Tips-Of-Mine/Powershell
2
0
Fork 0
Code Pull Requests Wiki Activity

update

Browse Source
This commit is contained in:
Hubert Cornet
2023-07-04 12:59:44 +02:00
parent 2cef42a718
commit 09c2faad93
231 changed files with 261001 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
Windows/Convert-ESD-to-WIM.ps1 Normal file
View File

@ -0,0 +1,9 @@
#Convertir une image Windows au format ESD en WIM
#Monter l'ISO, se rendre dans le dossier sources
#Récupérer les versions disponibles
dism /Get-WimInfo /WimFile:install.esd
#Extraire la version pro par exemple (Index 6), il faut aussi modifier la destination vers un dossier conne C:\images\install.wim par exemple
dism /export-image /SourceImageFile:install.esd /SourceIndex:6 /DestinationImageFile:install.wim /Compress:max /CheckIntegrity

16
Windows/Enable-Bitlocker.ps1 Normal file
View File

@ -0,0 +1,16 @@
# Bitlocker avec TPM
if ((Get-BitLockerVolume -MountPoint $env:SystemDrive).VolumeStatus -eq "FullyDecrypted") {
Add-BitLockerKeyProtector -MountPoint $env:SystemDrive -TpmProtector
Enable-BitLocker -MountPoint $env:SystemDrive -RecoveryPasswordProtector -SkipHardwareTest
}
#Bitlocker avec mot de passe
if ((Get-BitLockerVolume -MountPoint $env:SystemDrive).VolumeStatus -eq "FullyDecrypted") {
$BitLockerPwd = ConvertTo-SecureString "Password" -AsPlainText -Force
Add-BitLockerKeyProtector -MountPoint $env:SystemDrive -PasswordProtector -Password $BitLockerPwd
Enable-BitLocker -MountPoint $env:SystemDrive -RecoveryPasswordProtector -SkipHardwareTest
}

44
Windows/Get-BitlockerStatus.ps1 Normal file
View File

@ -0,0 +1,44 @@
<#
.SYNOPSIS
List all workstations in the domain. Fields include LastLogonDate and the latest BitLocker password set date (if present)
.DESCRIPTION
List all workstations in the domain. Fields include LastLogonDate and the latest BitLocker password set date (if present)
.PARAMETER SearchBase
OU where the script will begin it's search
.INPUTS
None
.OUTPUTS
CSV in script path
.EXAMPLE
.\Get-BitlockerStatus.ps1 -SearchBase ""
.NOTES
#>
[CmdletBinding()]
Param (
[string]$SearchBase = "OU=..."
)
Try { Import-Module ActiveDirectory -ErrorAction Stop }
Catch { Write-Warning "Unable to load Active Directory module because $($Error[0])"; Exit }
Write-Verbose "Getting Workstations..." -Verbose
$Computers = Get-ADComputer -Filter * -SearchBase $SearchBase -Properties LastLogonDate
$Count = 1
$Results = ForEach ($Computer in $Computers) {
Write-Progress -Id 0 -Activity "Searching Computers for BitLocker" -Status "$Count of $($Computers.Count)" -PercentComplete (($Count / $Computers.Count) * 100)
New-Object PSObject -Property @{
ComputerName = $Computer.Name
LastLogonDate = $Computer.LastLogonDate
BitLockerPasswordSet = Get-ADObject -Filter "objectClass -eq 'msFVE-RecoveryInformation'" -SearchBase $Computer.distinguishedName -Properties msFVE-RecoveryPassword, whenCreated | Sort-Object whenCreated -Descending | Select-Object -First 1 | Select-Object -ExpandProperty whenCreated
}
$Count ++
}
Write-Progress -Id 0 -Activity " " -Status " " -Completed
$ReportPath = Join-Path (Split-Path $MyInvocation.MyCommand.Path) -ChildPath "Get-BitlockerStatus.csv"
Write-Verbose "Building the report..." -Verbose
$Results | Select-Object ComputerName, LastLogonDate, BitLockerPasswordSet | Sort-Object ComputerName | Export-Csv $ReportPath -NoTypeInformation -Delimiter ";" -Encoding UTF8
Write-Verbose "Report saved at: $ReportPath" -Verbose

140
Windows/Get-RemoteProgram.ps1 Normal file
View File

@ -0,0 +1,140 @@
Function Get-RemoteProgram {
<#
.Synopsis
Generates a list of installed programs on a computer
.DESCRIPTION
This function generates a list by querying the registry and returning the installed programs of a local or remote computer.
.NOTES
Name : Get-RemoteProgram
Author : Jaap Brasser
Version : 1.3
DateCreated: 2013-08-23
DateUpdated: 2016-08-26
Blog : http://www.jaapbrasser.com
.LINK
http://www.jaapbrasser.com
.PARAMETER ComputerName
The computer to which connectivity will be checked
.PARAMETER Property
Additional values to be loaded from the registry. Can contain a string or an array of string that will be attempted to retrieve from the registry for each program entry
.PARAMETER ExcludeSimilar
This will filter out similar programnames, the default value is to filter on the first 3 words in a program name. If a program only consists of less words it is excluded and it will not be filtered. For example if you Visual Studio 2015 installed it will list all the components individually, using -ExcludeSimilar will only display the first entry.
.PARAMETER SimilarWord
This parameter only works when ExcludeSimilar is specified, it changes the default of first 3 words to any desired value.
.EXAMPLE
Get-RemoteProgram
Description:
Will generate a list of installed programs on local machine
.EXAMPLE
Get-RemoteProgram -ComputerName server01,server02
Description:
Will generate a list of installed programs on server01 and server02
.EXAMPLE
Get-RemoteProgram -ComputerName Server01 -Property DisplayVersion,VersionMajor
Description:
Will gather the list of programs from Server01 and attempts to retrieve the displayversion and versionmajor subkeys from the registry for each installed program
.EXAMPLE
'server01','server02' | Get-RemoteProgram -Property Uninstallstring
Description
Will retrieve the installed programs on server01/02 that are passed on to the function through the pipeline and also retrieves the uninstall string for each program
.EXAMPLE
'server01','server02' | Get-RemoteProgram -Property Uninstallstring -ExcludeSimilar -SimilarWord 4
Description
Will retrieve the installed programs on server01/02 that are passed on to the function through the pipeline and also retrieves the uninstall string for each program. Will only display a single entry of a program of which the first four words are identical.
#>
[CmdletBinding(SupportsShouldProcess=$true)]
param(
[Parameter(ValueFromPipeline =$true,
ValueFromPipelineByPropertyName=$true,
Position=0
)]
[string[]]
$ComputerName = $env:COMPUTERNAME,
[Parameter(Position=0)]
[string[]]
$Property,
[switch]
$ExcludeSimilar,
[int]
$SimilarWord
)
begin {
$RegistryLocation = 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\',
'SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\'
$HashProperty = @{}
$SelectProperty = @('ProgramName','ComputerName')
if ($Property) {
$SelectProperty += $Property
}
}
process {
foreach ($Computer in $ComputerName) {
$RegBase = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey([Microsoft.Win32.RegistryHive]::LocalMachine,$Computer)
$RegistryLocation | ForEach-Object {
$CurrentReg = $_
if ($RegBase) {
$CurrentRegKey = $RegBase.OpenSubKey($CurrentReg)
if ($CurrentRegKey) {
$CurrentRegKey.GetSubKeyNames() | ForEach-Object {
if ($Property) {
foreach ($CurrentProperty in $Property) {
$HashProperty.$CurrentProperty = ($RegBase.OpenSubKey("$CurrentReg$_")).GetValue($CurrentProperty)
}
}
$HashProperty.ComputerName = $Computer
$HashProperty.ProgramName = ($DisplayName = ($RegBase.OpenSubKey("$CurrentReg$_")).GetValue('DisplayName'))
if ($DisplayName) {
New-Object -TypeName PSCustomObject -Property $HashProperty |
Select-Object -Property $SelectProperty
}
}
}
}
} | ForEach-Object -Begin {
if ($SimilarWord) {
$Regex = [regex]"(^(.+?\s){$SimilarWord}).*$|(.*)"
} else {
$Regex = [regex]"(^(.+?\s){3}).*$|(.*)"
}
[System.Collections.ArrayList]$Array = @()
} -Process {
if ($ExcludeSimilar) {
$null = $Array.Add($_)
} else {
$_
}
} -End {
if ($ExcludeSimilar) {
$Array | Select-Object -Property *,@{
name = 'GroupedName'
expression = {
($_.ProgramName -split $Regex)[1]
}
} |
Group-Object -Property 'GroupedName' | ForEach-Object {
$_.Group[0] | Select-Object -Property * -ExcludeProperty GroupedName
}
}
}
}
}
}

47
Windows/New-LocalUser.ps1 Normal file
View File

@ -0,0 +1,47 @@
param (
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[string]$Name,
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[string]$Password,
[Parameter(Mandatory = $false)]
[ValidateNotNullOrEmpty()]
[string]$Group = "Utilisateurs"
)
#Vérifier si l'utilisateur existe déjà
try {
Get-LocalUser -Name $Name -ErrorAction Stop
Write-Host "User already exist, reseting the password..." -ForegroundColor Yellow
Set-LocalUser -Name $Name -Password (ConvertTo-SecureString -AsPlainText $Password -Force)
}
catch {
#Créer l'utilisateur
try {
New-LocalUser -Name $Name -Password (ConvertTo-SecureString -AsPlainText $Password -Force) -FullName $Name -Description "Created date: $(Get-Date)" -ErrorAction Stop
Write-Host "User created" -ForegroundColor Green
}
catch {
Write-Host "Error: User not created" -ForegroundColor Red
}
}
try {
try {
#Vérifier si le groupe existe et si l'utilisateur n'est pas déjà membre
$GroupMembers = Get-LocalGroupMember -Group $Group -ErrorAction Stop
if ($GroupMembers -match $Name) {
Write-Host "User already in the group" -ForegroundColor Yellow
}
else {
#Ajouter l'utilisateur au groupe
Add-LocalGroupMember -Group $Group -Member $Name -ErrorAction Stop
}
}
catch {
Write-Host "Group doesn't exist" -ForegroundColor Red
}
}
catch {
Write-Host "Error: Unable to add the user to the group" -ForegroundColor Red
}

35
Windows/New-certificate.ps1 Normal file
View File

@ -0,0 +1,35 @@
function New-Certificate {
[CmdletBinding(
SupportsShouldProcess = $true
)]
param(
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[string]$Name,
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[string]$Password,
[Parameter(Mandatory = $false)]
[ValidateNotNullOrEmpty()]
[bool]$Export = $false
)
$OldCert = Get-ChildItem -Path cert:\CurrentUser\My | Where-Object { $_.FriendlyName -eq $Name }
if ($OldCert) {
Write-Host "Cert Alreday Exist, Return "
Return
}
else {
$Create_Cert = New-SelfSignedCertificate -Subject "CN=$Name" -CertStoreLocation "Cert:\CurrentUser\My" -KeyUsage KeyEncipherment, DataEncipherment, KeyAgreement -Type DocumentEncryptionCert -FriendlyName $Name
Write-Host "New Certificate created"
if (($Export -eq $true)) {
if (Test-Path ($Name + "_Cert_Export.pfx")) {
Remove-Item (Join-Path ($Name + "_Cert_Export.pfx"))
Write-Verbose -Message "File alreday exist: removed"
}
$cert = Get-ChildItem -Path cert:\CurrentUser\My | Where-Object { $_.Thumbprint -eq $($Create_Cert.Thumbprint) }
Export-PfxCertificate -Cert $cert -FilePath ($Name + "_Cert_Export.pfx") -Password (ConvertTo-SecureString -AsPlainText $Password -Force)
Write-Host "Certificate Exported"
}
}
}

1
Windows/README.md Normal file
View File

@ -0,0 +1 @@
# Windows

22
Windows/Reset-Machine-Password.ps1 Normal file
View File

@ -0,0 +1,22 @@
#Vérifier la relation d'aprobation avec le domaine
#En batch
netdom verify /Domain:domain.local /UserO:User /PasswordO:*
#En PowerShell
Test-ComputerSecureChannel -Server 'DC.domain.local'
#Réparer la relation d'aprobation avec le domaine
#En batch
netdom resetpwd /s:DC /ud:User /pd:*
#En PowerShell
Reset-ComputerMachinePassword -Server "DC.domain.local" -Credential (Get-Credential)
#Autre méthode en PowerShell
Test-ComputerSecureChannel -Repair -Credential (Get-Credential)
#Sortir le PC du domaine
Remove-Computer -UnjoinDomaincredential (Get-Credential) -Restart -Force
#Remettre le PC dans le domaine
Add-Computer -DomainName domain.local -Credential (Get-Credential) -Restart -Force

10
Windows/Set-NetworkCategory.ps1 Normal file
View File

@ -0,0 +1,10 @@
#Droits admin nécessaire
#Afficher le profil actif
$ProfileName = Get-NetConnectionProfile
# Changer la catégorie du profil actif (valeurs acceptées : Public, Private, DomainAuthenticated)
Set-NetConnectionProfile -Name $ProfileName.Name -NetworkCategory Private
#Changer toutes sur toutes les connexions
Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory Private

101
Windows/Start-ControlPanelApplet Normal file
View File

@ -0,0 +1,101 @@
$ControlPanelApplets = [ordered]@{
"Add a Device wizard" = "$env:windir\System32\DevicePairingWizard.exe"
"Add Hardware wizard" = "$env:windir\System32\hdwwiz.exe"
"Add a Printer wizard" = "rundll32.exe shell32.dll,SHHelpShortcuts_RunDLL AddPrinter"
"Administrative Tools" = "control.exe /name Microsoft.AdministrativeTools"
"AutoPlay" = "control.exe /name Microsoft.AutoPlay"
"Backup and Restore" = "control.exe /name Microsoft.BackupAndRestoreCenter"
"BitLocker Drive Encryption" = "control.exe /name Microsoft.BitLockerDriveEncryption"
"Color and Appearance" = "explorer shell:::{ED834ED6-4B5A-4bfe-8F11-A626DCB6A921} -Microsoft.Personalization\pageColorization"
"Color Management" = "control.exe /name Microsoft.ColorManagement"
"Credential Manager" = "control.exe /name Microsoft.CredentialManager"
"Date and Time" = "control.exe /name Microsoft.DateAndTime"
"Default Programs" = "control.exe /name Microsoft.DefaultPrograms"
"Desktop Background" = "explorer shell:::{ED834ED6-4B5A-4bfe-8F11-A626DCB6A921} -Microsoft.Personalization\pageWallpaper"
"Desktop Icon Settings" = "rundll32.exe shell32.dll,Control_RunDLL desk.cpl,,0"
"Device Manager" = "control.exe /name Microsoft.DeviceManager"
"Devices and Printers" = "control.exe /name Microsoft.DevicesAndPrinters"
"Ease of Access Center" = "control.exe /name Microsoft.EaseOfAccessCenter"
"File Explorer Options" = "control.exe /name Microsoft.FolderOptions"
"File History" = "control.exe /name Microsoft.FileHistory"
"Fonts" = "control.exe /name Microsoft.Fonts"
"Game Controllers" = "control.exe /name Microsoft.GameControllers"
"Get Programs" = "control.exe /name Microsoft.GetPrograms"
"HomeGroup" = "control.exe /name Microsoft.HomeGroup"
"Indexing Options" = "control.exe /name Microsoft.IndexingOptions"
"Infrared" = "control.exe /name Microsoft.Infrared"
"Internet Properties" = "control.exe /name Microsoft.InternetOptions"
"iSCSI Initiator" = "control.exe /name Microsoft.iSCSIInitiator"
"Keyboard" = "control.exe /name Microsoft.Keyboard"
"Language" = "control.exe /name Microsoft.Language"
"Mouse Properties" = "control.exe /name Microsoft.Mouse"
"Network and Sharing Center" = "control.exe /name Microsoft.NetworkAndSharingCenter"
"Network Connections" = "control.exe ncpa.cpl"
"Network Setup Wizard" = "control.exe netsetup.cpl"
"Notification Area Icons" = "explorer shell:::{05d7b0f4-2121-4eff-bf6b-ed3f69b894d9}"
"ODBC Data Source Administrator" = "control.exe odbccp32.cpl"
"Offline Files" = "control.exe /name Microsoft.OfflineFiles"
"Performance Options" = "$env:windir\system32\SystemPropertiesPerformance.exe"
"Personalization" = "explorer shell:::{ED834ED6-4B5A-4bfe-8F11-A626DCB6A921}"
"Phone and Modem" = "control.exe /name Microsoft.PhoneAndModem"
"Power Options" = "control.exe /name Microsoft.PowerOptions"
"Presentation Settings" = "$env:windir\system32\PresentationSettings.exe"
"Programs and Features" = "control.exe /name Microsoft.ProgramsAndFeatures"
"Recovery" = "control.exe /name Microsoft.Recovery"
"Region" = "control.exe /name Microsoft.RegionAndLanguage"
"RemoteApp and Desktop Connections" = "control.exe /name Microsoft.RemoteAppAndDesktopConnections"
"Scanners and Cameras" = "control.exe /name Microsoft.ScannersAndCameras"
"Screen Saver Settings" = "rundll32.exe shell32.dll,Control_RunDLL desk.cpl,,1"
"Security and Maintenance" = "control.exe /name Microsoft.ActionCenter"
"Set Associations" = "control.exe /name Microsoft.DefaultPrograms /page pageFileAssoc"
"Set Default Programs" = "control.exe /name Microsoft.DefaultPrograms /page pageDefaultProgram"
"Set Program Access and Computer Defaults" = "rundll32.exe shell32.dll,Control_RunDLL appwiz.cpl,,3"
"Sound" = "control.exe /name Microsoft.Sound"
"Speech Recognition" = "control.exe /name Microsoft.SpeechRecognition"
"Storage Spaces" = "control.exe /name Microsoft.StorageSpaces"
"Sync Center" = "control.exe /name Microsoft.SyncCenter"
"System" = "control.exe /name Microsoft.System"
"System Icons" = "explorer shell:::{05d7b0f4-2121-4eff-bf6b-ed3f69b894d9} \SystemIcons,,0"
"System Properties" = "$env:windir\System32\SystemPropertiesComputerName.exe"
"Tablet PC Settings" = "control.exe /name Microsoft.TabletPCSettings"
"Text to Speech" = "control.exe /name Microsoft.TextToSpeech"
"User Accounts" = "netplwiz"
"Windows Defender Antivirus" = "$env:ProgramFiles\Windows Defender\MSASCui.exe"
"Windows Defender Firewall" = "control.exe /name Microsoft.WindowsFirewall"
"Windows Features" = "$env:windir\System32\OptionalFeatures.exe"
"Windows Mobility Center" = "control.exe /name Microsoft.MobilityCenter"
"Windows To Go" = "$env:windir\System32\pwcreator.exe"
"Work Folders" = "$env:windir\System32\WorkFolders.exe"
}
function Start-ControlPanelApplet {
[CmdletBinding()]
param
(
[string[]]
$Name
)
foreach ($Applet in $Name) {
cmd /c $ControlPanelApplets.$Applet
}
}
Register-ArgumentCompleter -CommandName Start-ControlPanelApplet -ParameterName Name -ScriptBlock {
param ($CommandName, $ParameterName, $WordToComplete, $CommandAst, $FakeBoundParameter)
$Keys = $ControlPanelApplets.Keys
foreach ($Key in $Keys) {
if ($Key -Match $WordToComplete) {
[System.Management.Automation.CompletionResult]::new(
"'$Key'",
$Key,
"ParameterValue",
($Key)
)
}
}
}
Set-Alias -Name cpl -Value Start-ControlPanelApplet

24
Windows/Test-GroupMember.ps1 Normal file
View File

@ -0,0 +1,24 @@
param (
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[string]$Name,
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[string]$Group
)
#Vérifier si le groupe existe et si l'utilisateur est membres
try {
$GroupMembers = Get-LocalGroupMember -Group $Group -ErrorAction Stop
if ($GroupMembers -match $Name) {
#Si oui retourner OUI
return $true
}
else {
#Sinon retourner NON
return $false
}
}
catch {
Write-Host "Group doesn't exist"
}

42
Windows/Windows-Notification.ps1 Normal file
View File

@ -0,0 +1,42 @@
[CmdletBinding(
SupportsShouldProcess = $true
)]
Param(
[Parameter(Mandatory = $false)]
[ValidateNotNullOrEmpty()]
[ValidateSet("Info", "Warning", "Error", "None")]
[string]$Type,
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[string]$Title,
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[string]$Text,
[Parameter(Mandatory = $false)]
[ValidateNotNullOrEmpty()]
[int]$Timeout = 10
)
#Ajouter les librairies Windows
Add-Type -AssemblyName System.Windows.Forms
Add-Type -AssemblyName System.Drawing
#Créer l'objet notification
$notify = new-object system.windows.forms.notifyicon
$notify.icon = [system.drawing.icon]::ExtractAssociatedIcon((join-path $pshome powershell.exe))
$notify.visible = $True
$notify.showballoontip($Timeout, $title, $text, $type)
switch ($Host.Runspace.ApartmentState) {
STA {
$null = Register-ObjectEvent -InputObject $notify -EventName BalloonTipClosed -Action {
$Sender.Dispose()
Unregister-Event $EventSubscriber.SourceIdentifier
Remove-Job $EventSubscriber.Action
}
}
default {
continue
}
}