by David | Apr 28, 2023 | Information Technology, PowerShell
Windows 10 and 11 have a unique feature called telemetry. This feature allows Microsoft to track your device. For security reasons, it’s best to disable this, however, for a home level, this feature is useful. So, let’s Set Telemetry with Powershell.
Registry Keys and Services
There are 4 registry keys that can do this.
- HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection\AllowTelemetry
- HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection\AllowDeviceNameInTelemetry
- HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection\AllowTelemetry
- HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\DataCollection\AllowTelemetry
Along with the registry keys you will need to work with a service called “Diagtrack“. This service while active, can track your computer. To disable telemetry, we must disable diagtrack from the startup and we can do that with Powershell.
Disable Telemetry
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection" -Name "AllowTelemetry" -Type DWord -Value 0
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection" -Name "AllowDeviceNameInTelemetry" -Type DWord -Value 0
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection" -Name "AllowTelemetry" -Type DWord -Value 0
Set-ItemProperty -Path "HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\DataCollection" -Name "AllowTelemetry" -Type DWord -Value 0
Get-Service -Name "DiagTrack" | Stop-Service -NoWait -Force
Get-Service -Name "DiagTrack" | set-service -StartupType Disabled
Here we are adding different values. We are setting our 4 registry keys to 0. Then we stop the diagtrack server. Then we set the startup to disabled, This way the service can’t be restarted.
Doing this ensures that the service doesn’t come back to life and if it does, it has no idea what to do.
Enable Telemetry
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection" -Name "AllowTelemetry"
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection" -Name "AllowDeviceNameInTelemetry"
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection" -Name "AllowTelemetry"
Remove-ItemProperty -Path "HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\DataCollection" -Name "AllowTelemetry"
Get-Service -Name "DiagTrack" | set-service -StartupType Manual
Get-Service -Name "DiagTrack" | start-service
To enable telemetry, we are simply doing the opposite. We remove the registry keys. Then we enable the services. Finally, we start the service.
There you have it, We have Set telemetry with Powershell
Additional Reading
by David | Apr 21, 2023 | Information Technology
PowerShell is a versatile scripting language that can help automate various tasks for system administrators and developers. One of its key features is the ability to validate script parameters, which can help ensure that the user inputs the correct data. In this blog post, we will explore PowerShell’s Validate Script parameter set and provide examples of how it can be used to test if a webpage is active.
Validate Script is a parameter attribute in PowerShell that allows you to validate the data input by the user before the script executes. This parameter set can be used to define a script block that will be used to test if the input value is valid. The script block should return a boolean value, indicating whether the input is valid or not. If the script block returns false, the user will receive an error message.
To use Validate Script, you need to include it in the parameter block of your PowerShell script. For example:
Param(
[ValidateScript({Test-Path $_})]
[string]$Path
)
In this example, the ValidateScript parameter is used to validate the Path parameter. The Test-Path cmdlet is used to test if the input path exists. If the path exists, the script block will return true, and the script will continue executing. Otherwise, the user will receive an error message.
Now, let’s see how ValidateScript can be used to test if a webpage is active. For this, we can use the Test-NetConnection cmdlet to test if the webpage is reachable. Here’s an example:
Param(
[ValidateScript({Test-NetConnection $_})]
[string]$Webpage
)
Write-Host "Webpage $Webpage is active."
In this example, the ValidateScript parameter is used to validate the Webpage parameter. The Test-NetConnection cmdlet is used to test if the input webpage is reachable. If the webpage is reachable, the script block will return true, and the Write-Host cmdlet will output a message indicating that the webpage is active.
In conclusion, PowerShell’s ValidateScript parameter set is a powerful feature that can help ensure that the user inputs the correct data. By defining a script block to test the input value, you can ensure that the script will only execute if the input is valid. By using PowerShell cmdlets like Test-Path and Test-NetConnection, you can create custom validation rules to suit your needs. Use this feature wisely and make your scripts more robust and reliable.
Truth
This blog post was created with Chat GPT, what do you think? I don’t like doing 100% auto-generated content like chat gpt. Instead, what I would prefer to do is take the information and work it out. Bring something better and easier to understand. The Chat GPT doesn’t produce SEO good items as well. It produces Passive Voice and requires adjustment. I will not be using Chat GPT to auto-generate blogs like this. If I do need to use the tool, I will always work it and make it much better for you all.
by David | Apr 14, 2023 | Exchange, Information Technology, PowerShell
At one of my previous Jobs, I had to write a script to help me understand rules. Well, I pulled that script out of the vault to do the same thing recently. The following script will allow you to select one user or multiple users to grab their rules. Or you can just forget the flag and get all of the users at once. The idea of the script is to get basic information from the rule, not all the information as it’s not all useful. So let’s look at the script then we will do a breakdown. Here comes Exchange Mailbox Rules through PowerShell.
The script
function Get-MailboxInboxRules {
[cmdletbinding()]
param (
[string[]]$UserPrincipalName,
[switch]$StayConnected
)
begin {
#Begining tests if the module is installed, loaded, and connected. Correcting each one at each level.
#Installs required modules
Write-Verbose "Installing required modules"
if (!(Get-InstallEdModule ExchangeOnlineManagement)) {
try {
Install-Module ExchangeOnlineManagement
}catch {
Write-Error $_
exit
}
}
Write-Verbose "Checking and importing required modules"
# Starts importanting required modules
if (!(Get-Command Connect-ExchangeOnline)) {
try {
Import-Module ExchangeOnlineManagement
} catch {
Write-Error $_
exit
}
}
#Tests if Exchange Online is connected, If not, we trigger a connection
if (!(Get-PSSession | Where-Object { $_.Name -match 'ExchangeOnline' -and $_.Availability -eq 'Available' })) {
try {
Connect-ExchangeOnline}
catch {
Write-Error $_
exit
}
}
if (!(Get-PSSession | Where-Object { $_.Name -match 'ExchangeOnline' -and $_.Availability -eq 'Available' })) {
Write-Error "Connection failed"
exit
}
}
Process {
$mailboxes = @()
if (!($PSBoundParameters.ContainsKey("UserPrincipalName"))) {
$Mailboxes = Get-mailbox
}
else {
foreach ($Username in $UserPrincipalName) {
try {
$Mailboxes += get-mailbox $username -ErrorAction SilentlyContinue
}
catch {
Write-Warning "$username has no mailbox"
}
}
}
#It has been proven to speed up the script if we drop the output into a return value
$RulesReturn = Foreach ($Mail in $Mailboxes) {
Write-Verbose "Scanning: $($Mail.UserPrincipalName)"
#We are now trying to catch the rule in question.
#if the mailbox has no rules, which will be presented as an error, then we null out the rules.
try {
$Rules = Get-InboxRule -Mailbox $Mail.Userprincipalname
}
catch {
$Rules = $null
}
#Now that the rules either have value or null, we can test.
if ($null -ne $Rules) {
#Write-Host "$($mail.userprincipalname)"
#Now we know we have rules, it's time to start working with those rules
foreach ($Rule in $Rules) {
#From my testing I discover that some rules will be null but the rule itself isn't null.
#Thus we need to test if this is the case.
if ($null -ne $rule) {
#Now we have confirmed the rule is not empty, we need to test the form
#This is because some rules are based on subjects and such and not from people.
if ($null -ne $rule.from) {
#since form is not empty we split the string and we get the from information.
$froms = $Rule.from.split('[')[0]
}
else {
#if it is, we just blank string the value.
$froms = ""
}
#Next we want the description to be on a single line. this way we can export to a csv.
if ($null -ne $rule.description) {
#This is programmed for the standard 5.1 powershell. Join-String was introduced in 6.2
#to combat this, we create a null return
#Then we split the description rule.
#Then we for each that list and push it back into the return.
$dereturn = $Null
$rule.description.split("`n") | foreach-object { $dereturn = "$dereturn $($_.trim())" }
$description = $dereturn.trim()
}
else {
$description = ""
}
#Next we create our ps object with items we need for basic level audits.
[pscustomobject]@{
Username = $Mail.Userprincipalname
Identity = $Rule.Identity
Enabled = $Rule.Enabled
Name = $Rule.Name
from = $froms
Description = $description
}
}
}
}
}
}
end {
#At the end we return
$RulesReturn
#Then we disconnect if the user didn't say stay connected.
if (!($StayConnected)) { Disconnect-ExchangeOnline -Confirm:$false }
}
}
The Breakdown
Before we begin, I want to point out, at this point, there is no graph API calls for exchange. Not yet, its promised, but as of right now, it’s not reality yet. Security is a big thing to think about with scripts like these. MFA is a big piece of security. We always want some mfa going. This is why you will not see credentials in the parameters.
Parameters
Our parameters are simple. We have a list of strings of user principal names and we have a switch to determine if we need to stay connected. If we leave the user principal name blank, then we are targeting every mailbox. It may take some time. The stay connected is designed to keep exchange connected. This way once you have the exchange mailbox rules, you can run other commands. You can also leave this blank, if you do, it disconnects from exchange. Good security thinking here.
param (
[string[]]$UserPrincipalName,
[switch]$StayConnected
)
Begin
Next is our begin. We are doing some house keeping here. First, We need to know if the exchange online management is installed. if it’s not, we then install it. Next, test if the exchange online management is imported. if not, we import the module. Finally we test if we have an exchange online connection, if not, we use connect-exchange. We use the connect-exchangeonline because it will do the MFA for us. Which is nice.
To test if the module is installed, we use the Get-InstalledModule. This command searches your modules and lets you know if it is installed. Older Powershells do not know this command. If the powershell is not elevated, then this code will error out and exits with the exit code.
Write-Verbose "Installing required modules"
if (!(Get-InstallEdModule ExchangeOnlineManagement)) {
try {
Install-Module ExchangeOnlineManagement
}catch {
Write-Error $_
exit
}
}
If we haven’t exited out yet, we then see if the module is loaded by using the get-command command. We are looking for the command Connect-ExchangeOnline. If the command exists, we will continue on, if not, we will use the import-module command and import the exchangeonlinemanagement module. Of course, if we run into an error, we exit with the error.
Write-Verbose "Checking and importing required modules"
# Starts importanting required modules
if (!(Get-Command Connect-ExchangeOnline)) {
try {
Import-Module ExchangeOnlineManagement
} catch {
Write-Error $_
exit
}
}
Finally, we are going to pull all the PowerShell Sessions currently on this computer. This is where we will gain the ability to pull Exchange Mailbox Rules. The first command is get-pssession. We search the output for a session with the name of ExchangeOnline that is available. If we don’t find one, we connect to exchange using the connect-exchangeonline. Next, if connection errors out, we present the error and disconnect. Now, if the connection is successful, we test once more for a connection. If it’s just not there, we give up and say bye.
#Tests if Exchange Online is connected, If not, we trigger a connection
if (!(Get-PSSession | Where-Object { $_.Name -match 'ExchangeOnline' -and $_.Availability -eq 'Available' })) {
try {
Connect-ExchangeOnline}
catch {
Write-Error $_
exit
}
}
if (!(Get-PSSession | Where-Object { $_.Name -match 'ExchangeOnline' -and $_.Availability -eq 'Available' })) {
Write-Error "Connection failed"
exit
}
Process – Exchange Mailbox Rules
Check Mailboxes
Now we are connected to exchange online, it’s time to start grabbing the needed information. Before we start, we need to establish an array for possible mailboxes. We will call these mailboxes to make life easy.
Now, whether or not the user used the “UserPrincipalName” parameter or not, we are ready. The next step is to test if we used the parameter and grab those mailboxes. We do this by using the $PSBoundParameters variable. Searching the Contains key allows you to see what parameters are being passed to the script. in our case we will be searching for the user principal name. If there is no UPN, we just grab all the mailboxes and dump it into the $mailboxes variable we made.
Now, if we did use the upn, we will loop through the UPN and grab each mailbox accordingly. if there is an issue, we let the user know that that username was an issue. This will give us the mailbox information we need. We do this separately because it causes fewer errors. Best way to describe it is using this method is the bouncer. It bounces issues out the door before we start looking at the inbox rules.
$mailboxes = @()
if (!($PSBoundParameters.ContainsKey("UserPrincipalName"))) {
$Mailboxes = Get-mailbox
}
else {
foreach ($Username in $UserPrincipalName) {
try {
$Mailboxes += get-mailbox $username -ErrorAction SilentlyContinue
}
catch {
Write-Warning "$username has no mailbox"
}
}
}
Exchange Mailbox Rules
The next step is to grab the rules themselves. We start off by making a for each loop. The loop of course is going to drop into a variable. We do this because it has been found that dropping the output of a foreach loop into a variable is a faster method than rebuilding or appending an array.
$RulesReturn = Foreach ($Mail in $Mailboxes) {}
Now, it’s time to hang onto your hats. The rules are tricky as they error out. We see errors because the end user will create a rule, and abandon it. It has nothing to do with your code. It is purely what it is.
The first thing we need to do inside our loop is grab the rules for the mailbox. The command is Get-InboxRule. We will be placing the rules into a variable called Rules. Now here is the catch. This command will produce something. So throw it in a try catch. So if it produces an error, which happens, you can set the Rules to null.
Inbox Rules
try {
$Rules = Get-InboxRule -Mailbox $Mail.Userprincipalname
} catch {
$Rules = $null
}
Next, we test if the Rules are null, if not, we start the loop. Here is another fun part… If the rule is misconfigured, it will present as null from time to time. So we need to test for the null again per rule.
if ($null -ne $Rules) {
Write-Verbose "$($mail.userprincipalname)"
foreach ($Rule in $Rules) {
if ($null -ne $rule) {}
}
}
Parsing the data
Some rules are based on subject, some rules are based on email. It’s best that we grab useful information. Things like the description, and from are presented in string format with unique structures. However, sometimes those can be null strings and that will explode the results as well. So we have to test them. First we will test the from. if the from is not null, we want to split the from, from the bracket and select the first item. However, if the from is null, we want to give the from a blank string as a psobject doesn’t like null.
if ($null -ne $rule.from) {
$froms = $Rule.from.split('[')[0]
} else {
$froms = ""
}
After the From, we need to grab the description. However, I need this description on a single line. As most people are using PowerShell 5, Join-String is not available. Which is sad. So, I built my own join-string. To do this, first create a null return. Then split the Rules description by the enter, `n. Next we do a foreach-object loop, taking that null return value and added itself to itself with a nice trim. Finally, I dropped that information into the description. If the description was null to begin with we drop a blank string into the description variable.
if ($null -ne $rule.description) {
$dereturn = $Null
$rule.description.split("`n") | foreach-object { $dereturn = "$dereturn $($_.trim())" }
$description = $dereturn.trim()
} else {
$description = ""
}
Bringing it together
Finally, we have all the information we need. It’s time to create the PS Custom Object. Here we will be presenting the username, the ID of the rule, if the rule is enabled, the from, and the description. Since we joined the strings of the description before, this output can be exported to a csv file. Remember at the beginning of the main loop, we are placing all the output of that loop into a variable called Rules Return. Well, this is what will be going into that variable.
[pscustomobject]@{
Username = $Mail.Userprincipalname
Identity = $Rule.Identity
Enabled = $Rule.Enabled
Name = $Rule.Name
from = $froms
Description = $description
}
End
Finally, we reach the end of this script. We are doing two things at the end of this script. First, we are presenting the data. Then we are testing if we need to stay connected. We present the variable Rules Return. Then we check if Stay Connected is true. If it isn’t we disconnect from exchange with a confirmation of false. If you set the flag to stay connected when you executed the code, then this part only shows the rules. No need to disconnect. I always love having this option as exchange online is a pain with multiple MFA layers.
$RulesReturn
if (!($StayConnected)) { Disconnect-ExchangeOnline -Confirm:$false }
Continue Reading:
As always, I like to present some items at the end to encourage you to continue reading.
by David | Apr 7, 2023 | Deployments, Information Technology, PowerShell
Did you know you can wipe a computer using code? I didn’t realize this was an option until I needed to do it the other day. Well, I quickly found code to wipe a computer using PowerShell. It was pretty simple as a full Microsoft documentation page is dedicated to the wipe types. You can read about it here. The only problem I ran into was this code needs to be launched as a “System User” instead of a domain admin. This presented a problem if I wanted to use PowerShell for this task. However, psexec could launch scripts as a system user. That was my solution for running a Remote Wipe on a Computer with PowerShell.
The Script
Today we start out with a rough script. This script is designed to give you a rough idea of what I am thinking about and how I was able to do it. You can do additional items to this script like split the here-string and add options. However, most of my items have been from a clean local wipe idea.
function Invoke-RemoteWipeComputer {
param (
[parameter(Mandatory = $true)][string[]]$ComputerName
)
begin {
if (!(Test-Path -Path "$env:SystemDrive\Temp")) { New-Item -Path c:\ -Name Temp -ItemType Directory }
if (!(Test-Path -Path "$env:SystemDrive\Temp\PsExec.exe")) { Invoke-WebRequest -Uri "https://live.sysinternals.com/PsExec.exe" -OutFile "$env:SystemDrive\Temp\PsExec.exe" }
$WipeScript = @'
$session = New-CimSession
$params = New-Object Microsoft.Management.Infrastructure.CimMethodParametersCollection
$param = [Microsoft.Management.Infrastructure.CimMethodParameter]::Create("param", "", "String", "In")
$params.Add($param)
$CimSplat = @{
Namespace = "root\cimv2\mdm\dmmap"
ClassName = "MDM_RemoteWipe"
Filter = "ParentID='./Vendor/MSFT' and InstanceID='RemoteWipe'"
}
try {
$instance = Get-CimInstance @CimSplat
$session.InvokeMethod($CimSplat["Namespace"], $instance, "doWipeMethod", $params)
}
catch {
Write-Error $_
exit 1
}
'@
$WipeScript > "$env:SystemDrive\Temp\WipeScript.ps1"
}
process {
foreach ($Computer in $ComputerName) {
if (Test-Connection -ComputerName $Computer -Count 2 -Quiet) {
Copy-Item "$env:SystemDrive\Temp\WipeScript.ps1" -Destination "\\$Computer\c$\Temp\WipeScript.ps1" -Force
& "$env:SystemDrive\Temp\PsExec.exe" -s \\$Computer PowerShell -ExecutionPolicy Bypass -File "\\$Computer\c$\Temp\WipeScript.ps1"
}
}
}
end {}
}
The Breakdown
Let’s break down this script. The first item is always the parameters. In this case, we are making a list of strings with computer names. We will use these later. This script is broken up into a begin and process. Remember, begin, process, end, and final are all simple organization tools. This makes life easier because we are going to need to download the psexec command from sysinternals life site. We also need to build out the main script and have a folder to add it all in.
Begin
The first thing we need to do is test if the c:\temp exists as we are going to download everything into it. This one liner makes life much easier. We test if the path doesn’t exist, then we make it if that is true. The ! mark indicates do the opposite of what is inside the (). Inside the () we are testing for c:\temp or local system drive temp in this case. If that doesn’t exist, we create a new item with a path of the system drive. We create a new item with new item and call it temp making sure it’s a directory flag in the item type.
if (!(Test-Path -Path "$env:SystemDrive\Temp")) { New-Item -Path "$env:SystemDrive\" -Name Temp -ItemType Directory }
Next, we test if the psexec exists and download it accordingly. Once again, we are using the ! test. If the file doesn’t exist, we us invoke-webrequest to reach out to the live sysinternals site and download it to our c:\temp.
if (!(Test-Path -Path "$env:SystemDrive\Temp\PsExec.exe")) { Invoke-WebRequest -Uri "https://live.sysinternals.com/PsExec.exe" -OutFile "$env:SystemDrive\Temp\PsExec.exe" }
Now we have downloaded and made all the required folders, it’s time to write the script. In this case, we are building the script with a here-string. This way, the data is the same no matter what we do. It’s a clone each time and we know what we are getting. Let’s break down the wipe script.
The Wipe Script
As stated before, we are building out the script inside our here-string. This way, it is always the same. I prefer to know what is happening with any script I launch. So, it’s time to break it down.
We start off with a new cim session. This is a blank session, with nothing special about it.
$session = New-CimSession
Next, we need to make some new objects. We need a cim method parameters container. So we do this with a new-object command. Then we add the parameters we need inside this new parameter container. Both of these commands use the Management > infrastructure objects as parents. Finally, we add the parameters to the parameters. yeah that sounds weird, but luckily we just change a s and it makes it much easier to understand.
$params = New-Object Microsoft.Management.Infrastructure.CimMethodParametersCollection
$param = [Microsoft.Management.Infrastructure.CimMethodParameter]::Create("param", "", "String", "In")
$params.Add($param)
Now we have our parameter set for our invoke method, it’s time to create the splat. We need a remote wipe command. Viewing this documentation. We see our remote wipe is located inside the ./Device/Vendor/MSFT/RemoteWipe/. This is part of the MDM cim version 2 instance. So, our namespace will need to reflect that. We have a namespace of root\cimv2\mdm\dmmap. Our class name needs to be the MDM_Remotewipe. Finally, our filter needs to be show the vendor msft and the instanceId, the item we are after, is remoteWipe.
$CimSplat = @{
Namespace = "root\cimv2\mdm\dmmap"
ClassName = "MDM_RemoteWipe"
Filter = "ParentID='./Vendor/MSFT' and InstanceID='RemoteWipe'"
}
Now we start our try catch. Inside our try, we are call the get-ciminstance with the splat from before. This creates an instances on the computer that is talking directly to the wipe system. Now, we need to use the session we made at the beginning of this here-string. We invoke the method using invoke method. From there, we use the $cimsplat namespace, the instance of the cimsplat, the wipe method, in this case, a local wipe, and the parameters we made at the beginning. The system will trigger a wipe at this point. The catch just exits and sends the error it gets.
Now the here-string is built, we push that string into a PowerShell script on our freshly created temp folder. We use the single > to overwrite anything that is already there. This limits mistakes.
Process
Now it’s time for the process. Here we are going to copy the files and execute it with psexec. We are also going to loop through each computer during this process. The first step is to start a loop with a foreach loop.
foreach ($Computer in $ComputerName) {
# Do something
}
Up to this point, we have done everything on our computer. We have downloaded the psexec. We have created the required script. The next step starts to affect the end user’s computer. This is where the Remote comes into Remote Wipe a Computer. We are going to use the command test-connection and ping the computer twice.
if (Test-Connection -ComputerName $Computer -Count 2 -Quiet) {
#It was tested
}
If the computer is present, we attempt to copy the script over. We force the copy to overwrite anything with the same name. Finally, we use the local psexec to trigger powershell as the system. We use the -s for psexec to trigger the file that is on the remote computer that we copied. I want the output on my local screen of the psexec command. This is what we trigger it with the & instead of a start-process. Now, could you use the start process, yes, in fact, it would be quicker since you can set it as a job and put the PC name as the job, but you do lose the output information from psexec. So, if there is a problem, you wouldn’t know.
Copy-Item "$env:SystemDrive\Temp\WipeScript.ps1" -Destination "\\$Computer\c$\Temp\WipeScript.ps1" -Force
& "$env:SystemDrive\Temp\PsExec.exe" -s \\$Computer PowerShell -ExecutionPolicy Bypass -File "\\$Computer\c$\Temp\WipeScript.ps1"
At this point, the computer will take a few seconds, and the reset process would start. After that, everything you will need to do will require a hand on the machine. So have fun and use wisely. Also, the script inside the script can be ran by other products like Continuum, ninja, pdq and more.
Continue Reading
by David | Apr 4, 2023 | Blog, Mental Health
Welcome to another mental health Monday. I’m going to be talking to myself big time today. Here in South Carolina, springtime is often met with confusion and a sense of making up your mind. The older trees will stay dormant longer than the younger trees. This leaves us viewers with a unique chance to see the trees with leaves and without. We get to see a skeleton of the tree in sorts. As the tree grows, it moves in set patterns. Those patterns are amazing.
You can follow the tree from the base, up the branches, and through the smaller branches. Each break-off shows a different adaptation to the world around it and itself. The tree reaches up for the sunlight. Its figures stretch out and grow leaves to catch as much sunlight as possible. This is important because the tree lives off the sunlight and the soil it is in. Much like us. During the fall time the trees’ leaves change color to catch the remaining sunlight, then it goes dormant during the winter months. Sunlight is the positive influence in the tree’s life that helps it grow.
You as a tree
Now, think about yourself. See yourself as a tree. In what ways are you growing? Are your branches facing downwards away from the sun or are they growing upwards towards the sun? What areas of your life are you dormant? What voices are you listening to? Are you stuck in the darkness of your own mind or are you listening to uplifting voices?
When you take the sunlight away from a tree, the branches start to droop. This is the same way in our lives, when we stop focusing on the positive things and only focus on the must, our branches start drooping. Depression starts to come in, and over time, we can barely move forward. We become trapped thinking. “This is all we can do.” We say this because all we can see is the ground. We can’t see the sun. It’s not until we start looking up do we see that sun. That positive influence in our lives.
However, always looking at the positive isn’t healthy either. A younger tree will quickly sprout leaves, but then the cold snap happens and it loses those leaves. It loses all that energy. Thankfully, the older trees are there helping them along the path. See the old trees have learned something too.
It’s ok to be dormant for a while. That’s the same way in our lives. It’s ok to go with the flow for a while, especially when the sun isn’t around. We all go through that time in our lives, sadness. There is only so much energy in a single day. So instead of using it all at the first sight of light, the older trees wait until the light is consent and then start growing. At the end of the day, it still is looking up and not down. It’s still waiting for that positivity to come back, that light. This is how we should be. A hope of good times. As the tree grows, so do we.
Applying to IT
Sometimes in the IT world all we see is problems. It’s part of our jobs to see and fix problems. Most of us enjoys doing this. I know I love the puzzlingness of the human behavior. So, how do you look up when there is only problems in your face? Well, the best way I can describe this is like having a bee in your car while you are driving down the road. You can swat at the bee and put your focus on the bee, or you can drive your car. Rolling down the window makes the bee stay where it should be because of the wind. Instead of focusing on the problems in front of you that will always be there, look forward. Look past them. Look past the person yelling. They are yelling for a reason. Lets that big brain of ours see the world instead of the problems of the world.
The same can be said for a fence. A fence is in front of you, a boundary, or you can look past the fence and see the ladder waiting on the other side that you can pull through. The illusion of boundaries keeps us standing still. We stare at what we have been trained to stare at instead of whats past it. Keeping your mind on positive things will help grow you.
Final thoughts
It’s ok not to have leaves right now. It’s your winter time. There is nothing wrong with you. It’s ok to be bare right now. On the same note, it’s ok to be full of leaves. Everyone goes through seasons. Embrace that season, and keep your hope up for spring. Be patient and enjoy the world around you. Don’t let that negative voice kill you. This is what I have to remind myself daily.
Useful Links
