#Windows #Powershell

Here's a script that I'm using to roll out the Quest ODM agent on PCs in my environment that do not have access to the LAN. I used Atera Service Desk to deploy it for internet-only installation.

Agent install and hosting

This script requires that you download the Device Agent from the Quest Migration for Active Directory downloads page:

Once that's complete, you will need to upload the file to a publicly accessible file share. I used Azure Files to create a storage container and provide direct access to the file. This URI will be pointed to in the script, so you cannot use something like OneDrive or SharePoint without special configuration.

Script

Before running this script, you will need to change the following XXX values:

• $QuestODMMSIURI – This will be the publicly accessible MSI that you uploaded to your file share.
• Auth Key – Found on the Quest Migration for Active Directory downloads page

Function Invoke-ODM_Agent_Install {

	$InstallCheck = Get-ItemProperty -Path "HKLM:\SOFTWARE\WOW6432Node\Quest\On Demand Migration For Active Directory\ODMAD_AD" -ErrorAction SilentlyContinue
  
  If ($null -eq $InstallCheck) {
    Write-Host 'Downloading ODM agent.' 
    $QuestODMMSIURI = 'XXX' # Change to use your own Azure Files URI
    $QuestODMdest = 'C:\Temp\ODM\QuestODM.msi' 
    Invoke-WebRequest -Uri $QuestODMMSIURI -OutFile (New-Item -Path $QuestODMdest -Force)

    Write-Host 'Installing ODM agent.'
    cmd /c "msiexec.exe /I `"C:\Temp\ODM\QuestODM.msi`" /qn SERVICEURL=https://us.odmad.quest-on-demand.com/api/ADM AUTHKEY=XXX" # Change to use your own authkey from Quest
    Write-Host 'Finished installing ODM agent.' 
  }
  ElseIf ($null -ne $InstallCheck) {
    Write-Host 'ODM agent is already installed.'
  }
  Else {
    Write-Host 'ERROR!' 
  }

}

Invoke-ODM_Agent_Install

Discuss...

#Windows #Powershell #Meraki

I wrote up a quick and dirty Powershell script today that adds a split-tunnel VPN connection, asks the user for connection info, dials the connection, then configures static routes.

# Add-MerakiVPN.ps1
# Creates a split-tunnel VPN connection and adds static routes.
# Tim D'Annecy 2021-09-08

function Add-MerakiVPN {
 
    $ServerAddress = 'blahblahblah.dynamic-m.com' # Change this value to match your Meraki hostname
    $ConnectionName = 'Meraki VPN'
    $PresharedKey = 'blah' # Change this value

    Add-VpnConnection `
        -Name $ConnectionName `
        -ServerAddress $ServerAddress `
        -TunnelType L2tp `
        -EncryptionLevel Optional `
        -SplitTunneling `
        -AllUserConnection `
        -L2tpPsk $PresharedKey `
        -AuthenticationMethod Pap, MSChapv2 `
        -Force

    $StaticRoutes = @(
        '10.0.13.0/24', # Change these to match your internal subnets
        '10.0.12.0/24',
        '172.16.0.0/16'
    ) 

    try {
        rasphone.exe -d $ConnectionName
        Start-Sleep -Seconds 30
        $StaticRoutes | foreach {
            New-NetRoute -DestinationPrefix $_ -InterfaceAlias $ConnectionName
        }
    }
    catch {
        Write-Error 'There was an error adding the VPN connection'
        exit
    }
}

Add-MerakiVPN

#Powershell #Windows

This one-liner imports a CSV formatted with at least the header Name and a list of user names. It outputs to a CSV with the SamAccountName and Enabled properties.

import-csv ".\in.csv" | ForEach-Object  { Get-ADUser -Identity $_.Name -Property samaccountname,enabled } | Select-Object -Property samaccountname,enabled | Export-Csv -Path ".\out.csv" -NoTypeInformation -Append

Discuss...

#Windows #Powershell

I found this post on Reddit and wanted to save the command for my notes.

Running this command in Powershell will give you the PC's currently connected SSID. This is handy for troubleshooting network issues when connected remotely through a PSSession.

netsh wlan show interfaces | select-string SSID

#powershell #Exchange

If you're using Microsoft Exchange Online, there's no way to currently see when a Mail Contact was created on the web dashboard.

I wanted to know when an address was added as a Mail Contact in one of our tenants, but I also wasn't able to get an audit trail using the Microsoft Compliance center.

As a workaround, this Powershell command will give the basic info for “WhenCreated”.

Get-Recipient -RecipientTypeDetails MailContact -ResultSize Unlimited | sort WhenCreated | select Name,Alias,WhenCreated

#Windows #Powershell

# Uninstall-UmbrellaRoamingClient
# Tim D'Annecy 2021-06-04
# Removes Cisco Umbrella Roaming Client.

function Uninstall-UmbrellaRoamingClient {
    [CmdletBinding()]
    param ()
 
    $UmbrellaStatus = (Get-Service -Name 'Umbrella_RC').Status

    If ( $UmbrellaStatus = 'Running' ) {
        Write-Host 'Roaming Client was running. Stopping now.'
        Stop-Service -Name 'Umbrella_RC' -Force
        try {
            #wmic Product where "name='Umbrella Roaming Client'" call uninstall
            (Get-WmiObject -Class win32_product -Filter "Name='Umbrella Roaming Client'").Uninstall()
            Write-Host 'Umbrella successfully uninstalled using wmic call.'
            Start-Sleep -Seconds 5
            Clear-DnsClientCache
        }
        catch {
            Write-Host 'Umbrella could not be uninstalled.'
        }
    }
    else {
        Write-Host 'Roaming Client was not running. Exiting.'
    }
}

Uninstall-UmbrellaRoamingClient

#Windows #Powershell

While most organizations are moving files to cloud-based solutions, I'm working for a client who wants to keep everything in-house. In this environment, some users had a private folder under a previous drive letter mapping, others didn't have anything at all.

I created this quick and dirty Powershell script to automate the cleanup process for existing users.

This script gets all users from AD, sets their HomeDirectory attribute in AD to a fileshare and mounts it on the U: drive, and creates private folders with the correct ACL permissions.

# Assign-PrivateDrive
# Tim D'Annecy 2021-07-09
# Creates shared drive folder with correct permissions and sets AD property.

function Assign-PrivateDrive {
    param()

    Import-Module ActiveDirectory
    $driveLetter = 'U:'
    $PrimaryDC = 'sample.dc'
    $activeOUDN = 'OU=Users,DC=sample,DC=local'

    $users = Get-ADUser -Filter { Enabled -eq $true }  -SearchBase $activeOUDN -Properties * 
    foreach ($user in $users) {
        $UserSAM = $user.SamAccountName
        $fullPath = "\\samplefs\share\Private\{0}" -f $UserSAM
        Set-ADUser -Server $PrimaryDC -Identity $UserSAM -HomeDrive $driveLetter -HomeDirectory $fullPath 
        
        if (!(Test-Path -Path $fullPath )) {
            Write-Host "Creating directory at $fullPath"
            New-Item -path $fullPath -ItemType Directory
            $acl = Get-Acl $fullPath

            $FileSystemRights = [System.Security.AccessControl.FileSystemRights]"Modify"
            $AccessControlType = [System.Security.AccessControl.AccessControlType]::Allow
            $InheritanceFlags = [System.Security.AccessControl.InheritanceFlags]"ContainerInherit, ObjectInherit"
            $PropagationFlags = [System.Security.AccessControl.PropagationFlags]"InheritOnly"
    
            $AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule ("sample\$UserSAM", $FileSystemRights, $InheritanceFlags, $PropagationFlags, $AccessControlType)
            $acl.AddAccessRule($AccessRule)
            
            Write-Host 'Setting permissions on folder.'
            Set-Acl -Path $fullPath -AclObject $acl 
        }
        else {
            Write-Host "Skipping $($user.Name) . Directory found at $fullPath"
        }
    } 
}

Assign-PrivateDrive

#Windows #Powershell

I found a great way to have something similar to the GNU program top on Windows in Powershell in this Stack Exchange post.

While(1) {ps | sort -des cpu | select -f 15 | ft -a; sleep 1; cls}

It's not the exact same app, but it gives you the top 15 running processes sorted by CPU load.

#Powershell

I read through quite a bit of troubleshooting information trying to get Powershell to fully expand the output of commands from a MS Online Service Module—in this case, Exchange Online.

I kept getting outputs with ellipses:

Get-DistributionGroup -Identity examplegroup@example.com | Format-table -Wrap -Autosize -Property Name,Acceptmessagesonlyfrom

AcceptMessagesOnlyFrom
----------------------
{Office of the President, Bob Smith, Bob Jones, Bob Doe...}

The way Powershell is handling this output is frustrating to me. I am not used to a scripting language cleaning up its output to look pretty, unless I specify some filtering options.

I played around with multiple versions of -wrap or -autosize and a ton of other arguments thinking it was an issue with format-table. The problem in this case is actually a quirk in the MS module, not the Powershell format-table or format-list command.

Luckily, this Stack Overflow post[A] has the solution to set the following:

$FormatEnumerationLimit=-1

... and then run your commands.

I was trying to run the following command to see which users had permissions to email a distribution group with a send-from restriction:

Connect-ExchangeOnline
$FormatEnumerationLimit=-1
Get-DistributionGroup -Identity XXX | Format-table -Wrap -AutoSize -property acceptmessagesonlyfrom

#Windows #Powershell

I have had to run this script to re-enable the meetings plugin for Outlook countless times. We’re running Office 365 and I have an E5 license and it seems like Outlook just likes to turn off this plugin. Here’s how you can use Powershell to turn it back on.

$AddinName = 'UCAddin.dll'
$ErrorActionPreference = 'SilentlyContinue'
$OutlookVersion = (Get-Item HKLM:\SOFTWARE\Classes\Outlook.Application\CurVer)."(default)".Replace("Outlook.Application.", "")
$wshell = New-Object -ComObject Wscript.Shell

$wshell.Popup("Click 'OK' to close Outlook. [Haga clic en 'Aceptar' para cerrar Outlook.]",0,"Done",0x0) > $null
Get-Process 'OUTLOOK' | Foreach-Object { $_.CloseMainWindow() | Out-Null } | stop-process –force

Get-Item -Path "HKCU:\Software\Policies\Microsoft\Office\$OutlookVersion.0\Outlook\Resiliency\AddinList" | Set-ItemProperty -Name $AddinName -Value 1
Get-Item -Path "HKCU:\Software\Microsoft\Office\$OutlookVersion.0\Outlook\Resiliency\DoNotDisableAddinList" | Set-ItemProperty -Name $AddinName -Value 1
Get-Item -Path "HKCU:\Software\Microsoft\Office\$OutlookVersion.0\Outlook\Resiliency\DisabledItems" | Remove-Item
Get-Item -Path "HKCU:\Software\Microsoft\Office\$OutlookVersion.0\Outlook\Resiliency\DisabledItems" | Out-Null
Get-Item -Path "HKCU:\Software\Microsoft\Office\$OutlookVersion.0\Outlook\Resiliency\CrashingAddinList" | Remove-Item
Get-Item -Path "HKCU:\Software\Microsoft\Office\$OutlookVersion.0\Outlook\Resiliency\CrashingAddinList" | Out-Null
Get-Item -Path "HKCU:\Software\Microsoft\Office\$OutlookVersion.0\Outlook\Resiliency\NotificationReminderAddinData" | Set-ItemProperty -Name ([string]::Format("{0}\dtype",$AddinName)) -Value 2
Get-Item -Path "HKCU:\Software\Microsoft\Office\$OutlookVersion.0\Outlook\Resiliency\NotificationReminderAddinData" | Set-ItemProperty -Name $AddinName -Value 2524611661
Get-Item -Path "HKCU:\Software\Microsoft\Office\$OutlookVersion.0\Outlook\Resiliency" | Set-ItemProperty -Name "CheckPoint" -Value 1
Get-Item -Path "HKCU:\Software\Microsoft\Office\Outlook\Addins\UCAddin.LyncAddin.1" | Set-ItemProperty -Name '(Default)' -Value 0
Get-Item -Path "HKCU:\Software\Microsoft\Office\Outlook\Addins\UCAddin.LyncAddin.1" | Set-ItemProperty -Name 'LoadBehavior' -Value 3

$wshell.Popup("Outlook plugin for Skype for Business meetings re-enabled. [Complemento de Outlook para reuniones de Skype Empresarial re-habilitado.]",0,"Done",0x0) > $null