Skip to content

Instantly share code, notes, and snippets.

View kerard's full-sized avatar

Ken kerard

4 followers · 3 following
  • Ohio
View GitHub Profile
@kerard
kerard / purge-kerberos.ps1
Created July 10, 2021 14:16
purge kerberos
Invoke-commamd -computername . -scriptblock { klist -lh 0 -li 0x3e7 purge; gpupdate /force }
@kerard
kerard / test-credentialguard.ps1
Last active July 6, 2021 17:14
Test Credential Guard
'CredentialGuard' -match ((Get-ComputerInfo).DeviceGuardSecurityServicesConfigured)
@kerard
kerard / deallocate-firewall.ps1
Created June 8, 2021 21:03
Deallocate Azure Firewall
# reference https://docs.microsoft.com/en-us/azure/firewall/firewall-faq#how-can-i-stop-and-start-azure-firewall
$azfw = Get-AzFirewall -Name "fw-myazurefirewall-dev" -ResourceGroupName "rg-myazurefirewall-dev"
$azfw.Deallocate()
Set-AzFirewall -AzureFirewall $azfw
@kerard
kerard / pscred.ps1
Created May 18, 2021 14:42
pscredential-example
$user = @'
DOMAIN\svc_FooTester
'@
$password = @'
aReallyComplexPasswordString_lJ"ztdz&9|Gb;2mHlA^G5RhG2R@o!YMK
'@
# create a new credential
$serviceAccountCred = [PSCredential]::New($user,(convertto-securestring -asplaintext -force $password))
@kerard
kerard / get-cmstuff.ps1
Created March 16, 2021 18:00
$updates = Get-WmiObject -Namespace Root\ccm\clientSDK -Class CCM_softwareupdate -computername .
$rebootRequiredBoolean = Invoke-WmiMethod -ComputerName . -Namespace "ROOT\ccm\ClientSDK" -Class "CCM_ClientUtilities" -Name DetermineIfRebootPending | Select-Object -Property PSComputerName,RebootPending
@kerard
kerard / disable-nic-powermgmt.ps1
Last active March 9, 2021 19:24
disable VMXNET3 power management
$interfaces = Get-WmiObject Win32_NetworkAdapter | where {$_.Name.equals("vmxnet3 Ethernet Adapter")}
foreach ($interface in $interfaces)
{
$powerMgmt = Get-WmiObject MSPower_DeviceEnable -Namespace root\wmi | where {$_.InstanceName.Contains($interface.PNPDeviceID)}
$powerMgmt.Enable = $False
$powerMgmt.psbase.Put()
}
@kerard
kerard / get-schema-cn-and-oid.ps1
Created February 1, 2021 16:16
Quick and dirty list of schema and oid
(get-adobject -searchbase (get-adrootdse).schemanamingcontext -filter * -properties *) | ?{$_.distinguishedname -like "*commonNameFilter*,dc=domain,dc=tld"} | % {$_.canonicalname; $_.attributeid}
@kerard
kerard / get-azpim.ps1
Created January 29, 2021 19:17
get azure pim groups
get-azureadgroup -searchstring "Azure PIM" | % {$_.DisplayName; $_ | get-azureadgroupmember | % {$_.DisplayName}}
@kerard
kerard / backup-restore-gpo.ps1
Created November 23, 2020 12:47
Backup and restore GPOs
# backup
$gpos = "gponame1","gpo2","gpo3"
foreach ($gpo in $gpos)
{
get-gpo -Name $gpo | backup-gpo -Path C:\foo\backup
}
# restore
@kerard
kerard / editcap-filter.cmd
Created August 31, 2020 14:29
Use editcap.exe to filter a large capture into smaller, based on timespan
editcap.exe -A "2020-08-05 03:58:00" -B "2020-08-05 04:05:00" "c:\path\to\input.pcapng" "c:\path\to\output.pcapng"