Ken kerard
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Get-CMDevice | ? {$_.ClientCheckPass -gt 1} | % {$_.name} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #credit: https://techcommunity.microsoft.com/t5/windows-powershell/trying-to-resolve-foreignsecurityprincipal-information/m-p/3388384 | |
| ([adsisearcher]::new("(objectClass=foreignSecurityPrincipal)", @("objectSid"))).FindAll() | | |
| ForEach-Object { | |
| $Sid = [System.Security.Principal.SecurityIdentifier]::new($_.Properties["objectSid"][0], 0); $Sid | Select-Object -Property Value, @{n="Name"; e= { $Sid.Translate([System.Security.Principal.NTAccount]) } }; | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $currentPrincipal = New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent()) | |
| $currentPrincipal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # force named pipes connection to sql | |
| bcp [database].[schema].[table] out c:\bcp\database_schema_table.dat -T -n -a 32576 -e c:\bcp\database_schema_table.err | |
| # force loopback connection to sql | |
| bcp [database].[schema].[table] out c:\bcp\database_schema_table.dat -T -n -a 32576 -e c:\bcp\database_schema_table.err -S localhost |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| for ($i = 0; $i -lt 23; $i++) {'svc-' + -join ((65..90) + (97..122) + (48..57)| Get-Random -Count 8 | foreach-object {[char]$_})} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -join ((65..90) + (97..122) + (48..57)| Get-Random -Count 11 | % {[char]$_}) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Install-WindowsFeature RSAT-AD-PowerShell | |
| $dc = 'domaincontroller' | |
| $gmsas = 'gmsa1','gmsa2' | |
| foreach ($a in $gmsas) | |
| { | |
| $gmsa = Get-ADServiceAccount -Server $dc -filter "Name -eq `'$a`'" | |
| Install-ADServiceAccount $gmsa | |
| Test-ADServiceAccount -Identity $a | |
| } | |
| Remove-WindowsFeature RSAT-AD-PowerShell |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| openssl pkcs12 -in whole.pfx -out whole.pem -nodes | |
| openssl rsa -in whole.pem -out mykey.key | |
| openssl x509 -in whole.pem -out mycert.cer |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "dotnetAcquisitionExtension.existingDotnetPath": [ | |
| {"extensionId": "msazurermtools.azurerm-vscode-tools", "path": "C:\\Program Files\\dotnet\\dotnet.exe"}, | |
| {"extensionId": "ms-azuretools.vscode-bicep", "path": "C:\\Program Files\\dotnet\\dotnet.exe"} | |
| ], |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <QueryList> | |
| <Query Id="0" Path="System"> | |
| <Select Path="Security">*[System[Provider[@Name='eventlog' or @Name='Microsoft-Windows-Eventlog'] and (EventID=1074 or EventID=1076 or EventID=6005 or EventID=6006 or EventID=6008) and TimeCreated[timediff(@SystemTime) <= 604800000]]]</Select> | |
| <Select Path="Setup">*[System[Provider[@Name='eventlog' or @Name='Microsoft-Windows-Eventlog'] and (EventID=1074 or EventID=1076 or EventID=6005 or EventID=6006 or EventID=6008) and TimeCreated[timediff(@SystemTime) <= 604800000]]]</Select> | |
| <Select Path="System">*[System[Provider[@Name='eventlog' or @Name='Microsoft-Windows-Eventlog'] and (EventID=1074 or EventID=1076 or EventID=6005 or EventID=6006 or EventID=6008) and TimeCreated[timediff(@SystemTime) <= 604800000]]]</Select> | |
| <Select Path="Microsoft-Windows-Kernel-Power/Diagnostic">*[System[Provider[@Name='Microsoft-Windows-Kernel-Power'] and (Level=1 ) and TimeCreated[timediff(@SystemTime) <= 604800000]]]</Select> | |
| <Select Path="Microsoft-Windo |