TechShizz | All posts tagged 'PowerShell'

List a Client Machine informations with PowerShell

Here are two scripts, which can assist in getting hardware information about the computers on an active directory network. It'll get you the following information in a CSV file:

  1. Hostname
  2. Model
  3. RAM
  4. CPU
  5. Serial Number
  6. Manufacturer
  7. Operating System
  8. HDD Capacity
  9. HDD Space
  10. IP Address

If your DC has PowerShell V2 use this:

## FOR MACINES WITH POWERSHELL V2
Import-Module ActiveDirectory
$ComputerList = Get-ADComputer -filter * -Properties *
$csvpath = "C:\users\icuadminaccount\Desktop\Computers.csv"
foreach ($Computer in $ComputerList) {
##Title
$computerSystem = Get-WmiObject -ComputerName $Computer.Name -Class CIM_ComputerSystem
$output = "System Information for: " + $computerSystem.Name +"`n"
$output = $output + "Model: " + $computerSystem.Model +"`n"
$output = $output + "RAM: " + "{0:N2}" -f ($computerSystem.TotalPhysicalMemory/1GB) + "GB"+"`n"
##CPU
$computerCPU = Get-WmiObject -ComputerName $Computer.Name -Class CIM_Processor
$output = $output + "CPU: " + $computerCPU.Name +"`n"
Out-file -FilePath $csvpath -append
##BIOS
$computerBIOS = Get-WmiObject -ComputerName $Computer.Name -Class CIM_BIOSElement
$output = $output + "Serial Number: " + $computerBIOS.SerialNumber +"`n"
$output = $output + "Manufacturer: " + $computerBIOS.Manufacturer +"`n"
Out-file -FilePath $csvpath -append
##OS
$computerOS = Get-WmiObject -ComputerName $Computer.Name -Class CIM_OperatingSystem
$output = $output + "Last Reboot: " + $computerOS.LastBootUpTime +"`n"
$output = $output + "Operating System: " + $computerOS.caption + ", Service Pack: " + $computerOS.ServicePackMajorVersion +"`n"
Out-file -FilePath $csvpath -append
##Disks
$computerHDD = Get-WmiObject -ComputerName $Computer.Name -Class Win32_LogicalDisk -filter "DeviceID = 'C:'"
$output = $output + "HDD Capacity: " + "{0:N2}" -f ($computerHDD.Size/1024) + "GB" +"`n"
$output = $output + "HDD Space: " + "{0:P2}" -f ($computerHDD.FreeSpace/1024) + " Free (" + "{0:N2}" -f ($computerHDD.FreeSpace) + "KB)" +"`n"
$output | Out-file -FilePath $csvpath -append
}

If your DC has PowerShell V3+ use this:

## FOR MACINES WITH POWERSHELL V3+
Import-Module ActiveDirectory
$ComputerList = Get-ADComputer -filter * -Properties *
$csvpath = "C:\users\icuadminaccount\Desktop\Computers.csv"
foreach ($Computer in $ComputerList) {

$computerSystem = Get-CimInstance CIM_ComputerSystem
$computerBIOS = Get-CimInstance CIM_BIOSElement
$computerOS = Get-CimInstance CIM_OperatingSystem
$computerCPU = Get-CimInstance CIM_Processor
$computerHDD = Get-CimInstance Win32_LogicalDisk -filter "DeviceID = 'C:'"


$output = "System Information for: " $computerSystem.Name -BackgroundColor DarkCyan
$output = $output + "Manufacturer: " + $computerSystem.Manufacturer
$output = $output + "Model: " + $computerSystem.Model
$output = $output + "Serial Number: " + $computerBIOS.SerialNumber
$output = $output + "CPU: " + $computerCPU.Name
$output = $output + "HDD Capacity: " + "{0:N2}" -f ($computerHDD.Size/1GB) + "GB"
$output = $output + "HDD Space: " + "{0:P2}" -f ($computerHDD.FreeSpace/$computerHDD.Size) + " Free (" + "{0:N2}" -f ($computerHDD.FreeSpace/1GB) + "GB)"
$output = $output + "RAM: " + "{0:N2}" -f ($computerSystem.TotalPhysicalMemory/1GB) + "GB"
$output = $output + "Operating System: " + $computerOS.caption + ", Service Pack: " + $computerOS.ServicePackMajorVersion
$output = $output + "User logged In: " + $computerSystem.UserName
$output = $output + "Last Reboot: " + $computerOS.LastBootUpTime
$output | Out-file -FilePath $csvpath -append
}

How to update an IIS SSL certificate for an existing website using command line and PowerShell

If you need to install a new certificate on a web server that does not have a GUI (Server Core), you will need to update the current SSL certificate via command line and powershell. There are most likely more ways to do this than this method, but I find this works well for me.

1. First, if you need a new certificate, you need a new CSR. You DO NOT have to create the CSR on the server that will use the certificate. Use ANY IIS server to create and complete a new certificate request. Ensure you use 2048 bit certificates.

2. Purchase a certificate from a trusted certificate authority. I prefer SSL2Buy.com.

3. Once you have your certificate it will be downloadable as a ZIP file. It will contain .cer files. In order to install the certificate (firstly onto our GUI IIS server) we need it to be in the .pfx format, as this format lets us store the certificate's private key within it. Extract the certificates, and in IIS, complete the certificate request and select the certificate that's named www.yourdomain.com.cer - You should store the certificate in the "WebHosting" section if prompted.

4. Next, the certificate is installed, but in the wrong server. So we need to export it. Run MMC.exe, File, Add/Remove Snapins / Add the Certificates snap in, select computer account. Find the imported certificate. 

5. Export the certificate, right click, All Tasks, Export. Select .PFX format. Ensure you tick the "Make Private Key Exportable". You will be required to set a password against the certificate to protect the private key. Save the Certificate and then copy it to your IIS server (which has no GUI i.e. server core). 

6. Next we need to install the certificate with PowerShell.

PS C:\>$mypwd = Get-Credential -UserName 'Enter password below' -Message 'Enter password below'

PS C:\>Import-PfxCertificate -FilePath C:\mypfx.pfx -CertStoreLocation Cert:\LocalMachine\WebHosting -Password $mypwd.Password

7. Next we need to update the certificate on the existing binding:

We'll need to know the thumbprint of the certificate and the AppID of the website. I like to change to powershell in core, because it's good for parsing results in a readable format. Run PowerShell.exe then navigate to:

PS Cert:\LocalMachine\WebHosting\>

Run

dir | fl

You should be able to identify the certificate you have installed. Grab the Thumbprint.

8. Next we need the AppID - Run:

netsh http show sslcert

Find the AppID for your website you want to replace the SSL certificate for.

9. Next we use the AppID and Thumbprint to use the new certificate with the website - Note You need to EXIT from PowerShell before running this command - run this in CMD:

netsh http update sslcert hostnameport=www.techshizz.com:443 certhash=C4FA12345678923618B90972707121345678988811 appid={4ab64e81-e14b-4a21-b022-59fc66abcd64} certstorename=WebHosting

10. - DONE! 

How to run a Power Shell script from Task Scheduler

Problem

You are unable to get a Power Shell file to execute using the Task Scheduler

Cause

Two reasons:

  1. The execution policy needs to be set to Unrestricted
  2. The command in Task Scheduler needs to adhere to the correct syntax
  3. You must store the script in a place PowerShell trusts.
Solution

Firstly, store your powershell script in a place PowerShell trusts. To find this, open PowerShell and run:

$env:path

You will note that one of the safe places is "C:\Windows\System32".

Next, Set the execution Policy to Unrestricted using PowerShell. Open PowerShell as administrator and run:

Set-ExecutionPolicy -ExecutionPolicy Unrestricted

Press "A" to accept the changes. If you are using a computer account to run the script, you may need to set the execution policy on the local machine to Unrestricted like this:

Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope LocalMachine

Create a sheduled task as desired. On the actions tab the script must be run like this:

PowerShell.exe "C:\Windows\System32\MyScript.ps1"

Taking care to wrap the path in double quotes. 

One Drive character limit | PowerShell to find file path character length | File Path Character Limit

Problem

One Drive will not sync files with more than 400 charactes in the file path

Cause

Limitation

Solution

Use this script and execute to create a list of all files and their number of characters. Address by shortening folder and file names. 

 $pathToScan = "C:\APP1-Data\SharePointData\MW\MW - Documents" # The path to scan and the the lengths for (sub-directories will be scanned as well).
$outputFilePath = "C:\temp\PathLengths.txt" # This must be a file in a directory that exists and does not require admin rights to write to.
$writeToConsoleAsWell = $true # Writing to the console will be much slower.

# Open a new file stream (nice and fast) and write all the paths and their lengths to it.
$outputFileDirectory = Split-Path $outputFilePath -Parent
if (!(Test-Path $outputFileDirectory)) { New-Item $outputFileDirectory -ItemType Directory }
$stream = New-Object System.IO.StreamWriter($outputFilePath, $false)
Get-ChildItem -Path $pathToScan -Recurse -Force | Select-Object -Property FullName, @{Name="FullNameLength";Expression={($_.FullName.Length)}} | Sort-Object -Property FullNameLength -Descending | ForEach-Object {
$filePath = $_.FullName
$length = $_.FullNameLength
$string = "$length : $filePath"

# Write to the Console.
if ($writeToConsoleAsWell) { Write-Host $string }

#Write to the file.
$stream.WriteLine($string)
}
$stream.Close()


One Drive character limit | PowerShell to find file path character length | File Path Character Limit

Problem

One Drive will not sync files with more than 400 charactes in the file path

Cause

Limitation

Solution

Use this script and execute to create a list of all files and their number of characters. Address by shortening folder and file names. 

 $pathToScan = "C:\APP1-Data\SharePointData\MW\MW - Documents" # The path to scan and the the lengths for (sub-directories will be scanned as well).
$outputFilePath = "C:\temp\PathLengths.txt" # This must be a file in a directory that exists and does not require admin rights to write to.
$writeToConsoleAsWell = $true # Writing to the console will be much slower.

# Open a new file stream (nice and fast) and write all the paths and their lengths to it.
$outputFileDirectory = Split-Path $outputFilePath -Parent
if (!(Test-Path $outputFileDirectory)) { New-Item $outputFileDirectory -ItemType Directory }
$stream = New-Object System.IO.StreamWriter($outputFilePath, $false)
Get-ChildItem -Path $pathToScan -Recurse -Force | Select-Object -Property FullName, @{Name="FullNameLength";Expression={($_.FullName.Length)}} | Sort-Object -Property FullNameLength -Descending | ForEach-Object {
$filePath = $_.FullName
$length = $_.FullNameLength
$string = "$length : $filePath"

# Write to the Console.
if ($writeToConsoleAsWell) { Write-Host $string }

#Write to the file.
$stream.WriteLine($string)
}
$stream.Close()