Difference between revisions of "Powershell"
Jump to navigation
Jump to search
| Line 67: | Line 67: | ||
# Search Active Directory and via regular expression like filter and runs command | # Search Active Directory and via regular expression like filter and runs command | ||
Param( | Param( | ||
| + | [Parameter(Mandatory=$true)][string]$domain, | ||
[Parameter(Mandatory=$true)][string]$regexp, | [Parameter(Mandatory=$true)][string]$regexp, | ||
[Parameter(Mandatory=$true)][string]$command | [Parameter(Mandatory=$true)][string]$command | ||
) | ) | ||
| − | $domain = " | + | $SearchBase = "" |
| + | $domain.Split(".") | ForEach { | ||
| + | $SearchBase = $SearchBase + "DC=$_," | ||
| + | } | ||
| + | $SearchBase = $SearchBase.Substring(0,$SearchBase.Length-1) | ||
$cred = Get-Credential | $cred = Get-Credential | ||
| − | $hostnames = (Get-ADComputer -Filter "Name -like '$regexp'" -SearchBase | + | $hostnames = (Get-ADComputer -Filter "Name -like '$regexp'" -SearchBase $SearchBase -Server $domain -Properties Name | select-object -expandproperty name) |
foreach ($hostname in $hostnames) | foreach ($hostname in $hostnames) | ||
{ | { | ||
$fqdn = "$hostname.$domain" | $fqdn = "$hostname.$domain" | ||
| − | Write-Host " | + | Write-Host "$fqdn running cmd: $command" |
Invoke-Command -ComputerName $fqdn -Credential $cred -ScriptBlock { iex $Using:command } | Invoke-Command -ComputerName $fqdn -Credential $cred -ScriptBlock { iex $Using:command } | ||
} | } | ||
``` | ``` | ||
Revision as of 23:33, 29 January 2021
Command One liners
https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.diagnostics/get-counter?view=powershell-7
get-counter
get-counter -listset *
get-counter -listset * | findstr -i physicaldisk
Get-Counter '\physicaldisk(_total)\current disk queue length'
(Get-Counter -ListSet PhysicalDisk).PathsWithInstances
While(1) {ps | sort -des cpu | select -f 15 | ft -a; sleep 1; cls}
Get-Counter '\Process(*)\IO Data Operations/sec'
Get-Counter '\Memory\Page Faults/sec'
robocopy <source> <destination> /mir /copyall
get-service -Name *Examp*
Get-Process -ID 1111 | Select-Object *
systeminfo | find "Virtual Memory"
stop-service, restart-service
(Get-Counter '\Process(*)\% Processor Time').Countersamples | Where cookedvalue -gt ($NumberOfLogicalProcessors*10) | Sort cookedvalue -Desc | ft -a instancename, @{Name='CPU %';Expr={[Math]::Round($_.CookedValue / $NumberOfLogicalProcessors)}}
Get-Process | Sort CPU -Descending | Select -First 3 -Property ID,ProcessName,CPU
Get-Process -IncludeUserName
Get-Process | Where-Object {$_.mainWindowTitle} | Format-Table Id, Name, mainWindowtitle -AutoSize
Get-WinEvent -ListLog * | findstr -i dns
Get-WinEvent "DNS Server" -MaxEvents 20
More
Get-Counter -ErrorAction SilentlyContinue '\Process(*)\% Processor Time' | Select-Object -ExpandProperty countersamples| Select-Object -Property instancename, cookedvalue| ? {$_.instanceName -notmatch "^(idle|_total|system)$"} | Sort-Object -Property cookedvalue -Descending| Select-Object -First 10| ft InstanceName,@{L='CPU';E={($_.Cookedvalue/100/$env:NUMBER_OF_PROCESSORS).toString('P')}} -AutoSize
Salt
sudo salt -C 'G@os:Windows' cmd.powershell "(Get-Process | Sort CPU -Descending | Select -First 3 -Property ID,ProcessName,CPU)" sudo salt -C 'example*' cmd.powershell "(Get-Process | Sort CPU -Descending | Select -First 3 -Property ID,ProcessName,CPU)"
def jtest(var):
var2 = var + 1 print(var2)
var2 = var + 1 print(var2)
Powershell security
Set-ExecutionPolicy RemoteSigned
Enable RDP
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -value 0 Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
Disable RDP
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -value 1 Disable-NetFirewallRule -DisplayGroup "Remote Desktop"
# Search Active Directory and via regular expression like filter and runs command
Param(
[Parameter(Mandatory=$true)][string]$domain,
[Parameter(Mandatory=$true)][string]$regexp,
[Parameter(Mandatory=$true)][string]$command
)
$SearchBase = ""
$domain.Split(".") | ForEach {
$SearchBase = $SearchBase + "DC=$_,"
}
$SearchBase = $SearchBase.Substring(0,$SearchBase.Length-1)
$cred = Get-Credential
$hostnames = (Get-ADComputer -Filter "Name -like '$regexp'" -SearchBase $SearchBase -Server $domain -Properties Name | select-object -expandproperty name)
foreach ($hostname in $hostnames)
{
$fqdn = "$hostname.$domain"
Write-Host "$fqdn running cmd: $command"
Invoke-Command -ComputerName $fqdn -Credential $cred -ScriptBlock { iex $Using:command }
}