Skip to content

Category: Powershell

[Powershell] Enabling a testaccount with a randomly generated password

Another script to share, it’s quick and dirty but it does what it’s supposed to do so I might as well share it with whoever needs it.

The script was written for a hosted environment with three customers, each with a seperate test account. The test accounts are disabled at the end of the day by a scheduled task and can be enabled when needed by running this script.

The person running the script fills in the customer name and based on that it enables the right account and gives it a randomly generated password.

<#

## Description ##
   This script is used to enable the test account with a randomly generated password for a specific customer.
      
   By:  Stefan van Bruggen
   For: De Koning
	    
 
## Current Version: 1.0 ##

   Changelog:
   ----------------
   v1.0: First release
 
#>

# Load Prerequisites
[System.Reflection.Assembly]::LoadWithPartialName('Microsoft.VisualBasic')
Add-Type -AssemblyName System.Web

# Check for Active Directory module and import it
if (-not (Get-Module ActiveDirectory)){            
  Import-Module ActiveDirectory            
}    

# Create function for generating a random password
Function New-RandomPassword {
$Password = "[email protected]#$%^&*0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz".tochararray()
($Password | Get-Random -Count 10) -Join ''
}

# Set global variables
$Cust1 = "testcust1"
$Cust2 = "testcust2"
$Cust3 = "testcust3"

# Set variables
$input = [Microsoft.VisualBasic.Interaction]::InputBox('Enter customer name', 'Enable Test Account', 'Customer1/Customer2/Customer3') 
$random = New-RandomPassword
$password = ConvertTo-SecureString -String "$random" -AsPlainText –Force
$customer = $input.ToString()

# Enable the test-account and set a randomly generated password
if (!$customer) { write-host "Please enter customer name" -ForegroundColor Red}

if ($customer -eq "Customer1") {write-host "Enabling $Cust1" -ForegroundColor Yellow
                        Enable-ADAccount $Cust1
                        Set-ADAccountPassword -Identity $Cust1 -NewPassword $password}

if ($customer -eq "Customer2") {write-host "Enabling $Cust2" -ForegroundColor Yellow
                        Enable-ADAccount $Cust2
                        Set-ADAccountPassword -Identity $Cust2 -NewPassword $password}

if ($customer -eq "Customer3") {write-host "Enabling $Cust3" -ForegroundColor Yellow
                        Enable-ADAccount $Cust3
                        Set-ADAccountPassword -Identity $Cust3 -NewPassword $password}

# Show the generated password
Write-Host "Account password has been reset to:" -ForegroundColor Green
Write-Host ""
Write-Host "$random" -ForegroundColor Yellow
Write-Host ""
Write-Host ""

# Exit after input
Read-Host " Press enter to exit "
exit

 

[Powershell] Manipulating a machine’s asset tag in the MDT database

I wrote this function for my fellow IT engineer (and brother) Robin van Bruggen who is building a script that allows his co-workers to change the OSDComputerName and AssetTag values for a specified machine without manually manipulating the MDT SQL database.

The script uses the MDTDB module created by Michael Niehaus (which can be found HERE). This module allows you to change pretty much anything you would want to change in the MDT database except for, you’ve guessed it, the asset tag.

Anyway, to keep a long story short, add this to the MDTDB.psm1 file and you’re good to go!

 

function Set-MDTComputerAssetTag {

    [CmdletBinding()]
    PARAM
    (
        [Parameter(ValueFromPipelineByPropertyName=$true, Mandatory=$true)] $id,
        [Parameter(ValueFromPipelineByPropertyName=$true)] $assetTag
    )
    
    Process
    {
        # Tell SQL which table to edit and what to look for
        $sql = "UPDATE ComputerIdentity 
        SET AssetTag = '$assetTag'
        WHERE ID = '$id'"
        Write-Verbose "About to execute command: $sql"
        $identityCmd = New-Object System.Data.SqlClient.SqlCommand($sql, $mdtSQLConnection)
        $identity = $identityCmd.ExecuteScalar()
        Write-Verbose "Added computer identity record"

        
        # Write the updated record back to the pipeline
        Get-MDTComputer -ID $id
    }
} 

 

[Powershell] Removing the NXLOG-agent without the Nagios management interface.

I made this script at the request of a colleague, who needed a quick way to remove the NXLOG-agent without having to resort to the management interface (which was unavailable).

<#
.Description
   Script for the removal of the NXLOG agent without the use of the Nagios management interface.
   
   Current Version: 1.0
   Changelog:
   ----------------
   v1.0: First version, ready for use
   
   By: Stefan van Bruggen <[email protected]>
   For: de Koning B.V <[email protected]

#>

##		Define the path where the key should be located and start a recursive search
##		The script only looks for a registry key containing the right display name and publisher, and selects the LocalPackage property.

$inst = Get-ChildItem -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\* -Recurse | Get-ItemProperty | 
		Where-Object {$_.DisplayName -like 'NXLOG-CE' -and $_.Publisher -like 'nxsec.com' -and $_.Publisher -ne '' } |
		Select-Object LocalPackage -ExpandProperty LocalPackage

## 	Silent install of the package, required for the next step

Start-Process $inst -arg '/q' -Wait

##	 Silent uninstall of the agent

Start-Process "msiexec.exe" -arg "/X $inst /qn" -Wait

This script could also be modified quite easily to run on a remote computer by adding the following at the beginning of the script:

$PC='SRV-NAME-01'

Invoke-Command -ComputerName $PC -ScriptBlock {

In this case, don’t forget to add a in line 21.

[Powershell] Corrupt Userprofiles – Quick fix via Powershell

Customer X had a long ongoing problem with userprofiles getting corrupted due to their antivirus solution holding the ntuser.dat file hostage. It took a while before we found the cause of this problem so we had to think of a quick fix to keep things running.
Another problem was that the locally stored corrupted profile was getting synced to the profile server, causing trouble for users on multiple workstations.

To save time and to give the sysadmins an easy way to clean these corrupted profiles, I automated the process with this (admittedly messy) script.

I’ve also added some workarounds that start the required services used in this script, because in some cases these are not enabled (WinRM, Remote Registry, etc.)

Note: The text in the popup is in Dutch.

<#
.Description
   Script for cleaning up corrupted userprofiles.
   Gebaseerd op: 	https://technet.microsoft.com/en-us/library/ff730941.aspx
					https://msexchange.me/2014/03/11/powershell-custom-gui-input-box-for-passing-values-to-variables/

   Current Version: 1.2
   Versiebeheer:
   ----------------
   v1.0: First working version
   v1.1: Added automated starting of the required services
   v1.2: Script cleaned up
   
   Door: Stefan van Bruggen, de Koning B.V.
		 [email protected]

#>

function button ($title,$username,$workstation) {

## Laden van assemblys
[void][System.Reflection.Assembly]::LoadWithPartialName( “System.Windows.Forms”)
[void][System.Reflection.Assembly]::LoadWithPartialName( “Microsoft.VisualBasic”)

## Formaat van het input-venster
$form = New-Object “System.Windows.Forms.Form”;
$form.Width = 500;
$form.Height = 200;
$form.Text = $title;
$form.StartPosition = [System.Windows.Forms.FormStartPosition]::CenterScreen;

## Definieren van label1
$textLabel1 = New-Object “System.Windows.Forms.Label”;
$textLabel1.Left = 25;
$textLabel1.Top = 15;
$textLabel1.Text = $username;

## Definieren van label2
$textLabel2 = New-Object “System.Windows.Forms.Label”;
$textLabel2.Left = 25;
$textLabel2.Top = 50;
$textLabel2.Text = $workstation;


## Definieren van input-veld box1
$textBox1 = New-Object “System.Windows.Forms.TextBox”;
$textBox1.Left = 150;
$textBox1.Top = 10;
$textBox1.width = 200;

## Definieren van input-veld box2
$textBox2 = New-Object “System.Windows.Forms.TextBox”;
$textBox2.Left = 150;
$textBox2.Top = 50;
$textBox2.width = 200;

## Definieren van standaardwaarde input-velden
$textBox1.Text = "Gebruikersnaam";
$textBox2.Text = "Werkstation";

## Definieren van OK-knop
$button = New-Object “System.Windows.Forms.Button”;
$button.Left = 360;
$button.Top = 85;
$button.Width = 100;
$button.Text = “Ok”;

## Definieren van actie bij klikken OK
$eventHandler = [System.EventHandler]{
$textBox1.Text;
$textBox2.Text;
$form.Close();};
$button.Add_Click($eventHandler) ;

## Definieren van controls
$form.Controls.Add($button);
$form.Controls.Add($textLabel1);
$form.Controls.Add($textLabel2);
$form.Controls.Add($textBox1);
$form.Controls.Add($textBox2);
$ret = $form.ShowDialog();

## Definieren van ingevoerde waarden

return $textBox1.Text, $textBox2.Text
}

$return= button “Invoer Gebruikersgegevens” “Gebruikersnaam” “Computernaam”

## De waarden die zijn ingevoerd zijn op te vragen via
## $return[0] voor de username
## $return[1] voor het werkstation

## Define profile share
$ProfileShare = "\\SERVER01.domain.local\Profiles$\"

## Define full path to userprofile
$FullPath = $ProfileShare + $return[0] + ".v2" 

## Rename ntuser.dat on the profile server
Get-ChildItem $FullPath -recurse -force | Where {$_.name -eq "ntuser.dat"} | rename-item -newname {  $_.name  -replace "ntuser.dat","ntuser.dat_old"  }

## Get the SID for the deletion of the registry key
$usersidrequest = $return[0]
$userSID = ([System.Security.Principal.NTAccount]("ahoy.local\$usersidrequest")).Translate([System.Security.Principal.SecurityIdentifier]).Value

## Delete registry key on the werkstation and starting of Remote Registry service
$workstation = $return[1]
(Get-Service -ComputerName $workstation -Name "WinRM").Start()
(Get-Service -ComputerName $workstation -Name "RemoteRegistry").Start()

$reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey(‘LocalMachine’,$workstation)

       $regKey= $reg.OpenSubKey(“SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList”,$true )
       $regKey.DeleteSubKeyTree($userSID)

## Rename locally cached userprofile to _old
$workstationunc = "\\" + $workstation + "\c$\Users\"
$workstationuser = $return[0]
$rename = $workstationuser + "_old"
Get-ChildItem $workstationunc -force | Where {$_.name -eq $workstationuser} | rename-item -newname {  $_.name  -replace $workstationuser,$rename } -ErrorAction Continue

 

 

Stefan van Bruggen - 2019