Another test from the month of lunches book was to list out user account with passwordlastset as null.
get-aduser -filter * -properties passwordlastset | where {$_.passwordlastset -eq $null} | ft Name,PasswordLastSet
Archive for the ‘powershell’ Tag
List users with passwordlastset as null
Sunday, December 22nd, 2019get-service show startup automatic and stopped
Sunday, December 22nd, 2019Going through the learn powershell in 30 days. One test question was to display services with automattic startup and are stopped:
Get-Service | Select-Object -Property Name,Status,StartType | where-object {$_.Status -eq “Stopped” -and $_.StartType -eq “Automatic”}
Get-EventLog does not display retention dates
Monday, December 16th, 2019A simple issue of trying to print the retention days for the logfiles.
The problem is the date does not print with the standard output column name.
You have to use the property MinimumRetentionDays
Lesson of the day? Always use the GM option.
get-eventlog does not display time on out-file
Tuesday, November 26th, 2019Powershell is fun and yet there are times it can be annoying.
I am doing a refresh as I am looking for a new job. My last one was not script minded.
A simply test was to get use get-eventlog sort by index and time. It did this. Next was to output index, time and source.
get-eventlog -logname Security -newest 50 |select-object -property index,time,source | sort time,index | out-file c:\last.txt
The other two worked. Time did not.
You would think it would be obvious to simply use “time” and well; it isn’t.
You need to use timegenerated or timewritten.
get-eventlog -logname Application -newest 50 |select-object -property index,timegenerated,source | sort index,time
More reading to do.
Win32_OperatingSystem class missing
Saturday, February 2nd, 2019We were fortunate to not have an issue for the wannacry ransomware. It was time to make sure this this never happened. We have a script designed to tell us when a system lacked the patching it needed.
While running it on one system; I received a rather peculiar error:
Win32_OperatingSystem class missing
I tried all the usual repairs and and tried to rebuild the WMI repository. Still the error persisted.
The following commands solved this issue:
cd %windir%\system32\wbem
for /f %%s in ('dir /s /b *.mof *.mfl') do mofcomp %%s
Information came from the following Technet entry.
Skip first line with import-csv
Friday, October 20th, 2017I have a data file which generates with a header line. I have check script which uses the file and I wanted to skip it but I am using a foreach loop and did not want to add an if/then.
The problem line:
Import-Csv $file -header("fullname","email", "notification","version") foreach {
I remembered the select -first option and I wondered if there was a skip option?
I made a quick change and added a pipe with select -skip 1
Import-Csv $file -header("fullname","email", "notification","version") | select -skip 1 | foreach {
Tested the script and sure enough the first line was skipped.
Importing Powershell Active directory module into windows 2008
Wednesday, June 17th, 2015I am “crash and burn” testing windows 10. Painful but a good way to get the feel of it. One painful loss was the Active Directory module for Powershell. You have to have Remote Server Administration Tools (RSAT) and they stopped working for Win 10. There was a special release for the January version of Win10 but it died with the May version and Microsoft reported they will fix it with the general release.
What to do?
I thought about using one of my test VMs running Windows 2008. It had RSAT but when I tried to import the Active Directory module into Powershell; I received an error saying it did not exist.
I found there were a extra other steps needed to be done:
1) Import-Module ServerManager
2) Add-WindowsFeature RSAT-AD-Powershell
After that, I was able to import the active directory module.
-edit- 07/23/15
There was a recent update to windows 10 and it nuked RSAT. Microsoft will basically fix it after the OS is released. *sighs*
How to get the server serial number with powershell
Saturday, February 14th, 2015I had to update some drivers and did a quick check of the server database and found it was wrong. I remembered there were a couple server changes before this install and was not sure the correct server was listed.
I needed the serial number of to verify I was updating the right information in the database.
Powershell can do this. Note: this is a 2012 install on new hardware. Older models might not work.
From Powershell; simply enter;
gwmi win32_bios | fl SerialNumber
Comparing processes between two computers
Tuesday, December 2nd, 2014I am reading Don Jones’ book Learning Windows Powershell in a month of lunches and found one nice little sequence of commands which can do a diff between two lists of processes.
Every so often you can get the complaint of “why do these two computers have different run times when they are the same?”
A valid complaint which can take awhile to sort out. Obvious first steps would be to compare apps installed and what is running as sometimes the “smarter then you” engineers can install things without telling anybody.
One quick way would be to use a couple cmdlets and diff. This was taken from page 41.
Use the computer which is running as expected as the reference computer. Get a list of processes by entering:
Get-Process | Export-CliXML reference.xml
The CliXML can hold more information then the traditional CSV file.
After you have the file, you can run:
Diff -reference (Import-CliXML reference.xml) -difference (Get-Process -computername newserver) -property Name
The output centers on the name of each process and you will get <= and => to point out where it’s different.
This is a nice little trick to compare setups. You can keep the reference file as a baseline for future issues on the same computer.
This will work with any of the get cmdlets.
Changing to Powershell ISE
Thursday, October 23rd, 2014I have had a constant problem with AdminScriptEditor. For whatever reason, it will format certain lines which break up my variables (IE. $ variable).
In a moment of anger, I decided to start using the Powershell ISE. Simple but missing a few things such as a print menu.
There is the add-ons menu which is kind of clumsy but it gives you the chance to add missing routines and functions.
I found Jeffrey Hicks wrote a series of functions to extend ISE. Simple install process and now I can print my scripts!
There is also a technet entry on this.
techdork 