PUDAdminCenterPrototype.psm1
|
[Net.ServicePointManager]::SecurityProtocol = "tls12, tls11, tls" # Get public and private function definition files. [array]$Public = Get-ChildItem -Path "$PSScriptRoot\Public\*.ps1" -ErrorAction SilentlyContinue [array]$Private = Get-ChildItem -Path "$PSScriptRoot\Private\*.ps1" -ErrorAction SilentlyContinue $ThisModule = $(Get-Item $PSCommandPath).BaseName # Dot source the Private functions foreach ($import in $Private) { try { . $import.FullName } catch { Write-Error -Message "Failed to import function $($import.FullName): $_" } } [System.Collections.Arraylist]$ModulesToInstallAndImport = @() if (Test-Path "$PSScriptRoot\module.requirements.psd1") { $ModuleManifestData = Import-PowerShellDataFile "$PSScriptRoot\module.requirements.psd1" #$ModuleManifestData.Keys | Where-Object {$_ -ne "PSDependOptions"} | foreach {$null = $ModulesToinstallAndImport.Add($_)} $($ModuleManifestData.GetEnumerator()) | foreach { $PSObj = [pscustomobject]@{ Name = $_.Key Version = $_.Value.Version } $null = $ModulesToinstallAndImport.Add($PSObj) } } if ($ModulesToInstallAndImport.Count -gt 0) { # NOTE: If you're not sure if the Required Module is Locally Available or Externally Available, # add it the the -RequiredModules string array just to be certain $InvModDepSplatParams = @{ RequiredModules = $ModulesToInstallAndImport InstallModulesNotAvailableLocally = $True ErrorAction = "SilentlyContinue" WarningAction = "SilentlyContinue" } $ModuleDependenciesMap = InvokeModuleDependencies @InvModDepSplatParams } # Public Functions <# .SYNOPSIS Script that get the certificates overview (total, ex) in the system. .DESCRIPTION Script that get the certificates overview (total, ex) in the system. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Readers .PARAMETER channel This parameter is MANDATORY. TODO .PARAMETER path This parameter is OPTIONAL. TODO .PARAMETER nearlyExpiredThresholdInDays This parameter is OPTIONAL. TODO .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-CertificateOverview -channel "Microsoft-Windows-CertificateServicesClient-Lifecycle-System*" #> function Get-CertificateOverview { param ( [Parameter(Mandatory = $true)] [ValidateSet( "Microsoft-Windows-CertificateServicesClient-Lifecycle-System*", "Microsoft-Windows-CertificateServices-Deployment*", "Microsoft-Windows-CertificateServicesClient-CredentialRoaming*", "Microsoft-Windows-CertificateServicesClient-Lifecycle-User*", "Microsoft-Windows-CAPI2*", "Microsoft-Windows-CertPoleEng*" )] [String]$channel, [Parameter(Mandatory = $false)] [String]$path = "Cert:\", [Parameter(Mandatory = $false)] [int]$nearlyExpiredThresholdInDays = 60 ) Import-Module Microsoft.PowerShell.Diagnostics -ErrorAction SilentlyContinue # Notes: $channelList must be in this format: #"Microsoft-Windows-CertificateServicesClient-Lifecycle-System*,Microsoft-Windows-CertificateServices-Deployment*, #Microsoft-Windows-CertificateServicesClient-CredentialRoaming*,Microsoft-Windows-CertificateServicesClient-Lifecycle-User*, #Microsoft-Windows-CAPI2*,Microsoft-Windows-CertPoleEng*" function Get-ChildLeafRecurse { param ( [Parameter(Mandatory = $true)] [String] $pspath ) try { Get-ChildItem -Path $pspath -ErrorAction SilentlyContinue |?{!$_.PSIsContainer} | Write-Output Get-ChildItem -Path $pspath -ErrorAction SilentlyContinue |?{$_.PSIsContainer} | %{ $location = "Cert:\$($_.location)"; if ($_.psChildName -ne $_.location) { $location += "\$($_.PSChildName)"; } Get-ChildLeafRecurse $location | % { Write-Output $_}; } } catch {} } $certCounts = New-Object -TypeName psobject $certs = Get-ChildLeafRecurse -pspath $path $channelList = $channel.split(",") $totalCount = 0 $x = Get-WinEvent -ListLog $channelList -Force -ErrorAction 'SilentlyContinue' for ($i = 0; $i -le $x.Count; $i++){ $totalCount += $x[$i].RecordCount; } $certCounts | add-member -Name "allCount" -Value $certs.length -MemberType NoteProperty $certCounts | add-member -Name "expiredCount" -Value ($certs | Where-Object {$_.NotAfter -lt [DateTime]::Now }).length -MemberType NoteProperty $certCounts | add-member -Name "nearExpiredCount" -Value ($certs | Where-Object { ($_.NotAfter -gt [DateTime]::Now ) -and ($_.NotAfter -lt [DateTime]::Now.AddDays($nearlyExpiredThresholdInDays) ) }).length -MemberType NoteProperty $certCounts | add-member -Name "eventCount" -Value $totalCount -MemberType NoteProperty $certCounts } <# .SYNOPSIS Script that enumerates all the certificates in the system. .DESCRIPTION Script that enumerates all the certificates in the system. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Readers .PARAMETER path This parameter is OPTIONAL. TODO .PARAMETER nearlyExpiredThresholdInDays This parameter is OPTIONAL. TODO .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-Certificates -path "Cert:\" -nearlyExpiredThresholdInDays 60 #> function Get-Certificates { param ( [String]$path = "Cert:\", [int]$nearlyExpiredThresholdInDays = 60 ) <############################################################################################# Helper functions. #############################################################################################> <# .Synopsis Name: Get-ChildLeafRecurse Description: Recursively enumerates each scope and store in Cert:\ drive. .Parameters $pspath: The initial pspath to use for creating whole path to certificate store. .Returns The constructed ps-path object. #> function Get-ChildLeafRecurse { param ( [Parameter(Mandatory = $true)] [String] $pspath ) try { Get-ChildItem -Path $pspath -ErrorAction SilentlyContinue |?{!$_.PSIsContainer} | Write-Output Get-ChildItem -Path $pspath -ErrorAction SilentlyContinue |?{$_.PSIsContainer} | %{ $location = "Cert:\$($_.location)"; if ($_.psChildName -ne $_.location) { $location += "\$($_.PSChildName)"; } Get-ChildLeafRecurse $location | % { Write-Output $_}; } } catch {} } <# .Synopsis Name: Compute-PublicKey Description: Computes public key algorithm and public key parameters .Parameters $cert: The original certificate object. .Returns A hashtable object of public key algorithm and public key parameters. #> function Compute-PublicKey { param ( [Parameter(Mandatory = $true)] [System.Security.Cryptography.X509Certificates.X509Certificate2] $cert ) $publicKeyInfo = @{} $publicKeyInfo["PublicKeyAlgorithm"] = "" $publicKeyInfo["PublicKeyParameters"] = "" if ($cert.PublicKey) { $publicKeyInfo["PublicKeyAlgorithm"] = $cert.PublicKey.Oid.FriendlyName $publicKeyInfo["PublicKeyParameters"] = $cert.PublicKey.EncodedParameters.Format($true) } $publicKeyInfo } <# .Synopsis Name: Compute-SignatureAlgorithm Description: Computes signature algorithm out of original certificate object. .Parameters $cert: The original certificate object. .Returns The signature algorithm friendly name. #> function Compute-SignatureAlgorithm { param ( [Parameter(Mandatory = $true)] [System.Security.Cryptography.X509Certificates.X509Certificate2] $cert ) $signatureAlgorithm = [System.String]::Empty if ($cert.SignatureAlgorithm) { $signatureAlgorithm = $cert.SignatureAlgorithm.FriendlyName; } $signatureAlgorithm } <# .Synopsis Name: Compute-PrivateKeyStatus Description: Computes private key exportable status. .Parameters $hasPrivateKey: A flag indicating certificate has a private key or not. $canExportPrivateKey: A flag indicating whether certificate can export a private key. .Returns Enum values "Exported" or "NotExported" #> function Compute-PrivateKeyStatus { param ( [Parameter(Mandatory = $true)] [bool] $hasPrivateKey, [Parameter(Mandatory = $true)] [bool] $canExportPrivateKey ) if (-not ($hasPrivateKey)) { $privateKeystatus = "None" } else { if ($canExportPrivateKey) { $privateKeystatus = "Exportable" } else { $privateKeystatus = "NotExportable" } } $privateKeystatus } <# .Synopsis Name: Compute-ExpirationStatus Description: Computes expiration status based on notAfter date. .Parameters $notAfter: A date object refering to certificate expiry date. .Returns Enum values "Expired", "NearlyExpired" and "Healthy" #> function Compute-ExpirationStatus { param ( [Parameter(Mandatory = $true)] [DateTime]$notAfter ) if ([DateTime]::Now -gt $notAfter) { $expirationStatus = "Expired" } else { $nearlyExpired = [DateTime]::Now.AddDays($nearlyExpiredThresholdInDays); if ($nearlyExpired -ge $notAfter) { $expirationStatus = "NearlyExpired" } else { $expirationStatus = "Healthy" } } $expirationStatus } <# .Synopsis Name: Compute-ArchivedStatus Description: Computes archived status of certificate. .Parameters $archived: A flag to represent archived status. .Returns Enum values "Archived" and "NotArchived" #> function Compute-ArchivedStatus { param ( [Parameter(Mandatory = $true)] [bool] $archived ) if ($archived) { $archivedStatus = "Archived" } else { $archivedStatus = "NotArchived" } $archivedStatus } <# .Synopsis Name: Compute-IssuedTo Description: Computes issued to field out of the certificate subject. .Parameters $subject: Full subject string of the certificate. .Returns Issued To authority name. #> function Compute-IssuedTo { param ( [String] $subject ) $issuedTo = [String]::Empty $issuedToRegex = "CN=(?<issuedTo>[^,?]+)" $matched = $subject -match $issuedToRegex if ($matched -and $Matches) { $issuedTo = $Matches["issuedTo"] } $issuedTo } <# .Synopsis Name: Compute-IssuerName Description: Computes issuer name of certificate. .Parameters $cert: The original cert object. .Returns The Issuer authority name. #> function Compute-IssuerName { param ( [Parameter(Mandatory = $true)] [System.Security.Cryptography.X509Certificates.X509Certificate2] $cert ) $issuerName = $cert.GetNameInfo([System.Security.Cryptography.X509Certificates.X509NameType]::SimpleName, $true) $issuerName } <# .Synopsis Name: Compute-CertificateName Description: Computes certificate name of certificate. .Parameters $cert: The original cert object. .Returns The certificate name. #> function Compute-CertificateName { param ( [Parameter(Mandatory = $true)] [System.Security.Cryptography.X509Certificates.X509Certificate2] $cert ) $certificateName = $cert.GetNameInfo([System.Security.Cryptography.X509Certificates.X509NameType]::SimpleName, $false) if (!$certificateName) { $certificateName = $cert.GetNameInfo([System.Security.Cryptography.X509Certificates.X509NameType]::DnsName, $false) } $certificateName } <# .Synopsis Name: Compute-Store Description: Computes certificate store name. .Parameters $pspath: The full certificate ps path of the certificate. .Returns The certificate store name. #> function Compute-Store { param ( [Parameter(Mandatory = $true)] [String] $pspath ) $pspath.Split('\')[2] } <# .Synopsis Name: Compute-Scope Description: Computes certificate scope/location name. .Parameters $pspath: The full certificate ps path of the certificate. .Returns The certificate scope/location name. #> function Compute-Scope { param ( [Parameter(Mandatory = $true)] [String] $pspath ) $pspath.Split('\')[1].Split(':')[2] } <# .Synopsis Name: Compute-Path Description: Computes certificate path. E.g. CurrentUser\My\<thumbprint> .Parameters $pspath: The full certificate ps path of the certificate. .Returns The certificate path. #> function Compute-Path { param ( [Parameter(Mandatory = $true)] [String] $pspath ) $pspath.Split(':')[2] } <# .Synopsis Name: EnhancedKeyUsage-List Description: Enhanced KeyUsage .Parameters $cert: The original cert object. .Returns Enhanced Key Usage. #> function EnhancedKeyUsage-List { param ( [Parameter(Mandatory = $true)] [System.Security.Cryptography.X509Certificates.X509Certificate2] $cert ) $usageString = '' foreach ( $usage in $cert.EnhancedKeyUsageList){ $usageString = $usageString + $usage.FriendlyName + ' ' + $usage.ObjectId + "`n" } $usageString } <# .Synopsis Name: Compute-Template Description: Compute template infomation of a certificate $certObject: The original certificate object. .Returns The certificate template if there is one otherwise empty string #> function Compute-Template { param ( [Parameter(Mandatory = $true)] [System.Security.Cryptography.X509Certificates.X509Certificate2] $cert ) $template = $cert.Extensions | Where-Object {$_.Oid.FriendlyName -match "Template"} if ($template) { $name = $template.Format(1).split('(')[0] if ($name) { $name -replace "Template=" } else { '' } } else { '' } } <# .Synopsis Name: Extract-CertInfo Description: Extracts certificate info by decoding different field and create a custom object. .Parameters $certObject: The original certificate object. .Returns The custom object for certificate. #> function Extract-CertInfo { param ( [Parameter(Mandatory = $true)] [System.Security.Cryptography.X509Certificates.X509Certificate2] $certObject ) $certInfo = @{} $certInfo["Archived"] = $(Compute-ArchivedStatus $certObject.Archived) $certInfo["CertificateName"] = $(Compute-CertificateName $certObject) $certInfo["EnhancedKeyUsage"] = $(EnhancedKeyUsage-List $certObject) #new $certInfo["FriendlyName"] = $certObject.FriendlyName $certInfo["IssuerName"] = $(Compute-IssuerName $certObject) $certInfo["IssuedTo"] = $(Compute-IssuedTo $certObject.Subject) $certInfo["Issuer"] = $certObject.Issuer #new $certInfo["NotAfter"] = $certObject.NotAfter $certInfo["NotBefore"] = $certObject.NotBefore $certInfo["Path"] = $(Compute-Path $certObject.PsPath) $certInfo["PrivateKey"] = $(Compute-PrivateKeyStatus -hasPrivateKey $certObject.CalculatedHasPrivateKey -canExportPrivateKey $certObject.CanExportPrivateKey) $publicKeyInfo = $(Compute-PublicKey $certObject) $certInfo["PublicKey"] = $publicKeyInfo.PublicKeyAlgorithm $certInfo["PublicKeyParameters"] = $publicKeyInfo.PublicKeyParameters $certInfo["Scope"] = $(Compute-Scope $certObject.PsPath) $certInfo["Store"] = $(Compute-Store $certObject.PsPath) $certInfo["SerialNumber"] = $certObject.SerialNumber $certInfo["Subject"] = $certObject.Subject $certInfo["Status"] = $(Compute-ExpirationStatus $certObject.NotAfter) $certInfo["SignatureAlgorithm"] = $(Compute-SignatureAlgorithm $certObject) $certInfo["Thumbprint"] = $certObject.Thumbprint $certInfo["Version"] = $certObject.Version $certInfo["Template"] = $(Compute-Template $certObject) $certInfo } <############################################################################################# Main script. #############################################################################################> $certificates = @() Get-ChildLeafRecurse $path | foreach { $cert = $_ $cert | Add-Member -Force -NotePropertyName "CalculatedHasPrivateKey" -NotePropertyValue $_.HasPrivateKey $exportable = $false if ($cert.HasPrivateKey) { [System.Security.Cryptography.CspParameters] $cspParams = new-object System.Security.Cryptography.CspParameters $contextField = $cert.GetType().GetField("m_safeCertContext", [Reflection.BindingFlags]::NonPublic -bor [Reflection.BindingFlags]::Instance) $privateKeyMethod = $cert.GetType().GetMethod("GetPrivateKeyInfo", [Reflection.BindingFlags]::NonPublic -bor [Reflection.BindingFlags]::Static) if ($contextField -and $privateKeyMethod) { $contextValue = $contextField.GetValue($cert) $privateKeyInfoAvailable = $privateKeyMethod.Invoke($cert, @($ContextValue, $cspParams)) if ($privateKeyInfoAvailable) { $PrivateKeyCount++ $csp = new-object System.Security.Cryptography.CspKeyContainerInfo -ArgumentList @($cspParams) if ($csp.Exportable) { $exportable = $true } } } else { $exportable = $true } } $cert | Add-Member -Force -NotePropertyName "CanExportPrivateKey" -NotePropertyValue $exportable $certificates += Extract-CertInfo $cert } $certificates } <# .SYNOPSIS Get Plug and Play device instances by using CIM provider. .DESCRIPTION Get Plug and Play device instances by using CIM provider. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Readers .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-CimPnpEntity #> function Get-CimPnpEntity { import-module CimCmdlets Get-CimInstance -Namespace root/cimv2 -ClassName Win32_PnPEntity } <# .SYNOPSIS Gets 'Machine' and 'User' environment variables. .DESCRIPTION Gets 'Machine' and 'User' environment variables. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Readers .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-EnvironmentVariables #> function Get-EnvironmentVariables { Set-StrictMode -Version 5.0 $data = @() $system = [Environment]::GetEnvironmentVariables([EnvironmentVariableTarget]::Machine) $user = [Environment]::GetEnvironmentVariables([EnvironmentVariableTarget]::User) foreach ($h in $system.GetEnumerator()) { $obj = [pscustomobject]@{"Name" = $h.Name; "Value" = $h.Value; "Type" = "Machine"} $data += $obj } foreach ($h in $user.GetEnumerator()) { $obj = [pscustomobject]@{"Name" = $h.Name; "Value" = $h.Value; "Type" = "User"} $data += $obj } $data } <# .SYNOPSIS Get the log summary (Name, Total) for the channel selected by using Get-WinEvent cmdlet. .DESCRIPTION Get the log summary (Name, Total) for the channel selected by using Get-WinEvent cmdlet. The supported Operating Systems are Window Server 2012, Windows Server 2012R2, Windows Server 2016. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Readers .PARAMETER channel This parameter is OPTIONAL. TODO .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-EventLogSummary #> function Get-EventLogSummary { Param( [string]$channel ) $ErrorActionPreference = 'SilentlyContinue' Import-Module Microsoft.PowerShell.Diagnostics; $channelList = $channel.split(",") Get-WinEvent -ListLog $channelList -Force -ErrorAction SilentlyContinue } <# .SYNOPSIS Get settings that apply to the per-profile configurations of the Windows Firewall with Advanced Security. .DESCRIPTION Get settings that apply to the per-profile configurations of the Windows Firewall with Advanced Security. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Readers .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-FirewallProfile #> function Get-FirewallProfile { Import-Module netsecurity Get-NetFirewallProfile -PolicyStore ActiveStore | Microsoft.PowerShell.Utility\Select-Object Name, Enabled, DefaultInboundAction, DefaultOutboundAction } <# .SYNOPSIS Get Firewall Rules. .DESCRIPTION Get Firewall Rules. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Readers .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-FirewallRules #> function Get-FirewallRules { Import-Module netsecurity $sidToPrincipalCache = @{}; function getPrincipalForSid($sid) { if ($sidToPrincipalCache.ContainsKey($sid)) { return $sidToPrincipalCache[$sid] } $propertyBag = @{} $propertyBag.userName = "" $propertyBag.domain = "" $propertyBag.principal = "" $propertyBag.ssid = $sid try{ $win32Sid = [WMI]"root\cimv2:win32_sid.sid='$sid'"; $propertyBag.userName = $win32Sid.AccountName; $propertyBag.domain = $win32Sid.ReferencedDomainName try { $objSID = New-Object System.Security.Principal.SecurityIdentifier($sid) try{ $objUser = $objSID.Translate( [System.Security.Principal.NTAccount]) $propertyBag.principal = $objUser.Value; } catch [System.Management.Automation.MethodInvocationException]{ # the sid couldn't be resolved } } catch [System.Management.Automation.MethodInvocationException]{ # the sid is invalid } } catch [System.Management.Automation.RuntimeException] { # failed to get the user info, which is ok, maybe an old SID } $object = New-Object -TypeName PSObject -Prop $propertyBag $sidToPrincipalCache.Add($sid, $object) return $object } function fillUserPrincipalsFromSddl($sddl, $allowedPrincipals, $skippedPrincipals) { if ($sddl -eq $null -or $sddl.count -eq 0) { return; } $entries = $sddl.split(@("(", ")")); foreach ($entry in $entries) { $entryChunks = $entry.split(";"); $sid = $entryChunks[$entryChunks.count - 1]; if ($entryChunks[0] -eq "A") { $allowed = getPrincipalForSid($sid); $allowedPrincipals.Add($allowed) > $null; } elseif ($entryChunks[0] -eq "D") { $skipped = getPrincipalForSid($sid); $skippedPrincipals.Add($skipped) > $null; } } } $stores = @('PersistentStore','RSOP'); $allRules = @() foreach ($store in $stores){ $rules = (Get-NetFirewallRule -PolicyStore $store) $rulesHash = @{} $rules | foreach { $newRule = ($_ | Microsoft.PowerShell.Utility\Select-Object ` instanceId, ` name, ` displayName, ` description, ` displayGroup, ` group, ` @{Name="enabled"; Expression={$_.Enabled -eq [Microsoft.PowerShell.Cmdletization.GeneratedTypes.NetSecurity.Enabled]::True}}, ` profiles, ` platform, ` direction, ` action, ` edgeTraversalPolicy, ` looseSourceMapping, ` localOnlyMapping, ` owner, ` primaryStatus, ` status, ` enforcementStatus, ` policyStoreSource, ` policyStoreSourceType, ` @{Name="policyStore"; Expression={$store}}, ` @{Name="addressFilter"; Expression={""}}, ` @{Name="applicationFilter"; Expression={""}}, ` @{Name="interfaceFilter"; Expression={""}}, ` @{Name="interfaceTypeFilter"; Expression={""}}, ` @{Name="portFilter"; Expression={""}}, ` @{Name="securityFilter"; Expression={""}}, ` @{Name="serviceFilter"; Expression={""}}) $rulesHash[$_.CreationClassName] = $newRule $allRules += $newRule } $addressFilters = (Get-NetFirewallAddressFilter -PolicyStore $store) $applicationFilters = (Get-NetFirewallApplicationFilter -PolicyStore $store) $interfaceFilters = (Get-NetFirewallInterfaceFilter -PolicyStore $store) $interfaceTypeFilters = (Get-NetFirewallInterfaceTypeFilter -PolicyStore $store) $portFilters = (Get-NetFirewallPortFilter -PolicyStore $store) $securityFilters = (Get-NetFirewallSecurityFilter -PolicyStore $store) $serviceFilters = (Get-NetFirewallServiceFilter -PolicyStore $store) $addressFilters | ForEach-Object { $newAddressFilter = $_ | Microsoft.PowerShell.Utility\Select-Object localAddress, remoteAddress; $newAddressFilter.localAddress = @($newAddressFilter.localAddress) $newAddressFilter.remoteAddress = @($newAddressFilter.remoteAddress) $rule = $rulesHash[$_.CreationClassName]; if ($rule){ $rule.addressFilter = $newAddressFilter } } $applicationFilters | ForEach-Object { $newApplicationFilter = $_ | Microsoft.PowerShell.Utility\Select-Object program, package; $rule = $rulesHash[$_.CreationClassName]; if ($rule){ $rule.applicationFilter = $newApplicationFilter } } $interfaceFilters | ForEach-Object { $newInterfaceFilter = $_ | Microsoft.PowerShell.Utility\Select-Object @{Name="interfaceAlias"; Expression={}}; $newInterfaceFilter.interfaceAlias = @($_.interfaceAlias); $rule = $rulesHash[$_.CreationClassName]; if ($rule){ $rule.interfaceFilter = $newInterfaceFilter } } $interfaceTypeFilters | foreach { $newInterfaceTypeFilter = $_ | Microsoft.PowerShell.Utility\Select-Object @{Name="interfaceType"; Expression={}}; $newInterfaceTypeFilter.interfaceType = $_.PSbase.CimInstanceProperties["InterfaceType"].Value; $rule = $rulesHash[$_.CreationClassName]; if ($rule){ $rule.interfaceTypeFilter = $newInterfaceTypeFilter } } $portFilters | foreach { $newPortFilter = $_ | Microsoft.PowerShell.Utility\Select-Object dynamicTransport, icmpType, localPort, remotePort, protocol; $newPortFilter.localPort = @($newPortFilter.localPort); $newPortFilter.remotePort = @($newPortFilter.remotePort); $newPortFilter.icmpType = @($newPortFilter.icmpType); $rule = $rulesHash[$_.CreationClassName]; if ($rule){ $rule.portFilter = $newPortFilter } } $securityFilters | ForEach-Object { $allowedLocalUsers = New-Object System.Collections.ArrayList; $skippedLocalUsers = New-Object System.Collections.ArrayList; fillUserPrincipalsFromSddl -sddl $_.localUser -allowedprincipals $allowedLocalUsers -skippedPrincipals $skippedLocalUsers; $allowedRemoteMachines = New-Object System.Collections.ArrayList; $skippedRemoteMachines = New-Object System.Collections.ArrayList; fillUserPrincipalsFromSddl -sddl $_.remoteMachine -allowedprincipals $allowedRemoteMachines -skippedPrincipals $skippedRemoteMachines; $allowedRemoteUsers = New-Object System.Collections.ArrayList; $skippedRemoteUsers = New-Object System.Collections.ArrayList; fillUserPrincipalsFromSddl -sddl $_.remoteUser -allowedprincipals $allowedRemoteUsers -skippedPrincipals $skippedRemoteUsers; $newSecurityFilter = $_ | Microsoft.PowerShell.Utility\Select-Object authentication, ` encryption, ` overrideBlockRules, ` @{Name="allowedLocalUsers"; Expression={}}, ` @{Name="skippedLocalUsers"; Expression={}}, ` @{Name="allowedRemoteMachines"; Expression={}}, ` @{Name="skippedRemoteMachines"; Expression={}}, ` @{Name="allowedRemoteUsers"; Expression={}}, ` @{Name="skippedRemoteUsers"; Expression={}}; $newSecurityFilter.allowedLocalUsers = $allowedLocalUsers.ToArray() $newSecurityFilter.skippedLocalUsers = $skippedLocalUsers.ToArray() $newSecurityFilter.allowedRemoteMachines = $allowedRemoteMachines.ToArray() $newSecurityFilter.skippedRemoteMachines = $skippedRemoteMachines.ToArray() $newSecurityFilter.allowedRemoteUsers = $allowedRemoteUsers.ToArray() $newSecurityFilter.skippedRemoteUsers = $skippedRemoteUsers.ToArray() $rule = $rulesHash[$_.CreationClassName]; if ($rule){ $rule.securityFilter = $newSecurityFilter } } $serviceFilters | ForEach-Object { $newServiceFilter = $_ | Microsoft.PowerShell.Utility\Select-Object serviceName; $rule = $rulesHash[$_.CreationClassName]; if ($rule){ $rule.serviceFilter = $newServiceFilter } } } $allRules } <# .SYNOPSIS Get all IPs within the specified range. .DESCRIPTION See .SYNOPSIS .PARAMETER start This parameter is OPTIONAL. TODO .PARAMETER end This parameter is OPTIONAL. TODO .PARAMETER ip This parameter is OPTIONAL. TODO .PARAMETER mask This parameter is OPTIONAL. TODO .PARAMETER cidr This parameter is OPTIONAL. TODO .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-IPRange -Start 192.168.2.4 -End 192.168.2.50 #> function Get-IPRange { [CmdletBinding()] param ( [string]$start, [string]$end, [string]$ip, [string]$mask, [int]$cidr ) function IP-toINT64 () { param ($ip) $octets = $ip.split(".") return [int64]([int64]$octets[0]*16777216 +[int64]$octets[1]*65536 +[int64]$octets[2]*256 +[int64]$octets[3]) } function INT64-toIP() { param ([int64]$int) return (([math]::truncate($int/16777216)).tostring()+"."+([math]::truncate(($int%16777216)/65536)).tostring()+"."+([math]::truncate(($int%65536)/256)).tostring()+"."+([math]::truncate($int%256)).tostring() ) } if ($ip) {$ipaddr = [Net.IPAddress]::Parse($ip)} if ($cidr) {$maskaddr = [Net.IPAddress]::Parse((INT64-toIP -int ([convert]::ToInt64(("1"*$cidr+"0"*(32-$cidr)),2)))) } if ($mask) {$maskaddr = [Net.IPAddress]::Parse($mask)} if ($ip) {$networkaddr = new-object net.ipaddress ($maskaddr.address -band $ipaddr.address)} if ($ip) {$broadcastaddr = new-object net.ipaddress (([system.net.ipaddress]::parse("255.255.255.255").address -bxor $maskaddr.address -bor $networkaddr.address))} if ($ip) { $startaddr = IP-toINT64 -ip $networkaddr.ipaddresstostring $endaddr = IP-toINT64 -ip $broadcastaddr.ipaddresstostring } else { $startaddr = IP-toINT64 -ip $start $endaddr = IP-toINT64 -ip $end } for ($i = $startaddr; $i -le $endaddr; $i++) { INT64-toIP -int $i } } <# .SYNOPSIS Gets the local groups. .DESCRIPTION Gets the local groups. The supported Operating Systems are Window Server 2012, Windows Server 2012R2, Windows Server 2016. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Readers .PARAMETER SID This parameter is OPTIONAL. TODO .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-LocalGroups #> function Get-LocalGroups { param ( [Parameter(Mandatory = $false)] [String] $SID ) Import-Module Microsoft.PowerShell.LocalAccounts -ErrorAction SilentlyContinue $isWinServer2016OrNewer = [Environment]::OSVersion.Version.Major -ge 10; # ADSI does NOT support 2016 Nano, meanwhile New-LocalUser, Get-LocalUser, Set-LocalUser do NOT support downlevel if ($SID) { if ($isWinServer2016OrNewer) { Get-LocalGroup -SID $SID | Select-Object Description,Name,SID,ObjectClass | foreach { [pscustomobject]@{ Description = $_.Description Name = $_.Name SID = $_.SID.Value ObjectClass = $_.ObjectClass Members = Get-LocalGroupUsers -group $_.Name } } } else { Get-WmiObject -Class Win32_Group -Filter "LocalAccount='True' AND SID='$SID'" | Select-Object Description,Name,SID,ObjectClass | foreach { [pscustomobject]@{ Description = $_.Description Name = $_.Name SID = $_.SID ObjectClass = $_.ObjectClass Members = Get-LocalGroupUsers -group $_.Name } } } } else { if ($isWinServer2016OrNewer) { Get-LocalGroup | Microsoft.PowerShell.Utility\Select-Object Description,Name,SID,ObjectClass | foreach { [pscustomobject]@{ Description = $_.Description Name = $_.Name SID = $_.SID.Value ObjectClass = $_.ObjectClass Members = Get-LocalGroupUsers -group $_.Name } } } else { Get-WmiObject -Class Win32_Group -Filter "LocalAccount='True'" | Microsoft.PowerShell.Utility\Select-Object Description,Name,SID,ObjectClass | foreach { [pscustomobject]@{ Description = $_.Description Name = $_.Name SID = $_.SID ObjectClass = $_.ObjectClass Members = Get-LocalGroupUsers -group $_.Name } } } } } <# .SYNOPSIS Get users belong to group. .DESCRIPTION Get users belong to group. The supported Operating Systems are Window Server 2012, Windows Server 2012R2, Windows Server 2016. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Readers .PARAMETER group This parameter is MANDATORY. TODO .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-LocalGroupUsers -group Administrators #> function Get-LocalGroupUsers { param ( [Parameter(Mandatory = $true)] [String] $group ) # ADSI does NOT support 2016 Nano, meanwhile Get-LocalGroupMember does NOT support downlevel and also has bug $ComputerName = $env:COMPUTERNAME try { $groupconnection = [ADSI]("WinNT://localhost/$group,group") $contents = $groupconnection.Members() | ForEach-Object { $path=$_.GetType().InvokeMember("ADsPath", "GetProperty", $NULL, $_, $NULL) # $path will looks like: # WinNT://ComputerName/Administrator # WinNT://DomainName/Domain Admins # Find out if this is a local or domain object and trim it accordingly if ($path -like "*/$ComputerName/*"){ $start = 'WinNT://' + $ComputerName + '/' } else { $start = 'WinNT://' } $name = $path.Substring($start.length) $name.Replace('/', '\') #return name here } return $contents } catch { # if above block failed (say in 2016Nano), use another cmdlet # clear existing error info from try block $Error.Clear() #There is a known issue, in some situation Get-LocalGroupMember return: Failed to compare two elements in the array. $contents = Get-LocalGroupMember -group $group $names = $contents.Name | ForEach-Object { $name = $_ if ($name -like "$ComputerName\*") { $name = $name.Substring($ComputerName.length+1) } $name } return $names } } <# .SYNOPSIS Get a local user belong to group list. .DESCRIPTION Get a local user belong to group list. The supported Operating Systems are Window Server 2012, Windows Server 2012R2, Windows Server 2016. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Readers .PARAMETER UserName This parameter is MANDATORY. TODO .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-LocalUserBelongGroups -UserName jsmith #> function Get-LocalUserBelongGroups { param ( [Parameter(Mandatory = $true)] [String] $UserName ) Import-Module CimCmdlets -ErrorAction SilentlyContinue $operatingSystem = Get-CimInstance Win32_OperatingSystem $version = [version]$operatingSystem.Version # product type 3 is server, version number ge 10 is server 2016 $isWinServer2016OrNewer = ($operatingSystem.ProductType -eq 3) -and ($version -ge '10.0') # ADSI does NOT support 2016 Nano, meanwhile net localgroup do NOT support downlevel "net : System error 1312 has occurred." # Step 1: get the list of local groups if ($isWinServer2016OrNewer) { $grps = net localgroup | Where-Object {$_ -AND $_ -match "^[*]"} # group member list as "*%Fws\r\n" $groups = $grps.trim('*') } else { $grps = Get-WmiObject -Class Win32_Group -Filter "LocalAccount='True'" | Microsoft.PowerShell.Utility\Select-Object Name $groups = $grps.Name } # Step 2: in each group, list members and find match to target $UserName $groupNames = @() $regex = '^' + $UserName + '\b' foreach ($group in $groups) { $found = $false #find group members if ($isWinServer2016OrNewer) { $members = net localgroup $group | Where-Object {$_ -AND $_ -notmatch "command completed successfully"} | Microsoft.PowerShell.Utility\Select-Object -skip 4 if ($members -AND $members.contains($UserName)) { $found = $true } } else { $groupconnection = [ADSI]("WinNT://localhost/$group,group") $members = $groupconnection.Members() ForEach ($member in $members) { $name = $member.GetType().InvokeMember("Name", "GetProperty", $NULL, $member, $NULL) if ($name -AND ($name -match $regex)) { $found = $true break } } } #if members contains $UserName, add group name to list if ($found) { $groupNames = $groupNames + $group } } return $groupNames } <# .SYNOPSIS Gets the local users. .DESCRIPTION Gets the local users. The supported Operating Systems are Window Server 2012, Windows Server 2012R2, Windows Server 2016. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Readers .PARAMETER SID This parameter is OPTIONAL. TODO .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-LocalUsers #> function Get-LocalUsers { param ( [Parameter(Mandatory = $false)] [String] $SID ) $isWinServer2016OrNewer = [Environment]::OSVersion.Version.Major -ge 10; # ADSI does NOT support 2016 Nano, meanwhile New-LocalUser, Get-LocalUser, Set-LocalUser do NOT support downlevel if ($SID) { if ($isWinServer2016OrNewer) { Get-LocalUser -SID $SID | Microsoft.PowerShell.Utility\Select-Object @( "AccountExpires", "Description", "Enabled", "FullName", "LastLogon", "Name", "ObjectClass", "PasswordChangeableDate", "PasswordExpires", "PasswordLastSet", "PasswordRequired", "SID", "UserMayChangePassword" ) | foreach { [pscustomobject]@{ AccountExpires = $_.AccountExpires Description = $_.Description Enabled = $_.Enabled FullName = $_.FullName LastLogon = $_.LastLogon Name = $_.Name GroupMembership = Get-LocalUserBelongGroups -UserName $_.Name ObjectClass = $_.ObjectClass PasswordChangeableDate = $_.PasswordChangeableDate PasswordExpires = $_.PasswordExpires PasswordLastSet = $_.PasswordLastSet PasswordRequired = $_.PasswordRequired SID = $_.SID.Value UserMayChangePassword = $_.UserMayChangePassword } } } else { Get-WmiObject -Class Win32_UserAccount -Filter "LocalAccount='True' AND SID='$SID'" | Microsoft.PowerShell.Utility\Select-Object @( "AccountExpirationDate", "Description", "Disabled" "FullName", "LastLogon", "Name", "ObjectClass", "PasswordChangeableDate", "PasswordExpires", "PasswordLastSet", "PasswordRequired", "SID", "PasswordChangeable" ) | foreach { [pscustomobject]@{ AccountExpires = $_.AccountExpirationDate Description = $_.Description Enabled = !$_.Disabled FullName = $_.FullName LastLogon = $_.LastLogon Name = $_.Name GroupMembership = Get-LocalUserBelongGroups -UserName $_.Name ObjectClass = $_.ObjectClass PasswordChangeableDate = $_.PasswordChangeableDate PasswordExpires = $_.PasswordExpires PasswordLastSet = $_.PasswordLastSet PasswordRequired = $_.PasswordRequired SID = $_.SID.Value UserMayChangePassword = $_.PasswordChangeable } } } } else { if ($isWinServer2016OrNewer) { Get-LocalUser | Microsoft.PowerShell.Utility\Select-Object @( "AccountExpires", "Description", "Enabled", "FullName", "LastLogon", "Name", "ObjectClass", "PasswordChangeableDate", "PasswordExpires", "PasswordLastSet", "PasswordRequired", "SID", "UserMayChangePassword" ) | foreach { [pscustomobject]@{ AccountExpires = $_.AccountExpires Description = $_.Description Enabled = $_.Enabled FullName = $_.FullName LastLogon = $_.LastLogon Name = $_.Name GroupMembership = Get-LocalUserBelongGroups -UserName $_.Name ObjectClass = $_.ObjectClass PasswordChangeableDate = $_.PasswordChangeableDate PasswordExpires = $_.PasswordExpires PasswordLastSet = $_.PasswordLastSet PasswordRequired = $_.PasswordRequired SID = $_.SID.Value UserMayChangePassword = $_.UserMayChangePassword } } } else { Get-WmiObject -Class Win32_UserAccount -Filter "LocalAccount='True'" | Microsoft.PowerShell.Utility\Select-Object @( "AccountExpirationDate", "Description", "Disabled" "FullName", "LastLogon", "Name", "ObjectClass", "PasswordChangeableDate", "PasswordExpires", "PasswordLastSet", "PasswordRequired", "SID", "PasswordChangeable" ) | foreach { [pscustomobject]@{ AccountExpires = $_.AccountExpirationDate Description = $_.Description Enabled = !$_.Disabled FullName = $_.FullName LastLogon = $_.LastLogon Name = $_.Name GroupMembership = Get-LocalUserBelongGroups -UserName $_.Name ObjectClass = $_.ObjectClass PasswordChangeableDate = $_.PasswordChangeableDate PasswordExpires = $_.PasswordExpires PasswordLastSet = $_.PasswordLastSet PasswordRequired = $_.PasswordRequired SID = $_.SID.Value UserMayChangePassword = $_.PasswordChangeable } } } } } <# .SYNOPSIS Gets the network ip configuration. .DESCRIPTION Gets the network ip configuration. The supported Operating Systems are Window Server 2012, Windows Server 2012R2, Windows Server 2016. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Readers .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-Certificates -path "Cert:\" -nearlyExpiredThresholdInDays 60 #> function Get-Networks { Import-Module NetAdapter Import-Module NetTCPIP Import-Module DnsClient Set-StrictMode -Version 5.0 $ErrorActionPreference = 'SilentlyContinue' # Get all net information $netAdapter = Get-NetAdapter # conditions used to select the proper ip address for that object modeled after ibiza method. # We only want manual (set by user manually), dhcp (set up automatically with dhcp), or link (set from link address) # fe80 is the prefix for link local addresses, so that is the format want if the suffix origin is link # SkipAsSource -eq zero only grabs ip addresses with skipassource set to false so we only get the preffered ip address $ipAddress = Get-NetIPAddress | Where-Object { ($_.SuffixOrigin -eq 'Manual') -or ($_.SuffixOrigin -eq 'Dhcp') -or (($_.SuffixOrigin -eq 'Link') -and (($_.IPAddress.StartsWith('fe80:')) -or ($_.IPAddress.StartsWith('2001:')))) } $netIPInterface = Get-NetIPInterface $netRoute = Get-NetRoute -PolicyStore ActiveStore $dnsServer = Get-DnsClientServerAddress # Load in relevant net information by name Foreach ($currentNetAdapter in $netAdapter) { $result = New-Object PSObject # Net Adapter information $result | Add-Member -MemberType NoteProperty -Name 'InterfaceAlias' -Value $currentNetAdapter.InterfaceAlias $result | Add-Member -MemberType NoteProperty -Name 'InterfaceIndex' -Value $currentNetAdapter.InterfaceIndex $result | Add-Member -MemberType NoteProperty -Name 'InterfaceDescription' -Value $currentNetAdapter.InterfaceDescription $result | Add-Member -MemberType NoteProperty -Name 'Status' -Value $currentNetAdapter.Status $result | Add-Member -MemberType NoteProperty -Name 'MacAddress' -Value $currentNetAdapter.MacAddress $result | Add-Member -MemberType NoteProperty -Name 'LinkSpeed' -Value $currentNetAdapter.LinkSpeed # Net IP Address information # Primary addresses are used for outgoing calls so SkipAsSource is false (0) # Should only return one if properly configured, but it is possible to set multiple, so collect all $primaryIPv6Addresses = $ipAddress | Where-Object {($_.InterfaceAlias -eq $currentNetAdapter.Name) -and ($_.AddressFamily -eq 'IPv6') -and ($_.SkipAsSource -eq 0)} if ($primaryIPv6Addresses) { $ipArray = New-Object System.Collections.ArrayList $linkLocalArray = New-Object System.Collections.ArrayList Foreach ($address in $primaryIPv6Addresses) { if ($address -ne $null -and $address.IPAddress -ne $null -and $address.IPAddress.StartsWith('fe80')) { $linkLocalArray.Add(($address.IPAddress, $address.PrefixLength)) > $null } else { $ipArray.Add(($address.IPAddress, $address.PrefixLength)) > $null } } $result | Add-Member -MemberType NoteProperty -Name 'PrimaryIPv6Address' -Value $ipArray $result | Add-Member -MemberType NoteProperty -Name 'LinkLocalIPv6Address' -Value $linkLocalArray } $primaryIPv4Addresses = $ipAddress | Where-Object {($_.InterfaceAlias -eq $currentNetAdapter.Name) -and ($_.AddressFamily -eq 'IPv4') -and ($_.SkipAsSource -eq 0)} if ($primaryIPv4Addresses) { $ipArray = New-Object System.Collections.ArrayList Foreach ($address in $primaryIPv4Addresses) { $ipArray.Add(($address.IPAddress, $address.PrefixLength)) > $null } $result | Add-Member -MemberType NoteProperty -Name 'PrimaryIPv4Address' -Value $ipArray } # Secondary addresses are not used for outgoing calls so SkipAsSource is true (1) # There will usually not be secondary addresses, but collect them just in case $secondaryIPv6Adresses = $ipAddress | Where-Object {($_.InterfaceAlias -eq $currentNetAdapter.Name) -and ($_.AddressFamily -eq 'IPv6') -and ($_.SkipAsSource -eq 1)} if ($secondaryIPv6Adresses) { $ipArray = New-Object System.Collections.ArrayList Foreach ($address in $secondaryIPv6Adresses) { $ipArray.Add(($address.IPAddress, $address.PrefixLength)) > $null } $result | Add-Member -MemberType NoteProperty -Name 'SecondaryIPv6Address' -Value $ipArray } $secondaryIPv4Addresses = $ipAddress | Where-Object {($_.InterfaceAlias -eq $currentNetAdapter.Name) -and ($_.AddressFamily -eq 'IPv4') -and ($_.SkipAsSource -eq 1)} if ($secondaryIPv4Addresses) { $ipArray = New-Object System.Collections.ArrayList Foreach ($address in $secondaryIPv4Addresses) { $ipArray.Add(($address.IPAddress, $address.PrefixLength)) > $null } $result | Add-Member -MemberType NoteProperty -Name 'SecondaryIPv4Address' -Value $ipArray } # Net IP Interface information $currentDhcpIPv4 = $netIPInterface | Where-Object {($_.InterfaceAlias -eq $currentNetAdapter.Name) -and ($_.AddressFamily -eq 'IPv4')} if ($currentDhcpIPv4) { $result | Add-Member -MemberType NoteProperty -Name 'DhcpIPv4' -Value $currentDhcpIPv4.Dhcp $result | Add-Member -MemberType NoteProperty -Name 'IPv4Enabled' -Value $true } else { $result | Add-Member -MemberType NoteProperty -Name 'IPv4Enabled' -Value $false } $currentDhcpIPv6 = $netIPInterface | Where-Object {($_.InterfaceAlias -eq $currentNetAdapter.Name) -and ($_.AddressFamily -eq 'IPv6')} if ($currentDhcpIPv6) { $result | Add-Member -MemberType NoteProperty -Name 'DhcpIPv6' -Value $currentDhcpIPv6.Dhcp $result | Add-Member -MemberType NoteProperty -Name 'IPv6Enabled' -Value $true } else { $result | Add-Member -MemberType NoteProperty -Name 'IPv6Enabled' -Value $false } # Net Route information # destination prefix for selected ipv6 address is always ::/0 $currentIPv6DefaultGateway = $netRoute | Where-Object {($_.InterfaceAlias -eq $currentNetAdapter.Name) -and ($_.DestinationPrefix -eq '::/0')} if ($currentIPv6DefaultGateway) { $ipArray = New-Object System.Collections.ArrayList Foreach ($address in $currentIPv6DefaultGateway) { if ($address.NextHop) { $ipArray.Add($address.NextHop) > $null } } $result | Add-Member -MemberType NoteProperty -Name 'IPv6DefaultGateway' -Value $ipArray } # destination prefix for selected ipv4 address is always 0.0.0.0/0 $currentIPv4DefaultGateway = $netRoute | Where-Object {($_.InterfaceAlias -eq $currentNetAdapter.Name) -and ($_.DestinationPrefix -eq '0.0.0.0/0')} if ($currentIPv4DefaultGateway) { $ipArray = New-Object System.Collections.ArrayList Foreach ($address in $currentIPv4DefaultGateway) { if ($address.NextHop) { $ipArray.Add($address.NextHop) > $null } } $result | Add-Member -MemberType NoteProperty -Name 'IPv4DefaultGateway' -Value $ipArray } # DNS information # dns server util code for ipv4 is 2 $currentIPv4DnsServer = $dnsServer | Where-Object {($_.InterfaceAlias -eq $currentNetAdapter.Name) -and ($_.AddressFamily -eq 2)} if ($currentIPv4DnsServer) { $ipArray = New-Object System.Collections.ArrayList Foreach ($address in $currentIPv4DnsServer) { if ($address.ServerAddresses) { $ipArray.Add($address.ServerAddresses) > $null } } $result | Add-Member -MemberType NoteProperty -Name 'IPv4DNSServer' -Value $ipArray } # dns server util code for ipv6 is 23 $currentIPv6DnsServer = $dnsServer | Where-Object {($_.InterfaceAlias -eq $currentNetAdapter.Name) -and ($_.AddressFamily -eq 23)} if ($currentIPv6DnsServer) { $ipArray = New-Object System.Collections.ArrayList Foreach ($address in $currentIPv6DnsServer) { if ($address.ServerAddresses) { $ipArray.Add($address.ServerAddresses) > $null } } $result | Add-Member -MemberType NoteProperty -Name 'IPv6DNSServer' -Value $ipArray } $adapterGuid = $currentNetAdapter.InterfaceGuid if ($adapterGuid) { $regPath = "Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\$($adapterGuid)" $ipv4Properties = Get-ItemProperty $regPath if ($ipv4Properties -and $ipv4Properties.NameServer) { $result | Add-Member -MemberType NoteProperty -Name 'IPv4DnsManuallyConfigured' -Value $true } else { $result | Add-Member -MemberType NoteProperty -Name 'IPv4DnsManuallyConfigured' -Value $false } $regPath = "Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\Interfaces\$($adapterGuid)" $ipv6Properties = Get-ItemProperty $regPath if ($ipv6Properties -and $ipv6Properties.NameServer) { $result | Add-Member -MemberType NoteProperty -Name 'IPv6DnsManuallyConfigured' -Value $true } else { $result | Add-Member -MemberType NoteProperty -Name 'IPv6DnsManuallyConfigured' -Value $false } } $result } } <# .SYNOPSIS Retrieves the updates waiting to be installed from WSUS .DESCRIPTION Retrieves the updates waiting to be installed from WSUS .PARAMETER Computername Computer or computers to find updates for. .EXAMPLE Get-PendingUpdates Description ----------- Retrieves the updates that are available to install on the local system .NOTES Author: Boe Prox #> Function Get-PendingUpdates { [CmdletBinding(DefaultParameterSetName = 'computer')] Param ( [Parameter(ValueFromPipeline = $True)] [string[]]$ComputerName = $env:COMPUTERNAME ) Process { foreach ($computer in $Computername) { If (Test-Connection -ComputerName $computer -Count 1 -Quiet) { Try { # Create Session COM object Write-Verbose "Creating COM object for WSUS Session" $updatesession = [activator]::CreateInstance([type]::GetTypeFromProgID("Microsoft.Update.Session",$computer)) } Catch { Write-Warning "$($Error[0])" Break } # Configure Session COM Object Write-Verbose "Creating COM object for WSUS update Search" $updatesearcher = $updatesession.CreateUpdateSearcher() # Configure Searcher object to look for Updates awaiting installation Write-Verbose "Searching for WSUS updates on client" $searchresult = $updatesearcher.Search("IsInstalled=0") # Verify if Updates need installed Write-Verbose "Verifing that updates are available to install" If ($searchresult.Updates.Count -gt 0) { # Updates are waiting to be installed Write-Verbose "Found $($searchresult.Updates.Count) update\s!" # Cache the count to make the For loop run faster $count = $searchresult.Updates.Count # Begin iterating through Updates available for installation Write-Verbose "Iterating through list of updates" For ($i=0; $i -lt $Count; $i++) { # Create object holding update $Update = $searchresult.Updates.Item($i) [pscustomobject]@{ Computername = $Computer Title = $Update.Title KB = $($Update.KBArticleIDs) SecurityBulletin = $($Update.SecurityBulletinIDs) MsrcSeverity = $Update.MsrcSeverity IsDownloaded = $Update.IsDownloaded Url = $($Update.MoreInfoUrls) Categories = ($Update.Categories | Select-Object -ExpandProperty Name) BundledUpdates = @($Update.BundledUpdates) | foreach { [pscustomobject]@{ Title = $_.Title DownloadUrl = @($_.DownloadContents).DownloadUrl } } } } } Else { #Nothing to install at this time Write-Verbose "No updates to install." } } Else { #Nothing to install at this time Write-Warning "$($c): Offline" } } } } <# .SYNOPSIS Gets information about the processes running in computer. .DESCRIPTION Gets information about the processes running in computer. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Readers .COMPONENT ProcessList_Body .PARAMETER isLocal This parameter is MANDATORY. TODO .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-Processes -isLocal $True #> function Get-Processes { param ( [Parameter(Mandatory = $true)] [boolean] $isLocal ) Import-Module CimCmdlets -ErrorAction SilentlyContinue $processes = Get-CimInstance -Namespace root/Microsoft/Windows/ManagementTools -ClassName Msft_MTProcess $powershellProcessList = @{} $powerShellProcesses = Get-Process -ErrorAction SilentlyContinue foreach ($process in $powerShellProcesses) { $powershellProcessList.Add([int]$process.Id, $process) } if ($isLocal) { # critical processes taken from task manager code # https://microsoft.visualstudio.com/_git/os?path=%2Fbase%2Fdiagnosis%2Fpdui%2Fatm%2FApplications.cpp&version=GBofficial%2Frs_fun_flight&_a=contents&line=44&lineStyle=plain&lineEnd=59&lineStartColumn=1&lineEndColumn=3 $criticalProcesses = ( "$($env:windir)\system32\winlogon.exe", "$($env:windir)\system32\wininit.exe", "$($env:windir)\system32\csrss.exe", "$($env:windir)\system32\lsass.exe", "$($env:windir)\system32\smss.exe", "$($env:windir)\system32\services.exe", "$($env:windir)\system32\taskeng.exe", "$($env:windir)\system32\taskhost.exe", "$($env:windir)\system32\dwm.exe", "$($env:windir)\system32\conhost.exe", "$($env:windir)\system32\svchost.exe", "$($env:windir)\system32\sihost.exe", "$($env:ProgramFiles)\Windows Defender\msmpeng.exe", "$($env:ProgramFiles)\Windows Defender\nissrv.exe", "$($env:ProgramFiles)\Windows Defender\nissrv.exe", "$($env:windir)\explorer.exe" ) $sidebarPath = "$($end:ProgramFiles)\Windows Sidebar\sidebar.exe" $appFrameHostPath = "$($env:windir)\system32\ApplicationFrameHost.exe" $edgeProcesses = ( "$($env:windir)\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe", "$($env:windir)\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe", "$($env:windir)\system32\browser_broker.exe" ) foreach ($process in $processes) { if ($powershellProcessList.ContainsKey([int]$process.ProcessId)) { $psProcess = $powershellProcessList.Get_Item([int]$process.ProcessId) $hasChildWindow = $psProcess -ne $null -and $psProcess.MainWindowHandle -ne 0 $process | Add-Member -MemberType NoteProperty -Name "HasChildWindow" -Value $hasChildWindow if ($psProcess.MainModule -and $psProcess.MainModule.FileVersionInfo) { $process | Add-Member -MemberType NoteProperty -Name "FileDescription" -Value $psProcess.MainModule.FileVersionInfo.FileDescription } } if ($edgeProcesses -contains $nativeProcess.executablePath) { # special handling for microsoft edge used by task manager # group all edge processes into applications $edgeLabel = 'Microsoft Edge' if ($process.fileDescription) { $process.fileDescription = $edgeLabel } else { $process | Add-Member -MemberType NoteProperty -Name "FileDescription" -Value $edgeLabel } $processType = 'application' } elseif ($criticalProcesses -contains $nativeProcess.executablePath ` -or (($nativeProcess.executablePath -eq $null -or $nativeProcess.executablePath -eq '') -and $null -ne ($criticalProcesses | ? {$_ -match $nativeProcess.name})) ) { # process is windows if its executable path is a critical process, defined by Task Manager # if the process has no executable path recorded, fallback to use the name to match to critical process $processType = 'windows' } elseif (($nativeProcess.hasChildWindow -and $nativeProcess.executablePath -ne $appFrameHostPath) -or $nativeProcess.executablePath -eq $sidebarPath) { # sidebar.exe, or has child window (excluding ApplicationFrameHost.exe) $processType = 'application' } else { $processType = 'background' } $process | Add-Member -MemberType NoteProperty -Name "ProcessType" -Value $processType } } $processes } <# .SYNOPSIS This function starts a PowerShell Universal Dashboard (Web-based GUI) instance on the specified port on the localhost. The Dashboard features a Network Monitor tool that pings the specified Remote Hosts in your Domain every 5 seconds and reports the results to the site. .DESCRIPTION See .SYNOPSIS .PARAMETER Port This parameter is OPTIONAL, however, it has a default value of 80. This parameter takes an integer between 1 and 32768 that represents the port on the localhost that the site will run on. .PARAMETER InstallNmap This parameter is OPTIONAL, however, it has a default value of $True. This parameter is a switch. If used, nmap will be installed in order to guess the Operating System of Remote Hosts on the network. .PARAMETER RemoveExistingPUD This parameter is OPTIONAL, however, it has a default value of $True. This parameter is a switch. If used, all running PowerShell Universal Dashboard instances will be removed prior to starting the Network Monitor Dashboard. .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-PUDAdminCenter #> function Get-PUDAdminCenter { Param ( [Parameter(Mandatory=$False)] [ValidateRange(1,32768)] [int]$Port = 80, [Parameter(Mandatory=$False)] [switch]$InstallNmap = $True, [Parameter(Mandatory=$False)] [switch]$RemoveExistingPUD = $True ) #region >> Prep # Remove all current running instances of PUD if ($RemoveExistingPUD) { Get-UDDashboard | Stop-UDDashboard } # Remove All Runspaces to Remote Hosts Get-PSSession | Remove-PSSession $RunspacesToDispose = @( Get-Runspace | Where-Object {$_.Type -eq "Remote"} ) if ($RunspacesToDispose.Count -gt 0) { foreach ($RSpace in $RunspacesToDispose) {$_.Dispose()} } # Define all of this Module's functions (both Public and Private) as an array of strings so that we can easily load them in different contexts/scopes $ThisModuleFunctionsStringArray = $(Get-Module PUDAdminCenterPrototype).Invoke({$FunctionsForSBUse}) # Create the $Pages ArrayList that will be used with 'New-UDDashboard -Pages' [System.Collections.ArrayList]$Pages = @() # Current Scope variable (ArrayList) containing the names of all of **Dynamic** Pages - # i.e. Pages where the URL contains a variable/parameter that is referenced within the Page itself. # For example, in this PUDAdminCenter App, the Overview Page (and all other Dynamic Pages in this list) is # eventually created via... # New-UDPage -Url "/Overview/:RemoteHost" -Endpoint {param($RemoteHost) ...} # ...meaning that if a user were to navigate to http://localhost/Overview/Server01, Overview Page Endpoint scriptblock # code that referenced the variable $RemoteHost would contain the string value 'Server01' (unless it is specifcally # overriden within the Overview Page Endpoint scriptblock, which is NOT recommended). $DynamicPages = @( "PSRemotingCreds" "ToolSelect" "Overview" "Certificates" "Devices" "Events" "Files" "Firewall" "Users And Groups" "Network" "Processes" "Registry" "Roles And Features" "Scheduled Tasks" "Services" "Storage" "Updates" ) # Make sure we can resolve the $DomainName try { $DomainName = $(Get-CimInstance Win32_ComputerSystem).Domain $ResolveDomainInfo = [System.Net.Dns]::Resolve($DomainName) } catch { Write-Error "Unable to resolve domain '$DomainName'! Halting!" $global:FunctionResult = "1" return } # Create Synchronized Hashtable so that we can pass variables between Pages regardless of scope. # This provides benefits above and beyond Universal Dashboard's $Cache: scope for two main reasons: # 1) It can be referenced anywhere (not just within an -Endpoint, which is what $Cache: scope is limited to) # 2) It allows us to more easily communicate with our own custom Runspace(s) that handle Live (Realtime) Data. For # examples of this, see uses of the 'New-Runspace' function within each of the Dynamic Pages (excluding the # PSRemotingCreds and ToolSelect Pages) Remove-Variable -Name PUDRSSyncHT -Scope Global -Force -ErrorAction SilentlyContinue $global:PUDRSSyncHT = [hashtable]::Synchronized(@{}) # Populate $PUDRSSyncHT with information that you will need for your PUD Application. This will vary depending on # how your application works, but at the very least, you should: # 1) Add a Key that will contain information that will be displayed on your HomePage (for the PUDAdminCenter App, # this is the Value contained within the 'RemoteHostList' Key) # 2) If you are planning on using Live (Realtime) Data, ensure you add one or more keys that will contain # Live Data. (For the PUDAdminCenter App, this is the LiveDataRSInfo Key that exists within a hashtable # dedicated to each specific Remote Host) # For this PUDAdminCenterPrototype Application, the structure of the $PUDRSSyncHT will look like... <# @{ RemoteHostList = $null <RemoteHostInfo> = @{ NetworkInfo = $null <DynamicPage> = @{ <StaticInfoKey> = $null LiveDataRSInfo = $null LiveDataTracker = @{ Current = $null Previous = $null } } } } #> # In other words. each Key within the $PUDRSSyncHT Synchronized Hashtable (with the exception of the 'RemoteHostList' key) # will represent a Remote Host that we intend to manage. Each RemoteHost key value will be a hashtable containing the key # 'NetworkInfo', as well as keys that rperesent relevant Dynamic Pages ('Overview','Certificates',etc). Each Dynamic Page # key value will be a hashtable containing one or more keys with value(s) representing static info that is queried at the time # the page loads as well as the keys 'LiveDataRSInfo', and 'LiveDataTracker'. Some key values are initially set to $null because # actions taken either prior to starting the UDDashboard or actions taken within the PUDAdminCenter WebApp itself on different # pages will set/reset their values as appropriate. # Let's populate $PUDRSSyncHT.RemoteHostList with information that will be needed immediately upon navigating to the $HomePage. # For this reason, we're gathering the info before we start the UDDashboard. (Note that the below 'GetComputerObjectInLDAP' Private # function gets all Computers in Active Directory without using the ActiveDirectory PowerShell Module) [System.Collections.ArrayList]$InitialRemoteHostListPrep = $(GetComputerObjectsInLDAP).Name # Let's just get 20 of them initially. We want *something* on the HomePage but we don't want hundreds/thousands of entries. We want # the user to specify individual/range of hosts/devices that they want to manage. $InitialRemoteHostListPrep = $InitialRemoteHostListPrep[0..20] if ($PSVersionTable.PSEdition -eq "Core") { [System.Collections.ArrayList]$InitialRemoteHostListPrep = $InitialRemoteHostListPrep | foreach {$_ -replace "CN=",""} } # Filter Out the Remote Hosts that we can't resolve [System.Collections.ArrayList]$InitialRemoteHostList = @() $null = Clear-DnsClientCache foreach ($HName in $InitialRemoteHostListPrep) { try { $RemoteHostNetworkInfo = ResolveHost -HostNameOrIP $HName -ErrorAction Stop if ($InitialRemoteHostList.FQDN -notcontains $RemoteHostNetworkInfo.FQDN) { $null = $InitialRemoteHostList.Add($RemoteHostNetworkInfo) } } catch { continue } } $PUDRSSyncHT.Add("RemoteHostList",$InitialRemoteHostList) # Add Keys for each of the Remote Hosts in the $InitialRemoteHostList foreach ($RHost in $InitialRemoteHostList) { $Key = $RHost.HostName + "Info" $Value = @{ NetworkInfo = $RHost CredHT = $null ServerInventoryStatic = $null RelevantNetworkInterfaces = $null LiveDataRSInfo = $null LiveDataTracker = @{Current = $null; Previous = $null} } foreach ($DynPage in $($DynamicPages | Where-Object {$_ -notmatch "PSRemotingCreds|ToolSelect"})) { $DynPageHT = @{ LiveDataRSInfo = $null LiveDataTracker = @{Current = $null; Previous = $null} } $Value.Add($($DynPage -replace "[\s]",""),$DynPageHT) } $PUDRSSyncHT.Add($Key,$Value) } if ($InstallNmap) { # Install nmap if ($(Get-Module -ListAvailable).Name -notcontains "ProgramManagement") {Install-Module ProgramManagement} if ($(Get-Module).Name -notcontains "ProgramManagement") {Import-Module ProgramManagement} if (!$(Get-Command nmap -ErrorAction SilentlyContinue)) { try { Write-Host "Installing 'nmap'. This could take up to 10 minutes..." -ForegroundColor Yellow $InstallnmapResult = Install-Program -ProgramName nmap -CommandName nmap } catch { Write-Error $_ $global:FunctionResult = "1" return } } if (!$(Get-Command nmap -ErrorAction SilentlyContinue)) { Write-Error "Unable to find the command 'nmap'! Halting!" $global:FunctionResult = "1" return } $NmapParentDir = $(Get-Command nmap).Source | Split-Path -Parent [System.Collections.Arraylist][array]$CurrentEnvPathArray = $env:Path -split ';' | Where-Object {![System.String]::IsNullOrWhiteSpace($_)} if ($CurrentEnvPathArray -notcontains $NmapParentDir) { $CurrentEnvPathArray.Insert(0,$NmapParentDir) $env:Path = $CurrentEnvPathArray -join ';' } $SystemPathInRegistry = 'HKLM:\System\CurrentControlSet\Control\Session Manager\Environment' $CurrentSystemPath = $(Get-ItemProperty -Path $SystemPathInRegistry -Name PATH).Path [System.Collections.Arraylist][array]$CurrentSystemPathArray = $CurrentSystemPath -split ";" | Where-Object {![System.String]::IsNullOrWhiteSpace($_)} if ($CurrentSystemPathArray -notcontains $NmapParentDir) { $CurrentSystemPathArray.Insert(0,$NmapParentDir) $UpdatedSystemPath = $CurrentSystemPathArray -join ';' Set-ItemProperty -Path $SystemPathInRegistry -Name PATH -Value $UpdatedSystemPath } } #endregion >> Prep #region >> Dynamic Pages 'Add Dynamic Pages Here' #endregion >> Dynamic Pages #region >> Static Pages 'Add Static Pages Here' #endregion >> Static Pages # Finalize the Site $Theme = New-UDTheme -Name "DefaultEx" -Parent Default -Definition @{ UDDashboard = @{ BackgroundColor = "rgb(255,255,255)" } } $MyDashboard = New-UDDashboard -Title "PUD Admin Center" -Pages $Pages -Theme $Theme # Start the Site Start-UDDashboard -Dashboard $MyDashboard -Port $Port } <# .SYNOPSIS Return subkeys based on the path. .DESCRIPTION Return subkeys based on the path. The supported Operating Systems are Window Server 2012 and Windows Server 2012R2 and Windows Server 2016. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Readers .PARAMETER path This parameter is MANDATORY. TODO .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-RegistrySubkeys -path "HKLM:\SOFTWARE\OpenSSH" #> function Get-RegistrySubKeys { Param([Parameter(Mandatory = $true)][string]$path) $ErrorActionPreference = "Stop" $Error.Clear() $keyArray = @() $key = Get-Item $path foreach ($sub in $key.GetSubKeyNames() | Sort-Object) { $keyEntry = New-Object System.Object $keyEntry | Add-Member -type NoteProperty -name Name -value $sub $subKeyPath = $key.PSPath+'\'+$sub $keyEntry | Add-Member -type NoteProperty -name Path -value $subKeyPath $keyEntry | Add-Member -type NoteProperty -name childCount -value @( Get-ChildItem $subKeyPath -ErrorAction SilentlyContinue ).Length $keyArray += $keyEntry } $keyArray } <# .SYNOPSIS Return values based on the key path. .DESCRIPTION Return values based on the key path. The supported Operating Systems are Window Server 2012 and Windows Server 2012R2 and Windows Server 2016. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Readers .PARAMETER path This parameter is OPTIONAL. TODO .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-RegistryValues -path "HKLM:\SOFTWARE\OpenSSH" #> function Get-RegistryValues { Param([string]$path) $ErrorActionPreference = "Stop" $Error.Clear() $valueArray = @() $values = Get-Item -path $path foreach ($val in $values.Property) { $valueEntry = New-Object System.Object if ($val -eq '(default)'){ $valueEntry | Add-Member -type NoteProperty -name Name -value $val $valueEntry | Add-Member -type NoteProperty -name type -value $values.GetValueKind('') $valueEntry | Add-Member -type NoteProperty -name data -value (get-itemproperty -literalpath $path).'(default)' } else{ $valueEntry | Add-Member -type NoteProperty -name Name -value $val $valueEntry | Add-Member -type NoteProperty -name type -value $values.GetValueKind($val) $valueEntry | Add-Member -type NoteProperty -name data -value $values.GetValue($val) } $valueArray += $valueEntry } $valueArray } <# .SYNOPSIS Gets a computer's remote desktop settings. .DESCRIPTION Gets a computer's remote desktop settings. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Readers .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-RemoteDesktop #> function Get-RemoteDesktop { function Get-DenyTSConnectionsValue { $key = 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server' $exists = Get-ItemProperty -Path $key -Name fDenyTSConnections -ErrorAction SilentlyContinue if ($exists) { $keyValue = $exists.fDenyTSConnections return $keyValue -ne 1 } Write-Error "The value for key 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server' was not found." } function Get-UserAuthenticationValue { $key = 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' $exists = Get-ItemProperty -Path $key -Name UserAuthentication -ErrorAction SilentlyContinue if ($exists) { $keyValue = $exists.UserAuthentication return $keyValue -eq 1 } Write-Error "The value for key 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' was not found." } function Get-RemoteAppSetting { $key = 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server' $exists = Get-ItemProperty -Path $key -Name EnableRemoteApp -ErrorAction SilentlyContinue if ($exists) { $keyValue = $exists.EnableRemoteApp return $keyValue -eq 1 } else { return $false; } } $denyValue = Get-DenyTSConnectionsValue; $nla = Get-UserAuthenticationValue; $remoteApp = Get-RemoteAppSetting; $result = New-Object -TypeName PSObject $result | Add-Member -MemberType NoteProperty -Name "allowRemoteDesktop" $denyValue; $result | Add-Member -MemberType NoteProperty -Name "allowRemoteDesktopWithNLA" $nla; $result | Add-Member -MemberType NoteProperty -Name "enableRemoteApp" $remoteApp; $result } <# .SYNOPSIS Script to get list of scheduled tasks. .DESCRIPTION Script to get list of scheduled tasks. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Readers .PARAMETER taskPath This parameter is OPTIONAL. TODO .PARAMETER taskName This parameter is OPTIONAL. TODO .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-ScheduledTasks #> function Get-ScheduledTasks { param ( [Parameter(Mandatory = $false)] [String] $taskPath, [Parameter(Mandatory = $false)] [String] $taskName ) Import-Module ScheduledTasks function New-TaskWrapper { param ( [Parameter(Mandatory = $true, ValueFromPipeline=$true)] $task ) $task | Add-Member -MemberType NoteProperty -Name 'status' -Value $task.state.ToString() $info = Get-ScheduledTaskInfo $task $triggerCopies = @() for ($i=0;$i -lt $task.Triggers.Length;$i++) { $trigger = $task.Triggers[$i]; $triggerCopy = $trigger.PSObject.Copy(); if ($trigger -ne $null) { if ($trigger.StartBoundary -eq $null -or$trigger.StartBoundary -eq '') { $startDate = $null; } else { $startDate = [datetime]($trigger.StartBoundary) } $triggerCopy | Add-Member -MemberType NoteProperty -Name 'TriggerAtDate' -Value $startDate -TypeName System.DateTime if ($trigger.EndBoundary -eq $null -or$trigger.EndBoundary -eq '') { $endDate = $null; } else { $endDate = [datetime]($trigger.EndBoundary) } $triggerCopy | Add-Member -MemberType NoteProperty -Name 'TriggerEndDate' -Value $endDate -TypeName System.DateTime $triggerCopies += $triggerCopy } } $task | Add-Member -MemberType NoteProperty -Name 'TriggersEx' -Value $triggerCopies New-Object -TypeName PSObject -Property @{ ScheduledTask = $task ScheduledTaskInfo = $info } } if ($taskPath -and $taskName) { try { $task = Get-ScheduledTask -TaskPath $taskPath -TaskName $taskName -ErrorAction Stop New-TaskWrapper $task } catch { } } else { Get-ScheduledTask | ForEach-Object { New-TaskWrapper $_ } } } <# .SYNOPSIS Retrieves the inventory data for a server. .DESCRIPTION Retrieves the inventory data for a server. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Readers .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-ServerInventory #> function Get-ServerInventory { Set-StrictMode -Version 5.0 import-module CimCmdlets <# .SYNOPSIS Converts an arbitrary version string into just 'Major.Minor' .DESCRIPTION To make OS version comparisons we only want to compare the major and minor version. Build number and/os CSD are not interesting. #> function convertOsVersion([string] $osVersion) { try { $version = New-Object Version $osVersion -ErrorAction Stop if ($version -and $version.Major -ne -1 -and $version.Minor -ne -1) { $versionString = "{0}.{1}" -f $version.Major, $version.Minor return New-Object Version $versionString } } catch { # The version string is not in the correct format return $null } } <# .SYNOPSIS Determines if CredSSP is enabled for the current server or client. .DESCRIPTION Check the registry value for the CredSSP enabled state. #> function isCredSSPEnabled() { $CredSsp = Get-Item WSMan:\localhost\Service\Auth\CredSSP -ErrorAction SilentlyContinue if ($CredSSp) { return [System.Convert]::ToBoolean($CredSsp.Value) } return $false } <# .SYNOPSIS Determines if the Hyper-V role is installed for the current server or client. .DESCRIPTION The Hyper-V role is installed when the VMMS service is available. This is much faster then checking Get-WindowsFeature and works on Windows Client SKUs. #> function isHyperVRoleInstalled() { $vmmsService = Get-Service -Name "VMMS" -ErrorAction SilentlyContinue return $vmmsService -and $vmmsService.Name -eq "VMMS" } <# .SYNOPSIS Determines if the Hyper-V PowerShell support module is installed for the current server or client. .DESCRIPTION The Hyper-V PowerShell support module is installed when the modules cmdlets are available. This is much faster then checking Get-WindowsFeature and works on Windows Client SKUs. #> function isHyperVPowerShellSupportInstalled() { # quicker way to find the module existence. it doesn't load the module. return !!(Get-Module -ListAvailable Hyper-V -ErrorAction SilentlyContinue) } <# .SYNOPSIS Determines if Windows Management Framework (WMF) 5.0, or higher, is installed for the current server or client. .DESCRIPTION Windows Admin Center requires WMF 5 so check the registey for WMF version on Windows versions that are less than Windows Server 2016. #> function isWMF5Installed([string] $operatingSystemVersion) { Set-Variable Server2016 -Option Constant -Value (New-Object Version '10.0') # And Windows 10 client SKUs Set-Variable Server2012 -Option Constant -Value (New-Object Version '6.2') $version = convertOsVersion $operatingSystemVersion if ($version -eq $null) { return $false # Since the OS version string is not properly formatted we cannot know the true installed state. } if ($version -ge $Server2016) { # It's okay to assume that 2016 and up comes with WMF 5 or higher installed return $true } else { if ($version -ge $Server2012) { # Windows 2012/2012R2 are supported as long as WMF 5 or higher is installed $registryKey = 'HKLM:\SOFTWARE\Microsoft\PowerShell\3\PowerShellEngine' $registryKeyValue = Get-ItemProperty -Path $registryKey -Name PowerShellVersion -ErrorAction SilentlyContinue if ($registryKeyValue -and ($registryKeyValue.PowerShellVersion.Length -ne 0)) { $installedWmfVersion = [Version]$registryKeyValue.PowerShellVersion if ($installedWmfVersion -ge [Version]'5.0') { return $true } } } } return $false } <# .SYNOPSIS Determines if the current usser is a system administrator of the current server or client. .DESCRIPTION Determines if the current usser is a system administrator of the current server or client. #> function isUserAnAdministrator() { return ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator") } <# .SYNOPSIS Determines if the current server supports Failover Clusters Time Series Database. .DESCRIPTION Use the existance of the cluster cmdlet Get-ClusterPerformanceHistory to determine if TSDB is supported or not. #> function getClusterPerformanceHistoryCmdLet($failoverClusters) { return $failoverClusters.ExportedCommands.ContainsKey("Get-ClusterPerformanceHistory") } <# .SYNOPSIS Get some basic information about the Failover Cluster that is running on this server. .DESCRIPTION Create a basic inventory of the Failover Cluster that may be running in this server. #> function getClusterInformation() { # JEA code requires to pre-import the module (this is slow on failover cluster environment.) Import-Module FailoverClusters -ErrorAction SilentlyContinue $returnValues = @{} $returnValues.IsTsdbEnabled = $false $returnValues.IsCluster = $false $returnValues.ClusterFqdn = $null $failoverClusters = Get-Module FailoverClusters -ErrorAction SilentlyContinue if ($failoverClusters) { $returnValues.IsTsdbEnabled = getClusterPerformanceHistoryCmdLet $failoverClusters } $namespace = Get-CimInstance -Namespace root/MSCluster -ClassName __NAMESPACE -ErrorAction SilentlyContinue if ($namespace) { $cluster = Get-CimInstance -Namespace root/MSCluster -Query "Select fqdn from MSCluster_Cluster" -ErrorAction SilentlyContinue if ($cluster) { $returnValues.IsCluster = $true $returnValues.ClusterFqdn = $cluster.fqdn } } return $returnValues } <# .SYNOPSIS Get the Fully Qaulified Domain (DNS domain) Name (FQDN) of the passed in computer name. .DESCRIPTION Get the Fully Qaulified Domain (DNS domain) Name (FQDN) of the passed in computer name. #> function getComputerFqdn($computerName) { return ([System.Net.Dns]::GetHostEntry($computerName)).HostName } <# .SYNOPSIS Get the Fully Qaulified Domain (DNS domain) Name (FQDN) of the current server or client. .DESCRIPTION Get the Fully Qaulified Domain (DNS domain) Name (FQDN) of the current server or client. #> function getHostFqdn($computerSystem) { $computerName = $computerSystem.DNSHostName if ($computerName -eq $null) { $computerName = $computerSystem.Name } return getComputerFqdn $computerName } <# .SYNOPSIS Are the needed management CIM interfaces available on the current server or client. .DESCRIPTION Check for the presence of the required server management CIM interfaces. #> function getManagementToolsSupportInformation() { $returnValues = @{} $returnValues.ManagementToolsAvailable = $false $returnValues.ServerManagerAvailable = $false $namespaces = Get-CimInstance -Namespace root/microsoft/windows -ClassName __NAMESPACE -ErrorAction SilentlyContinue if ($namespaces) { $returnValues.ManagementToolsAvailable = ($namespaces | Where-Object { $_.Name -ieq "ManagementTools" }) -ne $null $returnValues.ServerManagerAvailable = ($namespaces | Where-Object { $_.Name -ieq "ServerManager" }) -ne $null } return $returnValues } <# .SYNOPSIS Check the remote app enabled or not. .DESCRIPTION Check the remote app enabled or not. #> function isRemoteAppEnabled() { Set-Variable key -Option Constant -Value "HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Terminal Server" Set-Variable enableRemoteAppPropertyName -Option Constant -Value "EnableRemoteApp" $registryKeyValue = Get-ItemProperty -Path $key -Name EnableRemoteApp -ErrorAction SilentlyContinue return $registryKeyValue -and ($registryKeyValue.PSObject.Properties.Name -match $enableRemoteAppPropertyName) } <# .SYNOPSIS Check the remote app enabled or not. .DESCRIPTION Check the remote app enabled or not. #> <# .SYNOPSIS Get the Win32_OperatingSystem information .DESCRIPTION Get the Win32_OperatingSystem instance and filter the results to just the required properties. This filtering will make the response payload much smaller. #> function getOperatingSystemInfo() { return Get-CimInstance Win32_OperatingSystem | Microsoft.PowerShell.Utility\Select-Object csName, Caption, OperatingSystemSKU, Version, ProductType } <# .SYNOPSIS Get the Win32_ComputerSystem information .DESCRIPTION Get the Win32_ComputerSystem instance and filter the results to just the required properties. This filtering will make the response payload much smaller. #> function getComputerSystemInfo() { return Get-CimInstance Win32_ComputerSystem -ErrorAction SilentlyContinue | ` Microsoft.PowerShell.Utility\Select-Object TotalPhysicalMemory, DomainRole, Manufacturer, Model, NumberOfLogicalProcessors, Domain, Workgroup, DNSHostName, Name, PartOfDomain } ########################################################################### # main() ########################################################################### $operatingSystem = getOperatingSystemInfo $computerSystem = getComputerSystemInfo $isAdministrator = isUserAnAdministrator $fqdn = getHostFqdn $computerSystem $managementToolsInformation = getManagementToolsSupportInformation $isWmfInstalled = isWMF5Installed $operatingSystem.Version $clusterInformation = getClusterInformation -ErrorAction SilentlyContinue $isHyperVPowershellInstalled = isHyperVPowerShellSupportInstalled $isHyperVRoleInstalled = isHyperVRoleInstalled $isCredSSPEnabled = isCredSSPEnabled $isRemoteAppEnabled = isRemoteAppEnabled $result = New-Object PSObject $result | Add-Member -MemberType NoteProperty -Name 'IsAdministrator' -Value $isAdministrator $result | Add-Member -MemberType NoteProperty -Name 'OperatingSystem' -Value $operatingSystem $result | Add-Member -MemberType NoteProperty -Name 'ComputerSystem' -Value $computerSystem $result | Add-Member -MemberType NoteProperty -Name 'Fqdn' -Value $fqdn $result | Add-Member -MemberType NoteProperty -Name 'IsManagementToolsAvailable' -Value $managementToolsInformation.ManagementToolsAvailable $result | Add-Member -MemberType NoteProperty -Name 'IsServerManagerAvailable' -Value $managementToolsInformation.ServerManagerAvailable $result | Add-Member -MemberType NoteProperty -Name 'IsCluster' -Value $clusterInformation.IsCluster $result | Add-Member -MemberType NoteProperty -Name 'ClusterFqdn' -Value $clusterInformation.ClusterFqdn $result | Add-Member -MemberType NoteProperty -Name 'IsWmfInstalled' -Value $isWmfInstalled $result | Add-Member -MemberType NoteProperty -Name 'IsTsdbEnabled' -Value $clusterInformation.IsTsdbEnabled $result | Add-Member -MemberType NoteProperty -Name 'IsHyperVRoleInstalled' -Value $isHyperVRoleInstalled $result | Add-Member -MemberType NoteProperty -Name 'IsHyperVPowershellInstalled' -Value $isHyperVPowershellInstalled $result | Add-Member -MemberType NoteProperty -Name 'IsCredSSPEnabled' -Value $isCredSSPEnabled $result | Add-Member -MemberType NoteProperty -Name 'isRemoteAppEnabled' -Value $isRemoteAppEnabled $result } <# .SYNOPSIS Enumerates all of the local disks of the system. .DESCRIPTION Enumerates all of the local disks of the system. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Readers .PARAMETER DiskId This parameter is OPTIONAL. TODO .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-StorageDisk #> function Get-StorageDisk { param ( [Parameter(Mandatory = $false)] [String] $DiskId ) Import-Module CimCmdlets Import-Module Microsoft.PowerShell.Utility <# .Synopsis Name: Get-Disks Description: Gets all the local disks of the machine. .Parameters $DiskId: The unique identifier of the disk desired (Optional - for cases where only one disk is desired). .Returns The local disk(s). #> function Get-DisksInternal { param ( [Parameter(Mandatory = $false)] [String] $DiskId ) Remove-Module Storage -ErrorAction Ignore; # Remove the Storage module to prevent it from automatically localizing $isDownlevel = [Environment]::OSVersion.Version.Major -lt 10; if ($isDownlevel) { $disks = Get-CimInstance -ClassName MSFT_Disk -Namespace Root\Microsoft\Windows\Storage | Where-Object { !$_.IsClustered }; } else { $subsystem = Get-CimInstance -ClassName MSFT_StorageSubSystem -Namespace Root\Microsoft\Windows\Storage| Where-Object { $_.FriendlyName -like "Win*" }; $disks = $subsystem | Get-CimAssociatedInstance -ResultClassName MSFT_Disk; } if ($DiskId) { $disks = $disks | Where-Object { $_.UniqueId -eq $DiskId }; } $disks | %{ $partitions = $_ | Get-CimAssociatedInstance -ResultClassName MSFT_Partition $volumes = $partitions | Get-CimAssociatedInstance -ResultClassName MSFT_Volume $volumeIds = @() $volumes | %{ $volumeIds += $_.path } $_ | Add-Member -NotePropertyName VolumeIds -NotePropertyValue $volumeIds } $disks = $disks | ForEach-Object { $disk = @{ AllocatedSize = $_.AllocatedSize; BootFromDisk = $_.BootFromDisk; BusType = $_.BusType; FirmwareVersion = $_.FirmwareVersion; FriendlyName = $_.FriendlyName; HealthStatus = $_.HealthStatus; IsBoot = $_.IsBoot; IsClustered = $_.IsClustered; IsOffline = $_.IsOffline; IsReadOnly = $_.IsReadOnly; IsSystem = $_.IsSystem; LargestFreeExtent = $_.LargestFreeExtent; Location = $_.Location; LogicalSectorSize = $_.LogicalSectorSize; Model = $_.Model; NumberOfPartitions = $_.NumberOfPartitions; OfflineReason = $_.OfflineReason; OperationalStatus = $_.OperationalStatus; PartitionStyle = $_.PartitionStyle; Path = $_.Path; PhysicalSectorSize = $_.PhysicalSectorSize; ProvisioningType = $_.ProvisioningType; SerialNumber = $_.SerialNumber; Signature = $_.Signature; Size = $_.Size; UniqueId = $_.UniqueId; UniqueIdFormat = $_.UniqueIdFormat; volumeIds = $_.volumeIds; Number = $_.Number; } if (-not $isDownLevel) { $disk.IsHighlyAvailable = $_.IsHighlyAvailable; $disk.IsScaleOut = $_.IsScaleOut; } return $disk; } if ($isDownlevel) { $healthStatusMap = @{ 0 = 3; 1 = 0; 4 = 1; 8 = 2; }; $operationalStatusMap = @{ 0 = @(0); # Unknown 1 = @(53264); # Online 2 = @(53265); # Not ready 3 = @(53266); # No media 4 = @(53267); # Offline 5 = @(53268); # Error 6 = @(13); # Lost communication }; $disks = $disks | ForEach-Object { $_.HealthStatus = $healthStatusMap[[int32]$_.HealthStatus]; $_.OperationalStatus = $operationalStatusMap[[int32]$_.OperationalStatus[0]]; $_; }; } return $disks; } if ($DiskId) { Get-DisksInternal -DiskId $DiskId } else { Get-DisksInternal } } <# .SYNOPSIS Enumerates all of the local file shares of the system. .DESCRIPTION Enumerates all of the local file shares of the system. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Readers .PARAMETER FileShareId This parameter is OPTIONAL. TODO .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-StorageFileShare #> function Get-StorageFileShare { param ( [Parameter(Mandatory = $false)] [String] $FileShareId ) Import-Module CimCmdlets <# .Synopsis Name: Get-FileShares-Internal Description: Gets all the local file shares of the machine. .Parameters $FileShareId: The unique identifier of the file share desired (Optional - for cases where only one file share is desired). .Returns The local file share(s). #> function Get-FileSharesInternal { param ( [Parameter(Mandatory = $false)] [String] $FileShareId ) Remove-Module Storage -ErrorAction Ignore; # Remove the Storage module to prevent it from automatically localizing $isDownlevel = [Environment]::OSVersion.Version.Major -lt 10; if ($isDownlevel) { # Map downlevel status to array of [health status, operational status, share state] uplevel equivalent $statusMap = @{ "OK" = @(0, 2, 1); "Error" = @(2, 6, 2); "Degraded" = @(1, 3, 2); "Unknown" = @(5, 0, 0); "Pred Fail" = @(1, 5, 2); "Starting" = @(1, 8, 0); "Stopping" = @(1, 9, 0); "Service" = @(1, 11, 1); "Stressed" = @(1, 4, 1); "NonRecover" = @(2, 7, 2); "No Contact" = @(2, 12, 2); "Lost Comm" = @(2, 13, 2); }; $shares = Get-CimInstance -ClassName Win32_Share | ForEach-Object { return @{ ContinuouslyAvailable = $false; Description = $_.Description; EncryptData = $false; FileSharingProtocol = 3; HealthStatus = $statusMap[$_.Status][0]; IsHidden = $_.Name.EndsWith("`$"); Name = $_.Name; OperationalStatus = ,@($statusMap[$_.Status][1]); ShareState = $statusMap[$_.Status][2]; UniqueId = "smb|" + (Get-CimInstance Win32_ComputerSystem).DNSHostName + "." + (Get-CimInstance Win32_ComputerSystem).Domain + "\" + $_.Name; VolumePath = $_.Path; } } } else { $shares = Get-CimInstance -ClassName MSFT_FileShare -Namespace Root\Microsoft\Windows/Storage | ForEach-Object { return @{ IsHidden = $_.Name.EndsWith("`$"); VolumePath = $_.VolumeRelativePath; ContinuouslyAvailable = $_.ContinuouslyAvailable; Description = $_.Description; EncryptData = $_.EncryptData; FileSharingProtocol = $_.FileSharingProtocol; HealthStatus = $_.HealthStatus; Name = $_.Name; OperationalStatus = $_.OperationalStatus; UniqueId = $_.UniqueId; ShareState = $_.ShareState; } } } if ($FileShareId) { $shares = $shares | Where-Object { $_.UniqueId -eq $FileShareId }; } return $shares; } if ($FileShareId) { Get-FileSharesInternal -FileShareId $FileShareId; } else { Get-FileSharesInternal; } } <# .SYNOPSIS Enumerates all of the local volumes of the system. .DESCRIPTION Enumerates all of the local volumes of the system. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Readers .PARAMETER VolumeId This parameter is OPTIONAL. TODO .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-StorageVolume #> function Get-StorageVolume { param ( [Parameter(Mandatory = $false)] [String] $VolumeId ) ############################################################################################################################ # Global settings for the script. ############################################################################################################################ $ErrorActionPreference = "Stop" Set-StrictMode -Version 3.0 Import-Module CimCmdlets Import-Module Microsoft.PowerShell.Management Import-Module Microsoft.PowerShell.Utility Import-Module Storage ############################################################################################################################ # Helper functions. ############################################################################################################################ <# .Synopsis Name: Get-VolumePathToPartition Description: Gets the list of partitions (that have volumes) in hashtable where key is volume path. .Returns The list of partitions (that have volumes) in hashtable where key is volume path. #> function Get-VolumePathToPartition { $volumePaths = @{} foreach($partition in Get-Partition) { foreach($volumePath in @($partition.AccessPaths)) { if($volumePath -and (-not $volumePaths.Contains($volumePath))) { $volumePaths.Add($volumePath, $partition) } } } $volumePaths } <# .Synopsis Name: Get-DiskIdToDisk Description: Gets the list of all the disks in hashtable where key is: "Disk.Path" in case of WS2016 and above. OR "Disk.ObjectId" in case of WS2012 and WS2012R2. .Returns The list of partitions (that have volumes) in hashtable where key is volume path. #> function Get-DiskIdToDisk { $diskIds = @{} $isDownlevel = [Environment]::OSVersion.Version.Major -lt 10; # In downlevel Operating systems. MSFT_Partition.DiskId is equal to MSFT_Disk.ObjectId # However, In WS2016 and above, MSFT_Partition.DiskId is equal to MSFT_Disk.Path foreach($disk in Get-Disk) { if($isDownlevel) { $diskId = $disk.ObjectId } else { $diskId = $disk.Path } if(-not $diskIds.Contains($diskId)) { $diskIds.Add($diskId, $disk) } } return $diskIds } <# .Synopsis Name: Get-VolumeWs2016AndAboveOS Description: Gets the list of all applicable volumes from WS2012 and Ws2012R2 Operating Systems. .Returns The list of all applicable volumes #> function Get-VolumeDownlevelOS { $volumes = @() foreach($volume in (Get-WmiObject -Class MSFT_Volume -Namespace root/Microsoft/Windows/Storage)) { $partition = $script:partitions.Get_Item($volume.Path) # Check if this volume is associated with a partition. if($partition) { # If this volume is associated with a partition, then get the disk to which this partition belongs. $disk = $script:disks.Get_Item($partition.DiskId) # If the disk is a clustered disk then simply ignore this volume. if($disk -and $disk.IsClustered) {continue} } $volumes += $volume } $volumes } <# .Synopsis Name: Get-VolumeWs2016AndAboveOS Description: Gets the list of all applicable volumes from WS2016 and above Operating System. .Returns The list of all applicable volumes #> function Get-VolumeWs2016AndAboveOS { $volumes = @() $applicableVolumePaths = @{} $subSystem = Get-CimInstance -ClassName MSFT_StorageSubSystem -Namespace root/Microsoft/Windows/Storage| Where-Object { $_.FriendlyName -like "Win*" } foreach($volume in @($subSystem | Get-CimAssociatedInstance -ResultClassName MSFT_Volume)) { if(-not $applicableVolumePaths.Contains($volume.Path)) { $applicableVolumePaths.Add($volume.Path, $null) } } foreach($volume in (Get-WmiObject -Class MSFT_Volume -Namespace root/Microsoft/Windows/Storage)) { if(-not $applicableVolumePaths.Contains($volume.Path)) { continue } $volumes += $volume } $volumes } <# .Synopsis Name: Get-VolumesList Description: Gets the list of all applicable volumes w.r.t to the target Operating System. .Returns The list of all applicable volumes. #> function Get-VolumesList { $isDownlevel = [Environment]::OSVersion.Version.Major -lt 10; if($isDownlevel) { return Get-VolumeDownlevelOS } Get-VolumeWs2016AndAboveOS } ############################################################################################################################ # Helper Variables ############################################################################################################################ $script:fixedDriveType = 3 $script:disks = Get-DiskIdToDisk $script:partitions = Get-VolumePathToPartition ############################################################################################################################ # Main script. ############################################################################################################################ $resultantVolumes = @() $volumes = Get-VolumesList foreach($volume in $volumes) { $partition = $script:partitions.Get_Item($volume.Path) if($partition -and $volume.DriveType -eq $script:fixedDriveType) { $volume | Add-Member -NotePropertyName IsSystem -NotePropertyValue $partition.IsSystem $volume | Add-Member -NotePropertyName IsBoot -NotePropertyValue $partition.IsBoot $volume | Add-Member -NotePropertyName IsActive -NotePropertyValue $partition.IsActive $volume | Add-Member -NotePropertyName PartitionNumber -NotePropertyValue $partition.PartitionNumber $volume | Add-Member -NotePropertyName DiskNumber -NotePropertyValue $partition.DiskNumber } else { # This volume is not associated with partition, as such it is representing devices like CD-ROM, Floppy drive etc. $volume | Add-Member -NotePropertyName IsSystem -NotePropertyValue $true $volume | Add-Member -NotePropertyName IsBoot -NotePropertyValue $true $volume | Add-Member -NotePropertyName IsActive -NotePropertyValue $true $volume | Add-Member -NotePropertyName PartitionNumber -NotePropertyValue -1 $volume | Add-Member -NotePropertyName DiskNumber -NotePropertyValue -1 } $resultantVolumes += $volume } $resultantVolumes | % { [String] $name = ''; # On the downlevel OS, the drive letter is showing charachter. The ASCII code for that char is 0. # So rather than checking null or empty, code is checking the ASCII code of the drive letter and updating # the drive letter field to null explicitly to avoid discrepencies on UI. if ($_.FileSystemLabel -and [byte]$_.DriveLetter -ne 0 ) { $name = $_.FileSystemLabel + " (" + $_.DriveLetter + ":)" } elseif (!$_.FileSystemLabel -and [byte]$_.DriveLetter -ne 0 ) { $name = "(" + $_.DriveLetter + ":)" } elseif ($_.FileSystemLabel -and [byte]$_.DriveLetter -eq 0) { $name = $_.FileSystemLabel } else { $name = '' } if ([byte]$_.DriveLetter -eq 0) { $_.DriveLetter = $null } $_ | Add-Member -Force -NotePropertyName "Name" -NotePropertyValue $name } $isDownlevel = [Environment]::OSVersion.Version.Major -lt 10; $resultantVolumes = $resultantVolumes | ForEach-Object { $volume = @{ Name = $_.Name; DriveLetter = $_.DriveLetter; HealthStatus = $_.HealthStatus; DriveType = $_.DriveType; FileSystem = $_.FileSystem; FileSystemLabel = $_.FileSystemLabel; Path = $_.Path; PartitionNumber = $_.PartitionNumber; DiskNumber = $_.DiskNumber; Size = $_.Size; SizeRemaining = $_.SizeRemaining; IsSystem = $_.IsSystem; IsBoot = $_.IsBoot; IsActive = $_.IsActive; } if ($isDownlevel) { $volume.FileSystemType = $_.FileSystem; } else { $volume.FileSystemType = $_.FileSystemType; $volume.OperationalStatus = $_.OperationalStatus; $volume.HealthStatus = $_.HealthStatus; $volume.DriveType = $_.DriveType; $volume.DedupMode = $_.DedupMode; $volume.UniqueId = $_.UniqueId; $volume.AllocationUnitSize = $_.AllocationUnitSize; } return $volume; } # # Return results back to the caller. # if($VolumeId) { $resultantVolumes | Where-Object {$_.Path -eq $resultantVolumes} } else { $resultantVolumes } } <# .SYNOPSIS Get Windows Update History. .DESCRIPTION See .SYNOPSIS .NOTES From: https://stackoverflow.com/a/41626130 .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Get-WuaHistory #> function Get-WuaHistory { #region >> Helper Functions function Convert-WuaResultCodeToName { param( [Parameter(Mandatory=$True)] [int]$ResultCode ) $Result = $ResultCode switch($ResultCode) { 2 {$Result = "Succeeded"} 3 {$Result = "Succeeded With Errors"} 4 {$Result = "Failed"} } return $Result } #endregion >> Helper Functions # Get a WUA Session $session = (New-Object -ComObject 'Microsoft.Update.Session') # Query the latest 1000 History starting with the first recordp $history = $session.QueryHistory("",0,1000) | foreach { $Result = Convert-WuaResultCodeToName -ResultCode $_.ResultCode # Make the properties hidden in com properties visible. $_ | Add-Member -MemberType NoteProperty -Value $Result -Name Result $Product = $_.Categories | Where-Object {$_.Type -eq 'Product'} | Select-Object -First 1 -ExpandProperty Name $_ | Add-Member -MemberType NoteProperty -Value $_.UpdateIdentity.UpdateId -Name UpdateId $_ | Add-Member -MemberType NoteProperty -Value $_.UpdateIdentity.RevisionNumber -Name RevisionNumber $_ | Add-Member -MemberType NoteProperty -Value $Product -Name Product -PassThru Write-Output $_ } #Remove null records and only return the fields we want $history | Where-Object {![String]::IsNullOrWhiteSpace($_.title)} } <# .SYNOPSIS Installs .Net 4.7.2 .DESCRIPTION See .SYNOPSIS .PARAMETER DownloadDirectory This parameter is OPTIONAL. This parameter takes a string that represents the full path to the directory that will contain the installation .exe download. .PARAMETER Restart This parameter is OPTIONAL. This parameter is a switch. If uses, the localhost will restart after .Net 4.7.2 is installed .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Install-DotNet472 #> function Install-DotNet472 { [CmdletBinding()] Param ( [Parameter(Mandatory=$False)] [string]$DownloadDirectory, [Parameter(Mandatory=$False)] [switch]$Restart ) $Net472Check = Get-ChildItem "HKLM:SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full\" | Get-ItemPropertyValue -Name Release | ForEach-Object { $_ -ge 461808 } if ($Net472Check) { Write-Warning ".Net 4.7.2 (or higher) is already installed! Halting!" return } $DotNet472OfflineInstallerUrl = "https://download.microsoft.com/download/6/E/4/6E48E8AB-DC00-419E-9704-06DD46E5F81D/NDP472-KB4054530-x86-x64-AllOS-ENU.exe" if (!$DownloadDirectory) {$DownloadDirectory = "$HOME\Downloads"} $OutFilePath = "$DownloadDirectory\NDP472-KB4054530-x86-x64-AllOS-ENU.exe" try { $WebClient = [System.Net.WebClient]::new() $WebClient.Downloadfile($DotNet472OfflineInstallerUrl, $OutFilePath) $WebClient.Dispose() } catch { Invoke-WebRequest -Uri $DotNet472OfflineInstallerUrl -OutFile $OutFilePath } if ($Restart) { & "$HOME\Downloads\NDP472-KB4054530-x86-x64-AllOS-ENU.exe" /q } else { & "$HOME\Downloads\NDP472-KB4054530-x86-x64-AllOS-ENU.exe" /q /norestart } while ($(Get-Process | Where-Object {$_.Name -like "*NDP472*"})) { Write-Host "Installing .Net Framework 4.7.2 ..." Start-Sleep -Seconds 5 } Write-Host ".Net Framework 4.7.2 was installed successfully!" -ForegroundColor Green if (!$Restart) { Write-Warning "You MUST restart $env:ComputerName in order to use .Net Framework 4.7.2! Please do so at your earliest convenience." } } <# .SYNOPSIS Creates a new environment variable specified by name, type and data. .DESCRIPTION Creates a new environment variable specified by name, type and data. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Administrators .PARAMETER name This parameter is MANDATORY. TODO .PARAMETER value This parameter is MANDATORY. TODO .PARAMETER type This parameter is MANDATORY. TODO .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> New-EnvironmentVariable -name "TestVar" -value "TestValue" -type "User" #> function New-EnvironmentVariable { param( [Parameter(Mandatory = $True)] [String] $name, [Parameter(Mandatory = $True)] [String] $value, [Parameter(Mandatory = $True)] [String] $type ) Set-StrictMode -Version 5.0 If ([Environment]::GetEnvironmentVariable($name, $type) -eq $null) { return [Environment]::SetEnvironmentVariable($name, $value, $type) } Else { Write-Error "An environment variable of this name and type already exists." } } <# .SYNOPSIS The New-Runspace function creates a Runspace that executes the specified ScriptBlock in the background and posts results to a Global Variable called $global:RSSyncHash. .DESCRIPTION See .SYNOPSIS .NOTES .PARAMETER RunspaceName This parameter is MANDATORY. This parameter takes a string that represents the name of the new Runspace that you are creating. The name is represented as a key in the $global:RSSyncHash variable called: <RunspaceName>Result .PARAMETER ScriptBlock This parameter is MANDATORY. This parameter takes a scriptblock that will be executed in the new Runspace. .PARAMETER MirrorCurrentEnv This parameter is OPTIONAL, however, it is set to $True by default. This parameter is a switch. If used, all variables, functions, and Modules that are loaded in your current scope will be forwarded to the new Runspace. You can prevent the New-Runspace function from automatically mirroring your current environment by using this switch like: -MirrorCurrentEnv:$False .PARAMETER Wait This parameter is OPTIONAL. This parameter is a switch. If used, the main PowerShell thread will wait for the Runsapce to return output before proceeeding. .EXAMPLE # Open a PowerShell Session, source the function, and - PS C:\Users\zeroadmin> $GetProcessResults = Get-Process # In the below, Runspace1 refers to your current interactive PowerShell Session... PS C:\Users\zeroadmin> Get-Runspace Id Name ComputerName Type State Availability -- ---- ------------ ---- ----- ------------ 1 Runspace1 localhost Local Opened Busy # The below will create a 'Runspace Manager Runspace' (if it doesn't already exist) # to manage all other new Runspaces created by the New-Runspace function. # Additionally, it will create the Runspace that actually runs the -ScriptBlock. # The 'Runspace Manager Runspace' disposes of new Runspaces when they're # finished running. PS C:\Users\zeroadmin> New-RunSpace -RunSpaceName PSIds -ScriptBlock {$($GetProcessResults | Where-Object {$_.Name -eq "powershell"}).Id} # The 'Runspace Manager Runspace' persists just in case you create any additional # Runspaces, but the Runspace that actually ran the above -ScriptBlock does not. # In the below, 'Runspace2' is the 'Runspace Manager Runspace. PS C:\Users\zeroadmin> Get-Runspace Id Name ComputerName Type State Availability -- ---- ------------ ---- ----- ------------ 1 Runspace1 localhost Local Opened Busy 2 Runspace2 localhost Local Opened Busy # You can actively identify (as opposed to infer) the 'Runspace Manager Runspace' # by using one of three Global variables created by the New-Runspace function: PS C:\Users\zeroadmin> $global:RSJobCleanup.PowerShell.Runspace Id Name ComputerName Type State Availability -- ---- ------------ ---- ----- ------------ 2 Runspace2 localhost Local Opened Busy # As mentioned above, the New-RunspaceName function creates three Global # Variables. They are $global:RSJobs, $global:RSJobCleanup, and # $global:RSSyncHash. Your output can be found in $global:RSSyncHash. PS C:\Users\zeroadmin> $global:RSSyncHash Name Value ---- ----- PSIdsResult @{Done=True; Errors=; Output=System.Object[]} ProcessedJobRecords {@{Name=PSIdsHelper; PSInstance=System.Management.Automation.PowerShell; Runspace=System.Management.Automation.Runspaces.Loca... PS C:\Users\zeroadmin> $global:RSSyncHash.PSIdsResult Done Errors Output ---- ------ ------ True {1300, 2728, 2960, 3712...} PS C:\Users\zeroadmin> $global:RSSyncHash.PSIdsResult.Output 1300 2728 2960 3712 4632 # Important Note: You don't need to worry about passing variables / functions / # Modules to the Runspace. Everything in your current session/scope is # automatically forwarded by the New-Runspace function: PS C:\Users\zeroadmin> function Test-Func {'This is Test-Func output'} PS C:\Users\zeroadmin> New-RunSpace -RunSpaceName FuncTest -ScriptBlock {Test-Func} PS C:\Users\zeroadmin> $global:RSSyncHash Name Value ---- ----- FuncTestResult @{Done=True; Errors=; Output=This is Test-Func output} PSIdsResult @{Done=True; Errors=; Output=System.Object[]} ProcessedJobRecords {@{Name=PSIdsHelper; PSInstance=System.Management.Automation.PowerShell; Runspace=System.Management.Automation.Runspaces.Loca... PS C:\Users\zeroadmin> $global:RSSyncHash.FuncTestResult.Output This is Test-Func output #> function New-RunSpace { [CmdletBinding()] Param ( [Parameter(Mandatory=$True)] [string]$RunspaceName, [Parameter(Mandatory=$True)] [scriptblock]$ScriptBlock, [Parameter(Mandatory=$False)] [switch]$MirrorCurrentEnv = $True, [Parameter(Mandatory=$False)] [switch]$Wait ) #region >> Helper Functions function NewUniqueString { [CmdletBinding()] Param( [Parameter(Mandatory=$False)] [string[]]$ArrayOfStrings, [Parameter(Mandatory=$True)] [string]$PossibleNewUniqueString ) if (!$ArrayOfStrings -or $ArrayOfStrings.Count -eq 0 -or ![bool]$($ArrayOfStrings -match "[\w]")) { $PossibleNewUniqueString } else { $OriginalString = $PossibleNewUniqueString $Iteration = 1 while ($ArrayOfStrings -contains $PossibleNewUniqueString) { $AppendedValue = "_$Iteration" $PossibleNewUniqueString = $OriginalString + $AppendedValue $Iteration++ } $PossibleNewUniqueString } } #endregion >> Helper Functions #region >> Runspace Prep # Create Global Variable Names that don't conflict with other exisiting Global Variables $ExistingGlobalVariables = Get-Variable -Scope Global $DesiredGlobalVariables = @("RSSyncHash","RSJobCleanup","RSJobs") if ($ExistingGlobalVariables.Name -notcontains 'RSSyncHash') { $GlobalRSSyncHashName = NewUniqueString -PossibleNewUniqueString "RSSyncHash" -ArrayOfStrings $ExistingGlobalVariables.Name Invoke-Expression "`$global:$GlobalRSSyncHashName = [hashtable]::Synchronized(@{})" $globalRSSyncHash = Get-Variable -Name $GlobalRSSyncHashName -Scope Global -ValueOnly } else { $GlobalRSSyncHashName = 'RSSyncHash' # Also make sure that $RunSpaceName is a unique key in $global:RSSyncHash if ($RSSyncHash.Keys -contains $RunSpaceName) { $RSNameOriginal = $RunSpaceName $RunSpaceName = NewUniqueString -PossibleNewUniqueString $RunSpaceName -ArrayOfStrings $RSSyncHash.Keys if ($RSNameOriginal -ne $RunSpaceName) { Write-Warning "The RunspaceName '$RSNameOriginal' already exists. Your new RunspaceName will be '$RunSpaceName'" } } $globalRSSyncHash = $global:RSSyncHash } if ($ExistingGlobalVariables.Name -notcontains 'RSJobCleanup') { $GlobalRSJobCleanupName = NewUniqueString -PossibleNewUniqueString "RSJobCleanup" -ArrayOfStrings $ExistingGlobalVariables.Name Invoke-Expression "`$global:$GlobalRSJobCleanupName = [hashtable]::Synchronized(@{})" $globalRSJobCleanup = Get-Variable -Name $GlobalRSJobCleanupName -Scope Global -ValueOnly } else { $GlobalRSJobCleanupName = 'RSJobCleanup' $globalRSJobCleanup = $global:RSJobCleanup } if ($ExistingGlobalVariables.Name -notcontains 'RSJobs') { $GlobalRSJobsName = NewUniqueString -PossibleNewUniqueString "RSJobs" -ArrayOfStrings $ExistingGlobalVariables.Name Invoke-Expression "`$global:$GlobalRSJobsName = [System.Collections.ArrayList]::Synchronized([System.Collections.ArrayList]::new())" $globalRSJobs = Get-Variable -Name $GlobalRSJobsName -Scope Global -ValueOnly } else { $GlobalRSJobsName = 'RSJobs' $globalRSJobs = $global:RSJobs } $GlobalVariables = @($GlobalSyncHashName,$GlobalRSJobCleanupName,$GlobalRSJobsName) #Write-Host "Global Variable names are: $($GlobalVariables -join ", ")" # Prep an empty pscustomobject for the RunspaceNameResult Key in $globalRSSyncHash $globalRSSyncHash."$RunspaceName`Result" = [pscustomobject]@{} #endregion >> Runspace Prep ##### BEGIN Runspace Manager Runspace (A Runspace to Manage All Runspaces) ##### $globalRSJobCleanup.Flag = $True if ($ExistingGlobalVariables.Name -notcontains 'RSJobCleanup') { #Write-Host '$global:RSJobCleanup does NOT already exists. Creating New Runspace Manager Runspace...' $RunspaceMgrRunspace = [runspacefactory]::CreateRunspace() if ($PSVersionTable.PSEdition -ne "Core") { $RunspaceMgrRunspace.ApartmentState = "STA" } $RunspaceMgrRunspace.ThreadOptions = "ReuseThread" $RunspaceMgrRunspace.Open() # Prepare to Receive the Child Runspace Info to the RunspaceManagerRunspace $RunspaceMgrRunspace.SessionStateProxy.SetVariable("JobCleanup",$globalRSJobCleanup) $RunspaceMgrRunspace.SessionStateProxy.SetVariable("jobs",$globalRSJobs) $RunspaceMgrRunspace.SessionStateProxy.SetVariable("SyncHash",$globalRSSyncHash) $globalRSJobCleanup.PowerShell = [PowerShell]::Create().AddScript({ ##### BEGIN Runspace Manager Runspace Helper Functions ##### # Load the functions we packed up $FunctionsForSBUse | foreach { Invoke-Expression $_ } ##### END Runspace Manager Runspace Helper Functions ##### # Routine to handle completed Runspaces $ProcessedJobRecords = [System.Collections.ArrayList]::new() $SyncHash.ProcessedJobRecords = $ProcessedJobRecords while ($JobCleanup.Flag) { if ($jobs.Count -gt 0) { $Counter = 0 foreach($job in $jobs) { if ($ProcessedJobRecords.Runspace.InstanceId.Guid -notcontains $job.Runspace.InstanceId.Guid) { $job | Export-CliXml "$HOME\job$Counter.xml" -Force $CollectJobRecordPrep = Import-CliXML -Path "$HOME\job$Counter.xml" Remove-Item -Path "$HOME\job$Counter.xml" -Force $null = $ProcessedJobRecords.Add($CollectJobRecordPrep) } if ($job.AsyncHandle.IsCompleted -or $job.AsyncHandle -eq $null) { [void]$job.PSInstance.EndInvoke($job.AsyncHandle) $job.Runspace.Dispose() $job.PSInstance.Dispose() $job.AsyncHandle = $null $job.PSInstance = $null } $Counter++ } # Determine if we can have the Runspace Manager Runspace rest $temparray = $jobs.clone() $temparray | Where-Object { $_.AsyncHandle.IsCompleted -or $_.AsyncHandle -eq $null } | foreach { $temparray.remove($_) } <# if ($temparray.Count -eq 0 -or $temparray.AsyncHandle.IsCompleted -notcontains $False) { $JobCleanup.Flag = $False } #> Start-Sleep -Seconds 5 # Optional - # For realtime updates to a GUI depending on changes in data within the $globalRSSyncHash, use # a something like the following (replace with $RSSyncHash properties germane to your project) <# if ($RSSyncHash.WPFInfoDatagrid.Items.Count -ne 0 -and $($RSSynchash.IPArray.Count -ne 0 -or $RSSynchash.IPArray -ne $null)) { if ($RSSyncHash.WPFInfoDatagrid.Items.Count -ge $RSSynchash.IPArray.Count) { Update-Window -Control $RSSyncHash.WPFInfoPleaseWaitLabel -Property Visibility -Value "Hidden" } } #> } } }) # Start the RunspaceManagerRunspace $globalRSJobCleanup.PowerShell.Runspace = $RunspaceMgrRunspace $globalRSJobCleanup.Thread = $globalRSJobCleanup.PowerShell.BeginInvoke() } ##### END Runspace Manager Runspace ##### ##### BEGIN New Generic Runspace ##### $GenericRunspace = [runspacefactory]::CreateRunspace() if ($PSVersionTable.PSEdition -ne "Core") { $GenericRunspace.ApartmentState = "STA" } $GenericRunspace.ThreadOptions = "ReuseThread" $GenericRunspace.Open() # Pass the $globalRSSyncHash to the Generic Runspace so it can read/write properties to it and potentially # coordinate with other runspaces $GenericRunspace.SessionStateProxy.SetVariable("SyncHash",$globalRSSyncHash) # Pass $globalRSJobCleanup and $globalRSJobs to the Generic Runspace so that the Runspace Manager Runspace can manage it $GenericRunspace.SessionStateProxy.SetVariable("JobCleanup",$globalRSJobCleanup) $GenericRunspace.SessionStateProxy.SetVariable("Jobs",$globalRSJobs) $GenericRunspace.SessionStateProxy.SetVariable("ScriptBlock",$ScriptBlock) # Pass all other notable environment characteristics if ($MirrorCurrentEnv) { [System.Collections.ArrayList]$SetEnvStringArray = @() $VariablesNotToForward = @('globalRSSyncHash','RSSyncHash','globalRSJobCleanUp','RSJobCleanup', 'globalRSJobs','RSJobs','ExistingGlobalVariables','DesiredGlobalVariables','$GlobalRSSyncHashName', 'RSNameOriginal','GlobalRSJobCleanupName','GlobalRSJobsName','GlobalVariables','RunspaceMgrRunspace', 'GenericRunspace','ScriptBlock') $Variables = Get-Variable foreach ($VarObj in $Variables) { if ($VariablesNotToForward -notcontains $VarObj.Name) { try { $GenericRunspace.SessionStateProxy.SetVariable($VarObj.Name,$VarObj.Value) } catch { Write-Verbose "Skipping `$$($VarObj.Name)..." } } } # Set Environment Variables $EnvVariables = Get-ChildItem Env:\ if ($PSBoundParameters['EnvironmentVariablesToForward'] -and $EnvironmentVariablesToForward -notcontains '*') { $EnvVariables = foreach ($VarObj in $EnvVariables) { if ($EnvironmentVariablesToForward -contains $VarObj.Name) { $VarObj } } } $SetEnvVarsPrep = foreach ($VarObj in $EnvVariables) { if ([char[]]$VarObj.Name -contains '(' -or [char[]]$VarObj.Name -contains ' ') { $EnvStringArr = @( 'try {' $(' ${env:' + $VarObj.Name + '} = ' + "@'`n$($VarObj.Value)`n'@") '}' 'catch {' " Write-Verbose 'Unable to forward environment variable $($VarObj.Name)'" '}' ) } else { $EnvStringArr = @( 'try {' $(' $env:' + $VarObj.Name + ' = ' + "@'`n$($VarObj.Value)`n'@") '}' 'catch {' " Write-Verbose 'Unable to forward environment variable $($VarObj.Name)'" '}' ) } $EnvStringArr -join "`n" } $SetEnvVarsString = $SetEnvVarsPrep -join "`n" $null = $SetEnvStringArray.Add($SetEnvVarsString) # Set Modules $Modules = Get-Module if ($PSBoundParameters['ModulesToForward'] -and $ModulesToForward -notcontains '*') { $Modules = foreach ($ModObj in $Modules) { if ($ModulesToForward -contains $ModObj.Name) { $ModObj } } } $ModulesNotToForward = @('MiniLab') $SetModulesPrep = foreach ($ModObj in $Modules) { if ($ModulesNotToForward -notcontains $ModObj.Name) { $ModuleManifestFullPath = $(Get-ChildItem -Path $ModObj.ModuleBase -Recurse -File | Where-Object { $_.Name -eq "$($ModObj.Name).psd1" }).FullName $ModStringArray = @( '$tempfile = [IO.Path]::Combine([IO.Path]::GetTempPath(), [IO.Path]::GetRandomFileName())' "if (' -match '\.WinModule')) {" ' try {' " Import-Module '$($ModObj.Name)' -NoClobber -ErrorAction Stop 2>`$tempfile" ' }' ' catch {' ' try {' " Import-Module '$ModuleManifestFullPath' -NoClobber -ErrorAction Stop 2>`$tempfile" ' }' ' catch {' " Write-Warning 'Unable to Import-Module $($ModObj.Name)'" ' }' ' }' '}' 'if (Test-Path $tempfile) {' ' Remove-Item $tempfile -Force' '}' ) $ModStringArray -join "`n" } } $SetModulesString = $SetModulesPrep -join "`n" $null = $SetEnvStringArray.Add($SetModulesString) # Set Functions $Functions = Get-ChildItem Function:\ | Where-Object {![System.String]::IsNullOrWhiteSpace($_.Name)} if ($PSBoundParameters['FunctionsToForward'] -and $FunctionsToForward -notcontains '*') { $Functions = foreach ($FuncObj in $Functions) { if ($FunctionsToForward -contains $FuncObj.Name) { $FuncObj } } } $SetFunctionsPrep = foreach ($FuncObj in $Functions) { $FunctionText = Invoke-Expression $('@(${Function:' + $FuncObj.Name + '}.Ast.Extent.Text)') if ($($FunctionText -split "`n").Count -gt 1) { if ($($FunctionText -split "`n")[0] -match "^function ") { if ($($FunctionText -split "`n") -match "^'@") { Write-Warning "Unable to forward function $($FuncObj.Name) due to heredoc string: '@" } else { 'Invoke-Expression ' + "@'`n$FunctionText`n'@" } } } elseif ($($FunctionText -split "`n").Count -eq 1) { if ($FunctionText -match "^function ") { 'Invoke-Expression ' + "@'`n$FunctionText`n'@" } } } $SetFunctionsString = $SetFunctionsPrep -join "`n" $null = $SetEnvStringArray.Add($SetFunctionsString) $GenericRunspace.SessionStateProxy.SetVariable("SetEnvStringArray",$SetEnvStringArray) } $GenericPSInstance = [powershell]::Create() # Define the main PowerShell Script that will run the $ScriptBlock $null = $GenericPSInstance.AddScript({ $SyncHash."$RunSpaceName`Result" | Add-Member -Type NoteProperty -Name Done -Value $False $SyncHash."$RunSpaceName`Result" | Add-Member -Type NoteProperty -Name Errors -Value $null $SyncHash."$RunSpaceName`Result" | Add-Member -Type NoteProperty -Name ErrorsDetailed -Value $null $SyncHash."$RunspaceName`Result".Errors = [System.Collections.ArrayList]::new() $SyncHash."$RunspaceName`Result".ErrorsDetailed = [System.Collections.ArrayList]::new() $SyncHash."$RunspaceName`Result" | Add-Member -Type NoteProperty -Name ThisRunspace -Value $($(Get-Runspace)[-1]) [System.Collections.ArrayList]$LiveOutput = @() $SyncHash."$RunspaceName`Result" | Add-Member -Type NoteProperty -Name LiveOutput -Value $LiveOutput $SyncHash."$RunspaceName`Result" | Add-Member -Type NoteProperty -Name ScriptBeingRun -Value $ScriptBlock ##### BEGIN Generic Runspace Helper Functions ##### # Load the environment we packed up if ($SetEnvStringArray) { foreach ($obj in $SetEnvStringArray) { if (![string]::IsNullOrWhiteSpace($obj)) { try { Invoke-Expression $obj } catch { $null = $SyncHash."$RunSpaceName`Result".Errors.Add($_) $ErrMsg = "Problem with:`n$obj`nError Message:`n" + $($_ | Out-String) $null = $SyncHash."$RunSpaceName`Result".ErrorsDetailed.Add($ErrMsg) } } } } ##### END Generic Runspace Helper Functions ##### ##### BEGIN Script To Run ##### try { # NOTE: Depending on the content of the scriptblock, InvokeReturnAsIs() and Invoke-Command can cause # the Runspace to hang. Invoke-Expression works all the time. #$Result = $ScriptBlock.InvokeReturnAsIs() #$Result = Invoke-Command -ScriptBlock $ScriptBlock #$SyncHash."$RunSpaceName`Result" | Add-Member -Type NoteProperty -Name SBString -Value $ScriptBlock.ToString() Invoke-Expression -Command $ScriptBlock.ToString() -OutVariable Result $SyncHash."$RunSpaceName`Result" | Add-Member -Type NoteProperty -Name Output -Value $Result } catch { $SyncHash."$RunSpaceName`Result" | Add-Member -Type NoteProperty -Name Output -Value $Result $null = $SyncHash."$RunSpaceName`Result".Errors.Add($_) $ErrMsg = "Problem with:`n$($ScriptBlock.ToString())`nError Message:`n" + $($_ | Out-String) $null = $SyncHash."$RunSpaceName`Result".ErrorsDetailed.Add($ErrMsg) } ##### END Script To Run ##### $SyncHash."$RunSpaceName`Result".Done = $True }) # Start the Generic Runspace $GenericPSInstance.Runspace = $GenericRunspace if ($Wait) { # The below will make any output of $GenericRunspace available in $Object in current scope $Object = New-Object 'System.Management.Automation.PSDataCollection[psobject]' $GenericAsyncHandle = $GenericPSInstance.BeginInvoke($Object,$Object) $GenericRunspaceInfo = [pscustomobject]@{ Name = $RunSpaceName + "Generic" PSInstance = $GenericPSInstance Runspace = $GenericRunspace AsyncHandle = $GenericAsyncHandle } $null = $globalRSJobs.Add($GenericRunspaceInfo) #while ($globalRSSyncHash."$RunSpaceName`Done" -ne $True) { while ($GenericAsyncHandle.IsCompleted -ne $True) { #Write-Host "Waiting for -ScriptBlock to finish..." Start-Sleep -Milliseconds 10 } $globalRSSyncHash."$RunspaceName`Result".Output #$Object } else { $HelperRunspace = [runspacefactory]::CreateRunspace() if ($PSVersionTable.PSEdition -ne "Core") { $HelperRunspace.ApartmentState = "STA" } $HelperRunspace.ThreadOptions = "ReuseThread" $HelperRunspace.Open() # Pass the $globalRSSyncHash to the Helper Runspace so it can read/write properties to it and potentially # coordinate with other runspaces $HelperRunspace.SessionStateProxy.SetVariable("SyncHash",$globalRSSyncHash) # Pass $globalRSJobCleanup and $globalRSJobs to the Helper Runspace so that the Runspace Manager Runspace can manage it $HelperRunspace.SessionStateProxy.SetVariable("JobCleanup",$globalRSJobCleanup) $HelperRunspace.SessionStateProxy.SetVariable("Jobs",$globalRSJobs) # Set any other needed variables in the $HelperRunspace $HelperRunspace.SessionStateProxy.SetVariable("GenericRunspace",$GenericRunspace) $HelperRunspace.SessionStateProxy.SetVariable("GenericPSInstance",$GenericPSInstance) $HelperRunspace.SessionStateProxy.SetVariable("RunSpaceName",$RunSpaceName) $HelperPSInstance = [powershell]::Create() # Define the main PowerShell Script that will run the $ScriptBlock $null = $HelperPSInstance.AddScript({ ##### BEGIN Script To Run ##### # The below will make any output of $GenericRunspace available in $Object in current scope $Object = New-Object 'System.Management.Automation.PSDataCollection[psobject]' $GenericAsyncHandle = $GenericPSInstance.BeginInvoke($Object,$Object) $GenericRunspaceInfo = [pscustomobject]@{ Name = $RunSpaceName + "Generic" PSInstance = $GenericPSInstance Runspace = $GenericRunspace AsyncHandle = $GenericAsyncHandle } $null = $Jobs.Add($GenericRunspaceInfo) #while ($SyncHash."$RunSpaceName`Done" -ne $True) { while ($GenericAsyncHandle.IsCompleted -ne $True) { #Write-Host "Waiting for -ScriptBlock to finish..." Start-Sleep -Milliseconds 10 } ##### END Script To Run ##### }) # Start the Helper Runspace $HelperPSInstance.Runspace = $HelperRunspace $HelperAsyncHandle = $HelperPSInstance.BeginInvoke() $HelperRunspaceInfo = [pscustomobject]@{ Name = $RunSpaceName + "Helper" PSInstance = $HelperPSInstance Runspace = $HelperRunspace AsyncHandle = $HelperAsyncHandle } $null = $globalRSJobs.Add($HelperRunspaceInfo) } ##### END Generic Runspace } <# .SYNOPSIS Removes an environment variable specified by name and type. .DESCRIPTION Removes an environment variable specified by name and type. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Administrators .PARAMETER name This parameter is MANDATORY. TODO .PARAMETER type This parameter is MANDATORY. TODO .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Remove-EnvironmentVariable -name "TestVar" -type "User" #> function Remove-EnvironmentVariable { param( [Parameter(Mandatory = $True)] [String] $name, [Parameter(Mandatory = $True)] [String] $type ) Set-StrictMode -Version 5.0 If ([Environment]::GetEnvironmentVariable($name, $type) -eq $null) { Write-Error "An environment variable of this name and type does not exist." } Else { [Environment]::SetEnvironmentVariable($name, $null, $type) } } <# .SYNOPSIS Sets a computer and/or its domain/workgroup information. .DESCRIPTION Sets a computer and/or its domain/workgroup information. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Administrators .PARAMETER ComputerName This parameter is OPTIONAL. TODO .PARAMETER NewComputerName This parameter is OPTIONAL. TODO .PARAMETER Domain This parameter is OPTIONAL. TODO .PARAMETER NewDomain This parameter is OPTIONAL. TODO .PARAMETER Workgroup This parameter is OPTIONAL. TODO .PARAMETER UserName This parameter is OPTIONAL. TODO .PARAMETER Password This parameter is OPTIONAL. TODO .PARAMETER UserNameNew This parameter is OPTIONAL. TODO .PARAMETER PasswordNew This parameter is OPTIONAL. TODO .PARAMETER Restart This parameter is OPTIONAL. TODO .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Set-ComputerIdentification -ComputerName $env:ComputerName -NewComputerName "SQLServer01" #> function Set-ComputerIdentification { param( [Parameter(Mandatory = $False)] [string] $ComputerName = '', [Parameter(Mandatory = $False)] [string] $NewComputerName = '', [Parameter(Mandatory = $False)] [string] $Domain = '', [Parameter(Mandatory = $False)] [string] $NewDomain = '', [Parameter(Mandatory = $False)] [string] $Workgroup = '', [Parameter(Mandatory = $False)] [string] $UserName = '', [Parameter(Mandatory = $False)] [string] $Password = '', [Parameter(Mandatory = $False)] [string] $UserNameNew = '', [Parameter(Mandatory = $False)] [string] $PasswordNew = '', [Parameter(Mandatory = $False)] [switch] $Restart) function CreateDomainCred($username, $password) { $secureString = ConvertTo-SecureString $password -AsPlainText -Force $domainCreds = New-Object System.Management.Automation.PSCredential($username, $secureString) return $domainCreds } function UnjoinDomain($domain) { If ($domain) { $unjoinCreds = CreateDomainCred $UserName $Password Remove-Computer -UnjoinDomainCredential $unjoinCreds -PassThru -Force } } If ($NewDomain) { $newDomainCreds = $null If ($Domain) { UnjoinDomain $Domain $newDomainCreds = CreateDomainCred $UserNameNew $PasswordNew } else { $newDomainCreds = CreateDomainCred $UserName $Password } If ($NewComputerName) { Add-Computer -ComputerName $ComputerName -DomainName $NewDomain -Credential $newDomainCreds -Force -PassThru -NewName $NewComputerName -Restart:$Restart } Else { Add-Computer -ComputerName $ComputerName -DomainName $NewDomain -Credential $newDomainCreds -Force -PassThru -Restart:$Restart } } ElseIf ($Workgroup) { UnjoinDomain $Domain If ($NewComputerName) { Add-Computer -WorkGroupName $Workgroup -Force -PassThru -NewName $NewComputerName -Restart:$Restart } Else { Add-Computer -WorkGroupName $Workgroup -Force -PassThru -Restart:$Restart } } ElseIf ($NewComputerName) { If ($Domain) { $domainCreds = CreateDomainCred $UserName $Password Rename-Computer -NewName $NewComputerName -DomainCredential $domainCreds -Force -PassThru -Restart:$Restart } Else { Rename-Computer -NewName $NewComputerName -Force -PassThru -Restart:$Restart } } } <# .SYNOPSIS Updates or renames an environment variable specified by name, type, data and previous data. .DESCRIPTION Updates or Renames an environment variable specified by name, type, data and previrous data. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Administrators .PARAMETER oldName This parameter is MANDATORY. TODO .PARAMETER newName This parameter is MANDATORY. TODO .PARAMETER value This parameter is MANDATORY. TODO .PARAMETER type This parameter is MANDATORY. TODO .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Set-EnvironmentVariable -oldName "OldVar" -newName "NewVar" -value "thing1" -type "User" #> function Set-EnvironmentVariable { param( [Parameter(Mandatory = $True)] [String] $oldName, [Parameter(Mandatory = $True)] [String] $newName, [Parameter(Mandatory = $True)] [String] $value, [Parameter(Mandatory = $True)] [String] $type ) Set-StrictMode -Version 5.0 $nameChange = $false if ($newName -ne $oldName) { $nameChange = $true } If (-not [Environment]::GetEnvironmentVariable($oldName, $type)) { @{ Status = "currentMissing" } return } If ($nameChange -and [Environment]::GetEnvironmentVariable($newName, $type)) { @{ Status = "targetConflict" } return } If ($nameChange) { [Environment]::SetEnvironmentVariable($oldName, $null, $type) [Environment]::SetEnvironmentVariable($newName, $value, $type) @{ Status = "success" } } Else { [Environment]::SetEnvironmentVariable($newName, $value, $type) @{ Status = "success" } } } <# .SYNOPSIS Sets a computer's remote desktop settings. .DESCRIPTION Sets a computer's remote desktop settings. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Administrators .PARAMETER AllowRemoteDesktop This parameter is OPTIONAL. TODO .PARAMETER AllowRemoteDesktopWithNLA This parameter is OPTIONAL. TODO .PARAMETER EnableRemoteApp This parameter is OPTIONAL. TODO .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Set-RemoteDesktop -AllowRemoteDesktop #> function Set-RemoteDesktop { param( [Parameter(Mandatory = $False)] [boolean] $AllowRemoteDesktop, [Parameter(Mandatory = $False)] [boolean] $AllowRemoteDesktopWithNLA, [Parameter(Mandatory=$False)] [boolean] $EnableRemoteApp) Import-Module NetSecurity Import-Module Microsoft.PowerShell.Management $regKey1 = 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server' $regKey2 = 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' $keyProperty1 = "fDenyTSConnections" $keyProperty2 = "UserAuthentication" $keyProperty3 = "EnableRemoteApp" $keyPropertyValue1 = $(if ($AllowRemoteDesktop -eq $True) { 0 } else { 1 }) $keyPropertyValue2 = $(if ($AllowRemoteDesktopWithNLA -eq $True) { 1 } else { 0 }) $keyPropertyValue3 = $(if ($EnableRemoteApp -eq $True) { 1 } else { 0 }) if (!(Test-Path $regKey1)) { New-Item -Path $regKey1 -Force | Out-Null } New-ItemProperty -Path $regKey1 -Name $keyProperty1 -Value $keyPropertyValue1 -PropertyType DWORD -Force | Out-Null New-ItemProperty -Path $regKey1 -Name $keyProperty3 -Value $keyPropertyValue3 -PropertyType DWORD -Force | Out-Null if (!(Test-Path $regKey2)) { New-Item -Path $regKey2 -Force | Out-Null } New-ItemProperty -Path $regKey2 -Name $keyProperty2 -Value $keyPropertyValue2 -PropertyType DWORD -Force | Out-Null Enable-NetFirewallRule -DisplayGroup 'Remote Desktop' } <# .SYNOPSIS Start Disk Performance monitoring. .DESCRIPTION Start Disk Performance monitoring. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Administrators .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Start-DiskPerf #> function Start-DiskPerf { # Update the registry key at HKLM:SYSTEM\\CurrentControlSet\\Services\\Partmgr # EnableCounterForIoctl = DWORD 3 & diskperf -Y } <# .SYNOPSIS Stop Disk Performance monitoring. .DESCRIPTION Stop Disk Performance monitoring. .NOTES This function is pulled directly from the real Microsoft Windows Admin Center PowerShell scripts use rights (according to Microsoft): We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein. ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE. .ROLE Administrators .EXAMPLE # Open an elevated PowerShell Session, import the module, and - PS C:\Users\zeroadmin> Stop-DiskPerf #> function Stop-DiskPerf { # Update the registry key at HKLM:SYSTEM\\CurrentControlSet\\Services\\Partmgr # EnableCounterForIoctl = DWORD 1 & diskperf -N } # Can't just install and import UniversalDashboard.Community automatically because of interactive license agreement prompt. So, it must be done # manually before trying to import PUDAdminCenterPrototype. if (![bool]$(Get-Module -ListAvailable UniversalDashboard.Community)) { $InstallPUDCommunityMsg = "Please install the UniversalDashboard.Community PowerShell Module via...`n Install-Module UniversalDashboard.Community`n..." + "and try importing the PUDAdminCenterPrototype Module in a fresh Windows PowerShell 5.1 session." Write-Warning $InstallPUDCommunityMsg Write-Warning "The $ThisModule Module was NOT loaded successfully! Please run:`n Remove-Module $ThisModule" $global:FunctionResult = "1" return } if (![bool]$(Get-Module UniversalDashboard.Community)) { try { Import-Module UniversalDashboard.Community -ErrorAction Stop } catch { Write-Error $_ Write-Warning "The $ThisModule Module was NOT loaded successfully! Please run:`n Remove-Module $ThisModule" $global:FunctionResult = "1" return # The below is commented out because there's some concern about whether installing .Net 4.7.2 automatically on Module Import is a good practice <# if ($_.Exception.Message -match "\.Net Framework") { $Net472Check = Get-ChildItem "HKLM:SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full\" | Get-ItemPropertyValue -Name Release | ForEach-Object { $_ -ge 461808 } if (!$Net472Check) { try { Write-Host "Installing .Net Framework 4.7.2 ... This will take a little while, and you will need to restart afterwards..." #$InstallDotNet47Result = Install-Program -ProgramName dotnet4.7.2 -ErrorAction Stop Install-DotNet472 -DownloadDirectory "$HOME\Downloads" -ErrorAction Stop } catch { Write-Error $_ Write-Warning ".Net Framework 4.7.2 was NOT installed successfully." Write-Warning "The $ThisModule Module will NOT be loaded. Please run`n Remove-Module $ThisModule" $global:FunctionResult = "1" return } } else { Write-Error $_ Write-Warning ".Net Framework 4.7.2 is already installed! Please review the above error message before using the $ThisModule Module!" Write-Warning "The $ThisModule Module will NOT be loaded. Please run`n Remove-Module $ThisModule" $global:FunctionResult = "1" return } Write-Warning ".Net Framework 4.7.2 was installed successfully, however *****you must restart $env:ComputerName***** before using the $ThisModule Module! Halting!" return } else { Write-Error $_ Write-Warning "The $ThisModule Module was NOT loaded successfully! Please run:`n Remove-Module $ThisModule" $global:FunctionResult = "1" return } #> } } [System.Collections.ArrayList]$script:FunctionsForSBUse = @( ${Function:AddWinRMTrustedHost}.Ast.Extent.Text ${Function:AddWinRMTrustLocalHost}.Ast.Extent.Text ${Function:EnableWinRMViaRPC}.Ast.Extent.Text ${Function:GetComputerObjectsInLDAP}.Ast.Extent.Text ${Function:GetDomainController}.Ast.Extent.Text ${Function:GetElevation}.Ast.Extent.Text ${Function:GetGroupObjectsInLDAP}.Ast.Extent.Text ${Function:GetModuleDependencies}.Ast.Extent.Text ${Function:GetNativePath}.Ast.Extent.Text ${Function:GetUserObjectsInLDAP}.Ast.Extent.Text ${Function:GetWorkingCredentials}.Ast.Extent.Text ${Function:InstallFeatureDism}.Ast.Extent.Text ${Function:InvokeModuleDependencies}.Ast.Extent.Text ${Function:InvokePSCompatibility}.Ast.Extent.Text ${Function:ManualPSGalleryModuleInstall}.Ast.Extent.Text ${Function:NewUniqueString}.Ast.Extent.Text ${Function:ResolveHost}.Ast.Extent.Text ${Function:TestIsValidIPAddress}.Ast.Extent.Text ${Function:TestLDAP}.Ast.Extent.Text ${Function:TestPort}.Ast.Extent.Text ${Function:TestSSH}.Ast.Extent.Text ${Function:UnzipFile}.Ast.Extent.Text ${Function:Get-CertificateOverview}.Ast.Extent.Text ${Function:Get-Certificates}.Ast.Extent.Text ${Function:Get-CimPnpEntity}.Ast.Extent.Text ${Function:Get-EnvironmentVariables}.Ast.Extent.Text ${Function:Get-EventLogSummary}.Ast.Extent.Text ${Function:Get-FirewallProfile}.Ast.Extent.Text ${Function:Get-FirewallRules}.Ast.Extent.Text ${Function:Get-IPRange}.Ast.Extent.Text ${Function:Get-LocalGroups}.Ast.Extent.Text ${Function:Get-LocalGroupUsers}.Ast.Extent.Text ${Function:Get-LocalUserBelongGroups}.Ast.Extent.Text ${Function:Get-LocalUsers}.Ast.Extent.Text ${Function:Get-Networks}.Ast.Extent.Text ${Function:Get-PendingUpdates}.Ast.Extent.Text ${Function:Get-Processes}.Ast.Extent.Text ${Function:Get-PUDAdminCenter}.Ast.Extent.Text ${Function:Get-RegistrySubKeys}.Ast.Extent.Text ${Function:Get-RegistryValues}.Ast.Extent.Text ${Function:Get-RemoteDesktop}.Ast.Extent.Text ${Function:Get-ScheduledTasks}.Ast.Extent.Text ${Function:Get-ServerInventory}.Ast.Extent.Text ${Function:Get-StorageDisk}.Ast.Extent.Text ${Function:Get-StorageFileShare}.Ast.Extent.Text ${Function:Get-StorageVolume}.Ast.Extent.Text ${Function:Get-WUAHistory}.Ast.Extent.Text ${Function:Install-DotNet472}.Ast.Extent.Text ${Function:New-EnvironmentVariable}.Ast.Extent.Text ${Function:New-Runspace}.Ast.Extent.Text ${Function:Remove-EnvironmentVariable}.Ast.Extent.Text ${Function:Set-ComputerIdentification}.Ast.Extent.Text ${Function:Set-EnvironmentVariable}.Ast.Extent.Text ${Function:Set-RemoteDesktop}.Ast.Extent.Text ${Function:Start-DiskPerf}.Ast.Extent.Text ${Function:Stop-DiskPerf}.Ast.Extent.Text ) # SIG # Begin signature block # MIIMiAYJKoZIhvcNAQcCoIIMeTCCDHUCAQExCzAJBgUrDgMCGgUAMGkGCisGAQQB # gjcCAQSgWzBZMDQGCisGAQQBgjcCAR4wJgIDAQAABBAfzDtgWUsITrck0sYpfvNR # AgEAAgEAAgEAAgEAAgEAMCEwCQYFKw4DAhoFAAQU8wThTap4g0F6ZtMkq627sQTK # sHygggn9MIIEJjCCAw6gAwIBAgITawAAAB/Nnq77QGja+wAAAAAAHzANBgkqhkiG # 9w0BAQsFADAwMQwwCgYDVQQGEwNMQUIxDTALBgNVBAoTBFpFUk8xETAPBgNVBAMT # CFplcm9EQzAxMB4XDTE3MDkyMDIxMDM1OFoXDTE5MDkyMDIxMTM1OFowPTETMBEG # CgmSJomT8ixkARkWA0xBQjEUMBIGCgmSJomT8ixkARkWBFpFUk8xEDAOBgNVBAMT # B1plcm9TQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCwqv+ROc1 # bpJmKx+8rPUUfT3kPSUYeDxY8GXU2RrWcL5TSZ6AVJsvNpj+7d94OEmPZate7h4d # gJnhCSyh2/3v0BHBdgPzLcveLpxPiSWpTnqSWlLUW2NMFRRojZRscdA+e+9QotOB # aZmnLDrlePQe5W7S1CxbVu+W0H5/ukte5h6gsKa0ktNJ6X9nOPiGBMn1LcZV/Ksl # lUyuTc7KKYydYjbSSv2rQ4qmZCQHqxyNWVub1IiEP7ClqCYqeCdsTtfw4Y3WKxDI # JaPmWzlHNs0nkEjvnAJhsRdLFbvY5C2KJIenxR0gA79U8Xd6+cZanrBUNbUC8GCN # wYkYp4A4Jx+9AgMBAAGjggEqMIIBJjASBgkrBgEEAYI3FQEEBQIDAQABMCMGCSsG # AQQBgjcVAgQWBBQ/0jsn2LS8aZiDw0omqt9+KWpj3DAdBgNVHQ4EFgQUicLX4r2C # Kn0Zf5NYut8n7bkyhf4wGQYJKwYBBAGCNxQCBAweCgBTAHUAYgBDAEEwDgYDVR0P # AQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUdpW6phL2RQNF # 7AZBgQV4tgr7OE0wMQYDVR0fBCowKDAmoCSgIoYgaHR0cDovL3BraS9jZXJ0ZGF0 # YS9aZXJvREMwMS5jcmwwPAYIKwYBBQUHAQEEMDAuMCwGCCsGAQUFBzAChiBodHRw # Oi8vcGtpL2NlcnRkYXRhL1plcm9EQzAxLmNydDANBgkqhkiG9w0BAQsFAAOCAQEA # tyX7aHk8vUM2WTQKINtrHKJJi29HaxhPaHrNZ0c32H70YZoFFaryM0GMowEaDbj0 # a3ShBuQWfW7bD7Z4DmNc5Q6cp7JeDKSZHwe5JWFGrl7DlSFSab/+a0GQgtG05dXW # YVQsrwgfTDRXkmpLQxvSxAbxKiGrnuS+kaYmzRVDYWSZHwHFNgxeZ/La9/8FdCir # MXdJEAGzG+9TwO9JvJSyoGTzu7n93IQp6QteRlaYVemd5/fYqBhtskk1zDiv9edk # mHHpRWf9Xo94ZPEy7BqmDuixm4LdmmzIcFWqGGMo51hvzz0EaE8K5HuNvNaUB/hq # MTOIB5145K8bFOoKHO4LkTCCBc8wggS3oAMCAQICE1gAAAH5oOvjAv3166MAAQAA # AfkwDQYJKoZIhvcNAQELBQAwPTETMBEGCgmSJomT8ixkARkWA0xBQjEUMBIGCgmS # JomT8ixkARkWBFpFUk8xEDAOBgNVBAMTB1plcm9TQ0EwHhcNMTcwOTIwMjE0MTIy # WhcNMTkwOTIwMjExMzU4WjBpMQswCQYDVQQGEwJVUzELMAkGA1UECBMCUEExFTAT # BgNVBAcTDFBoaWxhZGVscGhpYTEVMBMGA1UEChMMRGlNYWdnaW8gSW5jMQswCQYD # VQQLEwJJVDESMBAGA1UEAxMJWmVyb0NvZGUyMIIBIjANBgkqhkiG9w0BAQEFAAOC # AQ8AMIIBCgKCAQEAxX0+4yas6xfiaNVVVZJB2aRK+gS3iEMLx8wMF3kLJYLJyR+l # rcGF/x3gMxcvkKJQouLuChjh2+i7Ra1aO37ch3X3KDMZIoWrSzbbvqdBlwax7Gsm # BdLH9HZimSMCVgux0IfkClvnOlrc7Wpv1jqgvseRku5YKnNm1JD+91JDp/hBWRxR # 3Qg2OR667FJd1Q/5FWwAdrzoQbFUuvAyeVl7TNW0n1XUHRgq9+ZYawb+fxl1ruTj # 3MoktaLVzFKWqeHPKvgUTTnXvEbLh9RzX1eApZfTJmnUjBcl1tCQbSzLYkfJlJO6 # eRUHZwojUK+TkidfklU2SpgvyJm2DhCtssFWiQIDAQABo4ICmjCCApYwDgYDVR0P # AQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMDMB0GA1UdDgQWBBS5d2bhatXq # eUDFo9KltQWHthbPKzAfBgNVHSMEGDAWgBSJwtfivYIqfRl/k1i63yftuTKF/jCB # 6QYDVR0fBIHhMIHeMIHboIHYoIHVhoGubGRhcDovLy9DTj1aZXJvU0NBKDEpLENO # PVplcm9TQ0EsQ049Q0RQLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNl # cnZpY2VzLENOPUNvbmZpZ3VyYXRpb24sREM9emVybyxEQz1sYWI/Y2VydGlmaWNh # dGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlv # blBvaW50hiJodHRwOi8vcGtpL2NlcnRkYXRhL1plcm9TQ0EoMSkuY3JsMIHmBggr # BgEFBQcBAQSB2TCB1jCBowYIKwYBBQUHMAKGgZZsZGFwOi8vL0NOPVplcm9TQ0Es # Q049QUlBLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENO # PUNvbmZpZ3VyYXRpb24sREM9emVybyxEQz1sYWI/Y0FDZXJ0aWZpY2F0ZT9iYXNl # P29iamVjdENsYXNzPWNlcnRpZmljYXRpb25BdXRob3JpdHkwLgYIKwYBBQUHMAKG # Imh0dHA6Ly9wa2kvY2VydGRhdGEvWmVyb1NDQSgxKS5jcnQwPQYJKwYBBAGCNxUH # BDAwLgYmKwYBBAGCNxUIg7j0P4Sb8nmD8Y84g7C3MobRzXiBJ6HzzB+P2VUCAWQC # AQUwGwYJKwYBBAGCNxUKBA4wDDAKBggrBgEFBQcDAzANBgkqhkiG9w0BAQsFAAOC # AQEAszRRF+YTPhd9UbkJZy/pZQIqTjpXLpbhxWzs1ECTwtIbJPiI4dhAVAjrzkGj # DyXYWmpnNsyk19qE82AX75G9FLESfHbtesUXnrhbnsov4/D/qmXk/1KD9CE0lQHF # Lu2DvOsdf2mp2pjdeBgKMRuy4cZ0VCc/myO7uy7dq0CvVdXRsQC6Fqtr7yob9NbE # OdUYDBAGrt5ZAkw5YeL8H9E3JLGXtE7ir3ksT6Ki1mont2epJfHkO5JkmOI6XVtg # anuOGbo62885BOiXLu5+H2Fg+8ueTP40zFhfLh3e3Kj6Lm/NdovqqTBAsk04tFW9 # Hp4gWfVc0gTDwok3rHOrfIY35TGCAfUwggHxAgEBMFQwPTETMBEGCgmSJomT8ixk # ARkWA0xBQjEUMBIGCgmSJomT8ixkARkWBFpFUk8xEDAOBgNVBAMTB1plcm9TQ0EC # E1gAAAH5oOvjAv3166MAAQAAAfkwCQYFKw4DAhoFAKB4MBgGCisGAQQBgjcCAQwx # CjAIoAKAAKECgAAwGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQwHAYKKwYBBAGC # NwIBCzEOMAwGCisGAQQBgjcCARUwIwYJKoZIhvcNAQkEMRYEFCsPukx2U+W8/kXo # BFgP14VKdSNQMA0GCSqGSIb3DQEBAQUABIIBAIx1Z8zK3mm5c8E9HANFX8luk1su # GtR9F2sAWQnjWId4G4ir96tca+vzi7gTrFPQoOvQ92HmHtaqaFhF1RqaFP4p0glI # yo8PYxPma3lSAo2frYkZFjRFnma2awRLhVvYgFsrwjNaDYDBviBJBaJEgKvoNUgb # gXsVhNAxseJYf1vE2C+eqWZngxvQ3oCrCSgtOvuWMBEWAFA8eNHv4j9j0+oU6A/5 # 9MzVIPTXkbcCxs7HMgy4m460Yd9mzOhK7raFEG+n4OZG3ClYRkqAbQa5Lf/ipWi/ # lNEoRsxDzfqvW4/F0VV4FFs6LvlSFAPCesn6iNYg5itYRCT38Tgs4wJXVQs= # SIG # End signature block |