PowerShell

Sign in to post a link or comment!

• 

  Sponsor posted an update in the group PowerShell 3 hours, 44 minutes ago

  Webinar: Kick-start your automation journey 2022 with ScriptRunner

  

  PowerShell is great but together with ScriptRunner it becomes a real solution for every organization.
  With the new ScriptRunner features it is super easy to securely delegate administrative tasks to your help desk team and even end-users. The ScriptRunner reports and dashboards help you now to visualize infrastructure analyses and the time your organization saved by automating with ScriptRunner.
  Register for free
  Share
• Joachim Otahal commented on Install and schedule Windows updates with PowerShell 1 day, 2 hours ago

  We have 2022 January, and it still works from Powershell 2.0 on Windows Vista / Server 2008 (without R2) up to Windows 11 newest insider build. Just tested...
  Share
• Mehdi commented on Perform Active Directory security assessment using PowerShell 4 days, 6 hours ago

  Hi,
  i made some progress, the script can be used from Computer Client like Win10, and he dont need to import Active Directory modules,
  also dont need to enter config.ini DC information, it will be get automatically
  Share
• Jonathan Droesch commented on Perform Active Directory security assessment using PowerShell 5 days, 4 hours ago

  Sorry my bad, 551 was good, it's the 567 that need to be change.

  551 : $domaininfo.RIDMaster --> $domaininfo.DomainMode
  567 : $domaininfo.DomainMode --> $domaininfo.RIDMaster
  Share
• Mehdi commented on Perform Active Directory security assessment using PowerShell 5 days, 13 hours ago

  Hi Krishnamoorthi,
  as I explained above, there is the possibility of packaging the AD module, to launch the script from a client, it will be more secure than doing it on the DC itself, adjust it too to remove the static variables will be interesting, as well as a GUI, if you agree you can tell me how to contact you to optimize it
  Share
• 

  Krishnamoorthi Gopal commented on Perform Active Directory security assessment using PowerShell 6 days, 7 hours ago

  Make sure Powershell AD Module is exists from where u running the script
  Share
• Kevin H. commented on Perform Active Directory security assessment using PowerShell 6 days, 7 hours ago

  First of all, thank for the script.
  Unlikely I'm just getting one User out of the script with the following error in PowerShell:
  Get-ADUser : Not a valid Win32-FileTime.
  Parametername: fileTime
  Share
• 

  Krishnamoorthi Gopal commented on Perform Active Directory security assessment using PowerShell 6 days, 8 hours ago

  Thanks for reminding... Its updated
  Share
• Tomas commented on Perform Active Directory security assessment using PowerShell 6 days, 8 hours ago

  Thank you very much Krishnamoorthi. That was it. I am so sorry about such a stupid mistake. 🙂
  Thank you, I appreciate your help.

  Tomas
  Share
• Killian commented on Perform Active Directory security assessment using PowerShell 6 days, 8 hours ago

  Ah, of course, forgot I'd need to expand the list of properties. Used that and have now resolved them all and documented them just incase.

  Thanks again.
  Share
• 

  Krishnamoorthi Gopal commented on Perform Active Directory security assessment using PowerShell 6 days, 9 hours ago

  get-aduser -filter * -properties * | where {$_.PasswordNotRequired -eq $true}

  Try the above one
  Share
• 

  Krishnamoorthi Gopal commented on Perform Active Directory security assessment using PowerShell 6 days, 9 hours ago

  Pls remove txt from the INI file format..It is Config.ini.txt currently
  Share
• Killian commented on Perform Active Directory security assessment using PowerShell 6 days, 9 hours ago

  Thank you for this, it's really helpful and puts my mind at ease to see a lot of green. I do have a query with regards to the 'Users with Password Not Required' line though. My report found;

  10,000 odd Total Users
  3000 enabled
  7000 disabled
  1100 inactive (how many days does it use for inactivity out of interest?)
  6000 users with password not required

  It's that last line that concerns me but looking into the script it's looking at all users where 'passwordnotrequired -eq $true'. I've ran that myself with get-aduser -filter * | where {$_.PasswordNotRequired -eq $true} and I get 0 results (which I'd expect). Any thoughts on why it's pulling 6000 as part of the wider script?
  Share
• Tomas commented on Perform Active Directory security assessment using PowerShell 6 days, 9 hours ago

  Hello Krishnamoorthi,
  I took your config.ini files and put it to the same location:
  PS C:ADcheck> dir

  Directory: C:ADcheck

  Mode LastWriteTime Length Name
  ---- ------------- ------ ----
  -a---- 1/8/2022 11:31 AM 33181 AD_SecurityCheck.ps1
  -a---- 1/11/2022 7:54 AM 241 Config.ini.txt
  -a---- 1/11/2022 7:54 AM 866 Log11_01_2022-07_54_25.log
  -a---- 1/11/2022 7:54 AM 15543 Reports11_01_2022-07_54_25.htm

  PS C:ADcheck>
  Result:
  PS C:ADcheck> .AD_SecurityCheck.ps1
  Cannot find path 'C:ADcheckConfig.ini' because it does not exist.
  At C:ADcheckAD_SecurityCheck.ps1:43 char:25
  + switch -regex -file $FilePath
  + ~~~~~~~~~
  + CategoryInfo : ObjectNotFound: (C:ADcheckConfig.ini:String) [], ItemNotFoundException
  + FullyQualifiedErrorId : PathNotFound

  You cannot call a method on a null-valued expression.
  At C:ADcheckAD_SecurityCheck.ps1:82 char:1

  I have even tried to copy config.ini to C: root, but no success. And thats why I am wondering, why that issue is.
  Thank you

  Tomas
  Share
• MEHDI commented on Perform Active Directory security assessment using PowerShell 6 days, 12 hours ago

  Hello Michael,
  -the script uses hard variables which limits it to DCs in English
  -the try catch method is not efficient to return error
  -an AD module can be injected in order to be able to launch the script without prerequisite and from client
  -I even thought to make a simple GUI interface which displays the result and allows advance configuration .ini
  but like I said? is there more interest than pingCastel
  Share
• Jonathan Droesch commented on Perform Active Directory security assessment using PowerShell 6 days, 12 hours ago

  Hello guys,what a nice script, I just noticed a little error in the variable of RID master.
  Can you please edit the line 551 with $domaininfo.RIDMaster instead of $domaininfo.DomainMode ?

  Thanks
  Share
• 

  Krishnamoorthi Gopal commented on Perform Active Directory security assessment using PowerShell 6 days, 15 hours ago

  Script and INI file should be there in the same directory. Post the screenshot if you looking for the further help.

  You can take INI file from here - https://github.com/gkm-automation/AD-Security-Assessment
  Share
• Tomas commented on Perform Active Directory security assessment using PowerShell 6 days, 16 hours ago

  Hello,
  I am no as good as I expected in PowerShell, I was try to run script but cannot go trough this:
  Cannot find path 'C:ADcheckConfig.ini' because it does not exist.

  Even that file is on expected path, no success. And I think this is, what stopped me from running it.
  I will appreciate any advices.
  Thank you
  Tomas
  Share
• 

  Michael Pietroforte commented on Perform Active Directory security assessment using PowerShell 1 week ago

  Mehdi, don't be shy. It is fine to share your adjustments here.
  Share
• bc1 commented on Install PowerShell remoting over SSH 1 week ago

  sorry, I'm not using -ComputerName, but -HostName 😉
  Share
• Load More