Found this somewhere on the net and forgot to save the source website, so sorry to the author, however it's useful.
$strComputer = "computername"
$computer = [ADSI]("WinNT://" + $strComputer + ",computer")
$computer.name
$Users = $computer.psbase.children |where{$_.psbase.schemaclassname -eq "User"}
foreach ($member in $Users.psbase.syncroot)
{$member.name}
Protip
Turn it into a function or CL script by using creating a parameter based script:
param($strcomputer)
$computer = [ADSI]("WinNT://" + $strComputer + ",computer")
$computer.name
$Users = $computer.psbase.children |where{$_.psbase.schemaclassname -eq "User"}
foreach ($member in $Users.psbase.syncroot)
{$member.name}
:)
Monday, May 21, 2012
Thursday, April 26, 2012
Creating Custom Event Log Entires
If you ever want to use the event log to capture information from a script, it's actually pretty easy to do.
First you have to prepare the new entry type for the events you want to capture. Please note that both creating the new log and writing to it will require an elevated prompt.
New-EventLog -logname logname -source your_new_source
The logname can be either Application, System or Security.
Example: new-eventlog -logname System -source John
This will insert the 'John' source into the registry and allow you to then write events to the System log.
Writing an event is pretty simple as well:
Write-Eventlog -logname logname -source source -eventID number -entrytype (Information, Alert, etc) -message "a message"
I actually have written a function as I'm lazy and don't like to type that much:
Function update-eventlog
{
# Source is hardcoded to John
# EventID is hardcoded to 1
# Logname is hardcoded to System
Param($entrytype,$Message)
{
Write-Eventlog -Logname System -Source John -EventID 1 -EntryType $entrytype -message $message
}
Usage:
update-eventlog "entry type" "Message"
Example:
update-eventlog "Information" "This is a test"
Pretty Simple, huh?
First you have to prepare the new entry type for the events you want to capture. Please note that both creating the new log and writing to it will require an elevated prompt.
New-EventLog -logname logname -source your_new_source
The logname can be either Application, System or Security.
Example: new-eventlog -logname System -source John
This will insert the 'John' source into the registry and allow you to then write events to the System log.
Writing an event is pretty simple as well:
Write-Eventlog -logname logname -source source -eventID number -entrytype (Information, Alert, etc) -message "a message"
I actually have written a function as I'm lazy and don't like to type that much:
Function update-eventlog
{
# Source is hardcoded to John
# EventID is hardcoded to 1
# Logname is hardcoded to System
Param($entrytype,$Message)
{
Write-Eventlog -Logname System -Source John -EventID 1 -EntryType $entrytype -message $message
}
Usage:
update-eventlog "entry type" "Message"
Example:
update-eventlog "Information" "This is a test"
Pretty Simple, huh?
Wednesday, April 25, 2012
Function to check folder access
Ever need to quickly determine the ACL for a user in a folder and you wanted to do it in PowerShell? If so, you've realized it's not as easy as clicking on the folder properties and selecting the security tab.
The below function will check the input folder and user/group for full access to the target folder.
Usage is check-folder FOLDER USER
The script will then check the folder and see the rights. If the rights are not full control, it will set the value of $access to True. You can then use the value to do something.
function check-folder
# checks to see if the folder passed to it has full permissions
# granted for the builtin\users group.
# returns True if this is the case.
#
# Usage: check-folder "folder"
{
param($folder,$user)
$script:access=""
$acl=get-acl $folder
foreach ($accessrule in $acl.access)
{
if (($accessrule.identityreference -eq "$user") -and
($accessrule.filesystemrights -eq "FullControl"))
{
$script:access="True"
}
}}
Example:
Check-Folder c:\work "builtin\users"
if ($access -eq true)
{
write "Hey, $user has access to the $folder"
}
The below function will check the input folder and user/group for full access to the target folder.
Usage is check-folder FOLDER USER
The script will then check the folder and see the rights. If the rights are not full control, it will set the value of $access to True. You can then use the value to do something.
function check-folder
# checks to see if the folder passed to it has full permissions
# granted for the builtin\users group.
# returns True if this is the case.
#
# Usage: check-folder "folder"
{
param($folder,$user)
$script:access=""
$acl=get-acl $folder
foreach ($accessrule in $acl.access)
{
if (($accessrule.identityreference -eq "$user") -and
($accessrule.filesystemrights -eq "FullControl"))
{
$script:access="True"
}
}}
Example:
Check-Folder c:\work "builtin\users"
if ($access -eq true)
{
write "Hey, $user has access to the $folder"
}
OK....
Time to start actually using this thing. I believe what I will be doing is posting useful tidbits that I've had to engineer/find for my daily admin tasks that hopefully will be of use for others..
Wednesday, April 11, 2012
PowerShell Scripts Blog: Show-MessageBox.ps1
PowerShell Scripts Blog: Show-MessageBox.ps1
Here is a good example of integrating a GUI into Powershell. I've stolen this for my own use!
Here is a good example of integrating a GUI into Powershell. I've stolen this for my own use!
Wednesday, September 8, 2010
Delete files using a CSV file as an input and the remove-item command
Deleting mass amounts of files is easy in PowerShell. Using the Remove-Item command you can set up a CSV file to feed a list of files and their locations to the command-let and step down the list, deleting as you go.
The basic structure of the command would look like this:
$data = import-csv c:\file_inventory\deletelist.csv
foreach ($line in $data)
{
$A= $($line.fullname)
remove-item $a -recurse -force
}
To break down what's going on above:
- The $data variable is going to hold the information that's contained in the deletelist.csv file. Presumably this file will contain the paths and names of the files to be deleted.
- The FOREACH statement is stepping thru the deletelist.csv file and then feeding the data to the loop below. The script will then step thru the loop until it gets to the end of the data file.
- The loop itself contains only two things:
- $A=$($line.fullname) - let's make $a contain the information contained in the current line in the CSV file we're stepping thru. $($Line.Fullname) says: grab the information in the current $line of the $data and look in the fullname column.
- Remove-Item is equivalent to the DOS DEL command, however you can feed it a variable (in this case $a).
- Recurse - step thru any folders below the folder your in. This is used in case a folder has subfolders that will also be deleted. If this switch is not there, then the script will stop and ask you what to do.
- Force - Delete the file even if it's read only, hidden etc.
- If you want to test the above scenario you can use the -whatif switch in the remove-item statement, this will make PowerShell just show you what would have happened if you ran the command.
Tuesday, August 31, 2010
Menu Looping in Powershell
Menu Looping is pretty easy to set up in Powershell. You're basically setting a condition and looping back if that condition isn't met.
For example, we'll use $a as the variable we're keeping an eye on.
$a=0 #setting a to zero value
While ($a -ne 3)
{
Write "1. Do something"
Write "2. Do something else"
Write "3. Quit"
$a = Read-host "enter choice"
Switch ($a)
{1
{
#code
}}
The above loop will look for the numeric condition of the variable 'a' and execute switches for other blocks of powershell code for them.
For example, we'll use $a as the variable we're keeping an eye on.
$a=0 #setting a to zero value
While ($a -ne 3)
{
Write "1. Do something"
Write "2. Do something else"
Write "3. Quit"
$a = Read-host "enter choice"
Switch ($a)
{1
{
#code
}}
The above loop will look for the numeric condition of the variable 'a' and execute switches for other blocks of powershell code for them.
Subscribe to:
Posts (Atom)