Category: Powershell


How can I see what OS version my Azure VM is running?


I wanted to check what OS version I had deployed on a server in Azure, but I couldn’t remember if it was 2012 R2 or 2016.

I checked the server object in Azure and it gave me this

Hmmm…. that didn’t really answer my question (yes I could connect via RDP, but some times you can’t)

I know there are several scripts you can run to get information (that will need a connection, running scripts and so on, not everyone has this access, so they should be able to view this without scripts)

So I decided to check the disk connected to the server, and that gave me a better answer ūüôā

There I can see it was a 2012 R2 DC based on the image 4.127….

 

So in the Resource group (or on VM) find the disk for the server, and you will see the Disk info in the Overview.

Enjoy

Get system uptime


We all have our own ways of finding a servers / computers uptime.
But I thought I’d share my favorite way:

 

function Get-SrvUptime
{
$operatingSystem = Get-WmiObject Win32_OperatingSystem
[Management.ManagementDateTimeConverter]::ToDateTime($operatingSystem.LastBootUpTime)
}


Remove – AzureRmApplicationGateway


If you want to remove Azure Application Gateway Backend HTTP Settings / Probe configs / Backend Address Pools / HTTP Listeners or something else from the Azure Application Gateway, you might end up with the same Microsoft Doc’s as me.

https://docs.microsoft.com/en-us/powershell/module/azurerm.network/remove-azurermapplicationgatewaybackendhttpsettings?view=azurermps-4.4.1

As you see from the post it tells you what to do, but when you check the config in the Portal, it is not gone.

What is missing from the information feed here is that you get the Azure Application Gateway info, then you remove it, and get the code to define it, so the missing ingredient is:

Set-AzureRmApplicationGateway -ApplicationGateway $AppGw

That way you list out the current config, then get the new config, then SET the new config.

And now it is correct in the GUI too ūüôā


Create #HASHED password file for PowerShell use


If you want to automate some Powershell scripts to do a job for you, and you don’t want to¬†(and you never should)¬†add the password in the script, then this is a great ting.

You create an encrypted txt file based on the userID and PW you define in the prompt, the file is then created with the password (password only) information in the encrypted file. The export location must be the location you want the script to run, as you can not move/copy the file to a different location after export.
So now you can use the password file with the scripts you have created
#==============================================================================================
# NAME: Encrypt Password for use in Powershell
# 
# AUTHOR: Vincent Christiansen, vincent@sameie.com
# DATE  : 21/01/2016
# 
# COMMENT: Will prompt you for username and password, and will encrypt (to hash) the password to a txt file.
#          This will only be the password. And you must dump the file to the location where you are going to 
#          get it from in the other script
# ==============================================================================================
$credential = Get-Credential
$credential.Password | ConvertFrom-SecureString | Set-Content D:\Scripts\Azure_Encrypted_Password.txt

Connect to Azure/Office365 based on encrypted txt file


This will create a remote PowerShell session¬†to your Azure/Office365 based on the Username you specify and the #hashed password text file you created in the previous‚Äč post¬†(that you can find here)‚Äč
#==============================================================================================
# NAME: Connect to Azure/Office365
# 
# AUTHOR: Vincent Christiansen, vincent@sameie.com
# 
# DATE  : 21/01/2016
# 
# COMMENT: This script will create a remote session in Azure/Office365 based on the encrypted file you have created.
#
# ‚Äč‚Äč=============================================================================================
$username = “YourServiceAccount@YOURDOMAIN.onmicrosoft.com”
$encrypted = Get-Content “D:\Scripts\Azure_Encrypted_Password.txt” | ConvertTo-SecureString
$cred = New-Object System.Management.Automation.PsCredential($username,$encrypted)
Import-Module MSOnline
Connect-MsolService -Credential $cred
$ExchangeSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/?proxymethod=rps -Credential $cred -Authentication Basic -AllowRedirection
$importresults = Import-PSSession $ExchangeSession

Update UPN on multiple users


I recently did an LDIFDE import of a lot of users to a test domain, and the UPN is not sett on the user objects.

So to change/set the UPN for all my users in the test domain I used this little‚Äč string. Worked like a charm

I gets all the users objects in the Domain Sameie.com, and it sets the UPN to username@sameie.info

G‚Äčet-ADUser -searchbase “DC=sameie,DC=com” -filter * | foreach {set-adusers $_ -userprincipalname (“{0}@{1}” -f $_.samaccountname,”sameie.info”)}‚Äč

Select Azure Subscription to work with


When you have a larger organisation, you will have several Azure Subscriptions to work against. So here is how you switch.

1. Open Powershell

2. Type in:¬†Add-AzureRmAccount‚Äč
(in pop-up enter admin id and password)

3. It will list up the subscription you are connected to when you have authenticated


4. Type in: Get-AzureRmSubscription
(will list out all your subscriptions)

5. Find the Subscription you want to connect to

6. Type in:¬†Select-AzureRmSubscription -SubscriptionId “ENTER THE SUBSCRIPTION ID”‚Äč

You can choose SubscriptionName too, but I prefere SubscriptionID


Count directory Objects in Active Directory


Some times you need to find out how many directory Objects you have in your AD.
A quick way of getting this done is to use the following PowerShell‚Äč string

‚Äč‚ÄčGet-ADObject -Filter {name -like ‘*’} -SearchBase ‘CN=Schema,CN=Configuration,DC=sameie,DC=COM’ -ResultSetSize $null | Measure-Object >c:\tmp\object_dump.txt

This will dump the information into a easy to read text file

object_count_output.PNG

Now you know how many Objects you have.


Can’t Create Resources in Resource Group


I created a resource group and gave my colleague the contributor access to the resources group.

Then he was going to deploy Logic App, but got an error that he does not have access and is not authorized. So he tried to deploy a VM, same issue.
I deployed Logic App for him (not problem).

The error he gets looks like this:
Resource creation fails with the error which looks like below- Registering the resource providers has failed. Additional details from the underlying API that might be helpful: ‘AuthorizationFailed’ ‚Äď The client xxx@xxx.com’ with object id ‘af648edh-5336-sf55-ff2f-14873afdc259’ does not have authorization to perform action ‘Microsoft.Compute/register/action’ over scope ‘/subscriptions/245455vgd4-34gg-afe4-975f-3345gdgs34s’. (Code: AuthorizationFailed)

Hmmmm‚Ķ.. What’s going on here?

With the contributor access to a resource group, you can create a resource e.g. a VM or Logic App. What went wrong here if we look at the error message and focus on¬†‘Microsoft.Compute/register/action’ over scope ‘/subscriptions/245455vgd4-34gg-afe4-975f-3345gdgs34s’. is that he is not authorized to create a resource, it is the authorization error¬†to register a resource provider. So how do we solve it?

Well after a bit of Googling if found a solution that worked for me,

  • ‚ÄčLog into Azure with an identity which has a subscription level access to register a resource provider e.g. admin/owner.
  • ¬†Using PowerShell (PoSh) register the resource providers you need¬†at the subscription level. You can also see which providers are available and registered already.

Open Powershell and enter the following:

–¬†Login-AzureRmAccount

#List out all Subscriptions you have access to
–¬†Get-AzureRmSubscription

–¬†$subscriptionId= “<Subscription Id>”

–¬†Select-AzureRmSubscription -SubscriptionId $subscriptionId

 
#List all available providers and register them
–¬†Get-AzureRmResourceProvider -ListAvailable | Register-AzureRmResourceProvider -Force‚Äč‚Äč