Friday, July 27, 2018

vmware - Powershell get hardware inventory

Need a script to get serial numbers from my esxi hosts and a few other items
PowerState        : PoweredOn
Version           : 6.0.0
NumCpu            : 12
Cluster           : Clustername
MaxEVCMode        : intel-haswell
vCenter           : vcentername
Name              : esxi host name
Build             : buildnumber
CpuCoreCountTotal : 12
Model             : Hardware model number
MemoryTotalGB     : Total memory of esxi host
CpuModel          : cpu model
MemoryUsageGB     : memory usage at time of report
SerialNumber      : esxi host serial number
ConnectionState   : Connected
Prior to running this make sure you are up to date on your vmware powercli via
Install-Module -Name VMware.PowerCLI
Import-Module VMware.VimAutomation.Core
Set-PowerCLIConfiguration -Scope User -ParticipateInCEIP $false
Set-PowerCLIConfiguration -InvalidCertificateAction ignore -confirm:$false
Update-Module -Name VMware.PowerCLI
$vcenter = "vcenterhostname"

#Tony Unger
#Requires -Version 5

<#If script fails try to run the following commands 

Install-Module -Name VMware.PowerCLI
Import-Module VMware.VimAutomation.Core
Set-PowerCLIConfiguration -Scope User -ParticipateInCEIP $false
Set-PowerCLIConfiguration -InvalidCertificateAction ignore -confirm:$false
Update-Module -Name VMware.PowerCLI

#>

& 'C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Scripts\Initialize-PowerCLIEnvironment.ps1'
$report =@()

Connect-VIServer -Server $vcenter


$vmHosts = get-vmhost | select Name,`
ConnectionState,`
PowerState,`
NumCpu,`
MemoryUsageGB,`
MemoryTotalGB,`
Version,`
Build,`
MaxEVCMode,`
@{N="Cluster";E={ $_.Parent}},`
@{N="vCenter";E={ ($_.uid).split("@")[1].split(":")[0]}} 

foreach ($vmHost in $vmHosts) {

$VMHardwareInfo = get-vmhosthardware -vmhost $vmHost.name |select Manufacturer,`
Model,`
SerialNumber,`
CpuModel,`
CpuCoreCountTotal

  $ESXiInfo = New-Object -TypeName PSObject -Property @{ 
                        Name = $vmHost.name 
                        ConnectionState = $vmHost.ConnectionState
                        PowerState = $vmHost.PowerState 
                        NumCpu = $vmHost.NumCpu 
                        MemoryUsageGB = $vmHost.MemoryUsageGB             
                        MemoryTotalGB = $vmHost.MemoryTotalGB 
                        Version = $vmHost.Version 
                        Build = $vmHost.Build
                        MaxEVCMode = $vmHost.MaxEVCMode 
                        Cluster = $vmHost.Cluster
                        vCenter = $vmHost.vCenter 
                        Model = $VMHardwareInfo.Model 
                        SerialNumber = $VMHardwareInfo.SerialNumber             
                        CpuModel = $VMHardwareInfo.CpuModel 
                        CpuCoreCountTotal = $VMHardwareInfo.CpuCoreCountTotal 
                       
                    }      
        $report += $ESXiInfo



}


  $report | export-csv -path c:\temp\ESXiHardwareInfo.csv -notype

Wednesday, April 4, 2018

Azure: powershell one liner to set one user account password to never expire.

Install-Module -Name MSOnline
Connect-MsolService
$username = "username"
(get-msoluser -UserPrincipalName  $username | select -expand objectID).guid | %{Set-MsolUser -ObjectId $_ -PasswordNeverExpires $true}

Wednesday, September 20, 2017

Powershell : Certutil Find Expired Certs on CA server

Wrote this to get certificate expiration information for certificates that expired 5 days ago to ones that expire in 90 days. Wrap this around an invoke-command for remote query.
$Before = (get-date).adddays(90).ToString("MM/dd/yyyy")
$After = (get-date).AddDays(-5).ToString("MM/dd/yyyy")
<#

https://blogs.technet.microsoft.com/poshchap/2016/01/01/powershell-and-certutil-exe/
We create a date range with
$Before, i.e. certificates expiring before this date, and
$After, i.e. certificates expiring after this date. These values are converted into something that certutil can understand - $Restrict. This is then used with the certutil -restrict parameter.
#>
$Restrict = "NotAfter<=$Before,NotAfter>=$After"
$Report = @()
$cmd = & certutil.exe -view -restrict $Restrict -out "RequesterName,CommonName,Certificate Expiration Date","Certificate Template"

$SplitLines = $cmd.Split("`n`r")

$Index = 0
foreach ($line in $SplitLines){

    if ($line -like "Row*" ){
        $Details = New-Object PSObject 
        $Details | Add-Member noteProperty "RequesterName" $SplitLines[$index+1].split(":")[1].Replace("`"","").Replace(" ","")
        $Details | Add-Member noteProperty "CommonName" $SplitLines[$index+2].split(":")[1].Replace("`"","").Replace(" ","")
        $Details | Add-Member noteProperty "Certificate Expiration Date" $SplitLines[$index+3].split(':')[1].split(" ")[1].Replace(" ","")

        
        if ($SplitLines[$index+4].split(":")[1].Replace("`"","") -notlike "*1.*") {
            $TemplateName = $SplitLines[$index+4].split(":")[1].Replace("`"","").Replace(" ","")
        }
        Else {
        write-host "hit"
        $templatename = $SplitLines[$index+4].split(":")[1].Replace("`"","").split(" ")[2].Replace(" ","")
        }

        $Details | Add-Member noteProperty "Certificate Template" $TemplateName
        
        
        
        $report += $Details 
    
    }

    $Index++
}
$report

Tuesday, September 12, 2017

Powershell: Generate CSR

Wrote this function to generate SAN certificate requests. This isn't a robust solution, nor does it follow best practice, it is more of a hey it works with a Microsoft CA.


 #https://social.technet.microsoft.com/Forums/Lync/en-US/b4e27454-c60f-4346-9f7d-22214f49ab6f/create-inf-file-to-create-req-using-certreqexe?forum=winserversecurity

Found a more correct script after i wrote this here https://pscsr256.codeplex.com/

<#
.Synopsis
   Generate CSR by Tony Unger
.DESCRIPTION
   Generates CSR
.EXAMPLE
   new-csr -CommonName "test0.microsoft.com" -DNSNames $HostNames
.EXAMPLE
   new-csr -CommonName "test0.microsoft.com"
#>
function new-csr
{
    [CmdletBinding()]
    [Alias()]
    [OutputType([int])]
    Param
    (
        # Common name for request
        [Parameter(Mandatory=$true,
                   ValueFromPipelineByPropertyName=$true,
                   Position=0)]
        $CommonName,

        # SAN DNS names
        [string[]]
        $DNSNames
    )

    Begin
    {
    $Date = (Get-Date).ToString('ddMMyyyy')
    $ReqFile = "Cert_Req-$CommonName-" + "$Date" + ".csr"
    }
    Process
    {
        $InfFile = @"
        [NewRequest]`r
        Subject = "CN=$CommonName"`r
        KeySpec = 1
        KeyLength = 2048
        Exportable = TRUE`r
        RequestType = CMC`r
        [Extensions] 
        2.5.29.17 = "{text}" 
        _continue_ = "dns=$CommonName&"`n
"@
    foreach ($DNSName in $DNSNames){
        $InfFile =$InfFile + @" 
            _continue_ = "dns=$DNSName&"`n
"@


    }
    $InfFile
        $FinalInfFile = "Cert_Req_Inf-$CommonName-" + "$Date" + ".inf"
        New-Item $FinalInfFile -type file -value $InfFile -Force

        cmd /c "certreq -new $FinalInfFile $ReqFile"
    }
    End
    {
    }
}

$Hostnames = "test1.microsoft.com","test2.microsoft.com"
new-csr -CommonName "test0.microsoft.com" -DNSNames $HostNames

Thursday, July 6, 2017

Set non-domain windows server to use a KMS Server

REM List out KMS Servers
nslookup -type=srv _vlmcs._tcp

REM Set workgroup to use a particular KMS Server
slmgr.vbs /skms <KMS server>:<port>

Tuesday, May 9, 2017

Powershell: Get LUN ID with Diskspace

get-wmiobject Win32_DiskDrive | select name,caption, scsibus, scsilogicalunit, @{Name="size(GB)";Expression={"{0:N1}" -f($_.size/1gb)}} | sort-object name

Tuesday, October 18, 2016

Powershell: Change UPN on list of users

I needed a script to bulk change a list of users to a new UPN i came up with this.

#
$Users = gc c:\temp\users.txt | get-ADUser

foreach ($User in $Users)
$UserUPN = $User.UserPrincipalname
$UserUPNwithOutDomain = ([regex]::matches($UserUPN, "([^@]+)")).value[0]
Set-ADUser $User -userprincipalname "$UserUPNwithOutDomain@microsoft.com"
}