Monthly Archives: December 2012

Exhostive list of Powershell resources

rambling cookie monster

Update:  This list has been moved to this page rather than a post.  I will leave the content below unaltered, but be sure to refer to the new page for the rare update!

 

I’m starting to build a list of PowerShell resources for co-workers and me.  I plan to keep this up to date and add resources on a regular basis, so you may want to check back occasionally.

Cheat sheets and quick references

Blogs and other resources

View original post 355 more words

Great compilation of Powershell resources

Brian's Power Windows Blog

Web Links:

Downloads:

Books:

  • Bruce Payette*, PowerShell in Action* (Manning Press)
  • Don Jones, Jeffrey Hicks, Windows PowerShell: TFM (Sapien Press)
  • Lee Holmes, PowerShell: The Definitive Guide (O’Reilly Press)
  • Andy Oakley, Monad (AKA PowerShell) : Introducing the MSH Command Shell and Language (O’Reilly Press)
  • Ed Wilson, Microsoft PowerShell Step by Step, (Microsoft Press)
  • Jerry Lee Ford Jr., Microsoft Windows PowerShell for the Absolute Beginner (Thomson Course Technology)

Also this toolbar has some unique value in that it has embedded links to relevant blogs, resources, and software…

View original post 3 more words

Disable IE Enhanced Security Configuration using Powershell

<#
.Synopsis
   Disables IE Enhanced Security Configuration
.DESCRIPTION
   Disables IE Enhanced Security Configuration
.EXAMPLE
   Disable-IEEnhancedSecurity 

   Disables IE ESC on local computer
.EXAMPLE
   Disable-IEEnhancedSecurity -ComputerName localhost, server1  -AdministratorOnly

   Disables IE ESC on a list of computer for Administartors only
.EXAMPLE
   Get-QADComputer | Where {$_.Os -match "server"} | Disable-IEEnhancedSecurity  -AdministratorOnly

   Disables IE ESC on servers passed in from another commandlet
#>
function Disable-IEEnhancedSecurity
{

    [CmdletBinding(SupportsShouldProcess=$true)]
    Param
    (
        # a computername o list of computernames
        [Parameter(Mandatory=$false,
                   ValueFromPipeline=$true,
                   ValueFromPipelineByPropertyName=$true,
                   Position=0)]
        [Alias("DnsHostname")]
        [string[]]$ComputerName=$env:COMPUTERNAME,
        
        # do not ping the computer first
        [Parameter(Mandatory=$false,
                   ValueFromPipeline=$false,
                   ValueFromPipelineByPropertyName=$false)]
        [switch]$DonotTestConnection,

        # disable for administrator only
        [Parameter(Mandatory=$false,
                   ValueFromPipeline=$false,
                   ValueFromPipelineByPropertyName=$false)]
        [switch]$AdministratorOnly
    )

    Begin
    {
        $OneLevelUpKey = "SOFTWARE\Microsoft\Active Setup\Installed Components"
        $AdministratorsKey = "SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}"
        $UsersKey = "SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}"
        $CommonKey = "IsInstalled"
        New-Variable -Name RegistryValue -Description "Constant" -Value 0 -Option ReadOnly

        Write-Debug "Parameter Computername: $ComputerName"
        Write-Debug "Parameter DonotTestConnection: $DonotTestConnection"

        if ($AdministratorOnly.IsPresent) {
            $ShouldProcessString = "Disabling IE Enhanced Security for Administrators only"
        } else {
            $ShouldProcessString = "Disabling IE Enhanced Security for Administrators and Users"
        }
        
    }

    Process
    {
    
        Foreach( $computer in $ComputerName) {
            if ($PSCmdlet.ShouldProcess("$($computer)", $ShouldProcessString)) {

                if ($DoNotTestConnection.IsPresent) {
                    $connectionTestResult = $true
                } else {
                    $connectionTestResult = Test-Connection -ComputerName $computer -Count 1 -Quiet
                }

                if ($connectionTestResult) {


                    $HklmHive = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey("LocalMachine",$computer)

                    $TopKey = $HklmHive.OpenSubKey($OneLevelUpKey,$true)
                    if ($TopKey.GetSubKeyNames() | where {$_ -like "{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}" -or $_ -like "{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}"}) {


                        $SubKey = $HklmHive.OpenSubKey($AdministratorsKey,$true)
                        $SubKey.SetValue($CommonKey,$RegistryValue,[Microsoft.Win32.RegistryValueKind]::DWORD)
                        $SubKey.Close()

                        if (-not $AdministratorOnly.IsPresent) {
                            $SubKey = $HklmHive.OpenSubKey($UsersKey,$true)
                            $SubKey.SetValue($CommonKey,$RegistryValue,[Microsoft.Win32.RegistryValueKind]::DWORD)
                            $SubKey.Close()
                        }

                        #Get-Process -name explorer | Stop-Process
                    } else {
                        Write-Warning "Computer $computer does not contain IE Enhanced Security, it probaly isn't a server system"
                    }
                } else {
                    Write-Warning "Computer $computer is unreachable"
                }
            } #should process
        } #for each
    }
    End
    {
    }
}


PowerTip: Easily Pause a PowerShell Script for a Process to End – Hey, Scripting Guy! Blog – Site Home – TechNet Blogs

PowerTip: Easily Pause a PowerShell Script for a Process to End – Hey, Scripting Guy! Blog – Site Home – TechNet Blogs.

Test running Powershell script in a system context

To simulate your script running using scheduled tasks under the Local System account  run Powershell ISE (or powershell console, or cmd.exe)  in a system context and debug the script.
psexec.exe -s -i powershell_ise.exe

psexec.exe -s -i powershell.exe

psexec.exe -s -i cmd.exe

 

Get AD Users but leave out InetOrgPerson

Quest:
Get-QADUser -LdapFilter “(&(objectCategory=person)(!objectClass=inetOrgPerson))” -Sizelimit ‘0’

well, the search on objectCategory=person is redundant but it took me some time to figure out the negation on LDAP filter

Get-QADUser -LdapFilter “(!(objectClass=inetOrgPerson))”

Microsoft
Get-ADUser -Filter {objectclass -ne “inetorgperson”}

some common LDAP filters:
http://social.technet.microsoft.com/wiki/contents/articles/5392.active-directory-ldap-syntax-filters.aspx

Absolute SharePoint Blog: Free SharePoint Server 2013 E-books,Models, Planning Worksheets, Design Samples and more Part 1

Absolute SharePoint Blog: Free SharePoint Server 2013 E-books,Models, Planning Worksheets, Design Samples and more Part 1.

smsagent

Tips, tricks and time-savers for the Windows and ConfigMgr administrator

To The Point

Anything about Technology and Business

Brian's Power Windows Blog

Microsoft in the Enterprise. Windows, Hyper-V, Exchange, SQL, and more!

PowerScripting Podcast

Shownotes and links for the PowerScripting Podcast, a podcast to help people learn Windows Powershell

Learn Powershell | Achieve More

What is this Powershell of which you speak?