The text file needs to contain a list of VMs 1 per row.
Example:
vm1
vm2
vm3
This script will perform several functions. First it will shut the vm down, second it verifies the vms are shut down ( user intervention ), third it will snapshot each vm in order and finally will power each vm back on. This is the safest way I have been able to find to do snapshots.
#Connecting to VI-Server
Connect-Viserver -Server vCenterServer
####Variables####
$VMs = get-content "C:\Lists\vms.txt"
$Today = (Get-Date).ToString(“MM-d-yy”)
$SnapshotName = "$Today - Snapshot"
####Functions####
#This Function Shutsdown the VM's in the $VMs List
Function Shutdown{
foreach ($VM in $VMs){
get-vm -Name $VM | Shutdown-VMGuest -confirm:$false
Write-Host "Shutting $VM down."
}
Write-Host "Waiting 2 minutes for VM's to shutdown"
Sleep 120
}
#This Function Lists Power State of all the VMs then Verifies with the User that all VMs are shutdown
Function ShutdownVerify{
Write-Host "Verifying all VM's in $VMs are Powered Off."
foreach ($VM in $VMs){
$pwr = (Get-VM $VM).PowerState
if ($pwr -eq "PoweredOn"){
Write-Host -Foregroundcolor red "$VM is $Pwr"
}elseif ($pwr -eq "PoweredOff"){
Write-Host -Foregroundcolor green "$VM is $Pwr"
}
}
$u = Read-Host = "Any VMs Still Powered on? [Yes] or [No] (Case Sensitive)"
if ($u -match "No"){
Write-Host "Running Snapshot Script...."
}elseif ($u -match "Yes") {
Write-Host "Waiting 2 minutes..."
Sleep 120
ShutdownVerify
}
}
#This Function Snapshots each server in the $VMs list.
Function Snapshot{
ForEach ($VM in $VMs)
{
#Create snapshot for today
New-Snapshot -Name $SnapshotName -VM $VM
Write-host "$VM Snapped"
}
Sleep 5
}
#This Function Power's on all the VMs in the $VMs List
Function PowerOn{
foreach ($VM in $VMs){
Write-Host "Starting $VM"
Start-VM -VM $VM
Write-Host "$VM started"
}
}
#Calling each function in order
Shutdown
ShutdownVerify
Snapshot
PowerOn
Monday, December 8, 2014
Friday, August 29, 2014
Active Directory Powershell Function - Get-UserLockout
The function below is used for looking up the Locked out status of an Active Directory User. Usage is:
Get-UserLockout username
Active Directory Powershell Module required.
function Get-UserLockout
{
Param(
[Parameter(Mandatory=$True,Position=1)]
[string]$Username
)
Get-ADUser $Username -Properties * | Select Lockedout }
Rich
Get-UserLockout username
Active Directory Powershell Module required.
function Get-UserLockout
{
Param(
[Parameter(Mandatory=$True,Position=1)]
[string]$Username
)
Get-ADUser $Username -Properties * | Select Lockedout }
Rich
Friday, September 7, 2012
Script for changing AD Attribute "PasswordNotRequired" for a list of users
Vulnerability came up recently where 90% of our user accounts in Active
Directory were incorrectly setup with an attribute called
"PasswordNotRequired" set to true. This would enable an Administrator
to set a blank password for a user. This attribute is not configurable via the
GUI, so PowerShell it!
First I needed to list out all the users with this attribute set. Active directory module has the command we will need for this task.
Get-ADUser -Filter * -Properties * | Select Name, DisplayName, PasswordNotRequired
This will list all the users and their settings for that particular attribute. Now I ended up Exporting this to CSV which can be done with the Export-CSV command. After which I was able to copy out the Name section of each user with the setting True to a text file.
Now to the meat of this little script.
The first line of this code I am getting the content of the text file I created. The contents of the text file look like this:
User1
User2
User3
$Users = Get-Content "C:\lists\userlist.txt"
Next is 4 lines of code that go through each user in the textfile and sets the setting "PasswordNotRequired" to "False"
Foreach ($User in $Users){
$Cmd = Get-ADUser -Identity $User
$Cmd.PasswordNotRequired = "FALSE"
Set-ADUser -Instance $Cmd}
This little 5 line script saved hours of time for my team. This is why I enjoy scripting with PowerShell.
Rich
First I needed to list out all the users with this attribute set. Active directory module has the command we will need for this task.
Get-ADUser -Filter * -Properties * | Select Name, DisplayName, PasswordNotRequired
This will list all the users and their settings for that particular attribute. Now I ended up Exporting this to CSV which can be done with the Export-CSV command. After which I was able to copy out the Name section of each user with the setting True to a text file.
Now to the meat of this little script.
The first line of this code I am getting the content of the text file I created. The contents of the text file look like this:
User1
User2
User3
$Users = Get-Content "C:\lists\userlist.txt"
Next is 4 lines of code that go through each user in the textfile and sets the setting "PasswordNotRequired" to "False"
Foreach ($User in $Users){
$Cmd = Get-ADUser -Identity $User
$Cmd.PasswordNotRequired = "FALSE"
Set-ADUser -Instance $Cmd}
This little 5 line script saved hours of time for my team. This is why I enjoy scripting with PowerShell.
Rich
Tuesday, August 28, 2012
PowerShell: Use WMI to get logged in users
First we have to get a list of the computers. I used the get-adcomputer cmdlet for this task.
Get-ADComputer -Filter {operatingsystem -like "*professional*"} | select -Expand Name > c:\lists\computers.txt
This command will list all computers with Professional in the name.
Then using WMI I use the list i created above to output a list of all the computers and the logged in user if there is one.
Get-WmiObject -Class Win32_Computersystem -Computer (Get-Content "c:\lists\computers.txt") | Select Name, UserName | out-gridview
I use these commands for my servers with just a quick edit to the filter in the first command. This helps me after a patch cycle to make sure there are no users logged into any of the servers.
Thats it for now.
Rich
Get-ADComputer -Filter {operatingsystem -like "*professional*"} | select -Expand Name > c:\lists\computers.txt
This command will list all computers with Professional in the name.
Then using WMI I use the list i created above to output a list of all the computers and the logged in user if there is one.
Get-WmiObject -Class Win32_Computersystem -Computer (Get-Content "c:\lists\computers.txt") | Select Name, UserName | out-gridview
I use these commands for my servers with just a quick edit to the filter in the first command. This helps me after a patch cycle to make sure there are no users logged into any of the servers.
Thats it for now.
Rich
Friday, August 24, 2012
Powershell Tip: Copying commands from Get-History
Wanted to copy a command out to the clipboard without having to edit the output, Using a new-alias and get-history I was able to accomplish this.
Found a new-alias to output to the clipboard
new-alias Out-Clipboard $env:SystemRoot\System32\clip.exe
Using this new alias along with get-history
PS C:\Scripts> get-history
Id CommandLine
-- -----------
1 get-adcomputer -filter * -properties * | where {$_.operatingsystem -lik...
2 get-history
3 get-adcomputer -filter *
4 get-history
5 cls
PS C:\Scripts>
I wanted to get just the command in line 1, so I piped out all the properties of line 1
Get-History 1 | Select *
PS C:\Scripts> Get-History 1 | Select *
Id : 1
CommandLine : get-adcomputer -filter * -properties * | where {$_.operati
ngsystem -like "*Professional*"} | FT Name, Operatingsyste
m, Description
ExecutionStatus : Stopped
StartExecutionTime : 8/23/2012 10:13:39 AM
EndExecutionTime : 8/23/2012 10:13:55 AM
PS C:\Scripts>
Seeing that there is a property for CommandLine and it looks like it contains the whole commandline as it was run I then tested to make sure that it would show me the information I was looking for
(Get-History 1).CommandLine
PS C:\Scripts> (Get-History 1).CommandLine
get-adcomputer -filter * -properties * | where {$_.operatingsystem -like "*Prof
essional*"} | FT Name, Operatingsystem, Description
PS C:\Scripts>
Sure enough it looks like it contains what I wanted so putting this together with my New-Alias Out-Clipboard
(Get-History 1).CommandLine | Out-Clipboard
Dumps the command directly into the clipboard to be pasted into your documentation exactly as you ran it.
get-adcomputer -filter * -properties * | where {$_.operatingsystem -like "*Professional*"} | FT Name, Operatingsystem, Description
I think that's pretty cool.
Found a new-alias to output to the clipboard
new-alias Out-Clipboard $env:SystemRoot\System32\clip.exe
Using this new alias along with get-history
PS C:\Scripts> get-history
Id CommandLine
-- -----------
1 get-adcomputer -filter * -properties * | where {$_.operatingsystem -lik...
2 get-history
3 get-adcomputer -filter *
4 get-history
5 cls
PS C:\Scripts>
I wanted to get just the command in line 1, so I piped out all the properties of line 1
Get-History 1 | Select *
PS C:\Scripts> Get-History 1 | Select *
Id : 1
CommandLine : get-adcomputer -filter * -properties * | where {$_.operati
ngsystem -like "*Professional*"} | FT Name, Operatingsyste
m, Description
ExecutionStatus : Stopped
StartExecutionTime : 8/23/2012 10:13:39 AM
EndExecutionTime : 8/23/2012 10:13:55 AM
PS C:\Scripts>
Seeing that there is a property for CommandLine and it looks like it contains the whole commandline as it was run I then tested to make sure that it would show me the information I was looking for
(Get-History 1).CommandLine
PS C:\Scripts> (Get-History 1).CommandLine
get-adcomputer -filter * -properties * | where {$_.operatingsystem -like "*Prof
essional*"} | FT Name, Operatingsystem, Description
PS C:\Scripts>
Sure enough it looks like it contains what I wanted so putting this together with my New-Alias Out-Clipboard
(Get-History 1).CommandLine | Out-Clipboard
Dumps the command directly into the clipboard to be pasted into your documentation exactly as you ran it.
get-adcomputer -filter * -properties * | where {$_.operatingsystem -like "*Professional*"} | FT Name, Operatingsystem, Description
I think that's pretty cool.
Subscribe to:
Posts (Atom)