Windows Scripts


windows

::OPEN SSL
::GENERATE CSR
openssl req -config openssl.cnf -new -nodes -keyout private/$domain.key -out $domain.csr -days 365
::SIGN REQUEST
openssl ca -config openssl.cnf -policy policy_anything -extensions v3_req -out certs/wildcard.crt -infiles wildcard.csr

::Create a PKCS12 (.pfx) cert. You will need the private key and the certificate (not the CSR). The output file can be either .pfx or .p12.
openssl pkcs12 -export -inkey privatekey.key -in certificate.cer -out newcert.pfx
::Create a PKCS12 cert and include other certs for a chain.
openssl pkcs12 -export -inkey privatekey.key -in certificate.cer -certfile chainroot.crt -out newcert.pfx

=================================================

forfiles /S /P “C:\Windows\Temp” /M “*.*” /C “cmd /C del /Q @path”
forfiles /S /P “C:\Windows\Temp” /M “*” /C “cmd /C if @isdir==TRUE rd /Q @path 2> nul”
forfiles /S /P “%userprofile%\AppData\Local\Temp” /M “*.*” /C “cmd /C del /Q @path”
forfiles /S /P “%userprofile%\AppData\Local\Temp” /M “*” /C “cmd /C if @isdir==TRUE rd /Q @path 2> nul”
::DELETE ALL TEMP FILES
$tempfolders = @(“C:\Windows\Temp\*”, “C:\Windows\Prefetch\*”, “C:\Users\*\Appdata\Local\Temp\*”, “C:\Users\*\Downloads\*”, “C:\Program Files (x86)\Citrix\GoToMeeting\*”) ; Remove-Item $tempfolders -force -recurse

=================================================

::esxi update::
ssh to host
run the command:
esxcli software vib install -d /vmfs/volumes/51ffc76a-0daaa886-215e-00237de9563c/ISO/ESXi510-201510001.zip

=================================================

:: Disable SMB server on 2012 ::
get-smbserverconfiguration | select enablesmb1protocol, enablesmb2protocol
set-smbserverconfiguration -enablesmb1protocol $false

=================================================

:: ZIP and delete files
FOR /F “usebackq tokens=* delims=” %%A IN (`DIR “E:\inetpub\logs\LogFiles\*.log” /B /S`) DO “C:\Program Files\7-Zip\7za.exe” a “%%~dpnA.zip” “%%~fA” & DEL “%%~fA”

================================================

:: SET IIS APPLICATION POOL RECYCLE INTERVAL
:: CREATE GLOBAL DEFAULT VALUE
%systemroot%\system32\inetsrv\appcmd set config -section:system.applicationhost/applicationpools “/+applicationpooldefaults.recycling.periodicrestart.schedule.[value=’01:00:00′]” /commit:apphost
::DISABLE RESTART TIME
%systemroot%\system32\inetsrv\appcmd set config -section:system.applicationhost/applicationpools /applicationpooldefaults.recycling.periodicrestart.time:”00:00:00″ /commit:apphost
::ENABLE RECYCLE EVENT LOGGING
%systemroot%\system32\inetsrv\appcmd set config -section:system.applicationhost/applicationpools /applicationpooldefaults.recycling.logeventonrecycle:Schedule /commit:apphost

::LIST IIS APPLICATIONS TO GET THE APPID – APPID IS THE SAME ACROSS ALL IIS SITES
netsh http show sslcert
::CREATE NEW HTTPS BINDING FOR IIS WEBSITE – run cmd as admin
c:\windows\system32\inetsrv\appcmd set site /site.name:”VISIONWEB_CS_RS_FIS” /+bindings.[protocol=’https’,BindingInformation=’192.168.1.5:443:HostHeader’] /commit:apphost
::APPLY SSL CERT TO HTTPS BINDING IN IIS
netsh http add sslcert ipport=192.168.1.5:443 certhash=0a2c0065ed92e84a4fb52cee109718dd35b910b9 appid={4dc3e181-e14b-4a21-b022-59fc669b0914}

=================================================

::Add new DNS zone with same as parent record
dnscmd /zoneadd www.domain.com /dsprimary
dnscmd /recordadd www.domain.com . A 192.168.1.92
::Add new primary reverse zone
add-dnsserverprimaryzone -dynamicupdate secure -networkid ‘192.168.1.0/24’ -replicationscope domain

=================================================

HYPER-V
get-vm * | where-object {$_.state -eq ‘Running’} | checkpoint-vm -snapshotname “$((get-date).toshortdatestring())”
get-vmsnapshot * | where-object {$_.creationtime -lt (get-date).AddSeconds(-1)} | remove-vmsnapshot
backup running guests
$backups = “D:\”
Get-ChildItem $backups -Recurse | Where {$_.creationtime -lt (Get-Date).adddays(-3)} | Remove-Item -Recurse -Force
$datepath = new-item -itemtype directory -path $backups\”.\$((get-date).tostring(‘MMddyyyy’))” -Force
#get-vm -name vmname | export-vm -path $datepath\
get-vm * | where-object {$_.state -eq ‘Running’} | export-vm -path $datepath\

=================================================

::EVENT LOG SEARCH
Get-eventlog -logname security -after may30 -message “*username*” | where {$_.eventid -eq 4740} | fl

=================================================

::When get command outputs truncated data
get-mailbox “User Name” | select -ExpandProperty emailaddresses

=================================================

::Find KB or hotfix
wmic qfe get hotfixid | find “KB1243567”
wmic qfe | find “KB1234567”
::2012
systeminfo | findstr KB1234567
wmic qfe | find “KB2821052”
wmic qfe | find “KB2754704”
wmic qfe get hotfixid | find “KB4018466” && hostname && ipconfig | findstr /i “ipv4”
=================================================

hostname && ipconfig | findstr /i “ipv4”

=================================================

hklm\system\currentcontrolset\services\lanmanserver\shares
import and restart Server service

=================================================

::AD COMMANDS
netdom query fsmo
netdom query dc
dcdiag /v /c > c:\dcdiag.txt
dfsrdiag repliactionstate /all
dfsrdiag replicationstate /member:servername

=================================================

::List all ad users in an ou
get-aduser -searchbase “ou=users,ou=ouname,dc=fqdn” -filter * -resultsetsize 5000 | select name,samaccountname
::List user password expiry
get-aduser -identity username -properies passwordlastset
or
get-aduser -identity username -properies passwordlastset | ft name,passwordlastset

=================================================

:Find users with particular email domain
$domain = “domain.com”
Get-ADuser -Filter * -Properties givenName, Surname, mail -searchbase “OU=ouname,OU=ouname,DC=fqdn” | %{
$fname = $_.givenName.ToLower()[0]
$lname = $_.surname.ToLower()
if ($_.mail -eq $null){
Set-ADuser -Identity $_ -EmailAddress $fname$lname@$domain
}
}

Get-ADuser -Filter * -Properties givenName, Surname, mail -searchbase “OU=ouname,OU=ouname,DC=fqdn” | %{
$fname = $_.givenName.ToLower()
$lname = $_.surname.ToLower()
if ($_.mail -eq $null){
Set-ADuser -Identity $_ -EmailAddress $fname’.’$lname@$domain
}
}

=================================================

::3PAR COMMANDS
showpd -c -p -devtype FC
OR
showpd -c
showspace -cpt RAID5

=================================================

::MELTDOWN AND SPECTRE SCRIPTS
::Get symantec eraser version
wmic datafile where name=’c:\\programdata\\symantec\\symantec endpoint protection\\currentversion\\data\\definitions\\virusdefs\\20180105.002\\cceraser.dll’ get version