I am trying to dump the contents of only the live adapters to a csv file, for later importing.
The issue was the usage of $_. below.
$colNicConfigs = Get-WMIObject Win32_NetworkAdapterConfiguration | where { $_.IPEnabled -eq "TRUE" }
#loop over each adapter
foreach ($objNicConfig in $colNicConfigs)
{
$objnic=Get-WMIObject Win32_NetworkAdapter | where {$_.deviceID -eq "$objNicConfig.Index" }
#$strname=$objnicconfig.description.split(":")[0]
#replace strname above when testing against actual server since no dot1q defined on my wks
$strname="MGMT:Something"
$connid=$_.NetworkConnectionID
$ipaddr=$_.IPAddress(0)
$ipsm=$_.IPSubnet(0)
$dg=$_.DefaultIPGateway
}
# create dictionary entries
$report = #()
$report += New-Object psobject -Property #{Name=$strname;ConnID=$connid;IP=$ipaddr;SM=$ipsm;DG=$dg}
$report | export-csv .\nic.csv
Your initial issues are the use of "$underscore" within your foreach loop. If you want to reference properties of the $objNicConfig you will use that in place of the "$underscore". So instead of $connid=$_.networkConnectionID you would use $connid=$objNicConfig.networkConnectionID
Also IpAddress and IPSubnet are not methods they are properties, so dropping the (0) will return the write info. If your NIC has multiple IPs I cannot attest to how this will display as my machine does not, that I'm testing on.
Other things I see is that you will need to nest another foreach loop in there in order to reference both WMI namespaces...so something like:
$colNicConfigs = Get-WMIObject Win32_NetworkAdapterConfiguration | where { $_.IPEnabled -eq "TRUE" }
foreach ($objNicConfig in $colNicConfigs)
{
foreach($objnic in (gwmi win32_networkadapter | where {$_.DeviceID -eq $objNicConfig.Index}))
{
$strName = "MGMT:Something"
$objNicConfig.NetworkConnectionID
$objNicConfig.IpAddress
$objNic.IPSubnet
$objNicConfig.DefaultIPGateway
}
}
The above code is what I used to return info on the NICs of my computer.
Now with the "dictionary entries" section. You will not be able to reference the variables within your foreach loop in the manner of adding a psobject. You are only going to capture the last one found within the foreach loop code. If you want to first collect the information in your foreach loop and then use it later down in your script I would suggest looking at hash tables for this.
Related
I'm trying to write a script that interacts with a Rest API to make changes in active directory (I know that doesn't make a lot of sense, but it's how our company does things). The change is to modify the homeDirectory attribute of a list of users belonging to a specific security group. The user's aren't all in the same domain, but are in the same forest and are registered in the global catalog.
So far, this is what I have that works:
function get-groupusers{
$memberlist = get-adgroup -filter "name -eq 'group.users'" -server "server.domain.com" -property member |select -expandproperty member
$GlobalCatalog = Get-ADDomainController -Discover -Service GlobalCatalog
foreach ($member in $memberlist){
get-aduser -identity $member -server "$($GlobalCatalog.name):3268"
}
}
$sAMAccountName = (get-groupusers).samaccountname
This is the part I'm running into problems with:
foreach($an in $SamAccountName){
$json = #{
input = #{
key = "homeDirectory"
value = "\\filepath\$an"
}
}
}
The goal here, is to convert the hashtables into json (the required format for interacting with the API), and save it in the following format (note, the "input" "key" and "value" keys are all what the API actually uses, not just substitutions):
{
"input":{
"key":"homeDirectory",
"value":"\\\\filepath\\$an"
},
{
"key":"homeDirectory",
"value":"\\\\filepath\\$an"
}
}
But right now, the foreach loop just overwrites the $json variable with the last set of hashtables. The loop is iterating over the list correctly, as I can put a convertto-json|write-host cmdlet in it but then the $an variable outputs as "#(samaccountname="$an") instead of just whatever the $an actually is.
If my guess is right and you want a resulting Json as the one shown in your question (with the exception that, as mclayton stated in comments, the input property value should be wrapped in [...] to be an array) then this should do it:
$json = #{
input = #(
foreach($an in $SamAccountName) {
[ordered]#{
key = "homeDirectory"
value = "\\filepath\$an"
}
}
)
}
$json | ConvertTo-Json -Depth 99
I have this bit of code :
$servers = Import-Csv "sources.csv"
$computername = $servers.server
$ServiceName = $servers.services
sources.csv contains the following..
Server,Services
BRWS40,winrm
BRWS84,winrm
I have then a foreach, and the Write-Host is within that, it output this:
Write-Host "$computername - $ServiceName" -ForegroundColor black -BackgroundColor red
Output from above I get is:
BRWS40 BRWS84 - winrm winrm
Whereas I was wanting to have one computer and service per line.
BRWS40 - winrm
What am I doing wrong?
I amended the code from here.
$servers = Import-Csv "sources.csv" imports the content of sources.csv as a list of custom objects into the variable $servers.
$computername = $servers.server selects the value of the server property of each object into the variable $computername, thus generating a list of computer names.
$ServiceName = $servers.services selects the value of the services property of each object into the variable $ServiceName, thus generating a list of service names.
Note that $array.property will only work in PowerShell v3 and newer, because earlier versions don't automatically unroll the array to get the element properties, but try to access the property of the array object itself. If the array doesn't have such a property, the result will be $null, otherwise it will be the value of the property of the array. Either way it won't be what you want. To make the property expansion work across all PowerShell versions use Select-Object -Expand or echo the property in a ForEach-Object statement:
$computername = $servers | Select-Object -Expand server
$computername = $servers | ForEach-Object { $_.server }
When you put array variables in a string ("$computername - $ServiceName") the array elements are joined by the $OFS character (space by default), so "$computername" becomes BRWS40 BRWS84 and "$ServiceName" becomes winrm winrm.
To get the corresponding service name for each computer you need to process $servers in a loop, for instance:
foreach ($server in $servers) {
Write-Host ('{0} - {1}' -f $server.Server, $server.Services) ...
}
If you don't need a specific output format you could also use one of the Format-* cmdlets, for instance Format-Table:
Import-Csv "sources.csv" | Format-Table -AutoSize
You actually have to loop through your result:
$servers = Import-Csv "sources.csv"
$servers | %{
$computername = $_.server
$ServiceName = $_.services
write-host "$computername - $ServiceName" -foregroundcolor black -backgroundcolor red
}
or use the Format-Table cmdlet:
$servers | Format-Table
The task at hand is to compare permissions from a source folder with a target folder, and this for all its sub folders. I've already created the function that does this check on one folder, which returns $True or $False.
I would like to know if it's possible to create a function that calls itself to be executed on every sub folder it finds to call Test-ACLequalHC. So that when it blocks or errors out in one of the sub folders, due to permission issues or something else, it can still continue with the others.
Something like a crawler, if that makes sense. Ideally it would be great if it could run in parallel. I read that a Workflow is most suited for this, but I've never used it before.
Unfortunately it's not possible to just do $AllSubFolders = Get-ChildItem -Recurse followed by a foreach, because there are over thousands of files and folders under the root folder. So it needs to be dynamically so that we can do extra stuff on every folder it finds, like say if Test-ACLequalHC results in $False on one folder, we can still call other functions to set the permissions correct or add the result to a CSV.
Permission test:
Function Test-ACLequalHC {
[CmdletBinding(SupportsShouldProcess=$True)]
Param(
[parameter(Mandatory=$true,Position=0)]
[ValidateScript({Test-Path $_})]
[String]$Source,
[parameter(Mandatory=$true,Position=1)]
[ValidateScript({Test-Path $_})]
[String]$Target,
[parameter(Mandatory=$true,Position=2)]
[ValidateSet('Access','Owner','All')]
[String]$Type
)
Begin {
$Props = Switch ($Type) {
'Access' {'Access', 'AreAccessRulesProtected'}
'Owner' {'Owner'}
'All' {'sddl'}
}
}
Process {
$CompParams = #{
Property = $Props
ReferenceObject = Get-Acl $Source #| Sort-Object
DifferenceObject = Get-Acl $Target #| Sort-Object
PassThru = $True
}
$Result = Compare-Object #CompParams
if ($Result -ne $null) {
Write-Output $false
}
else {
Write-Output $True
}
}
}
It would be great if it could check files to, for inheritance and that no extra permissions are added. But I'll add that stuff later on myself if I find out how to make such a crawler thingy that digs its way through the folder structure.
Thank you for your help.
Ok, I think your aversion of doing Get-ChildItem -Recurse is something you're going to need to get over. If you are only looking at directories use the -directory switch for Get-ChildItem. It's a provider level switch so it will speed things up dramatically.
Next, what I think you need to consider is the Ad--Member cmdlet. Something like this:
$Source = C:\GoodFolder
$AllFolders = GCI C:\ -Directory -Recurse
$AllFolders | ForEach{Add-Member -InputObject $_ -NotePropertyName "ACLGood" -NotePropertyValue (Test-ACLequalHC $source $_.fullname all)}
Then you can just filter on that for folders that have issues and address them as needed.
$AllFolders | Where{!$_.ACLGood} | ForEach{ Do stuff to fix it }
I'm working with PowerShell to gather data from a list of remote servers which I then turn into a JSON object. Everything is working fine, but I get some really weird output that I can't seem to exclude.
I've tried piping the Invoke-Command results and excluding properties. I've also tried removing the items manually from the returned hash file, but I can't seem to make them go away.
What am I missing?
EDIT:
For the sake of figuring out what's wrong here is a simplified, but still broken, script:
$returnedServer = #{}
$pass = cat "C:\...\securestring.txt" | convertto-securestring
$mycred = new-object -typename System.Management.Automation.PSCredential -argumentlist "UserName",$pass
$s = #("xx.xxx.xxx.xxx","xx.xxx.xxx.xxx")
foreach($server in $s)
{
$returnedServer.$server += ,(Invoke-Command -ComputerName $server -ScriptBlock
{
1
}-credential $mycred | select -ExcludeProperty PSComputerName,RunSpaceID,PSShowComputerName)
$returnedServer| ConvertTo-Json
Which outputs:
{
"xx.xxx.xxx.xxx": [
{
"value": 1,
"PSComputerName": "xx.xxx.xxx.xxx",
"RunspaceId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"PSShowComputerName": xxxx
}
],
"xx.xxx.xxx.xxx": [
{
"value": 1,
"PSComputerName": "xx.xxx.xxx.xxx",
"RunspaceId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"",
"PSShowComputerName": xxxx
}
]
}
This post is really old, but I was unable to find an acceptable answer 6 years later, so I wrote my own.
$invokeCommandResults | ForEach-Object {
$_.PSObject.Properties.Remove('PSComputerName')
$_.PSObject.Properties.Remove('RunspaceId')
$_.PSObject.Properties.Remove('PSShowComputerName')
}
You need to use Select-Object to limit the result to just the properties you want to show up in the JSON output:
$returnedServers.$server += ,(Invoke-Command -ComputerName $server -ScriptBlock
{
...$serverHash = various look ups and calculations...
$serverHash
} | select PropertyA, PropertyB, ...)
For a more thorough answer you need to go into far more detail about your "various look ups and calculations" as well as the actual conversion to JSON.
After some testing, it seems the problem is the object type. I was able to get your test script to work by explicitly casting the returned result.
$returnedServer = #{}
$pass = cat "C:\...\securestring.txt" | convertto-securestring
$mycred = new-object -typename System.Management.Automation.PSCredential -argumentlist "UserName",$pass
$s = #("xx.xxx.xxx.xxx","xx.xxx.xxx.xxx")
foreach($server in $s)
{
$returnedServer.$server += ,[int](Invoke-Command -ComputerName $server -ScriptBlock {1} -credential $mycred)
}
$returnedServer| ConvertTo-Json
You could try this... instead of attempting to exclude extraneous property values, just be specific and "call" or "grab" the one(s) you want.
Quick Code Shortcut Tip! BTW, the Invoke-Command -Computer $server -Scriptbock {command} can be greatly simplified using: icm $server {command}
Now, getting back on track...
Using your original post/example, it appears that you are attempting to utilize one "value" by excluding all other values, i.e. -ExcludeProperty (which it is ultra-frustrating).
Let's start by removing and replacing the only exclusion section:
select -ExcludeProperty PSComputerName,RunSpaceID,PSShowComputerName
And instead, attempt to use one of the following:
1st Method: using the modified original command...
$returnedServer.$server += ,(Invoke-Command -ComputerName $server -ScriptBlock {1}-credential $mycred).value
2nd Method: using the "icm" version...
$returnedServer.$server += ,(icm $server {1} -credential $mycred).value
Essentially, you are "picking out" the value(s) you need (vs. excluding property values, which is, again, pretty frustrating when it does NOT work).
Related Example(s) follows:
Here is a typical system Powershell/WMIC command call:
icm ServerNameGoesHere {Get-CimInstance -ClassName win32_operatingsystem}
But what if I only want the "version" from the object glob:
(icm ServerNameGoesHere {Get-CimInstance -ClassName win32_operatingsystem}).version
But, hold on, now I only want the "lastbootuptime" from the object glob:
(icm ServerNameGoesHere {Get-CimInstance -ClassName win32_operatingsystem}).lastbootuptime
Indecisively, I want to be more flexible:
$a=icm ServerNameGoesHere {Get-CimInstance -ClassName win32_operatingsystem}
$a.version
$a.lastbootuptime
$a.csname
(Makes sense?)
Good luck,
~PhilC
I'm writing a script to find local admins on machines in a specific OU. I've created two functions to preform this task, each function by itself is working fine, but when I combine the two I am not getting any result. Anyone know what I'm doing wrong here?
Function GetCompList{
Get-ADObject -Filter { ObjectClass -eq "computer" } -SearchBase "OU=Resources,DC=Contoso,DC=LOCAL" `
| Select-Object Name
}
Function Admin_Groups{
foreach($i in GetCompList){
$adsi = [ADSI]"WinNT://$i"
$Object = $adsi.Children | ? {$_.SchemaClassName -eq 'user'} | % {
New-Object -TypeName PSCustomObject -Property #{
UserName = $_.Name -join ''
Groups = ($_.Groups() |Foreach-Object {$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)}) -join ','
}
}
$Object |? {$_.Groups -match "Administrators*"}
}
}
Admin_Groups
Your GetCompList function is returning a collection of objects. You're probably getting this when you run the one function:
Name
------
Comp1
Comp2
Comp3
In the foreach loop of Admin_Groups, you're using the output of GetCompList as an array of primitives - just a list of names, not a bunch of objects. So, you have two options:
Change the select-object name in GetCompList to select-object -expandproperty Name to get a simple array of names
In Admin_Groups, change each reference to $i in the body of the foreach loop to $i.Name. Since you're using it within a string, it's a little ugly to do that.
In this particular example, my preference would be option #1, making that function:
Function GetCompList{
Get-ADObject -Filter { ObjectClass -eq "computer" } -SearchBase "OU=Resources,DC=Contoso,DC=LOCAL" | Select-Object -expandproperty Name
}
I would also suggest that you rename your functions to match the Verb-Noun convention of PowerShell, and use one of the approved verbs from get-verb.
Get-CompList
Get-AdminGroups
Failing that, at least make your function names consistent - either use the _ to separate the words in the names, or don't. Don't mix & match.