Ken kerard

## add cert to appgw.ps1
az network application-gateway ssl-cert create --resource-group 'appgw-rg' --gateway-name 'appgw-name' -n 'cert-name-for-appgw' --key-vault-secret-id 'keyvault-cert-secret-uri'

## get-avpolicy.cmd
reg query HKLM\SOFTWARE\Microsoft\CCM\EPAgent\LastAppliedPolicy /f 2 /d

## gist:c4f6f5bb35f7627226da8a45928f7128
$myuuid = '2838392a-a6a0-4496-8e10-31113f7fb905'
$myuuid -match '[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}'

## devops-pat-token.ps1
# login to azure and get an access token
$az_login = $(az login)
$devops_app = '499b84ac-1321-427f-aa17-267ca6975798'
$access_token = $(az account get-access-token --resource $devops_app --query "accessToken" --output tsv)

# set var AZURE_DEVOPS_EXT_PAT to access token string
$env:AZURE_DEVOPS_EXT_PAT = $access_token

# try a devops command
$devops_org = 'https://dev.azure.com/myorg'

## regexp.ps1
# regex to match a prefix with a dash followed by 13 letters and numbers
$regexp = '^string-[a-z0-9]{13}$'
'string-u5qcwjbpxt7d9' -match $regexp

# regex to match the pattern guid_stage_string
$regexp = '^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}_(dev|stg|test|prod|qa)_[a-zA-Z0-9]{1,78}$'
'544beca7-3498-4750-a55d-5082d0806345_test_project' -match $regexp

# regex to match a nn######_el string
$regexp = '^[A-Za-z]{2}\d{6}_[eE][lL]$'

## authn-basic.ps1
$username = "domain\user"
$password = "supersecret"

$pair = "{0}:{1}" -f ($username, $password)

$bytes = [System.Text.Encoding]::ASCII.GetBytes($pair)
$token = [System.Convert]::ToBase64String($bytes)

$headers = @{
    Authorization = "Basic {0}" -f ($token)

## onboard-ubuntu-2204.sh
sudo apt-get update
sudo apt-get install curl
sudo apt-get install libplist-utils
sudo apt-get install gpg
curl -o microsoft.list https://packages.microsoft.com/config/ubuntu/22.04/prod.list
sudo mv ./microsoft.list /etc/apt/sources.list.d/microsoft-prod.list
curl -sSL https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/microsoft.gpg > /dev/null
sudo apt-get update
sudo apt-get install mdatp
sudo mdatp health --field org_id

## lastlogon.ps1
get-adcomputer foo -Properties name,lastlogon | select name,@{name='lastlogon';expression={[DateTime]::FromFileTime($_.LastLogon)}}

## schedules-snippet.bicep
param now string = dateTimeAdd(reallynow, 'PT15M')  // we use this param to lie to ourselves so we don't accidentally find the next hour less than 5 minutes beforehand
param reallynow string = utcNow()

resource schedule_daily_0600 'Microsoft.Automation/automationAccounts/schedules@2022-08-08' = {
  name: 'daily_0600'
  parent: automation_runbooks
  properties: {
    frequency: 'Day'
    interval: 1
    startTime: '${dateTimeAdd(now, 'P1D', 'yyyy-MM-dd')}T10:00:00Z' // embrace UTC

## remove-ccmexec.ps1
# https://www.anoopcnair.com/best-ways-to-uninstall-sccm-client-remove-configmgr-client/
# Run SSCM remove
# $ccmpath is path to SCCM Agent's own uninstall routine.
$CCMpath = 'C:\Windows\ccmsetup\ccmsetup.exe'
# And if it exists we will remove it, or else we will silently fail.
if (Test-Path $CCMpath) {

    Start-Process -FilePath $CCMpath -Args "/uninstall" -Wait -NoNewWindow
    # wait for exit
	$myuuid = '2838392a-a6a0-4496-8e10-31113f7fb905'
	$myuuid -match '[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}'
	# login to azure and get an access token
	$az_login = $(az login)
	$devops_app = '499b84ac-1321-427f-aa17-267ca6975798'
	$access_token = $(az account get-access-token --resource $devops_app --query "accessToken" --output tsv)

	# set var AZURE_DEVOPS_EXT_PAT to access token string
	$env:AZURE_DEVOPS_EXT_PAT = $access_token

	# try a devops command
	$devops_org = 'https://dev.azure.com/myorg'
	# regex to match a prefix with a dash followed by 13 letters and numbers
	$regexp = '^string-[a-z0-9]{13}$'
	'string-u5qcwjbpxt7d9' -match $regexp

	# regex to match the pattern guid_stage_string
	$regexp = '^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}_(dev\|stg\|test\|prod\|qa)_[a-zA-Z0-9]{1,78}$'
	'544beca7-3498-4750-a55d-5082d0806345_test_project' -match $regexp

	# regex to match a nn######_el string
	$regexp = '^[A-Za-z]{2}\d{6}_[eE][lL]$'
	$username = "domain\user"
	$password = "supersecret"

	$pair = "{0}:{1}" -f ($username, $password)

	$bytes = [System.Text.Encoding]::ASCII.GetBytes($pair)
	$token = [System.Convert]::ToBase64String($bytes)

	$headers = @{
	Authorization = "Basic {0}" -f ($token)
	sudo apt-get update
	sudo apt-get install curl
	sudo apt-get install libplist-utils
	sudo apt-get install gpg
	curl -o microsoft.list https://packages.microsoft.com/config/ubuntu/22.04/prod.list
	sudo mv ./microsoft.list /etc/apt/sources.list.d/microsoft-prod.list
	curl -sSL https://packages.microsoft.com/keys/microsoft.asc \| gpg --dearmor \| sudo tee /etc/apt/trusted.gpg.d/microsoft.gpg > /dev/null
	sudo apt-get update
	sudo apt-get install mdatp
	sudo mdatp health --field org_id
	param now string = dateTimeAdd(reallynow, 'PT15M') // we use this param to lie to ourselves so we don't accidentally find the next hour less than 5 minutes beforehand
	param reallynow string = utcNow()

	resource schedule_daily_0600 'Microsoft.Automation/automationAccounts/schedules@2022-08-08' = {
	name: 'daily_0600'
	parent: automation_runbooks
	properties: {
	frequency: 'Day'
	interval: 1
	startTime: '${dateTimeAdd(now, 'P1D', 'yyyy-MM-dd')}T10:00:00Z' // embrace UTC