• Hi Graham, it is an fantastic to start with VSTS with IaC, eargly waiting for the Part2. Thanks Hasan

  • HI Baki,
    Your script is fantastic, I need an extra column detailed with the Group name the each user belongs to.
    Thanks,
    K. Hasan

  • Hasan mohamed posted a new activity comment 4 years, 5 months ago

    Hi Michael, thanks for the continuous feedback, I am not doubting about the user’s trust, but to avoid any accidental leaving the secrets in the systems. Yes you are correct as only the Notepad session will be killed (I believe it is common editor widely used). I am trying to minimize the consequences. Thanks Hasan

  • Hasan mohamed posted a new activity comment 4 years, 5 months ago

    deleting of the notepad from the location is possible even if the output.txt is open. Hence to avoid the output file is saved again by user I am killing only the output Notepad (not all Notepads’ process). I have given pause for the user to use it for a while and then killing it. Hope this explains 🙂

    • Oh I see. So you assume the user opens the file in Notepad. But what if he uses another editor or copies the contents to the clipboard? In my view, you either trust the user to access those secrets or you don’t. If you trust him, you must assume that he treats the secrets properly.

      • Hi Michael, thanks for the continuous feedback, I am not doubting about the user’s trust, but to avoid any accidental leaving the secrets in the systems. Yes you are correct as only the Notepad session will be killed (I believe it is common editor widely used). I am trying to minimize the consequences. Thanks Hasan

  • Hasan mohamed posted an update in the group Group logo of PowerShellPowerShell 4 years, 5 months ago

    ###########################################################################
    # 
    # Reterivesecretvaluefromvault-bulkVM.ps1
    #
    # Checks and Reterives the secret vaules for the VMs listed in the input csv file during recovery process for multiple VMs.
    # Deletes the secret output file even from the Recycle Bin and kills the session of the output file if it is open.
    #
    #
    # Version: 1.0
    # Date: 16/01/2018
    #
    # Change Log
    # Version	Description		    Date		     Modified By		
    #  1.0     	Initial Release		15/01/2018	     		hhasanmd
    #
    ###########################################################################
    
    ###########################################################################
    
    # input file should be in csv format in below file structure, Sample given below
    
    #vmnames - as the header
    #vm01 - is the vmname1
    #vm02 - is the vmname2
    #vm03 - is the vmname3 and so on
    
    ###########################################################################
    
    # Set Variables as per your wish
     
    $Subscription = "" ## Subscription of the security Vault where the secrets are stored
    $vaultname = "" 
    $inputpath = "" #have the file in csv format
    $outputpath = "C:UsershasanDocumentsHasan"
    $outputfile = "pwdrecoveryoutput-Hasan"
    
    ###########################################################################
    #
    # Do Not Modify below here
    #
    ###########################################################################
    
    Login-azurermaccount
    
    Select-AzureRMSubscription -SubscriptionName $Subscription
    
    $opfile = $outputpath+""+$outputfile+".txt"
    
    #Reads the VM names from the input file
    
    $vmname = @()
    
    Try
    {
    $file = Import-csv $inputpath -ErrorAction Stop
    }
    Catch
    { "Input File is missing in the given path, please check and rerun the script"}
    
    Foreach ($entry in $file){
    
    $vmname = $($entry.vmnames)
    
    #Recovers the secrets from the Security Vault
    $secret = Get-AzureKeyVaultSecret -VaultName $vaultname -name $vmname
    $secret | Select-Object Name, SecretValueText | export-csv -Append -Path $opfile -Force
    echo "NOTICE: Once you hit the Enter key the outputfile will get deleted as best practice."
    }
    pause
    
    $mainwindow = $outputfile + " - Notepad"
    
    
    get-Process | where-Object {$_.mainWindowTitle -eq $mainwindow } | Stop-Process
    
    
    Remove-Item -Path $opfile -Recurse -Force -ErrorAction SilentlyContinue
    
    echo "Successfully deleted the secret outputfile :)"
    avatar
    • Thanks for posting in the PowerShell group. You’ve just successfully tested my code that prevents that such posts appear in the news section. 😉

      I wonder why you kill the Notepad process at the end?

      • deleting of the notepad from the location is possible even if the output.txt is open. Hence to avoid the output file is saved again by user I am killing only the output Notepad (not all Notepads’ process). I have given pause for the user to use it for a while and then killing it. Hope this explains 🙂

        • Oh I see. So you assume the user opens the file in Notepad. But what if he uses another editor or copies the contents to the clipboard? In my view, you either trust the user to access those secrets or you don’t. If you trust him, you must assume that he treats the secrets properly.

          • Hi Michael, thanks for the continuous feedback, I am not doubting about the user’s trust, but to avoid any accidental leaving the secrets in the systems. Yes you are correct as only the Notepad session will be killed (I believe it is common editor widely used). I am trying to minimize the consequences. Thanks Hasan

  • Fantastic, Complicated scenario explained in a simple way. Thanks Adam for your post

  • Hasan mohamed liked comment of Roman Gelman on Reading Azure VM name, IP address, and hostname with PowerShell. (So far, Roman Gelman has 1 likes for this comment.) 4 years, 5 months ago

  • Hasan mohamed liked comment of Baki Onur Okutucu on Report Azure resource usage with PowerShell. (So far, Baki Onur Okutucu has 1 likes for this comment.) 4 years, 6 months ago

  • Hi,

    This script is fantastic, but I have problem in my scenario. I want to capture the Number of NSG Rules within the NSG. The command

    Get-AzureRmNetworkUsage -Location $location | select resourcetype,currentvalue,limit

    Result: I am NOT getting the actual currentvalue on the number of rules instead I get zero. But in portal I have 146 rules.

    Any help…

    Thanks,

    K. Hasan

  • Hasan mohamed became a registered member 4 years, 6 months ago

© 4sysops 2006 - 2022

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account