This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Name: Remove-dbutil.ps1 | |
# Author: James Schlackman | |
# Last modified: May 4, 2021 | |
# Remediation of CVE-2021-21551 / DSA-2021-088 | |
# Implements remediation Step 1, Option 2 from | |
# https://www.dell.com/support/kbdoc/en-us/000186019/dsa-2021-088-dell-client-platform-security-update-for-dell-driver-insufficient-access-control-vulnerability | |
$CheckPaths = (Get-ChildItem -Attributes d -Path $env:SystemDrive\Users | Select -Property @{Label="FullName";Expression={$($_.Fullname) + "\AppData\Local\Temp"}}) + (Get-Item -Path $env:SystemRoot\Temp | Select FullName) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Name: Update-SelfServicePurchase.ps1 | |
# Author: James Schlackman | |
# Last Modified: Jul 26 2021 | |
# Disables Microsoft 365 self-service purchase for any product that has it enabled | |
# Adapted from sample script at | |
# https://docs.microsoft.com/en-us/microsoft-365/commerce/subscriptions/allowselfservicepurchase-powershell?view=o365-worldwide | |
# Install module once using elevated credentials |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Name: Remove-DisabledUnifiedGroupOwners.ps1 | |
# Author: James Schlackman | |
# Last Modified: Oct 18 2023 | |
# | |
# Checks all Office 365 Unified Groups for owners that have their accounts disabled, and removes them as owner. | |
# If the group would be left with no owners, find the first non-disabled member and promote them. | |
#Requires -Modules ExchangeOnlineManagement | |
Import-Module ExchangeOnlineManagement |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Name: Enable-DailyShadowCopy.ps1 | |
# Author: James Schlackman | |
# Last Modified: Nov 2 2023 | |
# Sets up a daily shadow copy on the system drive. Enables 'Previous Versions' functionality on non-server editions of Windows. | |
# Optionally also enables System Restore functionality. | |
Param( | |
# Drive to enable (default: system drive) | |
[Parameter()] [String] $Drive = $env:SystemDrive, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
0.0.0.0/5 | |
8.0.0.0/7 | |
11.0.0.0/8 | |
12.0.0.0/6 | |
16.0.0.0/4 | |
32.0.0.0/3 | |
64.0.0.0/2 | |
128.0.0.0/3 | |
160.0.0.0/5 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Get-RemoteSSLCert.ps1 | |
# Author: James Schlackman | |
# Last Modified: Sep 3 2020 | |
# | |
# Connects to a specified server and port and initiates a TLS handshake to retrieve the remote public certificate | |
# | |
# Adapted from script by Rob VandenBrink at https://isc.sans.edu/forums/diary/Assessing+Remote+Certificates+with+Powershell/20645/ | |
# | |
# Params: | |
# -Server (Hostname or IP) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Dim objNetwork, strRemoteShare | |
Set objNetwork = CreateObject("WScript.Network") | |
Dim oFileSys | |
Set oFileSys = CreateObject("Scripting.FileSystemObject") | |
' Read home drive info directly from AD in case environment variables are blank | |
Dim objSysInfo, objUser | |
Set objSysInfo = CreateObject("ADSystemInfo") | |
' Get currently logged in user |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Name: Disable-ExpiredAccounts.ps1 | |
# Author: James Schlackman | |
# Last Modified: June 5 2020 | |
# Queries AD for any expired account that is not already disabled, and disables it. | |
Get-ADUser -LDAPFilter "(&(accountExpires<=$((Get-Date).ToFileTime()))(!accountExpires=0)(!userAccountControl:1.2.840.113556.1.4.803:=2))" | Disable-ADAccount |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Name: Cleanup-UngroupedDriverPackages.ps1 | |
# Author: James Schlackman | |
# Last Modified: Sep 10 2021 | |
# Gets details of all driver packages in WDS that are not assigned to a driver group, and optionally removes them. | |
# Must be run on the target WDS server with administrative privileges. | |
$AllPackageIDs = (wdsutil /get-alldriverpackages | Select-String "^Id: ({.*})" | ForEach-Object {$_.Matches.Groups[1].Value}) | |
Write-Output "Total driver packages on server: $($AllPackageIDs.Count)" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-16"?> | |
<Task version="1.4" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task"> | |
<RegistrationInfo> | |
<Date>2020-02-10T12:00:00</Date> | |
<Author>james@schlackman.org</Author> | |
<Description>Sends an email alert if any AD account has a change to its User Account Control status.</Description> | |
</RegistrationInfo> | |
<Triggers> | |
<EventTrigger> | |
<Enabled>true</Enabled> |