Kategori: Powershell

Publicerat

Migrate DHCP

Just a quick reminder on how to quickly move a Microsoft DHCP server.

Export with
netsh dhcp server export backup.txt

Import on new server with
netsh dhcp server import

dont forgett to ”Authorize” correct server.

Powershell way 🙂

DHCP Migration/Move to new Microsoft Server

Run this on the destination server..

#

$SourceServer = ”vdc01.byggkon.local”
$Sourceip =”192.168.52.10″
$DestServer =”vdc02″
$Destip =”192.168.52.11″

$WorkDir = ”c:\DHCPMigration”
if (-not (test-path $workdir)) {md $workdir}

Export config from old server

Export-DhcpServer -ComputerName $SourceServer -File ”$Workdir\SourceDHCPScopeData.xml” -Force

Stop OLD DHCP Server – decommision

Stop-Service -InputObject $(Get-service -ComputerName $SourceServer -Name DHCPServer) #Stop service on Source
set-service -InputObject $(Get-service -ComputerName $SourceServer -Name DHCPServer) -StartupType disabled #Disable Service on Source
Remove-DhcpServerInDC -DnsName $SourceServer -IPAddress $Sourceip # Deauthorize in AD

Importera den nya

Import-DhcpServer -ComputerName $DestServer -File ”$Workdir\SourceDHCPScopeData.xml” -BackupPath $workdir
Add-DhcpServerInDC -DnsName $DestServer # Authorize scope

Get-DhcpServerInDC

Publicerat

Regex

Samlade uttryck för att minnas dem helt enkelt 🙂

URLs
För att testa regex uttryck https://regex101.com

Exempel:
 	abc… 	Letters
	123… 	Digits
	\d 	Any Digit
	\D 	Any Non-digit character
	. 	Any Character
	\. 	Period
	[abc] 	Only a, b, or c
	[^abc] 	Not a, b, nor c
	[a-z] 	Characters a to z
	[0-9] 	Numbers 0 to 9
	\w 	Any Alphanumeric character
	\W 	Any Non-alphanumeric character
	{m} 	m Repetitions
	{m,n} 	m to n Repetitions
	* 	Zero or more repetitions
	+ 	One or more repetitions
	? 	Optional character
	\s 	Any Whitespace
	\S 	Any Non-whitespace character
	^…$ 	Starts and ends
	(…) 	Capture Group
	(a(bc)) 	Capture Sub-group
	(.*) 	Capture all
	(abc|def) 	Matches abc or def
Publicerat

Powershell 7 – pwsh.exe – a collection of things…

PS7

Installera:

Länk till alla varianter och releases på GitHub

Windows terminal kan också vara bra att nyttja 🙂 MsStore

URL: 7.1.0
https://github.com/PowerShell/PowerShell/releases/tag/v7.1.0

Msi x64 direkt länk:
https://github.com/PowerShell/PowerShell/releases/download/v7.1.0/PowerShell-7.1.0-win-x64.msi


URL: 7.03 Release
https://github.com/PowerShell/PowerShell/releases/tag/v7.0.3
https://github.com/PowerShell/PowerShell/releases/download/v7.0.3/PowerShell-7.0.3-win-x64.zip

URL: 7.02 Release

https://github.com/PowerShell/PowerShell/releases/tag/v7.0.2

Snabb MSI installation singel line

iex "& { $(irm https://aka.ms/install-powershell.ps1) } -UseMSI"
Linux singel line:
wget https://aka.ms/install-powershell.sh; sudo bash install-powershell.sh; rm install-powershell.sh

PowerShell 7-modulens kompatibilitet

Beskriver Windows modulers kompatibilitet med PS7.

Remoting Cross plattform SSH etc
https://www.thomasmaurer.ch/2019/04/setup-powershell-ssh-remoting-in-powershell-6/

Publicerat

Add to PS1 File Context Menu in Windows 10 for editing in ISE elevated

I wanted to get into ISE elevated directly from the shell by just rightclicking the *.ps1 file and then choose to edit …

I realy couldnt find anywone that had made this available public 100% working… so here it is… my verison…

Create a regfile of the below and run it or edit the registry directly…

Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Microsoft.PowerShellScript.1\Shell\Edit(Elevated)]
    @="Redigera (eleverat)"
    "HasLUAShield"=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Microsoft.PowerShellScript.1\Shell\Edit(Elevated)\Command]
    @="c:\\windows\\system32\\windowsPowerShell\\v1.0\\powershell.exe -command \"& {start-process -Filepath \"c:\\windows\\system32\\windowsPowerShell\\v1.0\\\\powershell_ise.exe -Verb RunAS %1\"}"

Result

Publicerat

RDGateway

RD-Gateway

Install RD Gateway with Powershell fast.. (2012R2)
Certs needs to be fixed and firewall ports needs to be opened and Nated … 443…

# Add Windows Role/Feature
Add-WindowsFeature -Name RDS-gateway -IncludeAllSubFeature -IncludeManagementTools

#verifiy that the module is present … and Load it…
Get-Module remotedesktopservices
import-module remotedesktopservices

 

# Create AD Security Group – Is created in Defalut ”users” container.
new-adgroup -Name ”RD-GW-Users” -Groupscope Global
Add-ADGroupMember ”RD-GW-Users” -member ”Domain Admins”
# Get Domain we are running in.. (Just to get things dynamic)
$dom=get-addomain | Select Name # $dom.name give us the domain name from now on..

#change dir into rds provider
cd RDS:
# Create new Connection Authorization Policy (CAP)
New-Item -Path ”RDS:\GatewayServer\CAP” -Name ”Allow RD-GW-Users” -UserGroups ”RD-GW-Users@$($dom.name)” -AuthMethod 1
# Create new Resource Authorization Policy
New-Item -Path ”RDS:\GatewayServer\RAP” -Name ”Allow Connections To Everywhere” -UserGroups ”RD-GW-Users@$($dom.name)” -ComputerGroupType 2

Publicerat

Clear out Exchange settings in AD

I certanly dont recommend this but this is what worked ….


$User = ""
$Users = ""
$Users=Get-ADUser -filter * | select SamAccountName

foreach ($User in $Users)
{
set-ADUser -identity $User.SamAccountName -clear legacyExchangeDN
set-ADUser -identity $User.SamAccountName -clear mailNickname
set-ADUser -identity $User.SamAccountName -clear msExchHomeServerName
set-ADUser -identity $User.SamAccountName -clear msExchMailboxGuid
set-ADUser -identity $User.SamAccountName -clear msExchMailBoxSecurityDescriptor
set-ADUser -identity $User.SamAccountName -clear msExchPoliciesIncluded
set-ADUser -identity $User.SamAccountName -clear msExchRBACPolicyLink
set-ADUser -identity $User.SamAccountName -clear msExchRecipientDisplayType
set-ADUser -identity $User.SamAccountName -clear msExchRecipientTypeDetails
set-ADUser -identity $User.SamAccountName -clear msExchTextMessagingState
set-ADUser -identity $User.SamAccountName -clear msExchUMDtmfMap
set-ADUser -identity $User.SamAccountName -clear msExchUserAccountControl
set-ADUser -identity $User.SamAccountName -clear msExchUserCulture
set-ADUser -identity $User.SamAccountName -clear msExchVersion
set-ADUser -identity $User.SamAccountName -clear proxyAddresses
set-ADUser -identity $User.SamAccountName -clear showInAddressBook
}

Publicerat

Hantera AD grupper m.m. med Powershell

import-module activedirectory
Get-ADUser -Filter {(Enabled -eq $true)} -searchbase ”ou=RDS,dc=HR,dc=local”
get-adgroupMember ”RDS_Monitor_Users” -recursive | select-object Name

 

Publicerat

Active Directory Roles (FSMO) – Detect/ Transfer Server rules…

Powershell way to transfer all roles fast…


cls
Import-Module activedirectory
Get-ADDomain | Select-Object InfrastructureMaster, RIDMaster, PDCEmulator
Get-ADForest | Format-Table SchemaMaster,DomainNamingMaster, GlobalCatalogs
Get-ADDomainController -Filter * | Select-Object Name, Domain, Forest, OperationMasterRoles |Where-Object {$_.OperationMasterRoles} | Format-Table -AutoSize

exit
Move-ADDirectoryServerOperationMasterRole -Identity "vdc02" -OperationMasterRole DomainNamingMaster,PDCEmulator,RIDMaster,SchemaMaster,InfrastructureMaster

ALt #2
$Domain = get-addomain
$forest=Get-ADForest $domain.name
write-host "Forest-Sites:`t`t`t"$forest.Sites
write-host "Domain:`t`t`t`t`t"$domain.name
write-host "FMSO:"
write-host "DomainNamingMaster:`t`t"($forest).DomainNamingMaster
write-host "SchemaMaster:`t`t`t"($Forest).SchemaMaster
write-host "InfrastructureMaster: `t"($Domain).InfrastructureMaster
write-host "PDCEmulator:`t`t`t"($Domain).PDCEmulator
write-host "RIDMaster:`t`t`t`t"($Domain).RIDMaster

exit
#Move-ADDirectoryServerOperationMasterRole -Identity "vdc02" -OperationMasterRole DomainNamingMaster,PDCEmulator,RIDMaster,SchemaMaster,InfrastructureMaster