|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 |
#Error Code List # 0 No Litigation Hold # 1 Litigation Hold #Param must be the first executable line [CmdletBinding()] Param( [string] $EID = "SamAccountName" #Eid to check for Litigation Hold ) #Remove-Variable * -ErrorAction SilentlyContinue; Remove-Module *; $error.Clear(); Clear-Host #You cannot use this with Param Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010 try { $Onhold = get-mailbox $EID if ($Onhold -eq $null) { Write-Host "Powershell: No mailbox located for this user!" exit 0 } if ($Onhold.LitigationHoldEnabled -eq $false) { Write-Host "Powershell: This box is NOT on hold!" exit 0 } else { Write-Host "Powershell: This box is on hold!" exit 1 } } catch { $_ $_.Exception.Message $_.Exception.ItemName Write-Host "Powershell: Exception for " + $EID + "!" exit 1 } |
Monthly Archives: October 2018
I'll let myself in
So this weekend I ended up doing some research and video blogging and I came across this gem. Got to say it was a very interesting and eye-opening 45-minute video for those who like physical security. https://www.youtube.com/watch?v=rnmcRTnTNC8
Powershell Viewing and Moving users from Exchange Database to another Database
A little nifty Powershell script I threw together to move users around as they get promoted to allow them to have larger inbox quotas. =)
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 |
Remove-Variable * -ErrorAction SilentlyContinue; Remove-Module *; $error.Clear(); Clear-Host Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010 foreach($line in get-content "\\Server\Exports\Feed.txt") { if (![string]::IsNullOrWhiteSpace($line)) { $recipients = $line -split [RegEx]::Escape("|") Try { $EID = $recipients[1].trim() $EmpType = $recipients[17].trim() $User = Get-ADUser -LDAPFilter "(sAMAccountName=$EID)" -Properties Mail If ($User.mail -eq $Null) { continue } $Mb = Get-Mailbox -Identity $EID if (-not $Mb) { continue } if ($EmpType -eq "DIR") { if ($Mb.Database -ne "DB04" -and $Mb.Database -ne "DBA07") { Write-Host $EID $EmpType $Mb.Database New-MoveRequest -Identity $EID -TargetDatabase "DBA04" -WhatIf } } if ($EmpType -eq "ELT") { if ($Mb.Database -ne "DB07") { Write-Host $EID $EmpType $Mb.Database New-MoveRequest -Identity $EID -TargetDatabase "DBA07" -WhatIf } } } catch { } } } |
Basic Analysis: Circle of 5th Major and Minor Scales
So during my practice of my Sonatina, I was in the Key of G Major, I was doing some deep thinking on converting it to its Parallel and Relative Keys, In this case, G Minor and D Minor. During this example, I thought on how that is the near order of the Major Scale. So …
Continue reading “Basic Analysis: Circle of 5th Major and Minor Scales”
Powershell: Maintaining Correct Permissions on a fileshare and Purging Old Data
Here is a copy of a nice little powershell script I threw together to help maintain permissions on servers.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 |
Remove-Variable * -ErrorAction SilentlyContinue; Remove-Module *; $error.Clear(); Clear-Host $RootFSPath = "G:\users3" Function GetFolderACL([string]$User, [bool]$Recursive) { $filePath = "$RootFSPath\$User" #Get-Acl -Path $filePath | Format-List $filePathacl = Get-Acl -Path $filePath if ($Recursive -eq $True) { $folders = Get-ChildItem $filePath -Recurse #-Directory foreach ($folder in $folders) { #Get-Acl -Path $folder.FullName | Format-List foreach ($access in $filePathacl.Access) { if ($access.IdentityReference.Value -eq "YourDomain\$user" -and $access.FileSystemRights -eq "Modify, Synchronize") { continue } if ($access.IdentityReference.Value -eq "NT AUTHORITY\SYSTEM" -and $access.FileSystemRights -eq "FullControl") { continue } if ($access.IdentityReference.Value -eq "BUILTIN\Administrators" -and $access.FileSystemRights -eq "FullControl") { continue } if ($access.IdentityReference.Value -eq "YourDomain\Domain Admins" -and $access.FileSystemRights -eq "FullControl") { continue } Write-Host $access.IdentityReference $access.FileSystemRights } } } } Function GetFolderACLRecursive([string]$filePath, [string]$User,[bool]$Recursive) { if ($Recursive -eq $True) { $folders = Get-ChildItem $filePath -Recurse -Directory foreach ($folder in $folders) { GetFolderACLRecursive $folder.PSPath $true } } [bool]$UserPerm = $false [bool]$SystemPerm = $false [bool]$AdminPerm = $false [bool]$DomainAdminPerm = $false $Searcher = [ADSISearcher]"(sAMAccountName=$folder)" $Results = $Searcher.FindOne() If ($Results -eq $Null) { if ($filePath -ne "$RootFSPath\") { #try your best not to wak the parent folder due to Hr's typeo's ;) Write-Host "$folder does not exist in AD, $filePath can be deleted... Deleting" Remove-Item –path $filePath –recurse -force $UserPerm = $true } } else #If they do exit check the ACLS { $filePathacl = Get-Acl -Path $filePath foreach ($access in $filePathacl.Access) { if ($access.IdentityReference.Value -eq "YourDomain\$User" -and $access.FileSystemRights -eq "Modify, Synchronize") { $UserPerm = $true continue } if ($access.IdentityReference.Value -eq "NT AUTHORITY\SYSTEM" -and $access.FileSystemRights -eq "FullControl") { $SystemPerm = $true continue } if ($access.IdentityReference.Value -eq "BUILTIN\Administrators" -and $access.FileSystemRights -eq "FullControl") { $AdminPerm = $true continue } if ($access.IdentityReference.Value -eq "YourDomain\Domain Admins" -and $access.FileSystemRights -eq "FullControl") { $DomainAdminPerm = $true continue } Write-Host $filePath.PadRight(15) $access.IdentityReference $access.FileSystemRights } if ($SystemPerm -eq $false) { Write-Host "Missing System Permission to $filePath" } if ($AdminPerm -eq $false) { Write-Host "Missing Admin Permission to $filePath" } if ($DomainAdminPerm -eq $false) { Write-Host "Missing DominAdmin Permission to $filePath" } if (($UserPerm -eq $false) -or ($SystemPerm -eq $false) -or ($AdminPerm -eq $false) -or ($DomainAdminPerm = $false)) { return $false } } } Function SetFolderACL([string]$User, [bool]$Recursive, [bool]$EnableInheritance, [bool]$DisableInheritance) { $filePath = "$RootFSPath\$User" $filePathacl = Get-Acl -Path $filePath if ($EnableInheritance -eq $True) #This should not happen if we are looking to disable Inheritance, We want to remove it from the parent folder last below in this code. { foreach ($access in $filePathacl.Access) { #if ($access.IdentityReference.Value -eq $user) { #$acl.RemoveAccessRule($access) | Out-Null $filePathacl.RemoveAccessRule($access) #} } $filePathacl.SetAccessRuleProtection($false,$false) Set-Acl -Path $filePath -AclObject $filePathacl } if ($Recursive -eq $True) { $folders = Get-ChildItem $filePath -Recurse #-Directory foreach ($folder in $folders) { $acl = Get-Acl -Path $folder.FullName Write-Host $folder.FullName if ($EnableInheritance -eq $True) { $acl.SetAccessRuleProtection($false,$false) Set-Acl -Path $folder.FullName -AclObject $acl } if ($DisableInheritance -eq $True) { $acl.SetAccessRuleProtection($true,$true) Set-Acl -Path $folder.FullName -AclObject $acl } foreach ($access in $acl.Access) { #if ($access.IdentityReference.Value -eq $user) { #$acl.RemoveAccessRule($access) | Out-Null $acl.RemoveAccessRule($access) #} } Set-Acl -Path $folder.FullName -AclObject $acl } } if ($DisableInheritance -eq $True) #This should not happen if we are looking to disable Inheritance, We want to remove it from the parent folder last below in this code. { $filePathacl = Get-Acl -Path $filePath $filePathacl.SetAccessRuleProtection($true,$true) foreach ($access in $filePathacl.Access) { #if ($access.IdentityReference.Value -eq $user) { #$acl.RemoveAccessRule($access) | Out-Null $filePathacl.RemoveAccessRule($access) #} } Set-Acl -Path $filePath -AclObject $filePathacl } $acl = Get-Acl -Path $filePath $permission = "YourDomain\$user", "Modify", "ContainerInherit, ObjectInherit", "None", "Allow" $accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule $permission $acl.SetAccessRule($accessRule) $acl | Set-Acl $filepath } Function SetStrightFolderACL([string]$User, [bool]$Recursive, [bool]$EnableInheritance, [bool]$DisableInheritance) { Write-Host $folder.FullName $filePath = "$RootFSPath\$User" $filePathacl = Get-Acl -Path $filePath $acl = Get-Acl -Path $filePath $permission = "YourDomain\$user", "Modify", "ContainerInherit, ObjectInherit", "None", "Allow" $accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule $permission $acl.SetAccessRule($accessRule) $acl | Set-Acl $filepath } $folders = Get-ChildItem "$RootFSPath" #-Recurse #-Directory foreach ($folder in $folders) { $acl = Get-Acl -Path $folder.FullName #Write-Host (GetFolderACLRecursive "G:\users3\$folder" $folder $false) $result = GetFolderACLRecursive "$RootFSPath\$folder" $folder $false if ($result -eq $false) { $Searcher = [ADSISearcher]"(sAMAccountName=$folder)" $Results = $Searcher.FindOne() If ($Results -eq $Null) { #Write-Host "Users does not exist in AD" } Else { #Write-Host "User found in AD" SetFolderACL $folder.Name $true $false $True #Remove Inhairtance SetFolderACL $folder.Name $true $true $false #Enable Inhairtance } } #Write-Host $folder.FullName #Write-Host $folder.Name #GetFolderACL $folder.Name $false #SetStrightFolderACL $folder.Name $true $true $false #Enable Inhairtance #SetFolderACL $user $true $true $false #Enable Inhairtance } exit #GetFolderACL $user $true SetFolderACL $user $true $false $True #Remove Inhairtance SetFolderACL $user $true $true $false #Enable Inhairtance exit SetFolderACL $user $true $false $True #Remove Inhairtance exit SetFolderACL $user $true $true $false #Enable Inhairtance exit |