PasswordLastSet -lt [DateTime]::Now.Subtract([TimeSpan]::FromDays($MaxAge)) }, + { $_.LastLogonDate -lt [DateTime]::Now.Subtract([TimeSpan]::FromDays($MaxAge)) }, + { $_.Enabled -eq $false }, + { $_.PasswordExpired -eq $true } +) + +Get-AdUser -Filter * -Properties PasswordLastSet,LastLogonDate \ No newline at end of file diff --git a/ActiveDirectory/GetPasswordResetCountXDaysOld.ps1 b/ActiveDirectory/GetPasswordResetCountXDaysOld.ps1 new file mode 100644 index 0000000..64d5487 --- /dev/null +++ b/ActiveDirectory/GetPasswordResetCountXDaysOld.ps1 @@ -0,0 +1,3 @@ +param($days_old) + +(get-aduser -filter {enabled -eq $true} -Properties passwordlastset,employeenumber,whencreated | ? {($_.passwordlastset -gt (Get-Date).AddDays(-$days_old)) -and ($_.employeenumber) -and ($_.whenCreated -lt (Get-Date).AddDays(-$days_old))}).Count \ No newline at end of file diff --git a/ActiveDirectory/Remove-Disabled-Ad-Computers.ps1 b/ActiveDirectory/Remove-Disabled-Ad-Computers.ps1 new file mode 100644 index 0000000..20b1173 --- /dev/null +++ b/ActiveDirectory/Remove-Disabled-Ad-Computers.ps1 @@ -0,0 +1,4 @@ +$aDisabledAdComputers = Get-ADComputer -Filter * | Where-Object { $_.Enabled -eq $false }; +foreach ($oAccount in $aDisabledAdComputers) { + Remove-ADObject -Identity $oAccount -Confirm:$false -Recursive; +}##endforeach \ No newline at end of file diff --git a/ActiveDirectory/TestSiteReplicationMod.ps1 b/ActiveDirectory/TestSiteReplicationMod.ps1 new file mode 100644 index 0000000..36e39fa --- /dev/null +++ b/ActiveDirectory/TestSiteReplicationMod.ps1 @@ -0,0 +1,39 @@ +echo "Starting UAP --> POB replication test..." +echo "-----------" +#Set-AdUser abertram -Server UAPDC01 -Description "Keller Schroeder Vendor - Set on UAPDC01" +Set-ADAccountPassword abertramtest -NewPassword (ConvertTo-SecureString 'p@$$w0rd14' -AsPlainText -Force) -Reset -Server UAPDC01 +$passwordlastset = (Get-Aduser abertramtest -Properties passwordlastset -Server UAPDC01).passwordlastset +Write-Host "Waiting for replication from UAPDC01 to DC01..." -ForegroundColor Yellow +$i = 0 +do { + $i++ + sleep 1 +#} while ((Get-AdUser abertram -Properties description -Server DC01).description -ne "Keller Schroeder Vendor - Set on UAPDC01") +} while ((Get-Aduser abertramtest -Properties passwordlastset -Server DC01).passwordlastset -ne $passwordlastset) + +Write-Host "Replication from DC01 from UAPDC01 successful. Replication time: $i seconds ($($i / 60) minutes)" -ForegroundColor Green + + +echo "Starting POB --> UAP replication test..." +echo "-----------" +#Set-AdUser abertram -Server DC01 -Description "Keller Schroeder Vendor - Set on DC01" +Write-Host "Waiting for replication from DC01 to UAPDC01..." -ForegroundColor Yellow +Set-ADAccountPassword abertramtest -NewPassword (ConvertTo-SecureString 'p@$$w0rd15' -AsPlainText -Force) -Reset -Server DC01 +$passwordlastset = (Get-Aduser abertramtest -Properties passwordlastset -Server DC01).passwordlastset +$i = 0 +do { + $i++ + sleep 1 +#} while ((Get-AdUser abertram -Properties description -Server UAPDC01).description -ne "Keller Schroeder Vendor - Set on DC01") +} while ((Get-Aduser abertramtest -Properties passwordlastset -Server UAPDC01).passwordlastset -ne $passwordlastset) + +Write-Host "Replication from UAPDC01 from DC01 successful. Replication time: $i seconds ($($i / 60) minutes)" -ForegroundColor Green + + +Set-AdUser abertram -Server DC01 -Description "Keller Schroeder Vendor" + +echo '-----------' +echo 'Checking last replication status between UHHG and UHC sites...' +echo "-----------" +Get-ADReplicationLink -SiteName uhhg | ? { $_.sourceserver -eq 'DC1' } | select sourceserver,destinationserver,LastSuccessfulsync,lastsyncmessage +Get-ADReplicationLink -SiteName UAPMain | ? { $_.sourceserver -eq 'DC02' } | select sourceserver,destinationserver,LastSuccessfulsync,lastsyncmessage diff --git a/DNS/Convert-DynamicDnsRecordToStatic.ps1 b/DNS/Convert-DynamicDnsRecordToStatic.ps1 index a2f8dbb..f8c7d56 100644 --- a/DNS/Convert-DynamicDnsRecordToStatic.ps1 +++ b/DNS/Convert-DynamicDnsRecordToStatic.ps1 @@ -46,9 +46,9 @@ begin { process { try { - Get-DnsServerResourceRecord -ComputerName dc01 -ZoneName hosp.uhhg.org | where { ($_.HostName -match '^U.*XA65') -and ($_.Hostname -notmatch 'VM') -and ($_.Hostname -notmatch '.hosp.uhhg.org$') } | select @{ n = 'Hostname'; e = { $_.Hostname } }, @{n = 'IpAddres s'; e = { $_.RecordData.IPv4Address.IPAddressToString } } - $CitrixRecords | select -Skip 1 | % { try { Add-DnsServerResourceRecord -ZoneName hosp.uhhg.org -ComputerName dc01 -IPv4Address $_.IpAddress -Name $_.Hostname -A } catch { } } - $CitrixRecords | % { Get-DnsServerResourceRecord -ComputerName dc01 -Name $_.Hostname -RRType A -ZoneName hosp.uhhg.org } + Get-DnsServerResourceRecord -ComputerName dc01 -ZoneName domain.com | where { ($_.HostName -match '^U.*XA65') -and ($_.Hostname -notmatch 'VM') -and ($_.Hostname -notmatch '.domain.com$') } | select @{ n = 'Hostname'; e = { $_.Hostname } }, @{n = 'IpAddres s'; e = { $_.RecordData.IPv4Address.IPAddressToString } } + $CitrixRecords | select -Skip 1 | % { try { Add-DnsServerResourceRecord -ZoneName domain.com -ComputerName dc01 -IPv4Address $_.IpAddress -Name $_.Hostname -A } catch { } } + $CitrixRecords | % { Get-DnsServerResourceRecord -ComputerName dc01 -Name $_.Hostname -RRType A -ZoneName domain.com } } catch { Write-Error $_.Exception.Message diff --git a/DNS/Get-RecordsToBeScavenged.ps1 b/DNS/Get-RecordsToBeScavenged.ps1 index 61299b0..9081bba 100644 --- a/DNS/Get-RecordsToBeScavenged.ps1 +++ b/DNS/Get-RecordsToBeScavenged.ps1 @@ -162,10 +162,10 @@ process { } else { Write-Verbose "Emailing the list of $($EmailRecords.Count) stale records to $EmailAddress" $Params = @{ - 'From' = 'Union Hospital '; + 'From' = 'Union Hospital '; 'To' = $EmailAddress; 'Subject' = 'UNH DNS Records To be Scavenged'; - 'SmtpServer' = 'smtp.uhhg.org' + 'SmtpServer' = 'smtp.domain.com' 'Body' = $EmailRecords | Out-String } diff --git a/Local Account Management/Add-UserToLocalGroup.ps1 b/Local Account Management/Add-UserToLocalGroup.ps1 new file mode 100644 index 0000000..a69d77b --- /dev/null +++ b/Local Account Management/Add-UserToLocalGroup.ps1 @@ -0,0 +1,3 @@ +param ([string]$Computername,[string]$GroupName,[string]$Username) +$group = [ADSI]"WinNT://$Computername/$GroupName,group" +$group.Add("WinNT://$Computername/$Username,user") \ No newline at end of file diff --git a/Networking/Send-WolProxyRequest.ps1 b/Networking/Send-WolProxyRequest.ps1 index 36ac85d..b9c4d1c 100644 --- a/Networking/Send-WolProxyRequest.ps1 +++ b/Networking/Send-WolProxyRequest.ps1 @@ -60,7 +60,7 @@ param ( ValueFromPipeline = $False, ValueFromPipelineByPropertyName = $False)] [ValidateScript({ Test-Path $_ })] - [string]$WolCmdFilePath = '\\hosp.uhhg.org\netlogon\wolcmd.exe', + [string]$WolCmdFilePath = 'wolcmd.exe', [Parameter(Mandatory = $False, ValueFromPipeline = $False, ValueFromPipelineByPropertyName = $False)] diff --git a/SCCM/New-CMMyApplication.ps1 b/SCCM/New-CMMyApplication.ps1 index 9fec1d5..3f93533 100644 --- a/SCCM/New-CMMyApplication.ps1 +++ b/SCCM/New-CMMyApplication.ps1 @@ -37,7 +37,7 @@ param ( [string]$InstallationProgram, [Parameter()] [ValidateScript({ Test-Path -Path $_ -PathType Container })] - [string]$RootPackageFolderPath = '\\hosp.uhhg.org\dfs\softwarelibrary\software_packages', + [string]$RootPackageFolderPath = '\\server\dfs\softwarelibrary\software_packages', [Parameter()] [ValidateScript({ Test-Path -Path $_ -PathType 'Leaf' })] [string]$IconLocationFilePath, @@ -56,7 +56,7 @@ param ( [Parameter()] [string]$SiteCode = 'UHP', [Parameter()] - [string]$InstallScriptTemplateFilePath = '\\hosp.uhhg.org\dfs\softwarelibrary\software_packages\_Template_Files\install.ps1' + [string]$InstallScriptTemplateFilePath = '\\server\dfs\softwarelibrary\software_packages\_Template_Files\install.ps1' ) diff --git a/SCCM/Start-PostConfigmgrBackupTasks.ps1 b/SCCM/Start-PostConfigmgrBackupTasks.ps1 index e419300..4008885 100644 --- a/SCCM/Start-PostConfigmgrBackupTasks.ps1 +++ b/SCCM/Start-PostConfigmgrBackupTasks.ps1 @@ -259,11 +259,11 @@ end { Write-Log 'Emailing results of backup...' ## Email me the results of the backup and post-backup tasks $Params = @{ - 'From' = 'UNH ConfigMgr Backup '; - 'To' = 'Adam Bertram '; - 'Subject' = 'UNH ConfigMgr Backup'; + 'From' = 'ConfigMgr Backup '; + 'To' = 'Adam Bertram '; + 'Subject' = 'ConfigMgr Backup'; 'Attachment' = $script:LogFilePath; - 'SmtpServer' = 'smtp.uhhg.org' + 'SmtpServer' = 'smtp.domain.com' } Send-MailMessage @Params -Body 'ConfigMgr Backup Email'