Skip to content

Instantly share code, notes, and snippets.

View WS2016-UEFI-USB-boot-stick.ps1
# minimum size of USB stick 5.29GB
# Set here the path of your ISO file
$iso = 'C:\Users\localuser\Downloads\en_windows_server_2016_x64_dvd_9327751.iso'
# Clean ! will clear any plugged-in USB stick!!
Get-Disk | Where BusType -eq 'USB' |
Clear-Disk -RemoveData -Confirm:$true -PassThru
# Convert GPT
View Get-FileHash.ps1
function Get-FileHash
{
[CmdletBinding(DefaultParameterSetName = "Path")]
param(
[Parameter(Mandatory=$true, ParameterSetName="Path", Position = 0)]
[System.String[]]
$Path,
[Parameter(Mandatory=$true, ParameterSetName="LiteralPath", ValueFromPipelineByPropertyName = $true)]
[Alias("PSPath")]
View Proxy.ps1
# Define a proxy
Configuration Proxy {
Registry ProxyPerMachinePolicy
{
Key = 'HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings'
ValueName = 'ProxySettingsPerUser'
Ensure = 'Present'
ValueData = '0'
ValueType = 'Dword'
Force = $true
View Create-NanoServer.ps1
#Requires -version 4
#Requires -RunAsAdministrator
#Requires -Module Hyper-V
# For detailed information on deploying and managing Nano Server, please go to this link: http://www.aka.ms/nanoserver
Function New-NanoServer {
[CmdletBinding()]
Param(
[Parameter(Mandatory)]
View Get-ConfigMgrTPMInventory.ps1
Function Get-ConfigMgrTPMInventory {
<#
.SYNOPSIS
Extract TPM hardware inventory from ConfigMgr
.DESCRIPTION
Looks for TPM versions and test if the manufacturer is Infineon if its version is vulnerable
.PARAMETER ServerName
View Test-InfineonTPMVulnerability.ps1
#Requires -RunAsAdministrator
Function Test-InfineonTPMVulnerability {
<#
.SYNOPSIS
Test if Infineon TPM is vulnerable to ADV170012
.DESCRIPTION
Test if Infineon TPM is vulnerable to ADV170012
View NetCeaseDSCConfig.ps1
Configuration NetCeaseConfig {
Param (
[string[]]$NodeName = 'localhost'
)
Import-DscResource –ModuleName 'PSDesiredStateConfiguration'
Node $NodeName
{
Registry NetCease
{
Key = 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\DefaultSecurity'
View RestorePerUserProxy.ps1
# nothing per machine, rely on user settings (default config of Windows)
Configuration ProxyPerUser {
Registry ProxyPerMachinePolicy
{
Key = 'HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings'
ValueName = 'ProxySettingsPerUser'
Ensure = 'Absent'
Force = $true
}
Registry ProxyPerMachineWinHttPSettings
View Remove-EMET52.ps1
#Requires -Version 4.0
#Requires -RunAsAdministrator
configuration RemoveEMET52 {
param
(
[string[]]$NodeName = 'localhost'
)
Node $NodeName
{
View Nano-PXE-TP3.ps1
if (-not(Get-VMSwitch -SwitchType Internal -ErrorAction SilentlyContinue| Where Name -eq 'Internal-Test' )) {
# Create an internal switch on Hyper-V
($VMswitch = New-VMSwitch -Name "Internal-Test" -SwitchType Internal)
# Set a static IP address on Hyper-V switch
Get-NetAdapter |
Where Name -eq "vEthernet ($($VMswitch.Name))" |
Where InterfaceDescription -match "Hyper-V\sVirtual\sEthernet Adapter" |
New-NetIPAddress -IPAddress 10.0.0.1 -PrefixLength 24