PowerShell: Get Current User’s Security Permissions

I was writing a little script and thought that needs to ensure it has sufficient privileges. I thought it would be more useful to find if the current user is part of any of the built in user roles. Here is my effort:

function
Get-CurrentUserRoles {

    $SecurityPrinciple
=
New-Object
-TypeName
System.Security.Principal.WindowsPrincipal
-ArgumentList ([System.Security.Principal.WindowsIdentity]::GetCurrent())

    $RolesHash
= @{}

    [System.Enum]::GetNames(“System.Security.Principal.WindowsBuiltInRole”) | ForEach-Object {

        $RolesHash[$_] =
$SecurityPrinciple.IsInRole([System.Security.Principal.WindowsBuiltInRole]::$_)

    }

    $RolesHash

}

 

PS C:\> Get-CurrentUserRoles

 

Name Value

—- —–

Administrator True

User True

Guest False

PowerUser False

AccountOperator False

SystemOperator False

PrintOperator False

BackupOperator False

Replicator False

 

 

PS C:\> (Get-CurrentUserRoles).Administrator

True

 

PS C:\> (Get-CurrentUserRoles).Guest

False

 

 

As you can see, you get back PowerUser, Administrator, SystemOperator, etc.

Categories: PowerShell

Team Foundation Services and PowerGUI – Using PowerShell with Version Control

April 29, 2013 15 comments

Version control allows you and others to work on the same scripts, check them in and out, etc. By following these steps, it is possible to use version control system for PowerShell as well as a number of other programming languages.

For PowerShell, PowerGUI is by far my favourite GUI/Script Editor, it is free, far superior to ISE (which is improving) and my preference to PrimalScript. Although PowerGUI is my preference for PowerShell development, for pretty much all other scripting, PrimalScript is superb.

Primal’s PowerShell Studio is an excellent PowerShell GUI/Script Editor. It has a similar feature set to PowerGUI, with some advantages and some disadvantages- one thing that it excels at is PowerShell GUI development.

One thing that PowerGUI, PowerShell Studio and PrimalScript all have in common, is that they support the MSSCCI provider/Source Control Plug-in API. The following guide shows you how to install the provider and configure PowerGUI to use it.

Requirements

Installation Instructions

As there are many options for TFS, I will not go into installation and setup of TFS. For the examples, I will be using Team Foundation Services Online.

  1. Install the PowerGUI Script Editor.
  2. Accept the license agreements and install the defaults.
  3. Launch setup for Team Explorer for Visual Studio 2012.
  4. Agree to the license agreement and press the Install button.
  5. Press the ‘Launch’ button once installation has completed.
  6. Launch the Microsoft Visual Studio Team Foundation Server 2012 MSSCCI Provider. This is the 32-bit installer and is required for PowerGUI and other script editors.

Configure Team Foundation Server Explorer

  1. Press the ‘Connect to Team Foundation Server’ and press the ‘servers’ button.
  2. Press ‘Add…’ and enter details of the Team Foundation Server. Press OK. (you may be prompted to sign in)
  3. Press the close button.
  4. Select the Team Projects you wish to import. Press ‘Connect’.
  5. Click the Source Control Explorer link.
  6. Right click and choose ‘Add Items to Folder’. Choose a PowerShell Script to upload.

Configure PowerGUI to use Team Foundation Server

  1. Launch PowerGUI Script Editor.
  2. Select the ‘Tools’ menu -> ‘Options’.
  3. Select ‘Version Control’. Select ‘Team Foundation Server MSSCCI Provider’. Click Advanced.
  4. Select Check In and press OK, and OK again.
  5. PowerGUI will now have a ‘Version Control’ menu.
  6. Choose ‘Get Files from Version Control’.
  7. The Team Foundation Server should be available in the list. Click OK.
  8. Expand $/ and select the project beneath.
  9. Click the ‘Browse’ button. Create a new folder for the local copy of the script repository.
  10. Press OK.
  11. After a few moments (depending on speed of connection to the TFS server) an Open dialog will be shown.
  12. Open the sample script.

Using Team Foundation Server with PowerGUI

  • Creating a new script in the folder linked with the repository will cause it to be uploaded to TFS.
  • Modifying a script checks it out.

Find All Old Files The PowerShell Way

Last week, a colleague asked for help to find files older than a certain date. For this, it appears that Symantec NetBackup has a bug where if it is performing a backup with files that are created with a date older than 01/01/1980, NetBackup performs a full system backup instead of differential. Symantec have knowledge article TECH23000 (opens in new window) about it ‘STATUS CODE 0: INCREMENTAL backups run as a FULL backup despite the last FULL having backed up all files with Status 0. The bpbkar log reports “folder <folder_name> has been created recently (since 11/9/02 11:35:32 AM). It will be backed up in full.”’

The article discusses methods of resolving this behaviour- that include performing the following command “C:\dir *.* /S /TC >C:\creation.txt” (which is incorrect and should be dir “c:\*.* /S /TC >C:\creation.txt“) but does not give any suggestion as to how to find the offending items.

Being on a Windows 2008 server, I thought that as this server is running Windows Server 2008, PowerShell is installed and would provide the easiest way. Here is the script that I cam up with:

$OldestDate = Get-Date "29/02/2012" # Set the oldest date. Enter it in the local date/time format.
$Files = @() # Define $Files variable as an empty array.
$Drives = Get-WmiObject Win32_Volume | Where-Object {($_.DriveType -eq 3) -and ($_.Label -ne "System Reserved")} # Get a list of volumes from wmi, and find drivetype 3 (local disk) that do not have the volume label "System Reserved"
foreach ($Drive in $Drives)
{ 
 Get-ChildItem -Path ($Drive.DriveLetter + "\") -Recurse | foreach {if ($_.CreationTime -le $OldestDate) {$Files += $_}
} # get each file, test if it's creation time isolder than $OldestDate and add to $files}
$Files | Format-Table FullName, CreationTime #Format $Files as a table for display. Could also Export-CSV or the like.

PowerShell Script to Download SysInternals Suite Files

February 28, 2012 Leave a comment

Below is a very simple PowerShell script to copy any new or newer versions of the SysInternals tools:

Set-Locationc:\temp\Sysinternals
$SysInternals=Get-ChildItem \\live.sysinternals.com\tools\*-Exclude *.txt, *.scr
foreach ($Filein$SysInternals) {
    if (Test-Path$File.Name) {
        if ($File.LastWriteTime-ne (get-Item$File.Name).LastWriteTime) {
            Write-Host$File.Nameis out of date. Downloading new version…   
            Copy-Item$file-Force
}
#end If LastWriteTime
            else {
               Write-Host$File.Nameis up to date.
}
#end If LastWriteTime
        } #end Test-Path
    else {
        Write-Host$File.Nameis new. Downloading…
        Copy-Item$file-Force
}
#end else Test-Path
} #end foreach $file

Configuring Windows 2008 R2 Core on VMware ESXi

January 16, 2012 Leave a comment

Pre-Requisites

  • ESX(i) 4.1 or higher (as we will use the PVSCSI controller as the boot device. I use ESX 5.0 in this example.
  • Microsoft Windows Server 2008 R2 iso image on a datastore.
  • The Core Configuration 2.0 (x64) iso image– This simplifies updating the drivers.

Installation Steps

Create a new Virtual Machine.

  1. Create a new VM.
    New_VM_-_Custom
  2. Select Configuration ‘Custom’.
  3. Name the virtual machine.
    New_VM_-_Datastore
  4. Select a suitable datastore.
    New_VM_-_Virtual_Machine_Version
  5. Select ‘Virtual Machine Version: 8’
  6. Select Guest Operating System ‘Windows’, Version ‘Windows Server 2008 R2 (64-bit)New_VM_-_CPUs
  7. Select the number of CPU virtual sockets and cores according to your needs.
  8. Select the amount of memory according to your needs.
  9. Set ‘How many NICs do you want to’ to how many NICs you require. Select the network and set the adapter to ‘VMXNET3’.
  10. Set the SCSI controller to ‘VMware Paravirtual’
  11. Select to create a new disk. Choose the capacity of the new virtual disk and the Disk provisioning type.
  12. Leave the advanced options to the default values.
  13. Click the ‘Edit the virtual machine settings before’ and press Continue.
  14. Go into the options tab, Advanced –> Boot Options. Select ‘EFI’ Firmware type.New_Virtual_Machine_-_Firmware
  15. In the Hardware tab, select ‘New CD/DVD (adding)’. . Tick the ‘Connect at power on’. Check the ‘Datastore ISO file:’ and press Browse. Select your ISO image. Change_DVD_Image
  16. Select ‘New Floppy (adding)’. Tick the ‘Connect at power on’. Check the ‘Use existing floppy image in datastore:’ and press Browse.
  17. Look in the ‘Datastores\vmimages\floppies’ folder and select ‘pvscsi-Windows2008.flp’
    Floppy_image
  18. Click Finish.

Install Windows 2008 R2 Core

  1. Open the VM’s console.
  2. Power on the VM.
  3. Press any key to boot from the DVD. If you miss it (it can be too quick for the console to react), press Ctrl+Alt+Insert (that sends a ctrl+alt+del to the VM. Try again.
  4. When setup has started, select you regional settings. Press Install Now.
  5. Select the Windows version.
    Windows_Server_2008_-_Server_Core
  6. Accept the EULA.
  7. Choose a ‘Custom (advanced)’ installation.
  8. On the ‘Where do you want to install Windows?’ page, click the ‘Load Driver’ link. Press the OK button.
  9. On the ‘Select a driver to be installed.’ dialog, ensure ‘VMware PVSCSI Controller (A:\amd64\pvscsi.inf)’ and press ‘Next’ .
    Select_a_driver
  10. Back in the ‘Where do you want to install Windows?’ page, ‘Disk 0’ should appear. Click ‘Next’
  11. Windows will install.

Configure Windows 2008 R2 Core

  1. Once Windows is installed, confirm the Administrator password and log on.
  2. You will be presented with a command prompt. From the VM console’s toolbar, select the ‘Connect/disconnect the CD/DVD device of the virtual machine’ button and select ‘CD/DVD drive 1’ –> ‘Disconnect from the datastore image’
  3. From the VM console’s menu bar, choose ‘VM’ –> ‘Guest’ –> ‘Install/Upgrade VMware Tools’.
  4. Run the setup program from the command prompt. Type ‘D:’ press enter, type ‘setup’ and press enter again. VMware_Tools_-_Install_Typical
  5. Install the VMware Tools using all of the default options. Allow setup to reboot the operating system once installation has completed. The NIC drivers, VMware keyboard and VMware mouse will be installed.
  6. Log back in.
  7. Select the ‘Connect/disconnect the CD/DVD device of the virtual machine’ button and choose ‘Connect to ISO image on a datastore’. Locate and choose the Microsoft Core Configuration iso image.
  8. Start Core Config by typing ‘D:’ and pressing enter, type ‘Start_Coreconfig.wsf’ and press enter.
  9. A dialog asking to install the .NET Framework and Microsoft PowerShell appears, press the ‘Yes’ button.Core-Config_-_Install_PowerShell
  10. Press the ‘Control Panel’ button, press ‘Add drivers’.
  11. Press the ‘Have Disk…’ button. Navigate to ‘C:\Program Files\Common Files\VMware\Drivers\wddm_video’ and select ‘vm3d.inf’.
  12. The updated driver driver will be installed. Exit the Core Configuration and restart the VM again. The VM restart at a higher resolution, with better mouse precision and you will be able to pass the edges of the window. The Core Configurator tool is very useful for configuring a Windows Core server, you can use it to install and remove features, configure and perform Windows updates, Remote Desktop and Remote management, computer name, domain membership, DC Promo and licensing.

Building a DD-WRT Image In vSphere 5.0

October 7, 2011 10 comments

Introduction

I have a need to put a router between my test ESXi 5.0 server and my network. At home, I use a Linksys E3000 (both 2.4Ghz & 5Ghz Wireless-N, gigabit) router, with OpenSource DD-WRT custom firmware. There is a x86 variant that can be downloaded, people mention in the forums about using it on old PCs, I thought I would give making a VM a go.

Pre-Requisites

    1. An installed copy of ESXi 5.0 (this is almost certain to work on 4.0, but not 3.5)
    2. The DD-WRT x86 Image. I chose the VGA public image. This is a free version, limited to 4096 connections (fine for my purposes) and without Wi-Fi support. The image that is used is here.
    3. physdiskwrite – A Windows tool for writing raw images to a hard disk.
    4. An existing Windows image.
      Installation

      Creating the Virtual Machine

  1. Create a virtual Machine. Select a configuration type of Custom.
    New_VM_-_Custom
  2. Name the VM something appropriate.
  3. Select a datastore for the Virtual Machine.
  4. Select ‘Virtual Machine Version: 8’ (if using ESXi 4.0, using version 7)
    New_VM_-_Virtual_Machine_Version
  5. For Guest Operating System type, choose ‘Linux’ and select ‘Other 2.6.x Linux (32-bit) from the drop down.
    New_VM_-_Guest_Operating_System
  6. Choose 1 virtual sockets, with one core per virtual socket.
    New_VM_-_CPUs
  7. Choose 512MB RAM.
    New_VM_-_RAM
  8. Select the appropriate number of NICs (nearly always 2), E1000, and choose the port groups. (I have found that the first NIC is assigned to the WAN)
    New_VM_-_NICs
  9. SCSI Controller, choose any. This will be replaced.
  10. Choose not to create a disk.
    New_VM_-_No_Disk
  11. Tick Edit the virtual machine settings before.
  12. In the Virtual Machine Properties, click Add. Select Hard Disk.
    New_VM_-_Add_Hard_Disk
  13. Select ‘Create a new virtual disk’
    New_VM_-_Create_New_Virtual_Disk
  14. Make the capacity of the disk 1GB. I chose to make it Thin Provisioned.
    New_VM_-_1GB_Cpacity
  15. Set the Virtual Device Node to IDE (0:0)
    New_VM_-_IDE
  16. Press OK, then Finish. Wait for the VM to be created.

Install the image to the Disk

  1. Choose your Windows VM. Power it off if necessary.
  2. Edit the Windows VM’s properties. Press Add.
  3. Select a Hard Disk.
  4. Choose ‘Use Existing Virtual Disk’
    Edit_VM_-_Add_Exiting_Virtual_Disk
  5. In Advanced Options, ensure that the Virtual Device Node is ‘IDE (0:0)’
  6. Click OK, then Finish. Power on the Windows VM.
  7. Load PhysGUI (make sure you elevate it)
  8. Ensure that you select the ‘VMware Virtual IDE Hard Drive ATA Device’, right click select ‘Image laden’ –> ‘Öffinen’. Select the downloaded DD-WRT image.
    PhysGUI_-_Select_Image
  9. Click OK through the prompts.
    PhysGUI_-_Remove_2GB
  10. Wait until the disk completes writing. Shut down the VM.
    PhysGUI_-_Write_to_Disk
  11. Edit the Windows VM’s properties. Select the DD-WRT virtual disk and press remove. Ensure ‘Remove from virtual machine’ is selected. Click OK.
  12. Start up the DD-WRT VM.

Connecting to the Router

    1. Load another VM on the same LAN as the router. Ensure that it is configured to automatically obtain an IP address.
    2. It should be assigned an IP by the DD-WRT router’s DHCP server service. You can see this by performing an ipconfig (if using a Windows client)
    3. Presuming that you have an IP address, use the web browse to connect to 192.168.1.1
      DD-WRT_System_Information
    4. It will ask to set the username and password. Note that if you SSH into the router at a later point, it will use the username ‘root’ with the password set here.
      DD-WRT_-_Set_Creds
    5. You are presented with the DD-WRT System Information page. This will show the current hardware, configuration, DHCP client list, etc.

vSphere 5.0 Released!

August 25, 2011 Leave a comment

vSphere 5.0 has been released. Download your copy today.

Categories: Uncategorized
Follow

Get every new post delivered to your Inbox.

Join 124 other followers