Ken kerard

## vnet-peering.bicep
/*
    https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations#microsoftnetwork
    Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read	Gets a virtual network peering definition
    Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write	Creates a virtual network peering or updates an existing virtual network peering
    Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete	Deletes a virtual network peering
*/

resource vnetPeeringToNvaHub 'Microsoft.Network/virtualNetworks/virtualNetworkPeerings@2022-01-01' = {
  name: '${resourceControl.virtualNetworkPeering}-${vnet.name}-to-nvahub'
  parent: vnet

## asp-scale.bicep
/* useful scaled out farm deployment, save me for later*/
var maxAspInstances = 1
var aspFarm = [for i in range(100,maxAspInstances): '${i}']

resource test1 'Microsoft.Web/serverfarms@2021-03-01' = [ for node in aspFarm: {
  name: toLower('asp-${node}-${nameProject}-${nameLocation}-${nameStage}')
  location: location
  sku: {
    name: 'P1v3'
    family: 'P1v3'

## test-oledb.ps1
$ConnectionString = "Provider=SQLOLEDB;Trusted_Connection=yes;Data Source=<hostname>,<port>;Initial Catalog=<db>;"
$SQLquery = "SELECT @@VERSION"
$conn = New-Object System.Data.OleDb.OleDbConnection
$conn.ConnectionString = $ConnectionString
$comm = New-Object System.Data.OleDb.OleDbCommand($SQLquery,$conn)
$conn.Open()
$adapter = New-Object System.Data.OleDb.OleDbDataAdapter $comm
$dataset = New-Object System.Data.DataSet
$adapter.Fill($dataSet)
$conn.Close()

## add-mi.sql
CREATE USER [managed-identity-resource-name] FROM EXTERNAL PROVIDER;
ALTER ROLE db_datareader ADD MEMBER [managed-identity-resource-name];
ALTER ROLE db_datawriter ADD MEMBER [managed-identity-resource-name];
ALTER ROLE db_ddladmin ADD MEMBER [managed-identity-resource-name];
GO

## scom-updates.ps1
# load MOM ScriptApi ClassFactory

$scomCOMClassFactory = "MOM.ScriptAPI"

try
{
    $scomScriptAPI = New-Object -comObject $scomCOMClassFactory
}
catch
{

## install-updates.ps1
# install all available updates
$updates = Get-WmiObject -Namespace "root\ccm\clientSDK" -Class CCM_SoftwareUpdate | Where-Object { $_.EvaluationState -like 0 -or $_.EvaluationState -like 1}
Invoke-WmiMethod -Class CCM_SoftwareUpdatesManager -Name InstallUpdates -ArgumentList (,$updates) -Namespace root\ccm\clientsdk -Verbose

## enum-roles.sql
SELECT
    DP1.name AS DatabaseRoleName
    ,ISNULL(DP2.name, 'No members') AS DatabaseUserName
    ,DP2.principal_id
    ,DP2.create_date
FROM sys.database_role_members AS DRM
RIGHT OUTER JOIN sys.database_principals AS DP1 ON DRM.role_principal_id = DP1.principal_id
LEFT OUTER JOIN sys.database_principals AS DP2  ON DRM.member_principal_id = DP2.principal_id
WHERE DP1.type = 'R'
ORDER BY DP1.name, ISNULL(DP2.name, 'No members');

## enumerate-groups.ps1
$adgroups = get-adgroup -filter * -searchbase "dc=mydomain,dc=com"

foreach ($adgroup in $adgroups)
{
    Get-AdGroupMember -Identity $adgroup.name | select name,samaccountname | Export-csv -Path ".\desktop\ad-group-report\$($adgroup.name).csv" -NoTypeInformation
}

## query-sesh-citrix.ps1
$citrixs = "server1.mydomain.local","server2.mydomain.local"

foreach ($citrix in $citrixs)
{

    Write-Host -ForegroundColor Cyan $citrix

    . qwinsta /SERVER:$citrix

}

## test-dc-ports.ps1
$ports  = "135","389","636","3268","53","88","445","3269"
$dcs = Get-ADDomainController -Filter *

ForEach($dc in $dcs)
{
    Foreach ($p in $ports)
    {
        $_test = Test-NetConnection $dc.Hostname -Port $p -WarningAction SilentlyContinue

        If ($_test.tcpTestSucceeded -eq $true)
	/*
	https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations#microsoftnetwork
	Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read Gets a virtual network peering definition
	Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write Creates a virtual network peering or updates an existing virtual network peering
	Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete Deletes a virtual network peering
	*/

	resource vnetPeeringToNvaHub 'Microsoft.Network/virtualNetworks/virtualNetworkPeerings@2022-01-01' = {
	name: '${resourceControl.virtualNetworkPeering}-${vnet.name}-to-nvahub'
	parent: vnet
	/* useful scaled out farm deployment, save me for later*/
	var maxAspInstances = 1
	var aspFarm = [for i in range(100,maxAspInstances): '${i}']

	resource test1 'Microsoft.Web/serverfarms@2021-03-01' = [ for node in aspFarm: {
	name: toLower('asp-${node}-${nameProject}-${nameLocation}-${nameStage}')
	location: location
	sku: {
	name: 'P1v3'
	family: 'P1v3'
	$ConnectionString = "Provider=SQLOLEDB;Trusted_Connection=yes;Data Source=<hostname>,<port>;Initial Catalog=<db>;"
	$SQLquery = "SELECT @@VERSION"
	$conn = New-Object System.Data.OleDb.OleDbConnection
	$conn.ConnectionString = $ConnectionString
	$comm = New-Object System.Data.OleDb.OleDbCommand($SQLquery,$conn)
	$conn.Open()
	$adapter = New-Object System.Data.OleDb.OleDbDataAdapter $comm
	$dataset = New-Object System.Data.DataSet
	$adapter.Fill($dataSet)
	$conn.Close()
	CREATE USER [managed-identity-resource-name] FROM EXTERNAL PROVIDER;
	ALTER ROLE db_datareader ADD MEMBER [managed-identity-resource-name];
	ALTER ROLE db_datawriter ADD MEMBER [managed-identity-resource-name];
	ALTER ROLE db_ddladmin ADD MEMBER [managed-identity-resource-name];
	GO
	# load MOM ScriptApi ClassFactory

	$scomCOMClassFactory = "MOM.ScriptAPI"

	try
	{
	$scomScriptAPI = New-Object -comObject $scomCOMClassFactory
	}
	catch
	{
	# install all available updates
	$updates = Get-WmiObject -Namespace "root\ccm\clientSDK" -Class CCM_SoftwareUpdate \| Where-Object { $_.EvaluationState -like 0 -or $_.EvaluationState -like 1}
	Invoke-WmiMethod -Class CCM_SoftwareUpdatesManager -Name InstallUpdates -ArgumentList (,$updates) -Namespace root\ccm\clientsdk -Verbose
	SELECT
	DP1.name AS DatabaseRoleName
	,ISNULL(DP2.name, 'No members') AS DatabaseUserName
	,DP2.principal_id
	,DP2.create_date
	FROM sys.database_role_members AS DRM
	RIGHT OUTER JOIN sys.database_principals AS DP1 ON DRM.role_principal_id = DP1.principal_id
	LEFT OUTER JOIN sys.database_principals AS DP2 ON DRM.member_principal_id = DP2.principal_id
	WHERE DP1.type = 'R'
	ORDER BY DP1.name, ISNULL(DP2.name, 'No members');
	$adgroups = get-adgroup -filter * -searchbase "dc=mydomain,dc=com"

	foreach ($adgroup in $adgroups)
	{
	Get-AdGroupMember -Identity $adgroup.name \| select name,samaccountname \| Export-csv -Path ".\desktop\ad-group-report\$($adgroup.name).csv" -NoTypeInformation
	}
	$citrixs = "server1.mydomain.local","server2.mydomain.local"

	foreach ($citrix in $citrixs)
	{

	Write-Host -ForegroundColor Cyan $citrix

	. qwinsta /SERVER:$citrix

	}
	$ports = "135","389","636","3268","53","88","445","3269"
	$dcs = Get-ADDomainController -Filter *

	ForEach($dc in $dcs)
	{
	Foreach ($p in $ports)
	{
	$_test = Test-NetConnection $dc.Hostname -Port $p -WarningAction SilentlyContinue

	If ($_test.tcpTestSucceeded -eq $true)