Windows 8 and PowerShell

Posted on September 14, 2011 by Dalle

 

 

image

The Windows 8 Developer Preview is released.
It can be found at http://dev.windows.com

If you want to test it in an Virtual Environment VMWare Workstation 7.x won’t work.
But in Oracle Virtual Box it works fine!

I installed It because of PowerShell Version 3 Smile

Here is some screenshots…

image

image

image

image

image

image

image

 

PowerShell in Windows 7

image

PowerShell in Windows 8

image

To see some differences between PowerShell in Win 8 and Win 7:
 

Get-Command | where { $_.commandtype -eq “Cmdlet” }
Get-Command | where { $_.commandtype -eq “Function”}
Get-Command | where { $_.commandtype -eq “Alias” }

(Get-Command | where { $_.commandtype -eq “Cmdlet” }).count
(Get-Command | where { $_.commandtype -eq “Function” }).count
(Get-Command | where { $_.commandtype -eq “Alias” }).count

V2

CMDLETS
236
Functions
37
Alias
137

V3

CMDLETS
376
Functions
522
Alias

146

More PS stuff from Win 8 will come later on…

image

Posted in PowerShell | Tagged , | 11 Comments

First look at the new PowerShell FB Module

Posted on August 18, 2011 by Dalle

I saw this module earlier today and I have been looking for something
like this for a while so I have been playing around with It for for an hour or so.

You can download It here.

Install it with the msi file and then open up PowerShell ISE.
Hmmmm, not my favorite thing, but It will not work from the PowerShell prompt.

Then type

Import-Module Facebook

And to make a connection file you need to type

New-FBCconnection

And then login to Facebook

image

And grant the “Application” rights to your FB account.

image

To get a list of the commands for the FB module just type

Get-Command –module Facebook

image

 

To get the number of friends you have:

(Get-FBFriends).count

or Get-FBFriends to get a list with name of all FB Friends

 

I like this and I hope to get Remove-FBFriend.

I have lots of FB “Friends” that I got because of some FB Games and It’s hard to delete 600+ users manually Smile

Posted in PowerShell | Tagged , , | 4 Comments

ADCS Certificate Expiration Report Tool

Posted on August 9, 2011 by DXter

I want to start with a little disclaimer: The real credits for this tool does not really belong to me. This tool is using the really wonderful PSPKI PowerShell module from http://pspki.codeplex.com/ and all credits should go them for making this wonderful piece of work public. I just format the output that those cmd-lets provide into a HTML based report.

A very common problem people have with certificates is that they realize that it’s time to renew their certificates… after they have expired! Winking smile

 

To be able to get a web based report of the certificates in an ADCS CA that is about to expire within 30 days, I wrote this small script today on the train on my way to work. It accepts two switches, –computername of the CA (which defaults to local computer if not specified) and –reportfile (defaults to a HTML-file on the current users desktop).

 

image

The script can be run locally on the CA if desired.

 

This opens up the report.

 

image

The report contains all certificates that are expiring within 30 days. This can be edited in the script.

 

I want to thank a small group of people for their input during the day.

 

Ludwig “Ludde” Nilsson = for cosmetic input regarding the HTML report.

Stefan Schörling = for his support, thoughts and feedback during the development of this script.

Kerim Sidia = for validation of “intelligent” design.

Niklas Goude = for his clever idea regarding detection of the PSPKI module.

Hasain Alshakarti = for a good note about that the filtering is client based (very large ADCS databases will take longer time to process).

 

Please note that this is a simple proof of concept and is not done or complete in any way. I will continue to work on this and include many more switches, etc.… but I wanted to show you guys already now what can be done if people share their knowledge and work together.

 

The code to the script is embedded below.

 

PKI and ADCS is fun, so go out and play! Winking smile

 

// Fredrik “DXter” Jonsson

 

#ADCS Certificate Expiration Report Tool
#Made by Fredrik “DXter” Jonsson (dxter@poweradmin.se) 2011-08-09
#http://www.poweradmin.se

#Get input strings
param(
  [string] $computername = “$ENV:COMPUTERNAME”,
  [string] $reportfile = “$ENV:USERPROFILE\Desktop\acert_certificate_expiration_report.html”
   )

#Start stopwatch
$totalTime = New-Object -TypeName System.Diagnostics.Stopwatch
$totalTime.Start()

#Credits
Write-Host
Write-Host “ADCS Certificate Expiration Report Tool ” -ForegroundColor “Yellow”
Write-Host “by Fredrik “”DXter”" Jonsson (dxter@poweradmin.se)” -ForegroundColor “Yellow”
Write-Host

if(Get-Module -ListAvailable -Name PKI | Where-Object { $_.name -eq “PKI” })
{
#Import PSPKI PowerShell module
if(Get-Module -Name PKI | Where-Object { $_.name -eq “PKI” })
{
Write-Host “PSPKI PowerShell module already imported…” -ForegroundColor “Yellow”
}
else
{
Write-Host “Importing PSPKI PowerShell module…” -ForegroundColor “Yellow”
Import-Module -Name PKI
}
Write-Host

#Set variables
Write-Host “Setting variables…” -ForegroundColor “Yellow”
Write-Host
$caname = $computername.ToLower()
$domaindns = $ENV:USERDNSDOMAIN.ToLower()
$todaysdate = Get-Date
$findaldate = $todaysdate.AddMonths(1)
$htmlpre = “<P>Generated by user: $ENV:USERNAME</P><P>The following certificates expire before $findaldate</P>”
$htmlpost = “<P>Certificate expiration information retrived from $caname.$domaindns</P>”
$htmltitle = “Certificate expiration information from $caname.$domaindns”
$htmlinput = Get-CertificationAuthority “$caname.$domaindns” | Get-IssuedRequest -Filter “NotAfter -ge $(Get-Date)”, “NotAfter -le $((Get-Date).AddMonths(1))”

#Generate report
Write-Host “Generating report…” -ForegroundColor “Yellow”
Write-Host
$htmlinput | ConvertTo-Html -Body (Get-Date) “Report date:” -Property RequestID,RequesterName,CommonName,NotBefore,NotAfter,SerialNumber -Pre $htmlpre -Post $htmlpost -Title $htmltitle | Out-File -FilePath $reportfile

#Open report
Write-Host “Opening report…” -ForegroundColor “Yellow”
Write-Host
Invoke-Item $reportfile

#Warning if PSPKI is not installed
}
else
{
Write-Host “PSPKI is not installed. Please install it from http://pspki.codeplex.com/ ” -ForegroundColor “Yellow”
Write-Host
}

#Stop stopwatch
$totalTime.Stop()
$ts = $totalTime.Elapsed
$totalTime = [system.String]::Format(“{0:00}:{1:00}:{2:00}”,$ts.Hours, $ts.Minutes, $ts.Seconds)
Write-Host “Process total time: $totalTime” -ForegroundColor Yellow
Write-Host

Posted in PKI, PowerShell | Tagged , , | 18 Comments

Poweradmin.se now on Facebook and Twitter

Posted on August 4, 2011 by Dalle

facebook-icontwitter-icon2

Poweradmin.se are now on Facebook with a Facebook page.
It’s a place where you easily can interact with us.

We have also created a Twitter user to post and interact on Twitter.
@poweradmse, http://twitter.com/#!/poweradmse

Hope to see you there Smile

Posted in Fun | Tagged , , | 3 Comments

Problem to add and create deployment shares in MDT 2010

Posted on July 27, 2011 by Dalle

ammo-4-icon

I had some problems (major ones) with my local MDT 2010 last night.

After a day with lots of scripting against MDT 2010 with PowerShell my MDT 2010 installation just gave me errors when I wanted to add a new deployment share or when I wanted to open old ones:

object reference not set to an instance of an object
Microsoft.BDD.Wizards.Controls.DeploymentPointProgress.WizardProcessing

In my workbench the Deployment Shares folder was empty, no shares there. But when I looked in the user.config file I found that DS004 was in use there.

So my solution was to delete the whole file and restart the workbench.
The file can be found here, C:\Users\currentUser\AppData\Roaming\Microsoft\Microsoft Deployment Toolkit.

[Update]
DXter sent me this PowerShell oneliner after that I wrote this blog post, 

Remove-Item -Path “$ENV:USERPROFILE\AppData\Roaming\Microsoft\Microsoft Deployment Toolkit\user.config”

Thanks buddy!

Posted in Deployment, PowerShell | Tagged , , | 4 Comments

New release of PowerGUI

Posted on July 21, 2011 by Dalle

image

The people from PowerGUI just released a new version.
Latest new version is 3.0.0.2015 (2011-07-21).

As I often say, PowerGUI is and will always be my favorite
PowerShell Editor. And I use the free version.

For information about all new features take a look at
Kirks blog post here.

Posted in PowerGUI, PowerShell | Tagged , | 4 Comments

Office 2010 SP 1

Posted on July 18, 2011 by Dalle

[Updated]

Microsoft Office 2010 SP 1 has been released and you can get good information from here,
http://technet.microsoft.com/en-us/office/ee263913.aspx

ee694644_Security_Comprehensive_Alerts_lg(en-us,MSDN_10)

Downloads and information about changes for admin templates can be found there.

If you work with desktops and desktops applications you will like the Office 2010
News and Highlights RSS feed,
http://services.social.microsoft.com/feeds/feed/Office2010NewsAndHighlights

Posted in Deployment, office 2010 | 3 Comments

It’s time to upgrade from XP

Posted on July 12, 2011 by Dalle

It’s only 1000 day left of the extended support (EOS) for Windows XP.
So It’s time to upgrade.

If you want to know exactly how many days It’s left every day you can install the
EOS Windows XP Desktop gadget.

image

http://www.microsoft.com/download/en/details.aspx?id=11662

Posted in Bios | Tagged , , | 2 Comments

WINSEC crew @ Microsoft Sommarkollo 2011

Posted on June 30, 2011 by DXter

Yesterday myself, Hasain Alshakarti and Göran Melvås (all three of us are members of Swedish Windows Security User Group) had a live session at Microsoft Sweden about Forefront Identity Manager Certificate Management 2010 (FIM-CM 2010).

 

I wanted to thank all you guys that attended our three hour long session about ADCS, PKI, smartcards, readers and everything related inside and outside FIM-CM in real life. And it was really fun to meet some of you guys from ITProffs as well! Smile

 

Our presentation and our “how-to-automatically-install-and-configure-adcs-in-7-seconds” PowerShell script will be available on Hasain’s blog on http://secadmins.com. The recording for yesterday will show up there as well (including the demo we didn’t have time for to complete)

 

Some of you guys may thought that I joked, but I am serious about my challenge! If any of you guys can beat my record and install ADCS in less than 7 seconds, I buy you lunch! It’s a promise! Winking smile

 

Here are some pictures from yesterday. The thanks for the pictures goes to my colleague and friend Per “Nimmsis” Sjökvist.

 

image

Myself and Göran Melvås on stage.

 

image

All three of us live on stage. Smile

// Fredrik “DXter” Jonsson

Posted in PKI | Tagged , , , | 2 Comments

Disable Java Update

Posted on June 28, 2011 by Dalle

When installing Java in an corporate environment with more
computers then 1-10, Java Update can be annoying when
you install Java 32-bit and Java 64-bit on all computers.

You can add arguments to your installation, but It will not work as good as you want.
The trick is to add some registry entries to both the 32-bit environment and the 64-bit.

image

And the easy way is to use GPP, Group Policy Preferences.
Make a new policy and just add 4 entries like the picture above and then It’s all right.

Thanks to Fredrik “Mumin” Holmström for the part with 64-bit.

Posted in Deployment, Windows 7 | Tagged , , , | Leave a comment