Skip to content

Instantly share code, notes, and snippets.

View OmerMicrosoft's full-sized avatar

OmerMicrosoft

7 followers · 0 following
View GitHub Profile
@OmerMicrosoft
OmerMicrosoft / Add-DnsServerConditionalForwarderZone.ps1
Created December 31, 2018 22:13
Add-DnsServerConditionalForwarderZone -Name "contoso.com" -ReplicationScope "Forest"
@OmerMicrosoft
OmerMicrosoft / ChangeForestAndDomainFunctionalLevels.ps1
Created January 8, 2019 21:42
#Changing The Forest Level
$CurrentForest = Get-ADForest
Set-ADForestMode -Identity $CurrentForest -Server $CurrentForest.SchemaMaster -ForestMode Windows2008R2Forest
#Changing The Domain Level
$CurrentDomain = Get-ADDomain
Set-ADDomainMode -Identity $CurrentDomain.Name -Server $CurrentDomain.PDCEmulator -DomainMode Windows2008R2Domain
@OmerMicrosoft
OmerMicrosoft / Create-DNSScavengingRecordsReport.ps1
Last active January 8, 2019 22:15
Creates a report with DNS records stale data
Function Create-DNSScavengingRecordsReport
{
<#Creates a report with DNS records stale data.
For any record, checks if:
1)Stale record, responding to ping.
2)Stale record, NOT responding to ping.
3)Valid record, timestamp is updated (not stale).#>
$DC = (Get-ADDomainController).Name
$DNSRoot = (Get-ADDomain).DNSRoot
$DNSRecords = Get-DnsServerResourceRecord -ComputerName $DC -ZoneName $DNSRoot
@OmerMicrosoft
OmerMicrosoft / gist:796661fd6cc58c0ab4060a1e9e718473
Created April 13, 2019 07:32
WVD_AssignTenantCreatorRoleToUser.ps1
$WVDApplication = Get-AzureADServicePrincipal -Filter "displayName eq 'Windows Virtual Desktop'"
$ApplicationRole = $WVDApplication.AppRoles | Where-Object { $_.DisplayName -eq 'TenantCreator'}
$UserAccount = Get-AzureADUser -ObjectId $AzureAccount.Id
New-AzureADUserAppRoleAssignment -ObjectId $UserAccount.ObjectId -PrincipalId $UserAccount.ObjectId -ResourceId $WVDApplication.ObjectId -Id $ApplicationRole.Id
@OmerMicrosoft
OmerMicrosoft / WVD_AssignTenantCreatorRoleToUser.ps1
Created April 13, 2019 07:34
Assign the 'TenantCreator' role to a selected user for WVD (Windows Virtual Desktop)
$WVDApplication = Get-AzureADServicePrincipal -Filter "displayName eq 'Windows Virtual Desktop'"
$ApplicationRole = $WVDApplication.AppRoles | Where-Object { $_.DisplayName -eq 'TenantCreator'}
$UserAccount = Get-AzureADUser -ObjectId $AzureAccount.Id
New-AzureADUserAppRoleAssignment -ObjectId $UserAccount.ObjectId -PrincipalId $UserAccount.ObjectId -ResourceId $WVDApplication.ObjectId -Id $ApplicationRole.Id
@OmerMicrosoft
OmerMicrosoft / WVD_CreateNewRDSTenant.ps1
Created April 13, 2019 07:40
Create a new WVD (Windows Virtual Desktop) tenant
$BrokerURL = "https://rdbroker.wvd.microsoft.com"
Add-RdsAccount -DeploymentUrl $BrokerURL -Credential $Credentials
$RDSTenantName = Read-Host "Enter RDS tenant name"
$NewRDSTenant = New-RdsTenant -Name $RDSTenantName -AadTenantId $SelectedAzureSubscription.TenantId -AzureSubscriptionId $SelectedAzureSubscription.SubscriptionId
if ($NewRDSTenant) {
Write-Host "A new RDS tenant was created with the name $($NewRDSTenant.TenantName)" -ForegroundColor Green
}
else {
Write-Host "The creation of a new RDS tenant was failed." -ForegroundColor Red
}
@OmerMicrosoft
OmerMicrosoft / WVD_AddRdsUsers.ps1
Created April 23, 2019 10:06
Display the RDS users of a specific hostpool in a Windows Virtual Desktop tenant. Let you add additional RDS users to a hostpool if required.
#Get Azure admin credentials
Write-Host "Getting Azure credentials... "
$Credentials = Get-Credential -Message "Enter your Azure admin credentials"
#Add RDS Account in order to be able to change WVD configuration
$BrokerURL = "https://rdbroker.wvd.microsoft.com"
Write-Host "Adding the RDS account... " -NoNewline
Try {
Add-RdsAccount -DeploymentUrl $BrokerURL -Credential $Credentials -ErrorAction Stop | Out-Null
}
Catch {
@OmerMicrosoft
OmerMicrosoft / WVD_AssignTenantCreatorRoleAndCreatingWVDTenant.ps1
Last active April 29, 2019 09:07
Initialize the setup of Windows Virtual Desktop in Azure by assigning the 'TenantCreator' role to a selected user and creating the WVD tenant
<#Script Summary:
This PowerShell script initialize the setup of Windows Virtual Desktop in Azure.
The script include:
1.Assign the “TenantCreator” role to a user account.
2.Create a Windows Virtual Desktop tenant.
Before running this script, you should allow the Windows Virtual Desktop service to access Azure AD on the following link: https://rdweb.wvd.microsoft.com/
#>
###Install and import Required Modules###
#Install-Module Az,AzureAD,Microsoft.RDInfra.RDPowerShell -AllowClobber -Force #Remove remark if the required modules have not been installed yet.
@OmerMicrosoft
OmerMicrosoft / Create-DNSScavengingRecordsReport.ps1
Last active September 26, 2019 10:33
Creates a report with DNS records stale data
Function Create-DNSScavengingRecordsReport
{
<#The script checks any Dynamic DNS Record and decided whether it’s:
1)A stale record which responded to ping.
2)stale record which doesn’t responded to ping.
3)An updated record (not stale).#>
$DC = (Get-ADDomainController).Name
$DNSRoot = (Get-ADDomain).DNSRoot
$DNSRecords = Get-DnsServerResourceRecord -ComputerName $DC -ZoneName $DNSRoot
$DateThershold = (Get-Date).AddDays(-14)
@OmerMicrosoft
OmerMicrosoft / Get-GPMissingPermissionsGPOs.ps1
Last active July 3, 2023 18:23
Find Group Policies with Missing Permissions
#Find Group Policies with Missing Permissions
Function Get-GPMissingPermissionsGPOs
{
$MissingPermissionsGPOArray = New-Object System.Collections.ArrayList
$GPOs = Get-GPO -all
foreach ($GPO in $GPOs) {
If ($GPO.User.Enabled) {
$GPOPermissionForAuthUsers = Get-GPPermission -Guid $GPO.Id -All | select -ExpandProperty Trustee | ? {$_.Name -eq "Authenticated Users"}
$GPOPermissionForDomainComputers = Get-GPPermission -Guid $GPO.Id -All | select -ExpandProperty Trustee | ? {$_.Name -eq "Domain Computers"}
If (!$GPOPermissionForAuthUsers -and !$GPOPermissionForDomainComputers) {