by David | Dec 6, 2020 | PowerShell
Need 1000 or unique user photos for your lab? There is a great website for just such a thing. https://thispersondoesnotexist.com/image. Let’s break down some code to see how we can pull a few hundred pictures.
The first thing we need to know is how many we want. We are going to get 1000 faces for this example. Next, we need a safe location. Finally, we need an sleep time for the site to regenerate an image. Lets get started.
$StartCount..$FinishCount
the two . in this code allows you to loop through two values. Next we need to pipe this command into a foreach object loop.
$StartCount..$FinishCount | foreach-object {}
Inside the for each loop we start the real work. We are going to use the Invoke-WebRequest. Our URI is the site “https://thispersondoesnotexist.com/image” We will select where we want to save the file using the -outfile location. We are going to save it in the save location we choose earlier. We will put the name as the number you are currently using. Finally we will add a -disablekeepalive flag to stop the system from keeping the connection alive. We do this out of respect for the site.
Invoke-WebRequest -Uri $URL -OutFile "$SaveFolder\$_.jpg" -DisableKeepAlive
Next we need to do a sleep cycle. We do this because if we do a request after another request, we will get the same image. 7 Seconds seems to be the magic number. We do this with Start-Sleep -Seconds 7.
That’s it, It’s a simple process. The Invoke-WebRequest will get the needed image and save it to your computer. The site will generate a new picture each time you reach out.
The Scripts
Here is the script below.
function Get-Faces {
param (
[int]$StartCount = 1,
[int]$FinishCount = 1000,
[int]$SecondsToSleep = 7,
[string]$SaveFolder = "C:\Dpb\100000 Faces"
)
$URL = 'https://thispersondoesnotexist.com/image'
$StartCount..$FinishCount | foreach-object {
Invoke-WebRequest -Uri $URL -OutFile "$SaveFolder\$_.jpg" -DisableKeepAlive
Start-Sleep -Seconds $SecondsToSleep
}
}
Have fun with this little guy, just remember to be respectful of the sites you are pulling information from.
by David | Nov 22, 2020 | Help Desk, Information Technology, PowerShell
Do you have an admin account that needs to be hidden? Setting up this account among 2000 machines at different sites and different clients? Sounds like a nightmare right? Well, you can easily hide a user’s account from the login. This is done through the registry.
HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList
Inside here, we create a Dword with the username that we want to hide from the start menu and set it to 0 to hide the user and 1 to make it visible. So the code is a single liner. We create the Userlist, if it doesn’t exist, and make the new item property.
This code will make the user visable.
New-Item 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList' -Force | New-ItemProperty -Name $Param1 -Value 1 -PropertyType DWord -Force
This code will make the user hidden.
New-Item 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList' -Force | New-ItemProperty -Name $Param1 -Value 0 -PropertyType DWord -Force
Make sure to replace the Param1 with the username accordingly. After that you will need to reboot and should be good to go.
by David | Nov 22, 2020 | Help Desk, Information Technology, PowerShell
I hate it when I start up my PC and my number lock is turned off. Did you know you can set this to be automatic. Yep that’s right, automatic. Start up powershell as administrator and run the single line of code below. Then you should be set to go.
Set-Itemproperty -Path 'HKU:\.DEFAULT\Control Panel\Keyboard\' -Name 'InitialKeyboardIndicators' -Value '2'
Use wisely fellow admins.
by David | Nov 20, 2020 | Group Policy, Information Technology
No, we are not using group policy to put your skull and crossbones tattoo on people. Tattooing is in reference to policies that make changes to the registry that are not removed after the policy is removed. These changes are Permanent and require the admin to manually remove them. I have seen Tattooing become a problem after windows upgrade/update. Polices that effect anything outside 4 registry zones, will tattoo.
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies
- HKEY_CURRENT_USER\SOFTWARE\Policies
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies
Thankfully, most out-of-box Microsoft windows policies fall under these four registry keys. Microsoft has also made almost everything they need to be inside these registry keys as well. For example, all the explorer policies live under:
HKCU\Software\Micorosoft\Windows\CurrrentVersion\Policies\Explorer
Thus whenever you remove a policy setting for the Explorer, when the computer pulls down the new policy settings, it will detect the change and remove the explorer policies that were in place.
What kind of policies will tattoo then if everything is set to write to the correct registry locations? Well, custom software will do this. Back in the day, Adobe Reader’s ADM would write to HKLM\Softwares\Adobe. Thankfully it now writes to the policies hive. Chrome will also do this and sometimes needs to be manually removed.
Other Types of Tattooing
Anything that changes the system as a whole. For example, Folder Redirection policies can leave people’s folders on other servers and such. Roaming profiles also provide issues as the files live on another server. My favorite problem child is printers. The printer is installed and will need to be removed with the GPO or you will tattoo. Another good one is direct registry edits with group policy. Icons are another example of another tattooing. WDS application pushouts as well will tattoo the system with software.
Final Words
CYA! Always test a GPO before sending it out. Add it and then remove it. Research the GPO, and plan everything out. GPO is easy to do, almost a no brainer. Anyone can go to youtube and figure out how to do it. The truth behind GPO is why you should do it, and can it be undone. I have personally tattooed icons and printers in my past. So, always and I mean always, plan it out, test, undo, test again, and then deploy.
by David | Nov 20, 2020 | Help Desk, Information Technology
A friend’s company turned on 2fa for their office 365. When people logged into office.com they were prompted to 2-factor authenticate with the system. Some choose to call in, some choose text, and others choose the app. It was doing good, but outlook gave them troubles. It turns out that office 2013 and office 2016 installs struggle with 2fa. However, there is salvation! A registry edit.
for office 2013:
HKCU\SOFTWARE\Microsoft\Office\15.0\Common\Identity\EnableADAL
for Office 2016
HKCU\SOFTWARE\Microsoft\Office\16.0\Common\Identity\EnableADAL
Set this to a REG_DWORD of 1.
For more information, you can read all about it from the Microsoft documentation page:
https://docs.microsoft.com/en-us/microsoft-365/enterprise/modern-auth-for-office-2013-and-2016?view=o365-worldwide
