PowerShell

Read-Only Friday Nov 11, 2022

November 11, 2022 by ClaytonT Leave a Comment

With today being a holiday, and more holidays coming up in the last days of the year, send out reminders to your users to keep be extra careful when clicking on links. Attacks have been more minor so far this year, which makes me feel it’s going to ramp up shortly. For the parents, think of it when your child is quiet for too long by themselves… it usually means they are planning something or doing something they shouldn’t be doing. That’s how I feel about bad actors currently.

A few things to remind them:
- Do you normally get emails from that company service? (ie UPS, FedEx, PayPal, etc)
  - If not, don’t open it, and definitely don’t click on links or download an attachment
- Does that person normally send you links to click on? If they do, are they the type the current email is asking you to open?
  - I’ve seen it before when a company you normally work with gets compromised so spam/virus/malware protection doesn’t pick it up as it is coming from a real email, but the bad actor over took that users account and is sending links/attachments from it.
- Is the email the real identities email?
  - I know the name says it’s your president or CFO, but what is the real email sending it? It can be tougher seeing it quickly on a mobile device, but have them double check. Have them check those headers.
- Don’t respond to the email
  - When responding, you are showing them that the account is live, and they will keep on attempting to compromise that email address.
- If it looks real, contact the person/company from known number
  - If the email looks mostly real, but they don’t normally send you links, call the person/company from a known number. Nothing from that current email. If you normally contact them check previous emails or ask a coworker if they have a direct number. I would say check their website, but that could be compromised as well, so not always the best spot to get their number.

I’m sure all of these are pretty common, but it’s a great reminder for your users, especially with the end of the year rush starts happening.

What are some tips you would give to your end users?

One-Liner Wednesday Nov 9, 2022

November 9, 2022 by ClaytonT Leave a Comment

This is an oldie, but a goodie…

Unlock-ADAccount -Identity "UserName"

If you haven’t used this, and didn’t know it existed, definitely add it to your tool box. It’s so much easier than having to go into the GUI to do this.

A nice future script you could have this in is if you have multiple users get locked out, that you could pipe Get-ADUser for the group you want and filter it so only disabled show and either unlock all of them, or pipe it to Out-GridView with passthrough. This would give you a nice gridview of the users and the ones you select from it would be disabled.

Module Monday November 7, 2022

November 7, 2022 by ClaytonT Leave a Comment

It’s Monday…..

So here is a new module for today! This one is actually expanding on one liner Wednesday form last week.

This module is called “Password Solution” which allows you to easily search, review, and email users, managers, and IT about passwords expiring. You can even create specific templates to send out to depending on who is receiving it. He make makes it so easy, it makes it tough for a reason not to have something like this in place!

Another great feature is the dashboard that he provides you, which saves you a lot of time trying to make your own from the one liner last week.

PowerShell Gallery:
PasswordSolution/0.0.29

Read-Only Friday November 4, 2022

November 4, 2022 by ClaytonT Leave a Comment

It’s Friday, and today I have some great resources to keep you from doing any major unplanned changes to your network today.

Have you heard of Matthew Dowst? I hadn’t until I listened to the PowerShell Podcast on Monday. He is the man behind PS Weekly. If you haven’t heard of it, check it out in the links below. It’s a weekly recap of great PowerShell finds that he has put together.

And even better, he has a book out now(in MEAP form) that will be finished in 2023, called Practical Automation with PowerShell. I’ve already taken a quick look at it, and will be picking it up too.

Definitely check out both as well as the PowerShell Podcast if you haven’t already

PSWeekly:
PowerShell Weekly

Practical Automation with PowerShell:
Practical Automation with PowerShell

PowerShell Podcast:
PowerShell Podcast

One-Liner Wednesday November 2, 2022

November 2, 2022 by admin Leave a Comment

Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False} –Properties "DisplayName", "msDS-UserPasswordExpiryTimeComputed" |
Select-Object -Property "Displayname",@{Name="ExpiryDate";Expression={[datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")}} | sort-object ExpiryDate

Here is a one liner that find very useful and hope you do to.

You can customize it even more, but for now this one grabs all the AD User accounts that are expiring and the ones expiring first at the top. I love using this to stay in front of users passwords expiring then they can’t connect or if they are off network and is a rush to get it done.

You could even sent this up as a scheduled task and have it pull the next 2 weeks of users. Then either you reach out to them, it emails them, or it notifies your help desk to reach out to them to help change their password.

Or you could have it in your dashboard so you’d always see the next 2 weeks of users passwords expiring.

Module Monday October 31, 2022

October 31, 2022 by ClaytonT Leave a Comment

Module Monday Halloween Edition!

Know how every year you use most of the same decorations, but forget certain ones or even forget where they go? This Module is to help prevent that when building Functions and/or modules. It’s called PSModuleDevelopment by Fred.

He gives you a few stock templates to start out with, but the real test to this module is you can create your templates so you won’t forget all the standard parts to a module for a certain task. You could create a function/module template for doing something in 365 and already have your connect and disconnect built in, and/or connecting to a certain tenant.

You can even version control your templates and call certain ones directly if needed, as well as delete versions.

I just started started use this module and already a fan of it, and if you like this one definitely check out his PSFramework!

GitHub:
PSModuleDevelopment

PowerShell Gallery:
PSModuleDevelopment/2.2.11.139