LeVeilleur.net

Subscribe

PowerShell : List Users from AD Groups

juin 10, 2009 By: Christopher Keyaert Category: Non classé 

############################
#Param
############################
$lists= "Group1", "Group2"
$ExportCsv = "D:\test.csv"

############################
#Functions
############################
Add-pssnapin Quest.ActiveRoles.ADManagement
Function Get-MemberName()
	{
	Process
		{
		ForEach($Member In $_)
			{
			Get-QADUser –ObjectAttributes @{distinguishedName=$Member}
			}
		}
	}
#########################
# Script
#########################
$MyArray = @()
foreach($group in $lists)
	{
	$Ret = $null
	$Ret = (Get-QADGroup $group).members | Get-MemberName
	foreach($line in $Ret)
		{
		$obj = New-Object PSObject
		$obj | Add-Member NoteProperty -Name "Group" -Value ($Group).ToUpper()
		$obj | Add-Member NoteProperty -Name "FirstName" -Value $line.FirstName
		$obj | Add-Member NoteProperty -Name "LastName" -Value $line.LastName
		$obj | Add-Member NoteProperty -Name "LogonName" -Value ($line.LogonName).ToUpper()
		$MyArray += $obj
		}
	}
$MyArray | Export-Csv $ExportCsv

No Comments →

PowerShell : Users, Groups, Services, Shares

avril 16, 2009 By: Christopher Keyaert Category: Windows, powershell

Hello tout monde,

Voici un nouveau script permettant de récupérer :

-Local Users
-Local Groups
-Local Services
-Shares (With Shares Permissions and Ntfs Security)
-Testing the existing of a particular reg Key

Bonne journée

########################
#Functions
########################
$arrExclude = "NT AUTHORITY\LocalService",
			"NT AUTHORITY\Local Service",
     		"NT AUTHORITY\NETWORK SERVICE",
      		"NT AUTHORITY\NetworkService",
	  		"LocalSystem",
      		".\ASPNET" 

function checkExclusions([string]$strval)
	{
	foreach ($val in $arrExclude)
		{if ($val.ToLower() -eq $strval){return $true}	}
	return $false
	}

function Get-MySharePermissions
{
	param([string]$computername,[string]$sharename)
	$ShareSec = Get-WmiObject -Class Win32_LogicalShareSecuritySetting -ComputerName $computername
	ForEach ($ShareS in ($ShareSec | Where {$_.Name -eq $sharename}))
	{
		$SecurityDescriptor = $ShareS.GetSecurityDescriptor()
		$myCol = @()
		ForEach ($DACL in $SecurityDescriptor.Descriptor.DACL)
		{
			$myObj = "" | Select Domain, ID, AccessMask, AceType
			$myObj.Domain = $DACL.Trustee.Domain
			$myObj.ID = $DACL.Trustee.Name
			Switch ($DACL.AccessMask)
			{
				2032127 {$AccessMask = "FullControl"}
				1179785 {$AccessMask = "Read"}
				1180063 {$AccessMask = "Read, Write"}
				1179817 {$AccessMask = "ReadAndExecute"}
				-1610612736 {$AccessMask = "ReadAndExecuteExtended"}
				1245631 {$AccessMask = "ReadAndExecute, Modify, Write"}
				1180095 {$AccessMask = "ReadAndExecute, Write"}
				268435456 {$AccessMask = "FullControl (Sub Only)"}
				default {$AccessMask = $DACL.AccessMask}
			}
			$myObj.AccessMask = $AccessMask
			Switch ($DACL.AceType)
			{
				0 {$AceType = "Allow"}
				1 {$AceType = "Deny"}
				2 {$AceType = "Audit"}
			}
			$myObj.AceType = $AceType
			Clear-Variable AccessMask -ErrorAction SilentlyContinue
			Clear-Variable AceType -ErrorAction SilentlyContinue
			$myCol += $myObj
		}
	}
	Return $myCol
}

function Ping (  [string] $strComputer )
{
  $timeout=120;
  trap { continue; }

  $ping = new-object System.Net.NetworkInformation.Ping
  $reply = new-object System.Net.NetworkInformation.PingReply

  $reply = $ping.Send($strComputer, $timeout);
  if( $reply.Status -eq "Success"  )
  {
     return $true;
  }
  return $false;
}

########################
#Script
########################
$pathFolder = "D:\Reporting\ComputerPerm"
$computersList = get-content "$pathFolder\list.txt"
$ArrayUser = @()
$ArrayGroup = @()
$ArrayKey = @()
$ArrayService = @()
$ArrayShare = @()
$ArrayAccess = @() 

foreach($computer in $computersList)
{

#################################################################################################
$retPing = Ping $computer
if($retPing -eq $true)
	{
	#Disabling the error on the screen
	$errorActionPreference="SilentlyContinue"
	$testAccss = get-wmiobject Win32_OperatingSystem -computername $computer -ErrorVariable ERR
    	If($ERR)
            {$Access = $false}
		else{$Access = $true}
	}
else{$Access = $false}

if($Access -eq $false)
	{
	#Srv not ping or denied
	Write-Host "Server : " (($computer).trim()).ToUpper() " - Ping : $retPing - Access : $Access"
	$obj=New-Object PSObject
	$obj | Add-Member Noteproperty -Name "ServerName" -Value (($computer).trim()).ToUpper()
	$obj | Add-Member Noteproperty -Name "PING" -Value $retPing
	$obj | Add-Member Noteproperty -Name "ACCESS" -Value $Access
	$ArrayAccess += $obj
	}
else{
	#Working on it

#################################################################################################
Write-Host "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
Write-Host ""
Write-host "ServerName : $computer"
Write-Host ""

#################################################################################################
Write-Host "***********************"
Write-Host "List local user account"
Write-Host "***********************"
Write-Host ""

$namespace = "root\CIMV2"
$usersList = Get-WmiObject -class Win32_UserAccount -computername $computer -namespace $namespace -filter "localaccount=true"

foreach($user in $usersList)
	{
	Write-host "Account Name : " $user.name
	Write-Host "Account Description : " $user.description
	Write-host "Disabled : " $user.disabled
	Write-Host ""

	$obj=New-Object PSObject
	$obj | Add-Member Noteproperty -Name "ServerName" -Value (($computer).trim()).ToUpper()
	$obj | Add-Member Noteproperty -Name "AccountName" -Value (($user.name).trim()).ToUpper()
	$obj | Add-Member Noteproperty -Name "AccountDescription" -Value (($user.description).trim()).ToUpper()
	$obj | Add-Member Noteproperty -Name "Disabled" -Value $user.disabled
	$ArrayUser += $obj
	}

#################################################################################################
Write-Host "***********************"
Write-Host "List local Group"
Write-Host "***********************"
Write-Host ""

$results = Get-WmiObject -class Win32_Group -computername $computer -namespace $namespace -filter "localaccount=true"
foreach($result in $results)
	{
	Write-Host "Group Name : " $result.name
	Write-Host "Group Description : " $result.description
	Write-Host ""

	$GroupName = $result.name
	$group =[ADSI]"WinNT://./$GroupName"
	$members = @($group.psbase.Invoke("Members"))
	$list = $members | foreach {$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)}
	if($list -ne $null)
		{
		foreach($member in $list)
			{
			Write-host "Account Name : " $member.toupper()

			$obj=New-Object PSObject
			$obj | Add-Member Noteproperty -Name "ServerName" -Value (($computer).trim()).ToUpper()
			$obj | Add-Member Noteproperty -Name "GroupName" -Value (($result.name).trim()).ToUpper()
			$obj | Add-Member Noteproperty -Name "GroupDescription" -Value (($result.description).trim()).ToUpper()
			$obj | Add-Member Noteproperty -Name "Member" -Value (($member).trim()).ToUpper()
			$ArrayGroup += $obj
			}
		}
	else
		{
		$obj=New-Object PSObject
		$obj | Add-Member Noteproperty -Name "ServerName" -Value (($computer).trim()).ToUpper()
		$obj | Add-Member Noteproperty -Name "GroupName" -Value (($result.name).trim()).ToUpper()
		$obj | Add-Member Noteproperty -Name "GroupDescription" -Value (($result.description).trim()).ToUpper()
		$obj | Add-Member Noteproperty -Name "Member" -Value ""
		$ArrayGroup += $obj
		}

	Write-Host ""
	}

#################################################################################################
Write-Host ""
Write-Host "********************"
Write-Host "Testing Registry Key"
Write-Host "********************"
Write-Host ""

#Just for testing purpose
#$key = "SYSTEM\CurrentControlSet\Services\W32Time\Parameters"
$key = "SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\AutoShareServer"
$type = [Microsoft.Win32.RegistryHive]::LocalMachine
$regKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($type, $computer)
$regKey = $regKey.OpenSubKey($key)

Write-Host "Key : $key"
if($regKey -eq $null)
	{Write-Host "Key Present : false";
	$keyVal = $false
	}
else{Write-Host "Key Present : true"
	$keyVal = $true
	}

$obj=New-Object PSObject
$obj | Add-Member Noteproperty -Name "ServerName" -Value (($computer).trim()).ToUpper()
$obj | Add-Member Noteproperty -Name "Key" -Value (($key).trim()).ToUpper()
$obj | Add-Member Noteproperty -Name "KeyVal" -Value $keyVal
$ArrayKey += $obj	

#################################################################################################
Write-Host ""
Write-Host "**************************"
Write-Host "Service with local account"
Write-Host "**************************"
Write-Host ""

$results = gwmi win32_service -computer $Computer -property name, startname, caption
foreach ($result in $results)
	{
	$account = $result.StartName.ToLower()
	if ((checkExclusions $account) -eq $false)
		{
	    Write-Host "Service : " $result.Name
		Write-Host "Caption : " $result.Caption
		Write-Host "Account : " $account
		Write-Host ""

		$obj=New-Object PSObject
		$obj | Add-Member Noteproperty -Name "ServerName" -Value (($computer).trim()).ToUpper()
		$obj | Add-Member Noteproperty -Name "Service" -Value (($result.Name).trim()).ToUpper()
		$obj | Add-Member Noteproperty -Name "Caption" -Value $result.Caption
		$obj | Add-Member Noteproperty -Name "Account" -Value $account
		$ArrayService += $obj		

		}
	}

#################################################################################################
Write-Host ""
Write-Host "**************************"
Write-Host "Share on the computer"
Write-Host "**************************"
Write-Host ""
$results = get-WmiObject Win32_Share -computer $Computer
foreach ($result in $results)
	{
	Write-Host ""
	Write-Host "---------------"
	Write-Host ""
	Write-Host "Share Name : " $result.name
	Write-Host "Share Path : " $result.path
	Write-Host "Share Description : " $result.description
	Write-Host
	Write-Host "/!\Share Persmissions /!\"
	$shareInfos = Get-MySharePermissions $Computer $result.name
	$cpt= 1
	foreach($shareInfo in $shareInfos)
		{
		Write-Host "$cpt-Domain : " $shareInfo.domain
		Write-Host "$cpt-User : " $shareInfo.id
		Write-Host "$cpt-AccessMask : " $shareInfo.accessMask
		Write-Host "$cpt-AceType : " $shareInfo.AceType
		Write-Host ""
		Write-Host "/!\Ntfs Persmissions /!\"

		$path = "\\$computer\" + $result.name

		if($result.name -ne "IPC$")
			{
			$values = Get-Acl $path  | select-object path,owner,accesstostring,group
			foreach($value in $values)
				{
				Write-Host $value.path
				Write-Host $value.owner
				Write-Host $value.accesstostring
				Write-Host $value.group
				Write-Host ""

				$obj=New-Object PSObject
				$obj | Add-Member Noteproperty -Name "ServerName" -Value (($computer).trim()).ToUpper()
				$obj | Add-Member Noteproperty -Name "ShareName" -Value (($result.name).trim()).ToUpper()
				$obj | Add-Member Noteproperty -Name "SharePath" -Value (($result.path).trim()).ToUpper()
				$obj | Add-Member Noteproperty -Name "ShareDescription" -Value $result.description
				$obj | Add-Member Noteproperty -Name "Domain" -Value $shareInfo.domain
				$obj | Add-Member Noteproperty -Name "User" -Value $shareInfo.id
				$obj | Add-Member Noteproperty -Name "AccessMask" -Value $shareInfo.accessMask
				$obj | Add-Member Noteproperty -Name "AceType" -Value $shareInfo.AceType
				$obj | Add-Member Noteproperty -Name "NTFSPath" -Value (($value.path).trim()).ToUpper()
				$obj | Add-Member Noteproperty -Name "NTFSOwner" -Value $value.owner
				$obj | Add-Member Noteproperty -Name "NTFSAccesstoString" -Value $value.accesstostring
				$obj | Add-Member Noteproperty -Name "NTFSGroup" -Value $value.group
				$ArrayShare += $obj
				}
			}
		else
			{
			$obj=New-Object PSObject
			$obj | Add-Member Noteproperty -Name "ServerName" -Value (($computer).trim()).ToUpper()
			$obj | Add-Member Noteproperty -Name "ShareName" -Value (($result.name).trim()).ToUpper()
			$obj | Add-Member Noteproperty -Name "SharePath" -Value (($result.path).trim()).ToUpper()
			$obj | Add-Member Noteproperty -Name "ShareDescription" -Value $result.description
			$obj | Add-Member Noteproperty -Name "Domain" -Value $shareInfo.domain
			$obj | Add-Member Noteproperty -Name "User" -Value $shareInfo.id
			$obj | Add-Member Noteproperty -Name "AccessMask" -Value $shareInfo.accessMask
			$obj | Add-Member Noteproperty -Name "AceType" -Value $shareInfo.AceType
			$obj | Add-Member Noteproperty -Name "NTFSPath" -Value ""
			$obj | Add-Member Noteproperty -Name "NTFSOwner" -Value ""
			$obj | Add-Member Noteproperty -Name "NTFSAccesstoString" -Value ""
			$obj | Add-Member Noteproperty -Name "NTFSGroup" -Value ""
			$ArrayShare += $obj
			}

		$cpt+= 1
		}

	}
#################################################################################################

	#End test Access
	}

}

$ArrayUser | Export-Csv "$pathFolder\1-user.csv"
$ArrayGroup | Export-Csv "$pathFolder\2-group.csv"
$ArrayKey | Export-Csv "$pathFolder\3-RegKey.csv"
$ArrayService | Export-Csv "$pathFolder\4-Service.csv"
$ArrayShare | Export-Csv "$pathFolder\5-Share.csv"
$ArrayAccess | Export-Csv "$pathFolder\Access.csv"

No Comments →

PowerShell : List Cluster’s Resources

mars 30, 2009 By: Christopher Keyaert Category: Windows, powershell

Voici un petit script PowerShell permettant de lister toutes les ressources disks des clusters.

$logFilePath = "D:\DashBoard\Inventory\source\Cluster\mylog.log"
$listFile = "D:\DashBoard\Inventory\source\Cluster\list.txt"
Start-Transcript -Path $logFilePath -Append >$null
$list = Get-Content $listFile
foreach($srv in $list)
	{
	$SrvName = $srv
	$c = new-object -comobject MSCLuster.Cluster
	$c.open($SrvName)
	#Cluster Name
	Write-Host "Cluster Name : " $c.name "`r"
	#Cluster Nodes
	foreach($node in $c.nodes)
		{
		Write-Host "Cluster Nodes : " $node.name "`r"
		}

	Write-Host "-----"	"`r"
	#Resources Groups

	foreach($resourceG in $c.resourceGroups)
		{
		Write-Host "Resource Group : " $resourceG.name "`r"
		foreach($r in $resourceG.Resources)
			{
			if($r.TypeName -like "*Physical Disk*")
				{Write-Host "Resource Name Disk Name : " $r.name "`r"}
			if($r.TypeName -like "*Network Name*")
				{Write-Host "Resource Name NetWork Name : " $r.name "`r"}
			}
		Write-Host "-----" "`r"
		}

	Write-Host "" "`r"
	Write-Host "***************************" "`r"
	Write-Host "" "`r"
	}

Stop-Transcript

No Comments →

PoshBoard : PowerShell into a DashBoard

février 20, 2009 By: Christopher Keyaert Category: powershell

Voici un projet très très prometteur.



PoshBoard 0.4 Techdays 2009 edition from Antoine Habert on Vimeo.

No Comments →

PowerShell : Save Html, Body, ….

février 10, 2009 By: Christopher Keyaert Category: Non classé

Voici trois méthodes permettant de sauver une page web ou plus simplement du code html

# Internetexplorer.application
$obj=New-Object -ComObject internetexplorer.application
$obj.visible=$true
$obj.navigate2("http://www.google.com")
while($obj.ReadyState -ne 4){start-sleep -m 100}
$obj.Document.documentElement.outerHTML

# xml http
$url = "http://www.cnn.com"
$xHTTP = new-object -com msxml2.xmlhttp;
$xHTTP.open("GET",$url,$false);
$xHTTP.send();
$xHTTP.ResponseText; # returns the html doc


# net.webclient
$url="http://www.cnn.com"
$wc = new-object net.webclient
$html = $wc.DownloadString($url)

No Comments →

← Previous Entries