Jvekka
/ gist:926f99bd91709da4106be032b1381312
Created
May 17, 2021 05:42
make ansible[azure] to work with requirements
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Requirements must be installed with the following. | |
| # Usually the error is that azure.something is missing. | |
| python3 -m pip install -r ~/.ansible/collections/ansible_collections/azure/azcollection/requirements-azure.txt | |
| # Voila. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Define time for report (default is 1 day) | |
| $startDate = (get-date).AddDays(-1) | |
| # Store successful logon events from security logs with the specified dates and workstation/IP in an array | |
| # foreach ($DC in $DCs){ | |
| # $slogonevents = Get-Eventlog -LogName Security -ComputerName $DC.Hostname -after $startDate | where {$_.eventID -eq 4624 } | |
| # } | |
| $slogonevents = Get-Eventlog -LogName Security -after $startDate | Where-Object {$_.eventID -eq 4624 } | |
| Write-host $slogonevents.count |
Jvekka
/ ansible_empty_values.yml
Last active
September 11, 2020 13:54
How to handle empty values in loops in Ansible
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Empty array [] | |
| - name: Loop through the application servers | |
| win_hosts: | |
| state: present | |
| canonical_name: "{{ hostvars[item].inventory_hostname }}" | |
| ip_address: "{{ hostvars[item].ansible_host }}" | |
| loop: "{{ groups[group_name]|default([]) }}" | |
| # Empty dictionary {} | |
| - name: Loop through the group_hosts servers |
Jvekka
/ enable-ansible-and-credssp.ps1
Last active
March 2, 2020 12:32
Enable WinRM and CredSSP as Azure provision doesn't support multiple extensions.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This file exist as only one custom extension can be run during deployment. | |
| # "Multiple VMExtensions per handler not supported for OS type 'Windows'." | |
| # Run Ansible WinRM configuration for VM | |
| Set-NetConnectionProfile -Name "Network" -NetworkCategory Private | |
| $url = "https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1" | |
| $file = "$env:temp\ConfigureRemotingForAnsible.ps1" | |
| (New-Object -TypeName System.Net.WebClient).DownloadFile($url, $file) | |
| powershell.exe -ExecutionPolicy ByPass -File $file -DisableBasicAuth -EnableCredSSP -SkipNetworkProfileCheck |
Jvekka
/ ansible-enable-credssp.ps1
Last active
January 13, 2020 09:28
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Enable CredSSP on VM in Azure to make Ansible work better from beginning. | |
| Enable-WSManCredSSP -Role Server -Force | |
| Set-Item -Path "WSMan:\localhost\Service\Auth\CredSSP" -Value $true |
Jvekka
/ UD-SSPR-MFA-Status.ps1
Created
November 7, 2019 14:27
UniversalDashboard, SSPR and MFA capabilities and registration status
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Calculating amount from user status which allows to exclude invited users '#' | |
| New-UdChart -Title "User credential usage" -Type Bar -AutoRefresh -RefreshInterval 7 @Colors -Endpoint { | |
| $uri = 'https://graph.microsoft.com/beta/reports/credentialUserRegistrationDetails' | |
| $method = 'GET' | |
| $content = Invoke-RestMethod -Method $method -Uri $uri -ContentType "application/json" -Headers @{Authorization = "Bearer $token" } -ErrorAction Stop | |
| # Counting | |
| $isRegistedCount = ($content.value | Where-Object { ($_.userPrincipalName -notlike "*#*") -and ($_.isRegistered -eq 'True') } | Measure-Object).Count | |
| $isEnabledCount = ($content.value | Where-Object { ($_.userPrincipalName -notlike "*#*") -and ($_.isEnabled -eq 'True') } | Measure-Object).Count | |
| $isCapableCount = ($content.value | Where-Object { ($_.userPrincipalName -notlike "*#*") -and ($_.isCapable -eq 'True') } | Measure-Object).Count | |
| $isMfaRegistered = ($content.value | Where-Object { ($_.userPrincipalName -notlike "*#*") -and ($_.isMfa |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Set UserPrincipalName | |
| $UserPrincipalName = 'First.Last@Example.com' | |
| $startDate = (Get-Date).AddDays(-30) | |
| $endDate = Get-Date | |
| # Get Unified Audit Log for UserLoggedIn operation | |
| $UnifiedAuditLogLogin = Search-UnifiedAuditLog -StartDate $startDate -EndDate $endDate -UserIds $UserPrincipalName -Operations UserLoggedIn | |
| # Sorting out | |
| $lastLoginDate = ($UnifiedAuditLogLogin).CreationDate | ForEach-Object { [datetime]$_ } | Select-Object -First 1 |
Jvekka
/ Get-Status-MFA.ps1
Created
November 4, 2019 07:25
Get user settings for StrongAuthenticationMethods
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $UserPrincipalName = 'First.Last@Email.com' | |
| # Get all methods available | |
| Get-MsolUser -UserPrincipalName $UserPrincipalName | Select-Object -ExpandProperty StrongAuthenticationMethods | |
| # Get only default method | |
| Get-MsolUser -UserPrincipalName $UserPrincipalName | Select-Object -ExpandProperty StrongAuthenticationMethods | Where-Object IsDefault -eq True |
Jvekka
/ Get-ActiveNetwork.ps1
Created
November 1, 2019 12:29
Get network information and adapter for active connection
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Get active network adapter and information | |
| Get-NetConnectionProfile -IPv4Connectivity Internet | Get-NetIPConfiguration |
Jvekka
/ Invoke-CommandOnVM.ps1
Created
October 25, 2019 07:42
Running scripts on remote virtual machine with arguments
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Invoking commands on Hyper-V virtual machine | |
| $VM = (Get-VM).Name | |
| $session = New-PSSession -VMName $VM -Credential $credentials | |
| # Invoking with arguments and creating path to virtual machine if not exist | |
| Invoke-Command -Session $session -ArgumentList $vagrantPkgFullPath -ScriptBlock { | |
| param ( | |
| $vagrantPkgFullPath | |
| ) | |
| if (-not(Test-Path $vagrantPkgFullPath)) |
NewerOlder