Tag: powershell

Exchange autodiscover URL

July 12, 2024 / leeryan / 0 Comments

After certain updates, it seems autodiscover url can get removed from the existing config, the below will re-configure it. Commands are to be used in the Exchange Management Shell

Set-ClientAccessService -Identity "HOSTNAME" -AutoDiscoverServiceInternalUri https://mail.XX.com/Autodiscover/Autodiscover.xml

This will list the current autodiscover url

Get-clientAccessServer | fl Name,AutoDiscoverServiceInternalUri

This will list all exchange services url’s

$virtdirs = "ECP,OWA,OAB,WebServices,Activesync,autodiscover,mapi"
$array = $virtdirs.split(",")
foreach ($i in $array) {
$j = "Get-"+$i+"VirtualDirectory"+" | fl name,server,internalurl,externalurl"
iex $j
}

Reset password via Azure CloudShell

October 27, 2023 / leeryan / 0 Comments

Connect-AzureAD

$Password = "em2Y2DA7KiZx2uo5QSAk*" | ConvertTo-SecureString -AsPlainText -Force

Set-AzureADUserPassword -ObjectID "7de0a4c8-8bfb-43bc-9d6e-e4b6131f3e66" -Password $password

This reset’s the account password to the specified one above, ignores already used passwords and extends expired account password lifecycle.

List user logon sessions on all servers in AD domain

September 12, 2023 / leeryan / 0 Comments

# Define the OU path where your servers are located
$ouPath = "OU=servers,DC=domain,DC=local"  # Replace with your OU path

# Get a list of servers in the specified OU
$servers = Get-ADComputer -Filter {OperatingSystem -like "Windows Server*"} -SearchBase $ouPath | Select-Object -ExpandProperty Name

# Loop through each server and query logged-on users
foreach ($server in $servers) {
    try {
        # Use WMI to query logged-on user information
        $loggedOnUsers = Get-WmiObject -Class Win32_ComputerSystem -ComputerName $server | Select-Object -ExpandProperty UserName

        if ($loggedOnUsers) {
            Write-Host "Logged-on users on $server"
            $loggedOnUsers | ForEach-Object {
                Write-Host "  $_"
            }
        } else {
            Write-Host "No users logged on to $server"
        }
    } catch {
        Write-Host "Failed to query $server"
    }
}

If you want to search by specific names, you can adjust the filter to this –

Get-ADComputer -Filter {Name -like "AZ-EUW-*"} -SearchBase $ouPath

Find where an account was locked out from in AD

September 12, 2023 / leeryan / 0 Comments

Get-WinEvent -FilterHashtable @{logname=’security’; id=4740} | fl

Keeping in mind, when you run from a DC, it’ll only list events on that DC. So if your account was locked out against a secondary site DC, perhaps it won’t show.

Report of DNS settings on all Windows Servers via powershell

August 30, 2023 / leeryan / 0 Comments

$AllServers=Get-ADComputer -Filter {OperatingSystem -Like "Windows Server*" -and Enabled -eq 'True'}
$Servers = ForEach ($Server in $AllServers){

$Result=Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter "IPEnabled = 'True'" -Property DNSServerSearchOrder -ComputerName $Server.Name

New-Object -TypeName PSObject -Property @{
ComputerName = $Server.Name -join ','
DNSServerSearchOrder = $Result.DNSServerSearchOrder -join ','

} | Select-Object ComputerName,DNSServerSearchOrder | Export-Csv -Path C:\Temp\ServerDNSSettings.csv -NoTypeInformation -Append
}

Run this from a domain controller and it will report the DNS servers set on the NIC card.

Search group policies for specific setting

July 10, 2023 / leeryan / 0 Comments

Sometimes you need to search in a domain environment for a specific setting in GPO’s. This script will search through all the GPO’s in the domain and list the results at the end!

# Get the string you want to search for
$string = Read-Host -Prompt "What string do you want to search for?"

# Set the domain to search for GPOs
$DomainName = $env:USERDNSDOMAIN

# Find all GPO's in the current domain of logged on user
write-host "Finding all the GPO's in $DomainName"
Import-Module grouppolicy
$allGposInDomain = Get-GPO -All -Domain $DomainName
[string[]] $MatchedGPOList = @()

# Look through each GPO's XML for the string
Write-Host "Starting search...."
foreach ($gpo in $allGposInDomain) {
    $report = Get-GPOReport -Guid $gpo.Id -ReportType Xml
    if ($report -match $string) {
        write-host "********** Match found in: $($gpo.DisplayName) **********" -foregroundcolor "Green"
        $MatchedGPOList += "$($gpo.DisplayName)";
    } # end if
    else {
        Write-Host "No match in: $($gpo.DisplayName)"
    } # end else
} # end foreach
write-host "`r`n"
write-host "Results: **************" -foregroundcolor "Yellow"
foreach ($match in $MatchedGPOList) {
    write-host "Match found in: $($match)" -foregroundcolor "Green"
}

Cancel all meetings by specific user O365

October 28, 2022 / leeryan / 0 Comments

This will cancel all meetings created by the user you input to the command. Useful for when you have someone that has left the organization.

Connect-ExchangeOnline

Remove-CalendarEvents -Identity [email protected] -CancelOrganizedMeetings

Azure Resource Inventory Export

September 7, 2022 / leeryan / 0 Comments

If you do not have any CMDB actively scanning you Azure environment, things could get messy if you’ve had several rushed deployments into your Azure infrastructure. I recently got to know about a script by a colleague, that can export every single resource in your subscription and display it in a very organized excel sheet.

Example –

AzureInventory Download

I’ve uploaded the file here in TXT format, download it and rename to .ps1 ; You might need to have the below modules installed on your PC and one extension –

Azure AD
Azure CLI

Once those are installed, add the resource graph extension with this command -|

az extension add --name resource-graph

Now run the script, it will take you to the login page of Microsoft, use an admin account with permissions to read the tenant.

Some users reported having to run the script with the trigger -Online as the excel was not being generated. I have also verified this bug occurs and using the -Online resolves it. A second bug is that it will show 0 resources in the excel. This is something on your PC and you must re-install the powershell modules and extension.

Credits for this script go to https://github.com/microsoft/ARI

Export all Azure Active Directory Users

September 7, 2022 / leeryan / 0 Comments

Azure Active Directory has a ton of attributes which hold potentially useful information. I needed to compare what attributes are synced from an On-Premise AD environment to Azure AD. The client was using AD Sync Connector to synchronize their AD.

After collecting all the attributes from a Microsoft knowledgebase article, I added them all to the below script

# Export/working path, please create it before running script
$Path = Split-Path -Parent "C:\scripts\*.*"

# Create variable for the date stamp in log file
$LogDate = Get-Date -f yyyyMMddhhmm

# Define CSV and log file location variables
# They have to be on the same location as the script
$Csvfile = $Path + "\AllAzADUsers_$logDate.csv"

# Get all Azure AD users
$AzADUsers = Get-AzureADUser -All $true | Select-Object -Property *

# Display progress bar
$progressCount = 0
for ($i = 0; $i -le $AzADUsers.Count; $i++) {

    Write-Progress `
        -Id 0 `
        -Activity "Retrieving User " `
        -Status "$progressCount of $($AzADUsers.Count)" `
        -PercentComplete (($progressCount / $AzADUsers.Count) * 100)

    $progressCount++
}

# Create list
$AzADUsers | Sort-Object GivenName | Select-Object `
@{Label = "First name"; Expression = { $_.GivenName } },
@{Label = "Last name"; Expression = { $_.Surname } },
@{Label = "Display name"; Expression = { $_.DisplayName } },
@{Label = "User principal name"; Expression = { $_.UserPrincipalName } },
@{Label = "Street"; Expression = { $_.StreetAddress } },
@{Label = "City"; Expression = { $_.City } },
@{Label = "State/province"; Expression = { $_.State } },
@{Label = "Zip/Postal Code"; Expression = { $_.PostalCode } },
@{Label = "Country/region"; Expression = { $_.Country } },
@{Label = "Job Title"; Expression = { $_.JobTitle } },
@{Label = "Department"; Expression = { $_.Department } },
@{Label = "Company"; Expression = { $_.CompanyName } },
@{Label = "Description"; Expression = { $_.Description } },
@{Label = "Office"; Expression = { $_.PhysicalDeliveryOfficeName } },
@{Label = "Telephone number"; Expression = { $_.TelephoneNumber } },
@{Label = "E-mail"; Expression = { $_.Mail } },
@{Label = "Mobile"; Expression = { $_.Mobile } },
@{Label = "User type"; Expression = { $_.UserType } },
@{Label = "ageGroup"; Expression = { $_.ageGroup } },
@{Label = "alernativeSecurityId"; Expression = { $_.alernativeSecurityId } },
@{Label = "alernativeSecurityIds"; Expression = { $_.alernativeSecurityIds } },
@{Label = "consentProvidedForMinor"; Expression = { $_.consentProvidedForMinor } },
@{Label = "createdDateTime"; Expression = { $_.createdDateTime } },
@{Label = "creationType"; Expression = { $_.creationType } },
@{Label = "dateOfBirth"; Expression = { $_.dateOfBirth } },
@{Label = "facsimileTelephoneNumber"; Expression = { $_.facsimileTelephoneNumber } },
@{Label = "immutableId"; Expression = { $_.immutableId } },
@{Label = "legalAgeGroupClassification"; Expression = { $_.legalAgeGroupClassification } },
@{Label = "legalCountry"; Expression = { $_.legalCountry } },
@{Label = "mailNickName"; Expression = { $_.mailNickName } },
@{Label = "netId"; Expression = { $_.netId } },
@{Label = "objectId"; Expression = { $_.objectId } },
@{Label = "otherMails"; Expression = { $_.otherMails } },
@{Label = "password"; Expression = { $_.password } },
@{Label = "passwordPolicies"; Expression = { $_.passwordPolicies } },
@{Label = "physicalDeliveryOfficeName (officeLocation)"; Expression = { $_.physicalDeliveryOfficeName } },
@{Label = "preferredLanguage"; Expression = { $_.preferredLanguage } },
@{Label = "signInNames"; Expression = { $_.signInNames } },
@{Label = "signInNames.userName"; Expression = { $_.signInNames.userName } },
@{Label = "signInNames.phoneNumber"; Expression = { $_.signInNames.phoneNumber  } },
@{Label = "signInNames.emailAddress"; Expression = { $_.signInNames.emailAddress  } },
@{Label = "strongAuthenticationAlternativePhoneNumber"; Expression = { $_.strongAuthenticationAlternativePhoneNumber } },
@{Label = "strongAuthenticationEmailAddress"; Expression = { $_.strongAuthenticationEmailAddress } },
@{Label = "strongAuthenticationPhoneNumber"; Expression = { $_.strongAuthenticationPhoneNumber } },
@{Label = "usageLocation"; Expression = { $_.usageLocation } },
@{Label = "userType"; Expression = { $_.userType } },
@{Label = "userState"; Expression = { $_.userState } },
@{Label = "userStateChangedOn"; Expression = { $_.userStateChangedOn } },
@{Label = "Dirsync"; Expression = { if (($_.DirSyncEnabled -eq 'True') ) { 'True' } Else { 'False' } } },
@{Label = "Account status"; Expression = { if (($_.AccountEnabled -eq 'True') ) { 'Enabled' } Else { 'Disabled' } } } |


# Export report to CSV file
Export-Csv -Encoding UTF8 -Path $Csvfile -NoTypeInformation #-Delimiter ";"

Check password expiry Office365

May 7, 2022 / leeryan / 0 Comments

$cred = Get-Credential “[email protected]”

Connect-MsolService -Credential $cred

$domain = Get-MsolDomain | where {$_.IsDefault -eq $true}

$PasswordPolicy = Get-MsolPasswordPolicy -DomainName $domain.Name

$Account = “[email protected]” # Change HERE !!

$UserPrincipal = Get-MsolUser -UserPrincipalName $Account

$UserPrincipal | fl PasswordNeverExpires

$PasswordExpirationDate = $UserPrincipal.LastPasswordChangeTimestamp.AddDays($PasswordPolicy.ValidityPeriod)

Write-host “Password will Expire on : $PasswordExpirationDate”

$StartDate = (GET-DATE)
$DaysLeft = NEW-TIMESPAN -Start $StartDate -End $PasswordExpirationDate
$DaysLeft = [math]::Floor($DaysLeft.TotalDays)

Write-host “Password will Expire in # Days : $DaysLeft”

$UserPrincipal | select DisplayName, LastPasswordChangeTimeStamp,@{Name=”PasswordAge”;Expression={((Get-Date).ToUniversalTime())-$_.LastPasswordChangeTimeStamp}} | sort-object PasswordAge -desc