IT-Yogi

Flexibla lösningar!

Följ mig

twitterlinkedinby feather

Quickly set new DNS servers on a certain subnet

November 6, 2013 by Lars Gustavsson Leave a Comment

A customer wanted to change and validate the DNS configuration on a subnet so I created this script.

PowerShell
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
# Script that replaces or sets a random set of DNS servers on every networkadapter with a certain default gateway.
# Version 1.0
# Created by: Lars Gustavsson Knowledge Factory
 
# Creates two variables to randomly select between.
$0 = "10.0.10.10,10.0.10.11"
$1 = "10.0.10.11,10.0.10.10"
 
#Getting the IP configuration on all interfaces with a manually configured gateway.
$Interfaces = Get-NetIPConfiguration | Where-Object {$_.IPv4DefaultGateway.NextHop -eq "10.0.10.254" -and $_.IPv4Address.PrefixOrigin -eq "manual"}
 
#Looping through all the interfaces and setting the DNS servers.
foreach ($interface in $interfaces){
$DNS = Get-Random -InputObject $0, $1
Set-DnsClientServerAddress -InterfaceAlias $interface.InterfaceAlias -ServerAddresses $DNS
}

Filed Under: Skript

Automatiskt skapa websiter från CSV-fil

October 16, 2013 by Lars Gustavsson 2 Comments

 

Följande script använder en specifierad CSV-fil som indata för att skapa upp kataloger, apppooler, samt identitet på appoolen och hostheaders.

 

PowerShell
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
# Script that setups several websites with apppools and directories from a configuration stored in a csv file.
# Created by: Lars Gustavsson
# Version: 1.1
# Changelog: 1.0 Created.
#            1.1 Added creation of hostheaders and some handling of empty values in CSV.
#
# Instructions:
# If you are running the script manually, copy all the files and subfolders to c:\temp and set the current directory to c:\temp.
# Make sure to set the execution policy to unrestricted with "set-execution policy unrestricted"
# Editing of local policy is done with a function done by Kyle Neier http://www.sqlservercentral.com/blogs/kyle-neier/2012/03/27/powershell-adding-accounts-to-local-security-policy/
 
#Setting variables
 
#Path to CSV-File.
$ACLfolder = "Folders.csv"
 
#Importing the module for IIS administration.
Import-Module webadministration
 
#Importing function for editing local policy
. .\SetLocalPrivilege.ps1
 
#Creating an object with the content of the CSV-file.
$CreateConfig = import-csv $ACLfolder
 
#Looping through each line in the CSV-file.
ForEach ($item in $CreateConfig){
#Creating the folder specified.
if ( ![string]::IsNullOrEmpty($item.FullName)){
New-Item $item.FullName -type Directory
}
 
#Creating the Application Pool and IIS-Website
if ( ![string]::IsNullOrEmpty($item.AppPool)){
$apppool = "IIS:\\AppPools\" + $item.AppPool
New-Item $apppool
New-Item $item.VirtualDirectory -bindings $item.Binding -physicalPath $item.FullName
#Modifying the site to use the Application Pool
Set-ItemProperty $item.VirtualDirectory -name applicationPool -value $item.AppPool
 
#Checking if the Application Pool should be run with a user account or with Application Pool Identity
if($item.AuthType -eq "User"){
 
#Giving the user the right to start services
Add-LoginToLocalPrivilege $item.UserName "SeServiceLogonRight"
 
#Setting the Application Pool Identity and Settings
$ChangeAppPoolUser = Get-item $apppool
 
$ChangeAppPoolUser.processmodel.identityType = 3
$ChangeAppPoolUser.processmodel.username = $item.Username
$ChangeAppPoolUser.processmodel.password = $item.AppPoolPassword
$ChangeAppPoolUser.processmodel.loadUserProfile = "True"
$ChangeAppPoolUser | set-item
}
else {
Set-ItemProperty -Path $apppool -Name processmodel.identityType -Value 4
}
}
#Giving the application pool user modify rights to the folders.
if ( ![string]::IsNullOrEmpty($item.FullName)){
$acl = Get-Acl $item.FullName
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule($item.UserName, "Modify", "ContainerInherit, ObjectInherit", "None", "Allow")
$acl.AddAccessRule($rule)
Set-Acl $item.FullName $acl
}
 
#Add more host headers to Website if specified in CSV
if ( ![string]::IsNullOrEmpty($item.HostHeader)){
 
$hostheader = $item.HostHeader
$binding = @{protocol="http";bindingInformation="*:80:$hostheader"}
New-ItemProperty $item.VirtualDirectory -Name Bindings -Value $binding
}
 
}

Skapa en CSV fil enligt följande exempel:

“FullName”,”UserName”,”AppPool”,”VirtualDirectory”,”Binding”,”AuthType”,”AppPoolPassword”,”HostHeader”

“C:\Site1″,”DOMAIN\AppPoolUser”,”Site1″,”IIS:\Sites\Site1″,”@{protocol=”http”;bindingInformation=”*:80:hostheader.domain.suffix”},”User”,”Password” “E:\Site2″,”DOMAIN\AppPoolUser2″,”Site2″,”IIS:\Sites\Site2″,”@{protocol=”http”;bindingInformation=”*:80:”},”Identity” “E:\Logdirectory”,”DOMAIN\AppPoolUser2″ “”,””,””,”IIS:\Sites\Site2″,””,””,””,”another.hostheader.com”

För att skriptet ska fungera behöver du scriptet SetLocalPrivilege från Kyle Neier

Ändra rad 101 från:

[ValidateSet(“SeManageVolumePrivilege”, “SeLockMemoryPrivilege”)

till:

[ValidateSet(“SeManageVolumePrivilege”, “SeLockMemoryPrivilege”,”SeServiceLogonRight”)]

Tack Oscar Virot för lite hjälp med variabelhanteringen.

 

Filed Under: Skript

Automatiskt maila användare vars certifikat håller på att gå ut.

October 7, 2013 by Lars Gustavsson Leave a Comment

Mail users whose certs expired
PowerShell
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# Script that mails users whos certificate is about to expire.
# Created by: Lars Gustavsson
# Version: 1.0
# Changelog: 1.0 Created
#
# Instructions:
# Change the varibles for days when the certificate expires, the certificate server to use and the certificate template to filter by.
# Make sure to set the execution policy to unrestricted with "set-execution policy unrestricted"
 
#Importes the PSPKI Module, it needs to be installed first, download from http://pspki.codeplex.com/releases/view/110129
import-module PSPKI
 
$Template = "SmartCard"
$CAServer = "caserver.domain.suffix"
#Days which to search for expired certificates in.
$Days = "14"
$MailFrom = "IT-Servicedesk@domain.suffix"
$SMTP = "smtp.domain.suffix"
$Subject = '"Your smartcard certificate is about to expire"'
 
$UserRcpts = Get-CertificationAuthority $CAServer | Get-IssuedRequest -Property CertificateTemplate,UPN -Filter "NotAfter -ge $(Get-Date)", "NotAfter -le $((Get-Date).AddDays($Days))","CertificateTemplate -eq $Template"
 
ForEach ($User in $UserRcpts) {
 
$MailRcpt = $User.UPN
$date = $MailRcpt.NotAfter
$MailBody = '"Your smartcard expires ' + $date + ', please contact IT-Servicedesk to renew! You need your smartcard to your computer."'
 
#Looks up the users email in Active Directory.
$Mail = Get-ADUser -filter {(UserPrincipalName -eq $MailRcpt)} -Properties Mail
 
#Checking that a mail was found before sending.
if ($Mail.Mail -ne $Null)
{
Write-host "Send-MailMessage -To" $Mail.Mail "-Body $MailBody -From $MailFrom -Subject $Subject -SmtpServer $SMTP"
}
}

 

Skriptet bygger på att du har modulen PSPKI installerad från http://pspki.codeplex.com/releases/view/110129

 

 

Filed Under: IT, Skript

Ämnen

  • Health
  • IT
    • Skript
    • Solutions (English)

Senast skrivet

  • Protected: Video
  • Fitness, health and movement
  • Installera serverroller från xml del 2
  • Installera serverroller från xml
  • Quickly set new DNS servers on a certain subnet

Bloggegor

  • Fredrik Pålerud
  • Henrik Ericsson
  • Jimmy Andersson
  • Johan Arwidmark
  • Kim Hellman
  • Oscar Virot
  • Simon Wåhlin
  • Tobias Öien
  • Tomas Lepa

Arkiv

Recent Comments

  • Installera serverroller från xml del 2 | IT-Yogi on Automatiskt skapa websiter från CSV-fil
  • Installera serverroller från xml del 2 | IT-Yogi on Installera serverroller från xml
  • Remembers that casting variables is sticky | Tidbits of Information from Virot on Automatiskt skapa websiter från CSV-fil

Copyright © 2021 · BlogNews Theme on Genesis Framework · WordPress · Log in