Raimund Andrée [MSFT] raandree
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-Enum | |
| { | |
| param ( | |
| [type]$Type | |
| ) | |
| [enum]::GetValues($Type) | | |
| Select-Object -Property ` | |
| @{ Name = 'Name'; Expression={ [string]$_ } }, | |
| @{ Name = 'Value'; Expression={ [int]$_ }}, |
raandree
/ New-RestrictedPSSessionConfigurationLocalAccounts.ps1
Last active
December 3, 2020 16:56
JEA: Register a new restricted endpoint with one JEA role. The endpoint runs with a virtual account. The assigned groups and users are local ones. No domain membership is required.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-Test | |
| { | |
| Get-Date | |
| } | |
| function New-TestRole | |
| { | |
| New-PSRoleCapabilityFile -Path c:\TestRole.psrc ` |
raandree
/ Attach-DscRunspace.ps1
Created
July 29, 2019 10:07
This script attaches to the DSC LCM's PSHostProcess for debugging the runspace that is in state 'AtBreakpoint'
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #usually the process consuming the most memory is the one that hosts the LCM | |
| $p = Get-Process -Name WmiPrvSE | Sort-Object -Property WS -Descending | Select-Object -First 1 | |
| Enter-PSHostProcess -Process $p -AppDomainName DscPsPluginWkr_AppDomain | |
| Start-Sleep -Seconds 1 | |
| $rs = Get-Runspace | Where-Object { $_.Debugger.InBreakpoint } | |
| Debug-Runspace -Runspace $rs |
raandree
/ GenericMeasureInfo.format.ps1xml
Created
July 29, 2019 10:01
PowerShell Formatter for Measure-Object to show sizes also in MB, GB or TB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="utf-8" ?> | |
| <Configuration> | |
| <ViewDefinitions> | |
| <View> | |
| <Name>Microsoft.PowerShell.Commands.GenericMeasureInfo</Name> | |
| <ViewSelectedBy> | |
| <TypeName>Microsoft.PowerShell.Commands.GenericMeasureInfo</TypeName> | |
| </ViewSelectedBy> | |
| <ListControl> | |
| <ListEntries> |
raandree
/ Get-KerberosEncTypes.ps1
Created
May 28, 2019 23:24
Extend Kerberos security events with cipher suite, ticket options and other fields to make data human readable that is stored as hex values
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $types = @' | |
| using System; | |
| namespace Kerberos | |
| { | |
| public enum EncryptionTypes:uint | |
| { | |
| AES256_CTS_HMAC_SHA1_96 = 18, | |
| AES128_CTS_HMAC_SHA1_96 = 17, | |
| ARCFOUR_HMAC_MD5 = 23, |
raandree
/ Connect-JeaSession.ps1
Last active
October 18, 2019 19:25
JEA: Connect to a administrative endpoint created by 'New-RestrictedPSSessionConfiguration.ps1'
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Connect-SupportSession | |
| { | |
| param( | |
| [Parameter(Mandatory)] | |
| [string]$ComputerName, | |
| [pscredential]$Credential | |
| ) | |
| $s = New-PSSession @PSBoundParameters -ConfigurationName Support #-ErrorAction SilentlyContinue |
raandree
/ New-JeaDemoInDomain.ps1
Last active
July 15, 2020 08:30
JEA: Register a new restricted endpoint with JEA roles
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Unlock-AAAccount | |
| { | |
| param( | |
| [Parameter(Mandatory)] | |
| [string]$Identity | |
| ) | |
| try | |
| { | |
| $user = Get-ADUser -Identity $Identity |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| param( | |
| [Parameter(Mandatory)] | |
| [string]$Path | |
| ) | |
| #Created by Pierre.Audonnet@microsoft.com | |
| # | |
| #Got keytab structure from http://www.ioplex.com/utilities/keytab.txt | |
| # | |
| # keytab { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| Gets event log entries from remote computers using RPC/DCOM (same as connecting to remote computer from event log viewer MMC) | |
| .DESCRIPTION | |
| Gets event log entries from remote computers using RPC/DCOM (same as connecting to remote computer from event log viewer MMC) | |
| .NOTES | |
| -------------------------------------------------------------------------------- | |
| Script author: Per Pedersen - per.pedersen@microsoft.com |
raandree
/ DscAppPoolRecyclingIssue.ps1
Created
January 9, 2018 00:15
DSC Pull Server data loss reproduction
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $pullServer = Get-LabVM -Role DSCPullServer | |
| $sqlServer = Get-LabVM -Role SQLServer2016 | |
| $before = Invoke-LabCommand -ActivityName 'Get Row Count' -ComputerName $sqlServer -ScriptBlock { | |
| Invoke-Sqlcmd -Database DSC -Query "SELECT COUNT(*) AS Count FROM StatusReport" | |
| } -PassThru | |
| Invoke-LabCommand -ActivityName 'Backup DSC Database' -ComputerName $sqlServer -ScriptBlock { | |
| mkdir C:\SQLBackups -Force | |
| $backupCmd = "BACKUP DATABASE [DSC] TO DISK = N'C:\SQLBackups\DSC {0:yyMMdd-hhmmss}.bak' WITH NOFORMAT, NOINIT, NAME = N'DSC-Full Database Backup', SKIP, NOREWIND, NOUNLOAD, STATS = 10" -f (Get-Date) |