Quantcast
Channel: Powershell – Jacques Dalbera's IT world
Browsing all 85 articles
Browse latest View live

Image may be NSFW.
Clik here to view.

How to with Regular expressions

Examples: .at matches any three-character string ending with “at”, including “hat”, “cat”, and “bat”. [hc]at matches “hat” and “cat”. [^b]at matches all strings matched by .at except “bat”. [^hc]at...

View Article


Image may be NSFW.
Clik here to view.

How to dump events from Windows event logs ?

From event viewer eventvwr (GUI) you can export events in a log file You can use eventwatchnt (GUI) from http://www.netikus.com   To dump events from the command line you can use: 1) psloglist from...

View Article


Image may be NSFW.
Clik here to view.

Failover clustering in command line

How to install the Windows failover clustering from the command line ? First, you should make sure that the nodes, running Windows Server 2012 R2 that you are intending to add to the cluster are part...

View Article

Image may be NSFW.
Clik here to view.

Understanding streams redirection and write-host in powershell

http://blogs.technet.com/b/heyscriptingguy/archive/2014/03/30/understanding-streams-redirection-and-write-host-in-powershell.aspx

View Article

Image may be NSFW.
Clik here to view.

Getting Started with Office 365 and PowerShell

http://blogs.technet.com/b/heyscriptingguy/archive/2014/03/24/getting-started-with-office-365-and-powershell.aspx

View Article


Image may be NSFW.
Clik here to view.

Better protect against “Pass the Hash” attacks

Resources materials: http://download.microsoft.com/download/7/7/A/77ABC5BD-8320-41AF-863C-6ECFB10CB4B9/Mitigating-Pass-the-Hash-Attacks-and-Other-Credential-Theft-Version-2.pdf...

View Article

Image may be NSFW.
Clik here to view.

Advanced XML filtering in the Windows Event Viewer

http://blogs.technet.com/b/askds/archive/2011/09/26/advanced-xml-filtering-in-the-windows-event-viewer.aspx http://blog.oneboredadmin.com/2013/05/filtering-windows-event-log-using-xpath.html        

View Article

Image may be NSFW.
Clik here to view.

List of most common and useful Windows Event IDs

Here is a list of the most common / useful Windows Event IDs. Event Log, Source EventID EventID Description Pre-vista Post-Vista Security, Security 512 4608 Windows NT is starting up. Security,...

View Article


Image may be NSFW.
Clik here to view.

Powershell: How to test if a string contains Uppercase or Lowercase

Here is a new Powershell tip to detect if a string contains Uppercase (all characters or some characters only): Use case1: check if the string contain at least one character in uppercase ! ex: $var=...

View Article


Image may be NSFW.
Clik here to view.

Powershell: One-liners to Get You Started

The server rebooted recently – who did it and when exactly? Event ID 1074 covers a few activities beyond reboots, such as shutdown Get-EventLog -log system –newest 1000 | where-object {$_.eventid –eq...

View Article

Image may be NSFW.
Clik here to view.

How to use WUSA to install hotfixes

wusa <update>.msu /quiet /norestart /log example: wusa d:\hotfixes\Windows8.1-KB29456426.msu /quiet /norestart You can use the Windows Management Instrumentation Command-line (WMIC) to view the...

View Article

Image may be NSFW.
Clik here to view.

ADFS v2.1

ADFS deep dive planning and design: http://blogs.technet.com/b/askpfeplat/archive/2014/11/24/adfs-deep-dive-planning-and-design-considerations.aspx Main Portal:...

View Article

Image may be NSFW.
Clik here to view.

WinRM: using and troubleshooting CredSSP

Back in the Windows Vista days, we introduced a new security delegation module called Credential Security Service Provider (CredSSP). This was originally designed to work with Terminal Services because...

View Article


Image may be NSFW.
Clik here to view.

Windows Forensics: WinRM – who is connected to your computer?

Finding remote session connected to your computer? who is running a (hidden) remote PowerShell on your machine? Here’s a simple one-liner: Get-WSManInstance -ConnectionURI (‘http://{0}:5985/wsman’ -f...

View Article

Image may be NSFW.
Clik here to view.

How to install Windows feature using Powershell?

How to list and to install Windows feature from Powershell ? Import-Module servermanager Get-WindowsFeature | Where-Object {$_.installed} | Format-Table -AutoSize Get-WindowsFeature | Where-Object...

View Article


Image may be NSFW.
Clik here to view.

How to update group membership without logoff / logon /restart

This might be very useful for certain situations where you want to update a user’s or computer’s group membership without the need to re-logon / restart. The whole magic is behind the issued kerberos...

View Article

Image may be NSFW.
Clik here to view.

Monitoring Event ID with Powershell or SCOM

Using Powershell: http://msexchange.me/2014/06/05/monitoring-event-id-thru-powershell/ http://community.spiceworks.com/topic/282720-powershell-event-log-monitor-email-alert-script-central-monitor Using...

View Article


Image may be NSFW.
Clik here to view.

SFTP using Powershell

How to use SFTP with Powershell? http://www.powershellmagazine.com/2014/07/03/posh-ssh-open-source-ssh-powershell-module/ https://github.com/darkoperator/Posh-SSH or Using WinSCP:...

View Article

Image may be NSFW.
Clik here to view.

Converting .cer to .pem etc…

Certificate converter: https://www.sslshopper.com/ssl-converter.html using openssl to convert a certificate format to another format:...

View Article

Image may be NSFW.
Clik here to view.

Be protect against “Pass the Hash” attacks

Resources materials: https://www.nsa.gov/ia/_files/app/Reducing_the_Effectiveness_of_Pass-the-Hash.pdf https://www.nsa.gov/ia/_files/app/Spotting_the_Adversary_with_Windows_Event_Log_Monitoring.pdf...

View Article
Browsing all 85 articles
Browse latest View live