Monday, December 30, 2019

To many msi*.tmp files

Found this issue on a old windows 7 machine.

upgraded to 10, but the files where still there


https://www.tenforums.com/general-support/51923-cannot-delete-tmp-folders.html


lots of msi*.tmp files

FOR /F "delims=*" %I IN ('DIR /B "C:\msi*"') DO ( TAKEOWN /F "%I" /R && RD /Q /S "%I" )

Wednesday, October 23, 2019

Check if Windows update is disabled

$(Get-ItemProperty -Path Registry::HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer -name NoWindowsUpdate).NoWindowsUpdate


if value = 1 then yes
0 = no

ref
https://docs.microsoft.com/en-us/powershell/scripting/samples/working-with-registry-entries?view=powershell-6


Auto Update Settings
$AUSettings = (New-Object -com "Microsoft.Update.AutoUpdate").Settings
$AUSettings



Thursday, October 17, 2019

Email files via PowerShell

# Email files
# Requires Powershell Version 5.1 or higher check with $PSVersionTable

$FolderTarget = '\\SomeFolder'
$FolderMove = "\\SomeFolder\Move"
$emailFrom = "from@domain.com"
$emailTo = "tosomeone@domain.com"
$emailSubjectPrefex = "Prefex note: "
$emailBodyPrefex = "Prefex Body: "
$smtpServerName = "smtp.domain.com"
$smtpServerPort = "25"

# Get files in Target Folder
$files = (get-childitem $FolderTarget)

# Loop through the list of files and send email
$files|ForEach-Object {
    # Select only PDF files
    if ($_.Extension -eq '.pdf') {
        $MessageHash = @{
                from        = $emailFrom
                to          = $emailTo
                subject     = $emailSubjectPrefex + $_.BaseName
                smtpserver  = $smtpServerName
                port        = $smtpServerPort
                attachments = $_.fullname
                body        = $emailBodyPrefex + $_.BaseName
            }
            Send-MailMessage $MessageHash
            # Move file to folder and add timestamp
            $ToFolder = $FolderMove + "\" + $_.BaseName + "-" `
                + $($(Get-Date -Format yymmddhhmmss-fff)) + ".pdf"
            Move-Item $_.FullName $ToFolder
    }
}

Friday, September 27, 2019

Upate Active Directory User's Manager with Powershell

Problem,

Need to replace manager for multiple users in Active Directory (AD)

Solution
First we need to find what users have a giving manager.

This script will query AD for users with given manager SAM account name.

#
#   Get AD User's Manager
#
#

Param(
    [Parameter(Mandatory=$false,
        ValueFromPipeline=$true)]
        $FindManagerSamAccountName

    ,[Parameter(Mandatory=$false,
        ValueFromPipeline=$true)]
        $FindUserSamAccountName 
)

#Check if AD is installed
$ADUsersManagers = ""
    If (!(Get-Module ActiveDirectory)) {
        Import-Module ActiveDirectory
    }

$ADUserList =""
if ([string]::IsNullOrEmpty($FindUserSamAccountName)) {
    $ADUserList = Get-ADUser -Filter { Enabled -eq $true } -Properties Manager 
    } else {
    $ADUserList = Get-ADUser -Filter {SamAccountName -eq $FindUserSamAccountName } -Properties Manager                 
    }

$ADUsersManagers = $ADUserList|Select-Object Name,SamAccountName,@{n='ManagerSamAccountName';e={(Get-aduser $_.Manager).SamAccountName}} 

   if (![string]::IsNullOrEmpty($FindManagerSamAccountName)) {
        $ADUsersManagers |Where-Object {($_.ManagerSamAccountName -eq $FindManagerSamAccountName)}
        } else {
            $ADUsersManagers}

Monday, August 12, 2019

Connect to SQL with Powershell

Connect to SQL Server with Powershell used to feed a powershell dashboard

Script post colors https://copdips.com/2018/05/grep-like-powershell-colorful-select-string.html



Param(
[Parameter(Mandatory=$false,
ValueFromPipeline=$true)]
[String[]]
$dataType=1
)
# Check if SqlServer module is installed and install it
if (!(Get-InstalledModule sqlServer)) {Install-Module -Name SqlServer}

# Param input 1 for facilites and 2 for providers, option 3 to set password
[string] $Server= "SQLServer"
[string] $Database = "myDatabase"
[string] $UserSqlQuery= @"
select * from my table
"@

[string] $UserSqlQuery2= @"
select * from my table2
"@

$outfile = "C:\support\scripts\dashboard\data\my-data1.xml"
if ($dataType -eq 3){ # Save password creds to file, must be set per machine
$c | Export-CliXml -Path 'C:\support\scripts\dashboard\data\cred.xml'
Break
}

if ($dataType -eq 2)
{$UserSqlQuery=$UserSqlQuery2
$outfile = "C:\support\scripts\dashboard\data\my-data2.xml"
}


$resultsDataTable = New-Object System.Data.DataTable
$credential = Import-CliXml -Path C:\support\scripts\dashboard\data\cred.xml


#Run SQL Command
function run-SqlQuery ($sqlServer, $sqlDatabase, $sqlQuery, $dbCreds ) {
$dbUser = $dbCreds.UserName#.Replace("\","")
$dbPass = $dbCreds.GetNetworkCredential().password
$dbDataSet=invoke-sqlcmd -query $sqlQuery -database $sqlDatabase -serverinstance $sqlServer -username $dbUser -password $dbPass
return $dbDataSet
}


$resultsDatatable = run-sqlQuery $Server $Database $UserSqlQuery $credential

$resultsDatatable |Export-Clixml -Path $outfile

Thursday, August 8, 2019

Azure VPN to WebApp



The Azure Website Application (WebApp) to VPN is used to allow a publicly facing WebApp to connect securely to back-end on primes local resources without exposing them to the public internet.
The configuration options for the WebApp to Virtual Network (VNet) to Virtual Private Network (VPN) are continuously evolving as Microsoft improves and adds new functionality.  In 2014 Azure introduced resource management as a way to manage, automate, and scale objects. This is now in general release and is called Azure Resource Management or ARM

As of March 2016 Azure has two web portals.  The Classic portal using the “manage” url and the ARM portal using the “portal” url. There is also an extensive collection of PowerShell scripting tools to manage and automate Azure. These PowerShell tools also have some different capabilities between the classic and ARM portal. At some point the classic portal will go away.

Microsoft has documented all the Azure functionality of the classic and ARM portals. Also Microsoft has some free structured training on the Microsoft Virtual Academy (MVA) site.
Links and Resources:

Classic Portal url: http://manage.windowsazure.com
ARM Portal url: http://portal.azure.com
Microsoft Virtual Academy: http://mva.microsoft.com

The below diagram shows the main parts of WebApp to VNet to VPN configuration. There are two VPN technologies used; From the Azure WebApp a Point to Site (P2S) VPN is used to connect to the VNet. From the Azure VNet to the local on premise network a Site to Site (S2S) VPN is used.

<<Diagram Here>>
Azure virtual network or VNet is a cloud based networking technology with its foundation in Ethernet and the internet protocol version 4 (IPv4).  IPv4 can be represented in the standard doted notation ie 192.168.24.3 with a gateway of 192.168.24.1 and the subnet mask of 255.255.255.0. To help with routing and to simplify the setup Azure VNet uses the Classless Inter-Domain Routing (CIDR) format to define the networks and address spaces. Azure VNets can only use the IPv4 private network address spaces; 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16.

<<Diagram Here>>
With the Azure VNet you can fully control the IP address blocks, DNS settings, security policies, and route tables.
A VNet can have multiple address spaces and multiple subnets. Each VNet can have only one gateway.
Address spaces and Subnets are defined with CIDR notation.
10.21.0.0/16 defines a “10.21” address space. With this space multiple subnets can be defined.
Subnet 1: 10.21.1.0/24
Subnet 2: 10.21.2.0/24




There are three ways to connect to the Azure Cloud; Point to Site VPN, Site to Site VPN and ExpressRoute.  ExpressRoute is not a VPN but another method to connect a local corporate enterprise or Colo network to the Azure cloud. Azure limits the VPN to around 100Mbps where ExpressRoute is a high speed network connection exceeding 1Gbps. ExpressRoute will not be covered in this document.

Azure VPN Gateway FAQ:

Point to Site (P2S) is a client based VPN technology where each client connects to the network with a shared certificate. This is how the WebApp connects to the VNet and the (S2S) VPNs.
Site to Site (S2S) is a router based VPN technology where networks are joined via routers using IP security (IPsec) (IKEv1/IKEv2) and pre-shared key security.  
What is IKE or Internet Key Exchange? https://en.wikipedia.org/wiki/Internet_Key_Exchange
There are two types of S2S VPN technologies: Policy Based and Route Based
Route Based (IKeV2) VPN more secure dynamic routing technology using IKEv2
Supported with WebApp to VPN Integration
Policy based (IKeV1) VPN is an older Static Routing technology using IKEv1
(Not Supported with WebApp to VNet integration)
When configuring S2S VPN refer to the latest compatible/validated devices at the Azure website.




Microsoft PowerShell is a powerful scripting language that extends the task automation and configuration management capabilities of the Microsoft windows desktop and server operating systems. PowerShell is built on top of the Microsoft .net programing framework using the Windows Component Object Model (COM) binary interface and the Windows Management Instrumentation (WMI) interface objects are used to access the computer’s hardware and the interworking of the windows operating system. PowerShell uses cmdlets (pronounced command-lets). These are pre-built tools used in the PowerShell scripting language to perform many tasks and functions. These cmdlets exposed most common .net functions and tools. When a specific function is not available the user can directly access the complete .net framework, WMI, and COM objects.

Microsoft has extended PowerShell into Azure with an ever growing set of command line scripting tools to manage and automate the Azure cloud service.

These tools are not part of PowerShell and must be downloaded from Microsoft. Microsoft is always adding new functionality so update when needed. But also be aware some updates can break any scripts you have built, so test the new updates on a sandbox system before updating your automation server.

Azure PowerShell command-line tools download and documentation:

After you have downloaded the tools you can access your Azure environment.  There are two login process depending on if you are using the classic or ARM portal tools.

1.       Open your PowerShell terminal as administrator.
2.       Login to Azure with the classic or ARM method. This will pop up an Azure login window.
3.       Change Subscription if needed.

PowerShell Prompt: PS C:\>

PowerShell Classic Portal login
Add-AzureAccount
Get-AzureSubscription
Select-AzureSubscription "MySubscription"

PowerShell ARM Portal login
Login-AzureRmAccount
Get-AzureRmSubscription
Set-AzureRmContext -SubscriptionId 'xxxx-xxxx-xxxx-xxxx'




The IT System Diagram

The value of the system diagram
      documentation
      system flow
      information reference


Convert origin_timestamp to PST in Excell

Using Microsoft Exchange Online Message Trace with downloaded results are in UTC in a CSV file.

ref: https://docs.microsoft.com/en-us/exchange/monitoring/trace-an-email-message/run-a-message-trace-and-view-results


origin_timestamp
2019-06-29T00:11:45.8851621Z

yyyy-mm-ddThh:mm:ss:ttttZ


To convert in Excell  from UTC to PST is - 7 hours

=DATEVALUE(LEFT(A2,10))+TIMEVALUE(MID(A2,12,10))-TIME(7,0,0)




Wednesday, August 7, 2019

Internet free speech


You have the right to post whatever you want and accept the responsibility of how others interpret it. 

Lawrence Billinghurst
Mon 12/1/2014 8:28 PM, PST

Chat GPT Says:

This statement is not entirely accurate. While it is true that individuals have the right to express themselves freely, this right is not absolute and is subject to certain limitations. For example, individuals have a responsibility to not engage in speech that is defamatory, threatening, or incites violence. Additionally, individuals may be held accountable for their words if they are found to have engaged in libel, slander, or other forms of speech that are deemed harmful to others.

Furthermore, while individuals have the right to post whatever they want, they do not have the right to control how others interpret their words. Others are free to interpret an individual's words in their own way, and the individual has no control over this. As such, it is important for individuals to be mindful of the potential impact of their words and to accept the responsibility for any harm that may result from their speech.

Saturday, July 27, 2019

Fragile VS. Brittle

Fragile VS. Brittle


In technology what is the difference?


I asked Chat GPT this.

What is the difference between a brittle and fragile system?

A brittle system is one that is likely to fail suddenly and completely when subjected to unexpected stress or changes. This type of system is characterized by a lack of resilience and a lack of ability to adapt to new circumstances.

A fragile system, on the other hand, is one that is vulnerable to damage or failure, but is not necessarily brittle. A fragile system may be able to withstand some level of stress or change before breaking down, and may be able to recover from failure or damage to some extent.

In general, brittle systems are considered to be more dangerous than fragile systems, as they are more likely to fail without warning and without any opportunity to take corrective action. Fragile systems, while still vulnerable, may be more resilient and able to adapt to changing conditions.