mortenya

## Get-SharedFolderACL.ps1
Function Get-SharedFolderACL {

<#
.Synopsis
   Recursively steps through folders and collects the Access Control List
.DESCRIPTION
   Run the cmdlet against one or more Mapped Drives or Shares and it will create a .txt file with the ACLs of every folder in the structure
   If you are getting the ACL from a share with many nested folders then it will take a significant amount of time to run
   and the resulting .txt files can be quite large
.PARAMETER Shares

## CustomModule.psm1
#Validate user is an Administrator
Write-Verbose "Checking Administrator credentials"
If (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) {
    Write-Warning "You are not running this as an Administrator!`nPlease re-run module with an Administrator Account."
    Break
}

#Load Functions
$ScriptPath = Split-Path $MyInvocation.MyCommand.Path
Try {

## 01-inputs.conf
input {
	syslog {
		port => 1514
	}
}

filter {
  #IP Address of Snort
	if [host] =~ /192\.168\.0\.250/ {
		mutate {

## Get-MappedDrives.ps1
function Get-MappedDrives {
<#
.Synopsis
   Returns the Mapped Drives on the system
.DESCRIPTION
   This function uses WMI to query computers on the network and return the mapped drives, not local drives.
   If no user is logged on there will likely be an error about RPC server not available.
.PARAMETER ComputerName
   The name of the system(s) you want to check
.EXAMPLE

## Parse-DHCPLog.ps1
Function Get-FileName($initialDirectory) {
    Add-Type -Assembly System.windows.forms | Out-Null
    $initialDirectory = "C:\"
    $OpenFileDialog = New-Object System.Windows.Forms.OpenFileDialog
    $OpenFileDialog.InitialDirectory = $initialDirectory
    $OpenFileDialog.Filter = "Log files (*.Log)| DhcpSrvLog-*.log"
    $OpenFileDialog.Multiselect = $false
    $OpenFileDialog.ShowDialog() | Out-Null
    $OpenFileDialog.FileName
} #end function Get-FileName

## Get-DefinitionUpdates.ps1
Function WSUSUpdate {
<#
	Slight modification of https://gist.github.com/jacobludriks/9ca9ce61de251a5476f1
#>
    $Criteria = "IsInstalled=0 and Type='Software'"
    $Searcher = New-Object -ComObject Microsoft.Update.Searcher
    try {
        $SearchResult = $Searcher.Search($Criteria).Updates
        if ($SearchResult.Count -eq 0) {
            Write-Output "There are no applicable updates."

## Get-MemberOf.ps1
(Get-ADUser –Identity $user –Properties MemberOf).MemberOf -replace '^CN=([^,]+),OU=.+$','$1' > c:\user-groups.txt
# The -replace will strip the CN of the group from the Distinguished Name.
# This isn't error proof, but will be adequate for most use cases when dealing with Security Groups.

## Get-LoggedOnUserSession.ps1
function Get-LoggedOnUserSession {
	#mjolinor 3/17/10
	[CmdletBinding()]
    param
    (
        [Parameter(Position=0,
                   ValueFromPipeline=$true,
                   ValueFromPipelineByPropertyName=$true)]
        [string[]]$Name = $env:COMPUTERNAME)

## New-DSSearcher.ps1
$strFilter = "(&(objectClass=Person)(objectCategory=User))"

$objDomain = New-Object System.DirectoryServices.DirectoryEntry

$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.PageSize = 1000
$objSearcher.Filter = $strFilter
$objSearcher.SearchScope = "Subtree"

## Generate-RandomPassword.ps1
$Computers = Get-ADComputer -Filter * | Where distinguishedName -NotLike "*DC*"
$user = Get-WmiObject Win32_UserAccount -Filter "LocalAccount=true" | where { $_.Name -eq 'Administrator' }

$Count = 1
$CharSet1 = [Char[]]"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
ForEach ($c in $Computers)
{   Write-Progress -Id 1 -Activity "Changing Server Passwords" -Status "Current Progress: $Count of $($Servers.Count): $($Server.Name)" -PercentComplete (($Count / $c.Count) * 100)
    $Ping = Test-Connection $c.Name -Count 2 -Quiet
    If ($Ping) {
		$Password = (($CharSet1 | Get-Random -Count 5) -join "") + " " + `
	Function Get-SharedFolderACL {

	<#
	.Synopsis
	Recursively steps through folders and collects the Access Control List
	.DESCRIPTION
	Run the cmdlet against one or more Mapped Drives or Shares and it will create a .txt file with the ACLs of every folder in the structure
	If you are getting the ACL from a share with many nested folders then it will take a significant amount of time to run
	and the resulting .txt files can be quite large
	.PARAMETER Shares
	#Validate user is an Administrator
	Write-Verbose "Checking Administrator credentials"
	If (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) {
	Write-Warning "You are not running this as an Administrator!`nPlease re-run module with an Administrator Account."
	Break
	}

	#Load Functions
	$ScriptPath = Split-Path $MyInvocation.MyCommand.Path
	Try {
	input {
	syslog {
	port => 1514
	}
	}

	filter {
	#IP Address of Snort
	if [host] =~ /192\.168\.0\.250/ {
	mutate {
	function Get-MappedDrives {
	<#
	.Synopsis
	Returns the Mapped Drives on the system
	.DESCRIPTION
	This function uses WMI to query computers on the network and return the mapped drives, not local drives.
	If no user is logged on there will likely be an error about RPC server not available.
	.PARAMETER ComputerName
	The name of the system(s) you want to check
	.EXAMPLE
	Function Get-FileName($initialDirectory) {
	Add-Type -Assembly System.windows.forms \| Out-Null
	$initialDirectory = "C:\"
	$OpenFileDialog = New-Object System.Windows.Forms.OpenFileDialog
	$OpenFileDialog.InitialDirectory = $initialDirectory
	$OpenFileDialog.Filter = "Log files (.Log)\| DhcpSrvLog-.log"
	$OpenFileDialog.Multiselect = $false
	$OpenFileDialog.ShowDialog() \| Out-Null
	$OpenFileDialog.FileName
	} #end function Get-FileName
	Function WSUSUpdate {
	<#
	Slight modification of https://gist.github.com/jacobludriks/9ca9ce61de251a5476f1
	#>
	$Criteria = "IsInstalled=0 and Type='Software'"
	$Searcher = New-Object -ComObject Microsoft.Update.Searcher
	try {
	$SearchResult = $Searcher.Search($Criteria).Updates
	if ($SearchResult.Count -eq 0) {
	Write-Output "There are no applicable updates."
	(Get-ADUser –Identity $user –Properties MemberOf).MemberOf -replace '^CN=([^,]+),OU=.+$','$1' > c:\user-groups.txt
	# The -replace will strip the CN of the group from the Distinguished Name.
	# This isn't error proof, but will be adequate for most use cases when dealing with Security Groups.
	function Get-LoggedOnUserSession {
	#mjolinor 3/17/10
	[CmdletBinding()]
	param
	(
	[Parameter(Position=0,
	ValueFromPipeline=$true,
	ValueFromPipelineByPropertyName=$true)]
	[string[]]$Name = $env:COMPUTERNAME)
	$strFilter = "(&(objectClass=Person)(objectCategory=User))"

	$objDomain = New-Object System.DirectoryServices.DirectoryEntry

	$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
	$objSearcher.SearchRoot = $objDomain
	$objSearcher.PageSize = 1000
	$objSearcher.Filter = $strFilter
	$objSearcher.SearchScope = "Subtree"
	$Computers = Get-ADComputer -Filter * \| Where distinguishedName -NotLike "DC"
	$user = Get-WmiObject Win32_UserAccount -Filter "LocalAccount=true" \| where { $_.Name -eq 'Administrator' }

	$Count = 1
	$CharSet1 = [Char[]]"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
	ForEach ($c in $Computers)
	{ Write-Progress -Id 1 -Activity "Changing Server Passwords" -Status "Current Progress: $Count of $($Servers.Count): $($Server.Name)" -PercentComplete (($Count / $c.Count) * 100)
	$Ping = Test-Connection $c.Name -Count 2 -Quiet
	If ($Ping) {
	$Password = (($CharSet1 \| Get-Random -Count 5) -join "") + " " + `