Posts

Showing posts from May, 2013

Vmware - VSA 5.1 Requirements

Batch - Get time from remote server write to csv audit log

Purpose: needed a hacked up batch file that was able to read time from a remote server and log to a CSV for user logon auditing. They may have been a better way to do this in batch, but after about 5 hours of looking i decided to just write my own. Wish i could have used powershell. Note:I found that using the net time //x.x.x.x command against a server can return different formatted results I think this script is able to handle the differences but i can not be certain without further testing @echo off REM Tony Unger REM REM login audit script REM For Log In Rem Writes to a CSV file REM Thanks to http://brisray.com/comp/batch3.htm for length checking in batch setlocal EnableDelayedExpansion for /f "delims=" %%i in ('net time \\servername') do (     if "!CurrentTime!"=="" (set CurrentTime=%%i) else (set CurrentTime=!CurrentTime!#%%i) ) echo %CurrentTime% Echo parse the Net Time command FOR /f "tokens=6,7,8" %%a IN ("%Curr…

Powershell: Get permissions on each vfiler cifs share.

Purpose: Get a list of all shares on each vfiler on each filer Notes: This script needs some work with the nested foreach loops and some error check cleanup.
Import-Module dataontap Function Get-ACLPermissions($Share){ $acl = Get-Acl -Path $Share return $ACL } $myCol = @() $AllNetappFiler = "filer03","filer02" foreach ($NetappFiler In $AllNetappFiler){ write-host "Scanning $NetappFiler" connect-nacontroller $NetappFiler | out-null $Vfilers = get-navfiler * | Select -expand Name foreach ($Vfiler in $Vfilers){ connect-nacontroller $Vfiler $vfiler $Shares = get-nacifsshare | Select -expand ShareName foreach ($Share in $Shares){ Write-Host "$Vfiler insideloop" #If $Vfiler Blank then scan shares on filer.. Need to add logic $fullpath = "\\$Vfiler\$Share" $ShareACL = Get-ACLPermissions $fullpath $o = 0 $ShareACL.Access | ForEach-Object { $Detail = New-Object PSObject …

Powershell: Gather all user objects and report lastlogon and lastlogontimestamp to CSV file

Purpose:
Connects to active directory and pulls a list of all user objects and create a report of lastlogon and lastlogontimestamp values

Note: This is something i did around midnight so i need to do further testing on this script to ensure the data is correct and the lastlogon value will only be from the DC the script is running against

#Tony Unger #Scans all user accounts and reports lastlogon and lastlogontimestamp attr. Import-Module ActiveDirectory $AllUsers = get-aduser -Filter * -SearchBase "DC=microsoft,DC=Com" -Property SamAccountName,Lastlogon,LastlogonTimeStamp | Select Name,UserPrincipalname,SamAccountName,@{Name='Last Logon Timestamp';Expression={[System.DateTime]::FromFileTime($_.LastLogonTimestamp).ToString('g')}},@{Name='Last Logon';Expression={[System.DateTime]::FromFileTime($_.LastLogon).ToString('g')}} $AllUsers | Export-Csv -Path "c:\Audit_UsersLastLogon.csv" -NoTypeInformation

Powershell: Read servers from AD and search for shares and return ACL permissions

Purpose:
Connects to active directory and pulls a list of all computer objects that are servers and check ACL permissions

Import-Module ActiveDirectory #Most of the information to do this was from this site. #http://blogs.technet.com/b/heyscriptingguy/archive/2009/09/14/hey-scripting-guy-september-14-2009.aspx Function Get-ACLPermissions($Share){ $acl = Get-Acl -Path $Share return $ACL } function Get-MyShares { #Function by #http://www.peetersonline.nl/2008/11/finding-shares-with-powershell/ param([string]$Server) $Shares = Get-WmiObject -Class Win32_Share -ComputerName $Server $output = @() ForEach ($Share in $Shares) { $fullpath = “\\{0}\{1}” -f $server, $share.name Add-Member -MemberType NoteProperty -InputObject $Share -Name FullPath -Value $fullpath $output += $Share } Return $output } #Path to where the CSV file is written to $PathtoCSV = "C:\temp\AuditACL.csv"…