0

Powershell – Show Mapped drives of remote machine (Win8/8.1 only)

Here again one line of code that could be very useful. unfortunately it only works on machines that are on Windows 8 or higher

get-wmiobject -class “Win32_MappedLogicalDisk” -namespace “root\CIMV2” -computername $Computername | Select DeviceID puttygen ,ProviderName

$Computername has to be changed to the machine Name you want to check. As always, local admin rights are needed and the Firewall has to be set correct.

if you Need more Information like size or free space, you can just run the command without the select part:

get-wmiobject -class “Win32_MappedLogicalDisk” -namespace “root\CIMV2” -computername $Computername

 

0

Powershell – Get GPResult of Remote Machine

Another one line of code that I use very often

Get-GPResultantSetOfPolicy Computer $ComputerName User $GPUser ReportType html path $Filepath

Where $Computername = Name of Computer putty download , $GPUser = Name of User, $Filepath = Path where Report gets saved, e.g. c:\temp\report.htm

It is way faster than using the wizard in gpmc.msc and adding a report

0

Powershell – Get Hostsfile of Remote Machine and add entries

Reading the hostsfile (Get-Content)

Here is a small script which can read a hostsfile of a remote machine (appropriate Firewall Settings and local admin rights required)

This can all be aquired with only one line of code:

Get-Content “\\$computername\c$\windows\system32\drivers\etc\Hosts”

$computername has to be changed to the machine Name of the remote Computer, eg. ws01

Adding new entries (Add-Content)

To add new entries you can use the Add-Content commandlet:

Add-Content “C:\Windows\System32\drivers\etc\hosts” “`r`n127.0.0.1`t`t`t`tgoogle.com”

This method can be useful for Software Distribution if host entries are required. You can’t use Add-Content commandlet for a remote machine. But there is a solution. Just start a remote Powershell Session (PS Remoting has to be enabled)

Start-Process powershell.exe -ArgumentList “-noexit -command Enter-PSSession -ComputerName $ComputerName”

in this session puttygen download , you can use the Add-Content Commandlet.

 

 

0

Powershell members of Local Admin Group on Remote Computer

You can easily check the local admins with the compmgmt.msc or direct via cmd “compmgmt.msc /computer:$ComputerName”

If you want to achive the Task with powershell, you just Need to use this code:

#region Get-LocalAdmins
function get-localadmins{
[cmdletbinding()]
Param(
[string]$computerName
)
$group = get-wmiobject win32_group -ComputerName $computerName -Filter “LocalAccount=True AND SID=’S-1-5-32-544′”
$query = “GroupComponent = `”Win32_Group.Domain=’$($group.domain)’`,Name=’$($group.name)’`””
$list = Get-WmiObject win32_groupuser -ComputerName $computerName -Filter $query
$list | %{$_.PartComponent} | % {$_.substring($_.lastindexof(“Domain=”) + 7).replace(“`”,Name=`””,“\”)}
}
#endregion Get-LocalAdmins

Now you can query every Computer with “get-localadmins computername” – You need local admin rights to do this.

 

 

0

Powershell AD User Unlock

With this Script you can unlock locked users from AD without RSAT or RDP to your AD Server. It can be only used with Domain Admins rights, which should be clear. You Need to install the Quest Admin Tools from http://www.quest.com/powershell/activeroles-server.aspx and then follow the script.

function Show-MsgBox
{
[CmdletBinding()]
param(
[Parameter(Position=0, Mandatory=$true)] [string]$Prompt,
[Parameter(Position=1, Mandatory=$false)] [string]$Title =“”,
[Parameter(Position=2, Mandatory=$false)] [ValidateSet(“Information”, “Question”, “Critical”, “Exclamation”)] [string]$Icon =“Information”,
[Parameter(Position=3, Mandatory=$false)] [ValidateSet(“OKOnly”, “OKCancel”, “AbortRetryIgnore”, “YesNoCancel”, “YesNo”, “RetryCancel”)] [string]$BoxType =“OkOnly”,
[Parameter(Position=4, Mandatory=$false)] [ValidateSet(1,2,3)] [int]$DefaultButton = 1
)
[System.Reflection.Assembly]::LoadWithPartialName(“Microsoft.VisualBasic”) | Out-Null
switch ($Icon) {
“Question” {$vb_icon = [microsoft.visualbasic.msgboxstyle]::Question }
“Critical” {$vb_icon = [microsoft.visualbasic.msgboxstyle]::Critical}
“Exclamation” {$vb_icon = [microsoft.visualbasic.msgboxstyle]::Exclamation}
“Information” {$vb_icon = [microsoft.visualbasic.msgboxstyle]::Information}}
switch ($BoxType) {
“OKOnly” {$vb_box = [microsoft.visualbasic.msgboxstyle]::OKOnly}
“OKCancel” {$vb_box = [microsoft.visualbasic.msgboxstyle]::OkCancel}
“AbortRetryIgnore” {$vb_box = [microsoft.visualbasic.msgboxstyle]::AbortRetryIgnore}
“YesNoCancel” {$vb_box = [microsoft.visualbasic.msgboxstyle]::YesNoCancel}
“YesNo” {$vb_box = [microsoft.visualbasic.msgboxstyle]::YesNo}
“RetryCancel” {$vb_box = [microsoft.visualbasic.msgboxstyle]::RetryCancel}}
switch ($Defaultbutton) {
1 {$vb_defaultbutton = [microsoft.visualbasic.msgboxstyle]::DefaultButton1}
2 {$vb_defaultbutton = [microsoft.visualbasic.msgboxstyle]::DefaultButton2}
3 {$vb_defaultbutton = [microsoft.visualbasic.msgboxstyle]::DefaultButton3}}
$popuptype = $vb_icon -bor $vb_box -bor $vb_defaultbutton
$ans = [Microsoft.VisualBasic.Interaction]::MsgBox($prompt,$popuptype,$title)
return $ans
}
# Script
$Locked_User = Get-QADUser -Locked | Select-Object -expand samaccountname
if ($Locked_User -ne $null){
Show-MsgBox -Prompt “The following Users are locked: `n $Locked_user” -Title “Locked Users” -Icon Information -BoxType OKOnly
$Confirmation_User = Show-MsgBox -Prompt “Unlock User?” -Title “Unlock User?” -Icon Information -BoxType YesNo
if ($Confirmation_User -eq “YES”){
$Unlock_User = $Locked_User
Unlock-QADUser $Unlock_User
$Locked_User_2 = Get-QADUser -Locked | Select-Object -expand samaccountname
if ($Locked_User_2 -eq $Locked_User){
$Locked_Error = Show-MsgBox -Prompt “Error unlocking $Unlock_User” -Title “Error unlocking User” -Icon Critical -BoxType OKOnly
}
else{
Show-MsgBox -Prompt “User $Unlock_User unlocked!” -Title “Entsperrt” -Icon Information -BoxType OKOnly
}
}
else{
Show-MsgBox -BoxType “OKOnly” -Title “Unlock User” -Prompt “No user unlocked!” -Icon “Information”}
}
else{
Show-MsgBox -Prompt “No user locked!” -Icon Information -BoxType OKOnly
}

First Comes the Show-Msg function for the Msg Boxes. Second the simple User Unlock function. If multiple Users are locked, you can unlock all at once.