|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 |
$ssfFonts = 0x14 $fontSourceFolder = "<Font Location>" $Shell = New-Object -ComObject Shell.Application $SystemFontsFolder = $Shell.Namespace($ssfFonts) $FontFiles = Get-ChildItem $fontSourceFolder $SystemFontsPath = $SystemFontsFolder.Self.Path $rebootFlag = $false foreach($FontFile in $FontFiles) { # $FontFile will be copied to this path: $targetPath = Join-Path $SystemFontsPath $FontFile.Name # So, see if target exists... if(Test-Path $targetPath){ # font file with the same name already there. # delete and replace. $rebootFlag = $true Remove-Item $targetPath -Force Copy-Item $FontFile.FullName $targetPath -Force }else{ #install the font. $SystemFontsFolder.CopyHere($FontFile.fullname) } } #Follow-up message if($rebootFlag){ Write-Host "At least one existing font overwritten. A reboot may be necessary." } |
Fix Domoticz DB
The FIX::
You need to have sqlite3 installed on your Pi
CODE: SELECT ALL
|
1 |
sudo apt-get install sqlite3 |
If you have it you can do the following commands:
CODE: SELECT ALL
|
1 2 3 4 5 6 7 |
cd ~ cd domoticz sqlite3 domoticz.db .mode insert .output dump.sql .dump .exit |
Remove first line of dumped database:
tail dump.sql -n +2 > dump1.sql
# Make back-up of original just in case:
mv domoticz.db domoticz.bak.db
# Import into fresh database:
sqlite3 domoticz.db < dump1.sql
# Clean-up the temporary files:
rm dump*.sql
Domoticz Cisco Port on / of switch
Script is created by Johan ven Boomgaard.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 |
#!/bin/bash # Set-cisco-port.sh # ============== # |Author: JvdB| # ============== # # Find,disable,enable port using SNMP at Cisco switch# # # Usage: cd <directory> ./Set-cisco-port.sh <switch ip-address> <description> <action> # Example: cd <directory> ./Set-cisco-port.sh 192.168.2.250 Test-pc e # # Where: # - 1st parameter is switch IP address # - 2nd is Description of NIC/Device # - 3rd is operation(e - enable port when find description at port, d -disable port when find description at port) # # ======================================= # Start script with setting the variables # ======================================= # switch_ip=$1; desc=$(echo $2 | sed 's/://g'); community="private"; operation=$3; # 2970_get_port(){ # Check for description at port for i in `snmpwalk -On -v2c -c $community@1 192.168.2.250 .1.3.6.1.4.1.9.9.46.1.3.1.1.2 | sed 's/.1.3.6.1.4.1.9.9.46.1.3.1.1.2.1.//g' | awk '{print $1}'`; do find_mac=`snmpwalk -On -v2c -c $community@$i 192.168.2.250 .1.3.6.1.2.1.17.4.3.1.1 | sed s/' '//g | grep -i $desc | sed 's/^.*Hex-STRING\://g'| awk '{print $1}'`; if [[ $find_mac != "" ]]; then point1=$(snmpwalk -On -v2c -c $community@$i $switch_ip .1.3.6.1.2.1.17.4.3.1.1 | sed s/' '//g | grep -i $desc | sed 's/.1.3.6.1.2.1.17.4.3.1.1.//g' | sed 's/=.*//g' ); port_numb=`snmpwalk -v2c -c $community@$i $switch_ip .1.3.6.1.2.1.17.4.3.1.2 | grep -i $point1 | sed 's/^.*INTEGER\: //g'`; echo "Description $desc was found at port number #"$port_numb; fi done; } disable_port(){ echo "Going to disable port by Description"; # Find by port description port_to_disable=`snmpwalk -v2c -On -c $community $switch_ip .1.3.6.1.2.1.31.1.1.1.18 | grep -i $desc | sed 's/.1.3.6.1.2.1.31.1.1.1.18.//g' | awk '{print $1}'`; # If port was not found if [[ $port_to_disable == "" ]]; then echo "Port wasn't found by port description. Exiting ..."; 2970_get_port; $port_to_disable=$port_numb; echo $ $port_to_disable; exit; fi; # Disable port snmpset -v2c -c $community $switch_ip .1.3.6.1.2.1.2.2.1.7.$port_to_disable i 2; # Save running config of Cisco switch to startup save_2970_cfg; } enable_port(){ echo "Going to enable port by Description"; # Find by port description port_to_enable=`snmpwalk -v2c -On -c $community $switch_ip .1.3.6.1.2.1.31.1.1.1.18 | grep -i $desc | sed 's/.1.3.6.1.2.1.31.1.1.1.18.//g' | awk '{print $1}'`; # If port was not found if [[ $port_to_enable == "" ]]; then echo "Port wasn't found by port description. Exiting ..."; 2970_get_port; $port_to_enable=$port_numb; echo $ $port_to_enable; exit; fi; # Enable port snmpset -v2c -c $community $switch_ip .1.3.6.1.2.1.2.2.1.7.$port_to_enable i 1; # Save running config of Cisco switch to startup save_2970_cfg; } save_2970_cfg(){ echo "Saving Cisco 2970 switch configuration"; snmpset -t60 -v2c -c $community $switch_ip 1.3.6.1.4.1.9.2.1.54.0 i 1 } main(){ if [[ $operation == "f" ]]; then echo "Find port operation"; 2970_get_port; elif [[ $operation == "d" ]]; then echo "Disable port operation"; disable_port; elif [[ $operation == "e" ]]; then echo "Enable port operation"; enable_port; else echo "Wrong arguments given"; fi; } main; |
Monitor domoticz
Inventory and push software
Disable-Enable automapping Echange 2016
Because automapping is not always working correct, just created this script to re-enable automapping with the correct settings. This script you need to run on the Exchange server.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
# Created by Daag van der Meer # blog.van-daag.nl # This script gives the user full access to the mailbox. This will update also the folders below the inbox with the rights. Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn; # Enter the mailbox name here $mailbox= "<mailboxname>" # Add here the usernames like "<USERNAME>", "<ÜSERNAME>" $users= "<USERNAME>", "<ÜSERNAME>" ####### Start of the Script. Do not edit below foreach ($user in $users){ # First disable AutoMapping Add-MailboxPermission -Identity $mailbox -User $user -AccessRights FullAccess -InheritanceType All -Automapping $false # Now enable Automapping Add-MailboxPermission -Identity $mailbox -User $user -AccessRights FullAccess -InheritanceType All -Automapping $true } |
Update Synology Mail Plus spam server more than once a day.
Update Synology Mail Plus spam server more than once a day
Just found the scripts that you can run and schedule to run more often than once a day. And if you run ClaimAV as virusscanner.
Run the following scripts.
bash /volume1/@appstore/MailPlus-Server/scripts/SpamRuleUpdate.sh all
bash /volume1/@appstore/MailPlus-Server/scripts/SpamAutoLearn.sh
bash /volume1/@appstore/AntiVirus/scripts/clamav.sh check_update
AD Send mail on password reset
This is based on Security Event ID 4724. When this is logged on the domain controller, Task Scheduler kicks this script. And send a mail to Admin and user. And also creates a local log file who reset the password.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 |
# Created by Daag van der Meer on 12-10-2018 # Blog.van-daag.nl # Powershell Send mail When account password reset is done To user and admin. # Save this also in a Log file ################## ## Temp location for creating HTML email ################## $Report= "c:\Temp\reset.html" ################## ## Log location ################## $log= "C:\Logs\Accountreset.csv" $HTML=@" <title>Account locked out Report</title> <!--mce:0--> "@ ################## ## Retrieve eventlog with all value ################## $event = Get-EventLog -LogName Security -InstanceId 4724 -Newest 1 | Select TimeGenerated, ReplacementStrings | % { New-Object PSObject -Property @{ "Account name" = $_.ReplacementStrings[0] "Account Domain" = $_.ReplacementStrings[1] "Reset by" = $_.ReplacementStrings[4] Date = $_.TimeGenerated } } ################## ## Retrieve eventlog For filter username ################## $userevent= Get-EventLog -LogName Security -InstanceId 4724 -Newest 1 | Select-Object @{n='UserName';e={$_.ReplacementStrings[0]}} $user= $userevent -replace ".*=" -replace "}" ################## ## send mail to admin ################## $event | ConvertTo-Html -Property "Account name","Account Domain","Reset By",Date -head $HTML -body "<H2> User account password is reset</H2>"| Out-File $Report -Append ################## ## Mail config admin ################## $MailBody= Get-Content $Report $MailSubject= "User password reset" $SmtpClient = New-Object system.net.mail.smtpClient $SmtpClient.host = "<MAIL SERVER>" $MailMessage = New-Object system.net.mail.mailmessage $MailMessage.from = "<FROM MAILADRESS>" $MailMessage.To.add("<MAILADRESS>") $MailMessage.Subject = $MailSubject $MailMessage.IsBodyHtml = 1 $MailMessage.Body = $MailBody $SmtpClient.Send($MailMessage) del c:\Temp\reset.html $event | Export-Csv $log -NoTypeInformation -Append ############################# ### Send mail to user ####### ############################# $useremail = Get-ADUser $user -Properties mail | Select-Object -ExpandProperty mail $userfirstname1 = Get-ADUser $user -Properties GivenName | Select-Object GivenName $userfirstname = $userfirstname1 -replace ".*=" -replace "}" $userlastsname1 = Get-ADUser $user -Properties Surname | Select-Object Surname $userlastsname = $userlastsname1 -replace ".*=" -replace "}" $Pic = '<ADD LOCATION FOR PICTURE IN MAIL>' $att1 = new-object Net.Mail.Attachment($Pic) $att1.ContentType.MediaType = “image/png” $att1.ContentId = “Attachment” ################## ## HTML mail setup to user ################## $userBody = @" <html> <body> <span lang=NL style='font-size:10.0pt;line-height:106%;color:black'> Dear $userfirstname $userlastsname,<br> <br> The password for your <b>DOMAIN\$user</b> account has been reset.<br> If you did not request this, please inform:<br> <br> This is an automated email.<br> <br> </span> <img src="cid:Attachment"> "@ ################## ## Mail config user ################## $userSubject = "Your password is changed" $userMessage = New-Object system.net.mail.mailmessage $userMessage.from = "<FROM MAILADRESS>" $userMessage.To.add("$useremail") $userMessage.Subject = $userSubject $userMessage.IsBodyHtml = 1 $userMessage.Body = $userBody $userMessage.Attachments.Add($att1) $SmtpClient.Send($userMessage) |
AD Send mail on Account Lock
At a company where I worked, there was no logging with account lock and the had plans to change the GPO that accounts will not be auto unlocked.
So I also added mailing to the admin of that specific OU (Country)
I found a script from Maxzor1908 on Technet
That was the basic. I Added a lot of extra.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 |
# Powershell User Account locked out Maxzor1908 *16/4/2013* # Checked and edit by Daag van der Meer - 03-10-2018 # blog.van-daag.nl # Email adress needs to be filled in at the admin account. ################## ## Temp location for creating HTML email ################## $Report= "c:\Temp\Lockedhtml.html" ################## ## Log location ################## $log= "C:\Logs\AccountLocked.csv" $HTML=@" <title>Account locked out Report</title> <!--mce:0--> "@ $Account_Name = @{n='Account name';e={$_.ReplacementStrings[-1]}} $Account_domain = @{n='Account Domain';e={$_.ReplacementStrings[-2]}} $Caller_Computer_Name = @{n='Caller Computer Name';e={$_.ReplacementStrings[-1]}} ################## ## Retrieve eventlog with all value ################## $event= Get-EventLog -LogName Security -InstanceId 4740 -Newest 1 | Select TimeGenerated,ReplacementStrings,"Account name","Account Domain","Caller Computer Name" | % { New-Object PSObject -Property @{ "Account name" = $_.ReplacementStrings[-7] "Account Domain" = $_.ReplacementStrings[5] "Caller Computer Name" = $_.ReplacementStrings[1] Date = $_.TimeGenerated } } $event | ConvertTo-Html -Property "Account name","Account Domain","Caller Computer Name",Date -head $HTML -body "<H2> User is locked in the Active Directory</H2>"| Out-File $Report -Append ################## ## Retrieve eventlog For filter username ################## $user= Get-EventLog -LogName Security -InstanceId 4740 -Newest 1 | Select ReplacementStrings | % { New-Object PSObject -Property @{ "Account name" = $_.ReplacementStrings[-7] } } $userrename = $user -replace ".*=" -replace "}" $userou = Get-ADUser $userrename -Properties DistinguishedName | Select-Object -ExpandPropert DistinguishedName ############################## ## Here is the ad Groups configured who can unlock accounts ############################# if ($userou.Contains('OU=<OU>')) {$mail = "<AD GROUP>"} elseif ($userou.Contains('OU=<OU>')) {$mail = "<AD GROUP>"} else {$mail = "<AD GROUP>" } $adminmail = Get-ADGroupMember $mail | select samaccountname | %{Get-ADUser $_.samaccountname -Properties mail} | %{write-output "$($_.mail)"} $mailadmin = $adminmail -join "," -replace ",," ################## ## Mail config admin ################## $MailBody= Get-Content $Report $MailSubject= "User Account locked out" $SmtpClient = New-Object system.net.mail.smtpClient $SmtpClient.host = "<MAIL SERVER>" $MailMessage = New-Object system.net.mail.mailmessage $MailMessage.from = "<FROM MAIL ADRESS>" $MailMessage.To.add("<TO MAIL ADRESS>,$mailadmin") $MailMessage.Subject = $MailSubject $MailMessage.IsBodyHtml = 1 $MailMessage.Body = $MailBody $SmtpClient.Send($MailMessage) ################## ## Remove the temp document ################## del c:\Temp\Lockedhtml.html ################## ## Write to log about the account lock ################## $event | Export-Csv $log -NoTypeInformation -Append |
AD Change Display name
At the company were I worked we had a name change. They also use the display name in outlook to send mail. Example: Daag van der Meer [Company] So everyone see direct what the company is.
The script below built the display name with firstname lastname [Company]
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 |
# Script created by Daag van der Meer # Blog.van-daag.nl Import-Module ActiveDirectory #creates a list of all users (change all between <> $allUsers = Get-ADUser -Filter * -SearchBase 'ou=Users,ou=<OU>,DC=<DC>,DC=<DC' -Properties cn,displayName # Add your company name or something else after username $hi = "<company>" foreach ( $u in $allUsers | Where-Object { ($_.givenName) -and ($_.surName) } ) { $fn = $u.givenName.Trim() $ln = $u.surName.Trim() Write-Host $fn $ln Set-ADUser -Identity $u -DisplayName "$fn $ln $hi" -GivenName "$fn" -SurName "$ln"-PassThru | Rename-ADObject -NewName "$fn $ln $hi" } |