• Windows XP

    Get A List Of Software Installed On Windows And Uninstall Software Using Powershell

    The Get-AppxPackage cmdlet can be used to obtain a list of all apps installed on a Windows host. In the following example, we’ll look at the apps installed for all users using the -AllUsers option. Get-AppxPackage -AllUsers The output includes a Name, the name of the publisher, along with a location, the architecture, the version, the full name, the status, whether the software is signed, whether the development mode is enabled (useful when testing), the id of the publisher, the family, etc. Next we’ll do a Select against the found set. You can use so stdout displays the Name and the unique identifier, which we can then use to programmatically…

  • Windows Server

    Locate the Citrix Datastore

    There are times in a Citrix environment where you might have servers pointing to different data stores. You then might get confused about what box is pointing to what datastore location. To find out, open Powershell on the Citrix server and run the following command: cat "c:\program files\citrix\independent mananagement architecture\nf20.dsn"

  • Windows Server

    Rock the Logging Facilities in Windows Server (aka More Syslog Crap)

    The default logs in Windows Server can be tweaked to provide a little better information. This is really helpful, for example, if you’re dumping your logs to a syslog server. Here’s a script that can make it happen with a few little tweaks to how we interpret data (to be run per host, just paste into a Powershell interface as an administrator): auditpol /set /subcategory:"Security State Change" /success:enable /failure:enable auditpol /set /subcategory:"Security System Extension" /success:enable /failure:enable auditpol /set /subcategory:"System Integrity" /success:enable /failure:enable auditpol /set /subcategory:"IPsec Driver" /success:disable /failure:disable auditpol /set /subcategory:"Other System Events" /success:disable /failure:enable auditpol /set /subcategory:"Logon" /success:enable /failure:enable auditpol /set /subcategory:"Logoff" /success:enable /failure:enable auditpol /set /subcategory:"Account Lockout" /success:enable…

  • Active Directory,  Microsoft Exchange Server,  Windows Server

    Grep, Search, Loops and Basename for Powershell Hotness

    Simple request: Search for all files in a directory and the child directories for a specific pattern and then return the filename without the path to the file. There are a few commandlets we end up needing to use: Get-ChildItem: Creates a recursive array of filenames and pipes that output into the For loop. ForEach-Object: Starts a for loop, looping through the output of the command that has been piped into the loop (much easier than an IFS array IMHO). If: This starts the if pattern that ends after the select-string in the below command, but only dumps the $_.PSPath if the pattern is true. Select-String: Searches for the content…

  • Active Directory,  Windows Server

    Hey Active Directory, Can I Trade Some PowerShell For A Phone List?

    According to how you’ve been creating accounts, you might be the best friend of the office manager, who calls looking to see if you can generate a quick phone list. Or you might be useless. Either way, you should know how to obtain the data and therefore possibly how to be helpful to others. Or again, you might be a lost cause. Sorry, had to be said before I take over the entire Tri-State area. Anyway, let’s assume that you want to just grab the office phone number and that you’ve entered that into Active Directory. So let’s pull that and print it to the screen: Get-AdUser -Filter * -Properties…

  • Active Directory,  Mass Deployment,  Windows Server,  Windows XP

    Change Active Directory Forest Mode With A Script

    Changing the Forest Mode in Active Directory can be scripted. I find this useful when regression testing such tasks in a sandbox (e.g. restore image, automate login, change mode, run tests, etc). The script is very simple. First, you’ll import he ActiveDirectory modules: Import-Module -Name ActiveDirectory Then you’ll check for the mode prior to running: Get-ADForest | Format-Table ForestMode Then you’ll change the forest and domain modes (one per line): Set-ADForestMode –Identity “krypted.com” –ForestMode Windows2008Forest Set-ADDomainMode –Identity “krypted.com” –DomainMode Windows2008Domain Then you’ll report the result: Get-ADForest | Format-Table Name , ForestMode The end result could be as simple as three lines if just testing: Import-Module -Name ActiveDirectory Set-ADForestMode –Identity “krypted.com”…

  • Windows Server

    Setting PowerShell Execution Policies

    Microsoft doesn’t want any old tool to execute PowerShell scripts. But sometimes when we’re running a tool, we need the tool to be run in a way that violates the default execution policy. In order to facilitate this, Microsoft has also provided four levels of security for the PowerShell execution policy. These include: Restricted: The default execution policy, which forces commands to be entered interactively. All Signed: Only signed scripts can be run by a trusted publisher. Remote Signed: Any scripts created locally can run. Unrestricted: Any script can run. To configure an execution policy interactively, simply use the Set-ExecutionPolicy command followed by the name of the execution policy you…

  • Active Directory,  Windows Server

    Import And Export Active Directory Objects In Server 2012

    The LDIFDE utility exports and imports objects from and to Active Directory using the ldif format, which is kinda’ like csv when it gets really drunk and can’t stay on one line. Luckily, ldif can’t drive. Actually, each attribute/field is on a line (which allows for arrays) and an empty line starts the next record. Which can make for a pretty messy looking file the first time you look at one. The csvde command can be used to export data into the csv format instead. In it’s simplest form the ldifde command can be used to export AD objects just using a -f option to specify the location (the working…