Archive

Archive for August, 2012

Copy Group Memberships from one user to another

August 22, 2012 11 comments

Have you ever found yourself needing to copy 1 user’s group memberships to another user in order to make sure both had identical permissions needed for their daily job? I’ve had to do this far more times than I’d like to count. Typically it’s easiest to do this upon creation of the new user’s account because you can simply copy the source user’s account through Active Directory Users and Computers. But what if both users already exist?

Well the script below will help alleviate this issue by using Powershell in conjuction with the Quest AD Tools.

The first way to do this is to simply run the script within an IDE like PowerGUI Script Editor. Simply copy and paste the code listed below and then modify the source/target users and domain controller and the script should run on your machine.



add-pssnapin quest.activeroles.admanagement

#   Be sure to change "domaincontroller" to the domain controller which you want to make these changes on. You can use
#   the -UseGlobalCatalog switch if you'd like in order to make the changes to your GC 

connect-qadservice domaincontroller -credential (get-credential)  



$sourceuser = samaccountname                 
$targetuser = samaccountname                  


#   This will store all applicable groups into a variable called groupmembership

$groupmembership = get-qaduser $sourceuser | select -ExpandProperty memberof     

#    This will loop through all groups in groupmembership and apply the memberships

foreach ($group in $groupmembership) { add-qadgroupmember -identity $group -member $targetuser }     


The second way to do this is to simply build a reusable ps1 file which asks for params in order to complete the task. Simply copy and paste the code below into notepad then save as a .ps1 file.


###########################################################################
#
# NAME: Copy-GroupMemberships.ps1
#
# AUTHOR: Joshua Schofield
#
# COMMENT: Must have Quest Active Roles Installed
#
# EXAMPLE: c:\scripts\copy-groupmemberships.ps1 -domaincontroller MYDC01 -sourceuser JDOE -targetuser JSMITH
#
# VERSION HISTORY: 1
#
# VERSION DATE:    8/21/2012
#
# VERSION COMMENTS: Tested and Validated
#
#
###########################################################################


param (

	[Parameter(Mandatory = $true)]
	$SourceUser,
	
	[Parameter(Mandatory = $true)]
	$TargetUser,
	
	[Parameter(Mandatory = $true)]
	$DomainController
)

add-pssnapin quest.activeroles.admanagement -ErrorAction SilentlyContinue | Out-Null

#   You can use the -UseGlobalCatalog switch if you'd like in order to make the changes to your GC
connect-qadservice $DomainController -credential (get-credential)  

#   This will store all applicable groups into a variable called groupmembership
$groupmembership = get-qaduser $sourceuser | select -ExpandProperty memberof    

#    This will loop through all groups in groupmembership and apply the memberships
foreach ($group in $groupmembership) { add-qadgroupmember -identity $group -member $targetuser }     


Advertisements

Browse for File to POSH Variable

August 10, 2012 3 comments

After many months of getting tired of typing in an entire directory path when using the “Read-Host” command to import a text file or CSV file I went looking for commands to present a popup box to let me browse for a file, then have that file’s path be presented to a variable. This example shows that $file will be the file path for the file specified in the Get-FileName function.

A big thank you goes to the blog over at Sapien.com for showing me this wonderfulness ūüôā

http://www.sapien.com/forums/scriptinganswers/forum_posts.asp?TID=4115



Function Get-FileName($initialDirectory)

{

[System.Reflection.Assembly]::LoadWithPartialName("System.windows.forms") |

Out-Null



$OpenFileDialog = <strong>New-Object</strong> System.Windows.Forms.OpenFileDialog

$OpenFileDialog.initialDirectory = $initialDirectory

$OpenFileDialog.Title = "PowerShell Master Says...Select File:"

$OpenFileDialog.filter = "All files (*.*)| *.*"

$OpenFileDialog.ShowDialog() | Out-Null

$OpenFileDialog.filename


} #end function Get-FileName



# *** Entry Point to Script ***

$file = Get-FileName <em>-initialDirectory</em> "c:\"


Powershell VMWare Inventory

August 10, 2012 Leave a comment



###########################################################################
#
# NAME: VM Inventory
#
# AUTHOR: Joshua Schofield
#
# COMMENT: Script to use when wanting Datastore,Host,Name,PowerState,OS,IP, and vCenter server information for all VMs. 
#
#		   
# VERSION HISTORY: 6
#
# VERSION DATE:    08/10/2012
#			
#			
# PreReqs:   Must have vSphere Client and PowerCLI installed		
#					
#					
#					
#
###########################################################################

# Adding all snapins to current PS Session

Get-PSSnapin -Registered | Add-PSSnapin

# Set Variables for Outfile and vCenter Server(s)
$outfile = Read-Host -Prompt "Type the entire path and file name (c:\temp\test.csv) for output file:"
$vc = Read-Host -Prompt 'Enter vCenter Server FQDN or IP Address (If multiple type @("hostname","hostname2"):'

# Popup Window asking to input credentials
[System.Reflection.Assembly]::LoadWithPartialName(‚ÄúSystem.Windows.Forms‚ÄĚ) | Out-Null
[Windows.Forms.MessageBox]::Show("Please Supply Your vCenter Server Credentials in the next Window‚ÄĚ,0, [Windows.Forms.MessageBoxButtons]::OK, [Windows.Forms.MessageBoxIcon]::Information)
$vccred = (Get-Credential)

# Connect to vCenter Server
Connect-VIServer -Server $vc -Credential $vccred

Write-Output "Datastore,Host,VMName,FQDN,Power,OS,IP,vCenter Server" | Out-File $outfile -Force # -Force will overwrite any existing file

Get-Datastore -Server $vc | Sort-Object {$_.name} | % {

$datastore = $_.name

Get-VM -Datastore $datastore | select name,powerstate | % {

$name = $_.name
$power = $_.powerstate
$vmhost = $_.vmhost

Get-VMGuest $name | select hostname,osfullname,ipaddress | % {

$hostname = $_.hostname
$os = $_.osfullname
$ip = $_.IPaddress

Write-Output "$datastore,$vmhost,$name,$hostname,$power,$os,$ip,$vc" | Out-File $outfile -Append

}}} 



Find CD Drive Letter(s)

August 10, 2012 1 comment

I was presented with an issue the other day where I needed to mount an ISO to a VM, then run a program which was housed on that CD Drive. I could not find a central, easy way using PowerShell to find what the letter the CD Drive was so I decided I would create one. I know this could have been done with WMI, but I decided I would go a different route for this occasion since I have used FSUTIL for other items in the past.

First off we start off by querying all drives on the machine using the FSUTIL command, we then pipe these results to our variable of $drives. Line 1 will give us a result of the drive letters that are in use on the machine. With line 2 we are actually getting rid of part of the content of the $drives variable. We do not want to have the “Drives: ” content in our variable. Now that this is complete we can then split up our $drives variable into an array. We do this by using the .split function. This allows us to break up our variable into multiple parts, in this case we are telling PowerShell to break up the $drives variable everywhere there is a space, this is indicated by the ” ” portion.

Now that we have broken our variable up into an array we can now perform a foreach loop to determine each drive letters type. This foreach loop can be completed by typing “ForEach” or “%” either will start the loop. Once that loop completes writing the results to the $drivetype variable we can then process each CD Drive that resides on the host machine.

Once complete you should have $cddrive representing the drive letter (i.e. E:\) of your CD Drive or Drives.

$drives = fsutil fsinfo drives
$drives = $drives -replace "drives: ",""
$drives = $drives |%{$_.split(" ")}
$drivetype= $drives | %{fsutil fsinfo drivetype $_}
$cddrive = $drivetype | where {$_ -like "*CD*"}
$cddrive = $cddrive -replace " - CD-ROM Drive",""
$cddrive
Categories: Windows OS

Hello WordPress world!

August 10, 2012 2 comments

Welcome to my blog. After nearly 10 years of doing system admin work, I have finally decided to start a blog discussing what I do.

I hope you all enjoy my tidbits about Powershell and other system admin related topics.

 

Categories: Uncategorized