Blog

  • Cloud – Return Enterprise-wide Google Drive File Metadata as SQL Database
    If you are managing an enterprise, you’ll undoubtedly run into storage usage concerns. Cloud storage can be relatively expensive. Some good housekeeping is vital. But, how do you determine what to clean up? There are…
  • Azure – Get Group MFA Registration Info
    If you’ve deployed multifactor authentication (MFA) at an enterprise scale, you’ll know it can be fraught with challenges. You may need to deploy to individual departments, or perhaps take a phased approach and deploy in…
  • OSINT – Find Similar Images on the Web
    I recently had a unique challenge present itself. A local had shared a screenshot of an image in a social media group I am in. I had the suspicion that this screenshot might have been…
  • Cloud – Enterprise Gmail Mass-Mailer
    If you’ve ever needed to perform mass-mailing operations within an enterprise, you’ll know there are a lot of considerations. Being able to bypass filters and rate limits for different platforms may be necessary to send…
  • PowerShell – Execute Scriptblock as Current User
    Here’s a script I’ve put together that will retrieve the current user sessions from a remote host using psexec.exe. Then, it executes a scriptblock using the current user session context. Simple, but very powerful. I…
  • Cloud – Retrieve Google Drive Contents by User or Drive ID
    Recently, a challenge presented itself in migrating a large archive of data from a Google Drive location (frankly, a rather costly storage option) to a local NAS storage device. I have been using PSGSuite to…
  • Cloud – Search and Destroy Malicious Emails From End Users’ G-Suite Mailboxes
    If you are using managing an enterprise, you will undoubtedly encounter malicious emails targeting your end users. Ideally, you could delete these messages from within your end users’ mailboxes. Normally, this is a premium feature,…
  • IAM – PowerShell – Manual Entra Connect Sync via Script
    Recently, the need for others to be able to force a manual sync from on-prem Active Directory (AD) to Entra became apparent. I knew this could be done with PowerShell, so I got to work…
  • Cloud- Synchronize Profile Photos Between Federated Domains (Google, Azure)
    Synchronization of profile photos between Google’s G Suite and Azure is not supported by the built-in Azure Provisioning engine. This must be accomplished by some other means. In my case, of course, I look to…
  • Cloud – Synchronizing Disablements Between Federated Domains (Azure, Google)
    When configuring provisioning between Azure and Google federated domains, you will likely reference Microsoft’s documentation on configuring their canned provisioning Enterprise Application at https://learn.microsoft.com/en-us/entra/identity/saas-apps/g-suite-provisioning-tutorial. There is more information here as well: https://learn.microsoft.com/en-us/entra/identity/app-provisioning/configure-automatic-user-provisioning-portal. The procedure outlined…
  • Linux – Configure Debian to Authenticate w/ Active Directory
    A unique problem recently presented itself- how to allowing multiple users to access a Linux VM in a secure fashion. Generic user accounts seemed like a poor idea to me, as they would likely end…
  • PowerShell – Identify VMs w/ Particular OS in vSphere
    With CentOS 7 reaching its end-of-life on June 30th of this year, it would be a good idea to identify any VMs with that particular OS. Doing so manually could prove tedious. Personally, I subscribe…
  • ConfigMan – Teams – Disable Teams Autorun with PowerShell
    Teams’ default behavior is to launch automatically upon user login. This can be undesirable for a myriad of reasons, and can be managed with Group Policy with a couple of caveats. The first is that…
  • PowerShell – ConfigMan – Convert OUs to Collections
    With ConfigMan application deployments, it’s good practice to, when applicable, divide large groups up and take a staged approach at deployment. I’ve found myself multiple times creating multiple collections containing the objects within an Active…
  • PowerShell – Active Directory – Convert AD Name Formats
    Many of the ActiveDirectory PowerShell module cmdlets expect the distinguished name format. I find this somewhat inconvenient, as this format does not read as nicely as the canonical name format that so many of us…
  • PowerShell – AD Cleanup – Get Extraneous Group Membership
    If you have an Organizational Unit (OU) in Active Directory (AD) containing a large number of users, and you need to ensure these users are not members of any other groups, or perhaps that they…
  • Azure – Fixing AAD Connect Sync Not Starting Post-Reboot
    Some months ago, a problem was noticed with one of our servers that hosts the Azure AD Connect Sync service. After a reboot, the service did not automatically start back up as expected; and, upon…
  • PowerShell – Extract Text From .PDF Files
    A unique challenge presented itself the other day- to extract text from .PDF files. I found the iText-based PSwritePDF module in the PowerShell Gallery that offers this capability; however, I found it to be an…
  • PowerShell – Get Uninstall String Info from Registry
    I’ve put together a simple function to extract the Uninstall String information from the Windows Registry. This is convenient for identifying the binary location and arguments to uninstall a given win32 application. Or, if the…
  • PowerShell – Get Additional Application Info
    The common method used to return win32 application information from a Windows device via PowerShell is ‘gwmi win32_product.’ This returns the more pertinent IdentifyingNumber, Name, Vendor, Version, and Caption properties, as shown in the below…
  • PowerShell – Get AD User’s Last Logon Time
    Here’s a simple little function I put together that will accept a user’s name in First Last format, and then return their last logon time information from AD. Here is the GitHub link: https://github.com/p8nflnt/SysAdmin-Toolbox/blob/main/Get-AdUserLogonTime.ps1
  • PowerShell – Send Email Notifications for VPN Connectivity Loss & Restoration
    I’ve put together a simple script to perform a ping test against an endpoint across a VPN connection to confirm VPN connectivity. If the endpoint can’t be pinged, it sends an email notification to your…
  • PowerShell – Get Windows Host Info with PsExec
    Over the past several days, I have been exploring the idea of retrieving information for diagnostic purposes from Windows hosts using PsExec of the Sysinternals suite. This is something that might make sense for a…
  • PowerShell, Reddit, Confetti, and Rick Astley
    The other day, I came across this Reddit post on r/sysadmin: https://reddit.com/r/sysadmin/s/FkC30bMxCJ The OP explains that his CEO has requested that he make confetti appear on everyone’s screen simultaneously to celebrate a milestone. I found…
  • PowerShell – Convert PsExec-run Cmdlet Output Strings Back to Objects, Properties, & Values
    I have been experimenting with using PsExec of the Sysinternals suite to gather information from remote Windows systems for diagnostic use. I’ve found it to be a powerful tool, especially when integrated with PowerShell scripts….
  • PowerShell – Programmatically Determine the Primary User of a Device
    Configuration Manager includes the device property and concept of UserDeviceAffinity, with which the Primary User of a device can easily be determined and referenced. But, what if your environment does not have MECM in place?…
  • PowerShell- Launch Applications With Other User Context Within Interactive Session
    There are many reasons one might want to establish a workflow in which they can quickly launch PowerShell or the ISE with alternative credentials from their interactive session, such as executing a script with a…
  • Azure – Malicious Authentication Emulation and Mitigation
    The attack surface of a cloud tenant should get a lot of consideration. It is important to understand that some legacy protocols, like SMTP, are not capable of accommodating multifactor authentication; and, although they are…
  • PowerShell – Indulging the Memosphere – Invoke-Tune Function
    I let my curiosity get the better of me, and I put together a PowerShell function for the purpose of creating music using PowerShell’s built-in console beep feature. And, in the very essence of internet…
  • PowerShell- UltimateOCD Update + Demo
    For the gentleman requesting assistance with my UltimateOCD script, I have revised it further to allow you to easily provide some parameters like the target directory, directory exclusions, and a custom temporary directory path. In…
  • Build Your Own “Lab Hydration Kit”
    When performing iterative development or testing work, it is critical to be able to quickly stand up a “clean slate” environment. The concept behind the hydration kit is to be able to rapidly “hydrate” a…
  • Thoughts on Obfuscation of Botnet C2 Communications
    This afternoon, while mountain biking, I was listening to a cybersecurity podcast about botnets. The gentleman on the episode was discussing detection of unknown botnets by looking at recurring patterns from the level of a…
  • Homelab – SSD Types and VM Performance
    The idea that Solid-State Drives (SSDs) have superior performance when compared to the Hard Disk Drives (HDDs) of yesteryear has become common amongst administrators. And, for many applications, SSDs have now proven themselves. Many administrators…
  • Preliminary Batch Job Version – Ultimate Oracle Client Deinstaller
    This is for the gentleman that kindly requested a modification of my UltimateOCD script to allow for batch deployment. Please note that this preliminary example is untested. I will be testing and revising in the…
  • JavaScript – Bot Repellant – Obfuscation
    For obvious reasons, it is not a good idea to have your contact information displayed in plaintext on the web. Webcrawlers and bots do exist, and will use RegEx to pick emails and phone numbers…
  • PowerShell – Update to Ultimate Oracle Deinstaller
    A few months back, I had built what I dubbed the “Ultimate Oracle Client Deinstaller.” It could handle the deinstallation of Oracle database clients 11g, 12c, and 19c to include having multiple clients installed- even…
  • PowerShell – Add + Trust PsGallery & NuGet
    If you do a lot of PowerShell work, you may find yourself frequently using NuGet or PsGallery. I’ve put a couple functions together that quickly add the PsGallery repository and NuGet respectively, and add trust…
  • PowerShell – Add Hosts to AD Group
    Here’s another simple script I put together. It allows you to specify a Security Group in Active Directory, and add a list of hosts to this group. Simple, but yet another tool that every SysAdmin…
  • PowerShell – Get OS By Device Name
    Here’s a basic script I put together to generate a .CSV report of the operating system for a given list of device names. A handy tool for any sysadmin to add to their repository.
  • PowerShell – Get Affiliated Devices by User
    The Configuration Manager PowerShell module contains the Get-CMUserDeviceAffinity cmdlet to allow one to use an AD user object to search for devices that the user is the Primary User for. I’ve written a script which…
  • Homelab – Hardware Hacking – Add Custom Pi Pico Controls to USB Switch
    A USB switch is a convenient piece of hardware to have in your homelab if you’d like to interact with multiple boxes from your same mouse and keyboard. I have one that from the factory,…
  • PowerShell – CM Uninstall Collections + Deployments Tool
    To maintain a healthy environment, providing capability for other supporting teams to remove applications using CM may be desirable. One way this might be arranged is to provide the ability to place devices in predetermined…
  • PowerShell – Save Updates And Import to WSUS
    Since Internet Explorer has now been deprecated, there is a need to import updates to WSUS natively without the installation of additional browsers. I’ve found that some of the functionality can be accomplished with Microsoft…
  • PowerShell – Add/Modify Registry Key
    Creating or modifying registry keys in PowerShell is a task that comes up frequently when working with Windows. I’ve put together a function that will check for and create a registry key if it does…
  • PowerShell – Report CM Application Information
    A common problem with applications in Configuration Manager is that an uninstall command has not been specified for many applications. This tends to cause the accumulation of technical debt. As applications age, it will eventually…
  • PowerShell – Ultimate Oracle Client Deinstaller
    I’ve put together a PowerShell deinstall script for Oracle clients that I’m dubbing the Ultimate Oracle Client Deinstaller. This deinstall script clears relevant environment variables and creates a .RSP file using Oracle’s deinstall.bat utility. It…
  • PowerShell – Set AD Security Group Membership
    Here’s a script that I wrote to allow you to provide a list of machine names and set the membership of an Active Directory security group. It outputs the initial membership count to the console,…
  • Homelab – Virtual Network Configuration
    In my home lab environment, I find it convenient (most of the time) for my devices to be able to communicate with one another unimpeded. Doing so allows for simple file transfer, to use RDP,…
  • PowerShell- Clearing Nullified Environment Variables
    I have posted before on the nuances of handling environment variables with PowerShell. I recently encountered an issue where I found a shortcoming of some of my previous scripting work. I was unable to clear…
  • Homelab- Active Office Cooling
    Earlier this year, I rewired my basement to create individual circuits for my garage and office. Before, the entire basement (including the garage) was all on one circuit. I decided I was tired of having…
  • Fix “SQL Availability Replica Disconnected”
    If you are using Always On Availability Groups in SQL, you may encounter connectivity issues between nodes if there has been a change in configuration of the nodes. When I encountered this issue, the nodes…
  • Generate Email List From CM Primary User Data
    Let’s say you want to perform an ad-hoc test deployment. You build a small test collection and go to deploy, but wait – you ought to do your due diligence and notify the primary users…
  • Parallel vs. Serial Execution – Improving PowerShell Script Performance
    If you often use scripts utilizing Foreach loops, you’re going to want to read this. Serial execution of this sort of loop is commonplace. But, did you know, by utilizing workflows, you can execute a…
  • WQL Query Optimization & Collection Evaluation Run Time
    As an engineer working with CM, it is likely you will find yourself running SQL reports to identify collections that may potentially be utilizing sub-optimal query-based membership rules. If these queries have been poorly written,…
  • Scripted Restart of Service – Azure Update Management
    If you are using Update Management to handle patching of Windows VMs in Azure, you are bound to see devices display in the “Not Assessed” compliance state from time to time. To remedy this, one…
  • Formatting A Disk for OSD from CM – Error 0x8007000F
    When performing an Operating System Deployment (OSD) from Configuration Manager (CM), it is a common occurrence to encounter error 0x8007000F- Failed to Stage WinPE. WinPE is the Windows Preinstallation Environment in which one will authenticate…
  • Querying Systems for Specific Hotfix – Patching Pro Tips
    Let’s say you’re patching Windows devices, and you install a cumulative update. But, while evaluating patching success, you find there is a required hotfix that was not made available to your devices until after the…
  • Scripted ID of Remnant Objects in SCCM for Cleanup
    Oftentimes, you will find that MECM (SCCM) will get cluttered over time. Forgotten objects that are no longer deployed will begin to pile up. In the name of good housekeeping, one may periodically wish to…
  • Nuances of Referencing Environment Variables from PowerShell
    If you are installing an app such as a database client, you may encounter the need to reference environment variables. There are times where it is absolutely beneficial to do this from within a Powershell…
  • Bypass Deferred Restart For Urgent Powershell Application Deployment via MECM
    If a reboot is required for an application installation, you should likely attempt to force the device to reboot using the, “Should Configuration Manager enforce specific behavior regardless of the application’s intended behavior” drop-down menu…

Find posts from the past: