Skip to content

Instantly share code, notes, and snippets.

View AlexAsplund's full-sized avatar

Alex Asplund AlexAsplund

27 followers · 1 following
  • Sweden
View GitHub Profile
@AlexAsplund
AlexAsplund / ADHealthCheck-NoReport.ps1
Last active June 17, 2023 01:58
<#
Author: Alex Asplund
Description:
Will perform a series of health checks on AD.
Designed to be ran on a Domain Controller as a Domain Admin
Uses WSMAN, LDAP, RPC etc to speak to other DomainControllers.
#>
@AlexAsplund
AlexAsplund / Get-EventInformation.ps1
Last active April 28, 2023 03:51
$Publishers = wevtutil ep
# Mååånga fel, antagligen pga. att inte eventet är dokumenterat OK hos provider
$ErrorActionPreference = "SilentlyContinue" # Shh sh sh
$AllEventData = Foreach($Publisher in $Publishers){
[XML]$Events = wevtutil gp $Publisher /ge /gm:true /f:xml
$Events.provider.events.event | Foreach {
[PSCustomObject]@{
event_id = $_.value
@AlexAsplund
AlexAsplund / Test-AdhcDcDiag.ps1
Last active April 28, 2023 03:41
Class AdhcResult {
[string]$Source
[string]$TestName
[bool]$Pass
$Was
$ShouldBe
[string]$Category
[string]$Message
$Data
[string[]]$Tags
@AlexAsplund
AlexAsplund / WindowsShellOLEProperties.txt
Created August 17, 2018 20:07
System.Audio.ChannelCount
System.Audio.EncodingBitrate
System.Audio.PeakValue
System.Audio.SampleRate
System.Audio.SampleSize
System.Calendar.Duration
System.Calendar.IsOnline
System.Calendar.IsRecurring
System.Calendar.Location
System.Calendar.OptionalAttendeeAddresses
@AlexAsplund
AlexAsplund / Import-CalendarFromPublicFolder.ps1
Last active June 11, 2021 08:51
<#
.Synopsis
Script that imports a public folder calendar to a mailbox.
.DESCRIPTION
Script that imports a public folder calendar to a mailbox.
Need EWS api installed and Offce365 admin rights
.EXAMPLE
This will give the $ExchangeCredential.Username account FullAccess permissions to meetingresource1@contoso.com
After that it wil take the calendar from -PublicFolderPath and copy the items in it to meetingresource1@contoso.com calendar.
The last two actions renames the public folder calendar to 'Not used - *DATE* - <DisplayName>'
@AlexAsplund
AlexAsplund / ad-events.csv
Created April 8, 2020 10:15
event_id potential_criticality event_summary
4618 High A monitored security event pattern has occurred.
4649 High A replay attack was detected. May be a harmless false positive due to misconfiguration error.
4719 High System audit policy was changed.
4765 High SID History was added to an account.
4766 High An attempt to add SID History to an account failed.
4794 High An attempt was made to set the Directory Services Restore Mode.
4897 High Role separation enabled:
4964 High Special groups have been assigned to a new logon.
5124 High A security setting was updated on the OCSP Responder Service
@AlexAsplund
AlexAsplund / Add-OpsGenieUser.ps1
Created January 8, 2020 15:55
Function Add-OpsGenieUser {
[cmdletbinding()]
param(
[parameter(mandatory)]
[string]$UserName,
[parameter(mandatory)]
[string]$FullName,
[parameter(mandatory)]
@AlexAsplund
AlexAsplund / Get-AzureADAlertsToGraylog.ps1
Created October 30, 2019 12:24
param(
# User = ClientId Pass = Secret
[parameter(Mandatory)]
[PSCredential]$Credential,
[parameter(Mandatory)]
$TenantName
[parameter(Mandatory)]
$GelfServer
@AlexAsplund
AlexAsplund / New-AdhcResult
Last active September 26, 2019 17:42
Function New-AdhcResult {
[cmdletbinding()]
param(
# Source of the result. The computer that was tested
[parameter(ValueFromPipelineByPropertyName)]
[string]$Source = $env:COMPUTERNAME,
# Name of the test
[parameter(Mandatory,ValueFromPipelineByPropertyName)]
[string]$TestName,
@AlexAsplund
AlexAsplund / Send-AdhcResultToPrtg.ps1
Created September 1, 2019 17:12
$PRTGUrl = "http://prtg.contoso.com:5050/"
#################################
# Functions
#################################
function New-PRTGResult {
param(
[string]$Channel,
[string]$Value,
[string]$Float,