by David | Sep 12, 2020 | Help Desk, Information Technology, PowerShell
Have you ever started in a company and there was no documentation? The disabled OU isn’t named “Disabled Users” and things are just what the heck? This powershell script will help find that disabled user OU. Believe it or not, it’s a one liner.
((Get-ADUser -filter { enabled -eq $false }).Distinguishedname -replace '^CN=.*?,', '' | Group-Object | Sort-Object -Property Count -Descending | Select-Object -First 1).name
Lets tare this bad boy apart. First we have a Get-Aduser -filter { Enabled -eq $False}. So we want all the users in the company who are disabled. From there we are selecting only the DistinguishedName. We want to remove the first part of the DistinguishedName with a replace command. The Regex is ^CN=.*?,’,” Lets break this down.
.Distinguishedname -replace '^CN=.*?,', ''
^CN= tells us we are looking for the first “CN=” inside this string. Then we ask for the wild cards up to the first , with .*?. We tell it to replace it with nothing, aka double single quotes, ”.
Now this gives us all the OUs that everyone who is disabled lives in. Next we group them together with Group-Object. Group-object is going to give us a clean count of each OU and how many unique items there are for each OU.
| Sort-Object -Property Count -Descending
Next we want to organize everything with a Sort-Object. We select the count property and put it in descending order. This way we can select the first one in the final piece of the puzzle.
| Select-Object -First 1).name
Now we use the Select-object -First 1 command to get the first object from the descending list. This will give you the highest disabled users counted OU.
The Script
function Find-SHDDisabledUsersOU {
[cmdletbinding()]
param (
[Parameter(HelpMessage = "Allows for custom Credential.")][System.Management.Automation.PSCredential]$Credential
)
if ($PSBoundParameters.ContainsKey('Credential')) {
((Get-ADUser -filter { enabled -eq $false } -Credential $Credential).Distinguishedname -replace '^CN=.*?,', '' | Group-Object | Sort-Object -Property Count -Descending | Select-Object -First 1).name
}
else {
((Get-ADUser -filter { enabled -eq $false }).Distinguishedname -replace '^CN=.*?,', '' | Group-Object | Sort-Object -Property Count -Descending | Select-Object -First 1).name
}
}
by David | Sep 12, 2020 | Help Desk, Information Technology, PowerShell
I hate it when someone calls and says they can’t hear their video while on a terminal server. 99% of the time is because the sound is muted on the local computer. Believe it or not, this is very simple to solve. We do this by using wscript.shell.
$Obj = New-Object -com wscript.shell
We first start by making the object wscript.shell. This little guy will give us all kinds of awesome access to a computer. Later we will wrap this up in an invoke-command.
1..100 | foreach-object { $obj.sendkeys([char]174) }
Next, we lower the volume to 0. We do this to have an absolute value. The char key 174 on the average windows computer is volume down. Thus we do it 100 times. Now we have an absolute, we can set the volume to what we want by increasing the value.
0..$Volume | foreach-object { $obj.sendkeys([char]175) }
This part will loop the volume up until the volume we tell it is reached. Using this method, we don’t have to create a sound object. We are using what is in the computer’s OS already.
The Script
function Set-SHDComputerSpeaker {
[cmdletbinding()]
param (
[Parameter(
ValueFromPipeline = $True,
ValueFromPipelineByPropertyName = $True,
HelpMessage = "Provide the target hostname",
Mandatory = $true)][Alias('Hostname', 'cn')][String[]]$Computername,
[Parameter(HelpMessage = "Allows for custom Credential.")][System.Management.Automation.PSCredential]$Credential,
[Parameter(Helpmessage = "Increase volume by",Mandatory = $true)][int]$Volume
)
foreach ($computer in $Computername) {
if (Test-Connection -ComputerName $computer -Count 1 -Quiet) {
try {
if ($PSBoundParameters.ContainsKey('Credential')) {
Invoke-Command -ComputerName $computer -Credential $Credential {
$Obj = New-Object -com wscript.shell
1..100 | foreach-object { $obj.sendkeys([char]174) }
0..$Volume | foreach-object { $obj.sendkeys([char]175) }
}
}
else {
Invoke-Command -ComputerName $computer {
$Obj = New-Object -com wscript.shell
1..100 | foreach-object { $obj.sendkeys([char]174) }
0..$Volume | foreach-object { $obj.sendkeys([char]175) }
}
}
}
catch {
Write-Warning "Unable to capture Data from $Computer."
}
}
else {
Write-Warning "$Computer is offline."
}
}
}
As stated above, we wrapped up the code into an invoke-command and placed some testing around it. Now all you have to do is:
Set-SHDComputerSpeaker -Computername 'Workstation1','Workstation2' -Volume 50
Or you can add the credential’s tag.
Set-SHDComputerSpeaker -Computername 'Worktation1',"Workstation2' -Volume 50 -Credential (Get-Credential)
I hope this is helpful to you. Share it with others if you find this useful.
by David | Sep 12, 2020 | Help Desk, Information Technology, PowerShell
I hate it when you get a mac address that’s not in the right format. Last week I got the mac address XX-XX-XX-XX when I needed to input it as XX:XX:XX:XX. So aggravating. So, here comes PowerShell to help. First, let’s validate the mac address. Second, let’s change out the pattern, and finally, we display the information.
Validate Mac Address
To validate a mac address we need to use a regex. I like the input to validate the pattern for us.
[parameter(Mandatory = $True)][ValidatePattern("^([0-9A-Fa-f]{2}[: \.-]){5}([0-9A-Fa-f]{2})$")][string]$MacAddress,
Let’s take a look at the validate pattern. ^([0-9A-Fa-f]{2}[: .-]){5}([0-9A-Fa-f]{2})$ The [0-9A-Fa-f] searches or the number 0-9, all the letters A,B,C,D,E,F, and the letters a,b,c,d,e,f. {2} states to look for only two of these characters. [: .-] is the next few characters we are searching for. This is the separator area of the mac address. xx:xx. From here we make sure all of this is repeated 5 times. Thus we need to make sure it’s grouped together using the preferences. ([0-9A-Fa-f){2}[: .-]). Now, this is grouped together, we want it to repeat 5 times. We don’t want it to repeat every time because the last subset does not have a separator. We do this using {5} after our group. Finally, we ask for the same thing again. ([0-9A-Fa-f]{2}). We finish it off with $.
Editing the Separators
Now we have our mac address validated we need to start building a way to replace the separators. First we need to setup the patter like above.
Now this is the patter we are gong to look for. We want all the 0 – 9, A,B,C,D,E,F,a,b,c,d,e,f.
$Mac = $MacAddress -replace $Pattern, $Seperator
With this command we are taking the validated mac address, searching for the patter, and replacing the separators with the provided separator. Next, we can uppercase or lower case the mac address using $Mac.ToUpper() or $Mac.ToLower().
The Script
Below is the script that will make life easier for everyone. Notice, I gave the option to add the output to the clipboard.
function Set-SHDMacAddressStructure {
[cmdletbinding()]
param (
[parameter(Mandatory = $True)][ValidatePattern("^([0-9A-Fa-f]{2}[: \.-]){5}([0-9A-Fa-f]{2})$")][string]$MacAddress,
[parameter(Mandatory = $true)][String]$Seperator,
[Parameter(HelpMessage = "Changes the case")][Validateset("UpperCase", "LowerCase")]$Case,
[parameter(helpmessage = "Added mac to clipboard")][switch]$ToClipboard
)
$Pattern = '[^a-zA-Z0-9]'
$Mac = $MacAddress -replace $Pattern, $Seperator
if ($case -eq "UpperCase") {
if ($ToClipboard) {
$Mac.ToUpper() | clip
$Mac.ToUpper()
} else {
$Mac.ToUpper()
}
}
elseif ($case -eq "LowerCase") {
if ($ToClipboard) {
$Mac.ToLower() | clip
$Mac.ToLower()
} else {
$Mac.ToLower()
}
}
else {
if ($ToClipboard) {
$Mac | clip
$Mac
} else {
$Mac
}
}
}
by David | Sep 9, 2020 | Information Technology, PowerShell
When you need to bitlocker hundreds of machines, but can’t have the machines restart, it’s best to look for the TPM chip another way instead of the standard hardware check method. The best way to do this is using a PowerShell Cim Instance.
Get-CimInstance -ClassName win32_tpm -ComputerName $Computer -Namespace "root\cimv2\Security\MicrosoftTPM"
We grab the win32_tpm class from the computer and we want to see the Microsoft compatible TPM chips. The Output gives some good and useful information that can be used later.
IsActivated_InitialValue : True
IsEnabled_InitialValue : True
IsOwned_InitialValue : True
ManufacturerId : 1398033696
ManufacturerIdTxt : STM
ManufacturerVersion : 73.64.17568.6659
ManufacturerVersionFull20 : 73.64.17568.6659
ManufacturerVersionInfo :
PhysicalPresenceVersionInfo : 1.3
SpecVersion : 2.0, 0, 1.38
PSComputerName : Computer1
The Trusted Computing Group has a good list of Vendor IDs that can be located here.
From here we can see Who built the unit, the spec versions which will tell us which type of bitlocker it can handle. From there we can build logic to bit lock the machine accordingly.
by David | Sep 9, 2020 | Information Technology, PowerShell
Often times I need to put an array into a line of text. It can take a while. So I made a powershell to help me make powershells. This little guy takes a single array and turns it into a line of text that I can use in a parameter (“A”,”B”,”C”).
The Break Down
The first part of the code is the parameter block that Grabs the array. This is a simple input. We make sure the array is mandatory.
param (
[parameter(HelpMessage = "Input of Array", Mandatory = $true)][array]$TheArray
)
Next we create a blank line of text that we will be adding everything else to.
I’m a little anal when it comes down to my outputs. I like everything to be sorted. Its just cleaner and easier for me to understand after the fact. So I sort the Inputs and put the input back into the inputs.
$TheArray = $TheArray | Sort-Object
Now we create the meat and potato of the script. The for loop. We will do a foreach loop in this case. Makes things easier to work with. We put each object into the $Line string with a +=.
foreach ($Info in $TheArray) {
$Line += """$Info"","
}
Lets take a look at the three ” in front of the $Info variable. “””$Info””,” Inorder to have a qoute, you must have a qoute around it inside a string. “$Info” will just put the value info into the string. But placing a ““” adds “$info as part of the string. Doing the same with the end “” does the same. Then adding the , helps build the string.
After the loop is finished, we are left with a odd , mark. The best way to handle that is to remove it. I do this by pushing the value line into it self while removing the last character with substring.
$Line = $Line.Substring(0, $Line.Length - 1)
Here the substring starts at character 0, and counts to the last character of the value line – 1. Basically, we don’t need that last one. So, everything else is pushed back into $Line.
Next we add the lazy man touch and push the string of text into the clip board to be used else where. Life is good. We do this by using the command clip
Finally, we display the information to the screen with a write-host command letting the end user know it’s inside their clipboard.
Write-Host "Input is on in your clipboard: $Line"
It’s a simple little script that has saved me on hours worth of work. I use this little guy to create a “Create PDQ deployment script” script. A powershell script that builds powershell scripts.
The Script
I would be amissed if I didn’t post the script, so here you go.
Function Convert-SHDArraytoLineofText {
[cmdletbinding()]
param (
[parameter(HelpMessage = "Input of Array", Mandatory = $true)][array]$TheArray
)
$Line = ""
$TheArray = $TheArray | Sort-Object
foreach ($Info in $TheArray) {
$Line += """$Info"","
}
$Line = $Line.Substring(0, $Line.Length - 1)
$Line | Clip
Write-Host "Input is on in your clipboard: $Line"
}
Roadmap
Like all things, this can be improved upon as well. Here are some ideas and possible future growth.
- Validation that the input object is an array
- validation that the input is a single object array instead of a multi object array.
- A way to handle multiple layers of an array.
Thank you for reading, if you have any questions, feel free to contact me.
