I hate it when I start up my PC and my number lock is turned off. Did you know you can set this to be automatic. Yep that’s right, automatic. Start up powershell as administrator and run the single line of code below. Then you should be set to go.
Set-Itemproperty -Path 'HKU:\.DEFAULT\Control Panel\Keyboard\' -Name 'InitialKeyboardIndicators' -Value '2'
Use wisely fellow admins.
No, we are not using group policy to put your skull and crossbones tattoo on people. Tattooing is in reference to policies that make changes to the registry that are not removed after the policy is removed. These changes are Permanent and require the admin to manually remove them. I have seen Tattooing become a problem after windows upgrade/update. Polices that effect anything outside 4 registry zones, will tattoo.
Thankfully, most out-of-box Microsoft windows policies fall under these four registry keys. Microsoft has also made almost everything they need to be inside these registry keys as well. For example, all the explorer policies live under:
HKCU\Software\Micorosoft\Windows\CurrrentVersion\Policies\Explorer
Thus whenever you remove a policy setting for the Explorer, when the computer pulls down the new policy settings, it will detect the change and remove the explorer policies that were in place.
What kind of policies will tattoo then if everything is set to write to the correct registry locations? Well, custom software will do this. Back in the day, Adobe Reader’s ADM would write to HKLM\Softwares\Adobe. Thankfully it now writes to the policies hive. Chrome will also do this and sometimes needs to be manually removed.
Anything that changes the system as a whole. For example, Folder Redirection policies can leave people’s folders on other servers and such. Roaming profiles also provide issues as the files live on another server. My favorite problem child is printers. The printer is installed and will need to be removed with the GPO or you will tattoo. Another good one is direct registry edits with group policy. Icons are another example of another tattooing. WDS application pushouts as well will tattoo the system with software.
CYA! Always test a GPO before sending it out. Add it and then remove it. Research the GPO, and plan everything out. GPO is easy to do, almost a no brainer. Anyone can go to youtube and figure out how to do it. The truth behind GPO is why you should do it, and can it be undone. I have personally tattooed icons and printers in my past. So, always and I mean always, plan it out, test, undo, test again, and then deploy.
A friend’s company turned on 2fa for their office 365. When people logged into office.com they were prompted to 2-factor authenticate with the system. Some choose to call in, some choose text, and others choose the app. It was doing good, but outlook gave them troubles. It turns out that office 2013 and office 2016 installs struggle with 2fa. However, there is salvation! A registry edit.
for office 2013:
HKCU\SOFTWARE\Microsoft\Office\15.0\Common\Identity\EnableADAL
for Office 2016
HKCU\SOFTWARE\Microsoft\Office\16.0\Common\Identity\EnableADAL
Set this to a REG_DWORD of 1.
For more information, you can read all about it from the Microsoft documentation page:
Ever need a service that copies a single folder to multiple locations at once? This script will do just that. It will copy a single location to more than one location and even log the outcomes accordingly. Thus, you will be able to set this one up as a task and run it every so often.
Invoke-SHDMoveFiles {
<#
.SYNOPSIS
Copy files from target source folders to a set of target folders.
.DESCRIPTION
Copys from multiple source folders to a select target folders. This allows archiving to occur.
The folders are not auto created. Thus, the folders must exists. The script also adds a log file of any error
messages you see. See notes for more details.
.PARAMETER SourceFolder
[String[]] SourceFolder is an Array of Strings of target folders to move the files from.
.PARAMETER TargetFolder
[String[]] TargetFolder is an Array of strings where the files will be copied to. This is not a one for one ratio. Thus all files will exist inside the targetfolder.
.EXAMPLE
./Invoke-SHDMoveFiles -SourceFolder 'C:\tbc\Tmp\Source Folder\','C:\tbc\tmp\Source Folder 2\' -TargetFolder 'C:\tbc\tmp\Target Folder\','C:\tbc\tmp\Target Folder 2\'
Moves all files from the source folder 1 and 2 to target folders 1 and 2.
.EXAMPLE
./Invoke-SHDMoveFiles -SourceFolder 'C:\tbc\Tmp\Source Folder\' -TargetFolder 'C:\tbc\tmp\Target Folder\','C:\tbc\tmp\Target Folder 2\'
Moves all files from the source folder 1 to target folders 1 and 2.
.EXAMPLE
./Invoke-SHDMoveFiles -SourceFolder 'C:\tbc\Tmp\Source Folder 1\','C:\tbc\Tmp\Source Folder 2\','C:\tbc\Tmp\Source Folder 3\' -TargetFolder 'C:\tbc\tmp\Target Folder\'
Moves all files from the source folder 1, 2, and 3 to the target folder
.EXAMPLE
./Invoke-SHDMoveFiles -SourceFolder 'C:\tbc\Tmp\Source Folder\','C:\tbc\tmp\Source Folder 2\' -TargetFolder 'C:\tbc\tmp\Target Folder\','C:\tbc\tmp\Target Folder 2\' -Recurse
Moves all files under Source folder 1 and 2 to target folders 1 and 2.
.EXAMPLE
./Invoke-SHDMoveFiles -SourceFolder 'C:\tbc\Tmp\Source Folder\' -TargetFolder 'C:\tbc\tmp\Target Folder\','C:\tbc\tmp\Target Folder 2\' -Recurse
Moves all files under source folder 1 to target folders 1 and 2.
.EXAMPLE
./Invoke-SHDMoveFiles -SourceFolder 'C:\tbc\Tmp\Source Folder 1\','C:\tbc\Tmp\Source Folder 2\','C:\tbc\Tmp\Source Folder 3\' -TargetFolder 'C:\tbc\tmp\Target Folder\' -Recurse
Moves all files under source folder 1, 2, and 3 to the target folder
.INPUTS
[String] Folder Paths
.OUTPUTS
No Output
.NOTES
Author: David Bolding
Date: 8/16/2020
Purpose: Moving files around and making archives
Min Powershell Version: 4
This command generates error logs located c:\tbc\SHDMoveFileLog.txt. The error logs structure is broken up in 4 sections seperated with by ;
1;$((Get-Date).tostring());Catch;$($_.Exception)
1 - The placement of the error physically inside the script.
2 - The date and time of the error
3 - What type of error
4 - Information about the error
Run this command inside a scheduled task every 5 minutes to copy files needed to required locations. Make sure the
tasks running user has full access right to the file locations provided.
.LINK
https://bolding.us
#>
[cmdletbinding()]
param (
[Parameter(HelpMessage = "Source Folder", Mandatory = $True)][string[]]$SourceFolder,
[Parameter(HelpMessage = "Target Folders", Mandatory = $True)][string[]]$TargetFolder,
[parameter(HelpMessage = "Recurse the Source Folder")][switch]$Recruse
[parameter(HelpMessage = "Log Location")][string]$Logs = "C:\tmp\SHDMoveFileLog.txt"
)
#Tests to see if local c:\tbc exists, if it doesn't, it will create the path.
if (Test-Path (Split-Path $logs)) { "" >> $logs } else { mkdir (Split-Path $logs) }
#Start with the first source
foreach ($Source in $SourceFolder) {
#Tests to see if the source path exists.
if (Test-Path -Path $Source) {
#Grabs the required files from the first source path. It only grabs files.
#Also checks if there is a recruse flag. If so, recurses accordingly.
if ($Recruse) { $files = Get-childitem -Path $Source -File -Recurse } else { $files = Get-childitem -Path $Source -File }
#Next we sort through the files in question
foreach ($File in $files) {
#Create a test bool.
$success = $false
#Starts the target folder sorting
foreach ($Target in $TargetFolder) {
#Tests to see if target folder exists. If not, logs.
if (Test-Path -Path $target) {
#Enter a try catch to copy the files
try {
#Copys a single file to target folder. Overwrites any other there without confirmation
#No Confiramtion due to the lack of human Interaction.
Copy-Item -Path $file.fullname -Destination $Target -Force -Confirm:$false
#If no error so far, sets the success bool to true
$success = $true
}
catch {
#a failure occured, thus we set the success bool to false
$success = $false
#We log the error. This is the first log that shows up in the system.
#We date it.
#We state it's a catch
#Then we give the reason the try catch gives.
"1;$((Get-Date).tostring());Catch;$($_.Exception)" >> $logs
}
}
else {
#We log the fact that we can't reach the target location
"2;$((Get-Date).tostring());CanNotFind;$Target" >> $logs
}
}
#We test the bool for success.
if ($success -eq $true) {
try {
#if successful we remove the file.
Remove-Item -Path $file.FullName -Force -Confirm:$false
}
catch {
#If we can't remove the file we log the reason why.
"3;$((Get-Date).tostring());Catch;$($_.Exception)" >> $logs
}
}
}
}
else {
#We log the fact we can't reach the source location.
"4;$((Get-Date).tostring());CanNotFind;$Source" >> $logs
}
}
}
./Invoke-SHDMoveFiles -SourceFolder 'C:\tbc\Tmp\Source Folder\' -TargetFolder 'C:\tbc\tmp\Target Folder\','C:\tbc\tmp\Target Folder 2\'
Moves all files from the source folder 1 to target folders 1 and 2. This is good for a backup of files. What I use this for is a custom software at work. It other products drop to location 1. Then it has a backup folder and the system folder. There we go, good as gold.
./Invoke-SHDMoveFiles -SourceFolder 'C:\tbc\Tmp\Source Folder 1\','C:\tbc\Tmp\Source Folder 2\','C:\tbc\Tmp\Source Folder 3\' -TargetFolder 'C:\tbc\tmp\Target Folder\' -Logs c:\tmp\Combiner.txt
Moves all files from the source folder 1, 2, and 3 to the target folder. It also logs any errors. This is useful when trying to come folders together.
This little script will allow you to check a folder location, if that folder location has x number of files, it will restart the service of your choice on a target computer. Then it will log that information and finally it will email someone this information.
function Invoke-FileServiceIntegrityCheck {
<#
.SYNOPSIS
Checks a file path for number of files. If greater, restarts a service and emails a message and logs a log.
.DESCRIPTION
Checks a file path for a set number of files that are predefined by the end user. If the file count is greater, it will restart a service. It will log the results and email a person stated by the end user.
.PARAMETER SearchPath
Target Path to scan for file count.
.PARAMETER FileCount
File count that will be used to determine the request size.
.PARAMETER ComputerName
Target Computer Name that the service lives on.
.PARAMETER ServiceName
Name of the service to restart.
.PARAMETER SendReportTo
The email address to which the email report will be sent to.
.PARAMETER EmailDomain
The domain name. For example, example.local
.PARAMETER MailServer
The mail server to send the email from.
.PARAMETER Recurse
Recurses the file search path.
.PARAMETER Credential
The Credentials, if needed for the email server.
.EXAMPLE
Invoke-FileServiceIntegrityCheck -SearchPath \\server1\share -FileCount 25 -ComputerName server2 -ServiceName intergrator -SendReportTo bob@example.com -EmailDomain example.com -Mailserver mail.example.com -Credential (Get-Credential)
Checks the folder \\server1\share to see if there is 25 or more files. If it does, it will restart the service named intergrator on server 2.
Then it will send an bob@example.com from watcheye@example.com using mail.example.com and the credentials provided.
.EXAMPLE
Invoke-FileServiceIntegrityCheck -SearchPath \\server1\share -FileCount 25 -ComputerName server2 -ServiceName intergrator -SendReportTo bob@example.com -EmailDomain example.com -Mailserver mail.example.com
Checks the folder \\server1\share to see if there is 25 or more files. If it does, it will restart the service named intergrator on server 2.
Then it will send an bob@example.com from watcheye@example.com using mail.example.com. Email will be sent from the server. If no relay is setup, the server will reject the email.
.INPUTS
[none]
.OUTPUTS
email and log
.NOTES
Author: David Bolding
Date: 10/14/2020
.LINK
https://github.com/rndadhdman/PS_Super_Helpdesk
#>
[cmdletbinding()]
param (
[parameter(HelpMessage = "Folder Search Path", Mandatory = $True)][string]$SearchPath,
[parameter(HelpMessage = "File Count", Mandatory = $True)][int]$FileCount,
[parameter(HelpMessage = "Computer That the server Lives", Mandatory = $True)][String]$ComputerName,
[parameter(HelpMessage = "Service Name", Mandatory = $True)][String]$ServiceName,
[parameter(HelpMessage = "Service Name", Mandatory = $True)][String]$SendReportTo,
[parameter(HelpMessage = "Service Name", Mandatory = $True)][String]$EmailDomain,
[parameter(HelpMessage = "Service Name", Mandatory = $True)][String]$Mailserver,
[parameter(HelpMessage = "Recurse the Search")][switch]$Recurse
[Parameter(HelpMessage = "Allows for custom Credential.")][System.Management.Automation.PSCredential]$Credential
)
#Checks Files
if ($Recurse) { $Files = Get-ChildItem "$SearchPath" -Recurse } else { $Files = Get-ChildItem "$SearchPath" }
if ($Files.Count -ge $FileCount) {
$StopTime = Get-date
Get-Service -ComputerName mtxs-lifetecapp -Name "Interlink" | Stop-Service
sleep 30
Get-Service -ComputerName mtxs-lifetecapp -Name "Interlink" | Start-Service
$StartTime = Get-date
sleep 30
if ($Recurse) { $Files2 = Get-ChildItem "$SearchPath" -Recurse } else { $Files2 = Get-ChildItem "$SearchPath" }
if (!(Test-Path c:\logs)) {mkdir c:\logs}
#Gathers Log Info
$Log = [pscustomobject]@{
ComputerName = $ComputerName
ServiceName = $ServiceName
SearchPath = $SearchPath
StopFileCount = $Files.count
ServiceStopTime = $StopTime.ToString()
ServiceStartTime = $StartTime.tostring()
StartFileCount = $Files2.count
CallingComputer = $env:COMPUTERNAME
}
$Log | Export-csv c:\temp\Invoke_FileServiceIntegrityCheck_log.csv -Append
#Builds EMail
$ErrorHtmlbody = @"
<html>
<head>
<style>
body {
Color: #252525;
font-family: Verdana,Arial;
font-size:11pt;
}
h1 {
text-align: center;
color:#C8102E;
Font-size: 34pt;
font-family: Verdana, Arial;
}
</style>
</head>
<body>
<h1>$ServiceName Restarted</h1>
<hr>
<br>
Dear Watcher,<br>
<br>
During my last check there were <b>$($Files.Count)</b> files inside <i>$SearchPath</i>. The Integrator was stopped on <b>$($StopTime.tostring())</b> and started on <b>$($StartTime.tostring())</b>. There are now <b>$($files2.count)</b> in <i>$SearchPath</i>. Please investigate on why the $ServiceName failed on $ComputerName.<br>
<br>
<br>
Thank you,<br>
<i>$ServiceName WatchEye</i><br>
<br>
<hr>
</body>
</html>
"@
if ($PSBoundParameters.ContainsKey('Credential')) {
Send-MailMessage -To $SendReportTo -From "Service Watch Eye <WatchEye@$EmailDomain>" -Subject "$ServiceName Failure" -BodyAsHtml $ErrorHtmlbody -SmtpServer $Mailserver -Credential $Credential
} else {
Send-MailMessage -To $SendReportTo -From "Service Watch Eye <WatchEye@$EmailDomain>" -Subject "$ServiceName Failure" -BodyAsHtml $ErrorHtmlbody -SmtpServer $Mailserver
}
}
}
Invoke-FileServiceIntegrityCheck -SearchPath \\server1\share -FileCount 25 -ComputerName server2 -ServiceName integrator -SendReportTo bob@example.com -EmailDomain example.com -Mailserver mail.example.com
In this example, we will search for the share on server1 if it has more than 25 files. If it does, then we will restart the integrator on server2. Finally, we will email bob@example.com with an email from watcher@example.com using the mail server mail.example.com.