$ssfFonts = 0x14
$fontSourceFolder = ""
$Shell = New-Object -ComObject Shell.Application
$SystemFontsFolder = $Shell.Namespace($ssfFonts)
$FontFiles = Get-ChildItem $fontSourceFolder
$SystemFontsPath = $SystemFontsFolder.Self.Path
$rebootFlag = $false
foreach($FontFile in $FontFiles) {
# $FontFile will be copied to this path:
$targetPath = Join-Path $SystemFontsPath $FontFile.Name
# So, see if target exists...
if(Test-Path $targetPath){
# font file with the same name already there.
# delete and replace.
$rebootFlag = $true
Remove-Item $targetPath -Force
Copy-Item $FontFile.FullName $targetPath -Force
}else{
#install the font.
$SystemFontsFolder.CopyHere($FontFile.fullname)
}
}
#Follow-up message
if($rebootFlag){
Write-Host "At least one existing font overwritten. A reboot may be necessary."
}Fix Domoticz DB
The FIX::
You need to have sqlite3 installed on your Pi
CODE: SELECT ALL
sudo apt-get install sqlite3 If you have it you can do the following commands:
CODE: SELECT ALL
cd ~
cd domoticz
sqlite3 domoticz.db
.mode insert
.output dump.sql
.dump
.exit
Remove first line of dumped database:
tail dump.sql -n +2 > dump1.sql
# Make back-up of original just in case:
mv domoticz.db domoticz.bak.db
# Import into fresh database:
sqlite3 domoticz.db < dump1.sql
# Clean-up the temporary files:
rm dump*.sql
Domoticz Cisco Port on / of switch
Script is created by Johan ven Boomgaard.
#!/bin/bash
# Set-cisco-port.sh
# ==============
# |Author: JvdB|
# ==============
#
# Find,disable,enable port using SNMP at Cisco switch#
#
# Usage: cd <directory> ./Set-cisco-port.sh <switch ip-address> <description> <action>
# Example: cd <directory> ./Set-cisco-port.sh 192.168.2.250 Test-pc e
#
# Where:
# - 1st parameter is switch IP address
# - 2nd is Description of NIC/Device
# - 3rd is operation(e - enable port when find description at port, d -disable port when find description at port)
#
# =======================================
# Start script with setting the variables
# =======================================
#
switch_ip=$1;
desc=$(echo $2 | sed 's/://g');
community="private";
operation=$3;
#
2970_get_port(){
# Check for description at port
for i in `snmpwalk -On -v2c -c $community@1 192.168.2.250 .1.3.6.1.4.1.9.9.46.1.3.1.1.2 | sed 's/.1.3.6.1.4.1.9.9.46.1.3.1.1.2.1.//g' | awk '{print $1}'`; do
find_mac=`snmpwalk -On -v2c -c $community@$i 192.168.2.250 .1.3.6.1.2.1.17.4.3.1.1 | sed s/' '//g | grep -i $desc | sed 's/^.*Hex-STRING\://g'| awk '{print $1}'`;
if [[ $find_mac != "" ]]; then
point1=$(snmpwalk -On -v2c -c $community@$i $switch_ip .1.3.6.1.2.1.17.4.3.1.1 | sed s/' '//g | grep -i $desc | sed 's/.1.3.6.1.2.1.17.4.3.1.1.//g' | sed 's/=.*//g' );
port_numb=`snmpwalk -v2c -c $community@$i $switch_ip .1.3.6.1.2.1.17.4.3.1.2 | grep -i $point1 | sed 's/^.*INTEGER\: //g'`;
echo "Description $desc was found at port number #"$port_numb;
fi
done;
}
disable_port(){
echo "Going to disable port by Description";
# Find by port description
port_to_disable=`snmpwalk -v2c -On -c $community $switch_ip .1.3.6.1.2.1.31.1.1.1.18 | grep -i $desc | sed 's/.1.3.6.1.2.1.31.1.1.1.18.//g' | awk '{print $1}'`;
# If port was not found
if [[ $port_to_disable == "" ]]; then
echo "Port wasn't found by port description. Exiting ...";
2970_get_port;
$port_to_disable=$port_numb;
echo $ $port_to_disable;
exit;
fi;
# Disable port
snmpset -v2c -c $community $switch_ip .1.3.6.1.2.1.2.2.1.7.$port_to_disable i 2;
# Save running config of Cisco switch to startup
save_2970_cfg;
}
enable_port(){
echo "Going to enable port by Description";
# Find by port description
port_to_enable=`snmpwalk -v2c -On -c $community $switch_ip .1.3.6.1.2.1.31.1.1.1.18 | grep -i $desc | sed 's/.1.3.6.1.2.1.31.1.1.1.18.//g' | awk '{print $1}'`;
# If port was not found
if [[ $port_to_enable == "" ]]; then
echo "Port wasn't found by port description. Exiting ...";
2970_get_port;
$port_to_enable=$port_numb;
echo $ $port_to_enable;
exit;
fi;
# Enable port
snmpset -v2c -c $community $switch_ip .1.3.6.1.2.1.2.2.1.7.$port_to_enable i 1;
# Save running config of Cisco switch to startup
save_2970_cfg;
}
save_2970_cfg(){
echo "Saving Cisco 2970 switch configuration";
snmpset -t60 -v2c -c $community $switch_ip 1.3.6.1.4.1.9.2.1.54.0 i 1
}
main(){
if [[ $operation == "f" ]]; then
echo "Find port operation";
2970_get_port;
elif [[ $operation == "d" ]]; then
echo "Disable port operation";
disable_port;
elif [[ $operation == "e" ]]; then
echo "Enable port operation";
enable_port;
else
echo "Wrong arguments given";
fi;
}
main;
Monitor domoticz
Inventory and push software
Disable-Enable automapping Echange 2016
Because automapping is not always working correct, just created this script to re-enable automapping with the correct settings. This script you need to run on the Exchange server.
# Created by Daag van der Meer
# blog.van-daag.nl
# This script gives the user full access to the mailbox. This will update also the folders below the inbox with the rights.
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn;
# Enter the mailbox name here
$mailbox= "<mailboxname>"
# Add here the usernames like "<USERNAME>", "<ÜSERNAME>"
$users= "<USERNAME>", "<ÜSERNAME>"
####### Start of the Script. Do not edit below
foreach ($user in $users){
# First disable AutoMapping
Add-MailboxPermission -Identity $mailbox -User $user -AccessRights FullAccess -InheritanceType All -Automapping $false
# Now enable Automapping
Add-MailboxPermission -Identity $mailbox -User $user -AccessRights FullAccess -InheritanceType All -Automapping $true
}
Update Synology Mail Plus spam server more than once a day.
Update Synology Mail Plus spam server more than once a day
Just found the scripts that you can run and schedule to run more often than once a day. And if you run ClaimAV as virusscanner.
Run the following scripts.
bash /volume1/@appstore/MailPlus-Server/scripts/SpamRuleUpdate.sh all
bash /volume1/@appstore/MailPlus-Server/scripts/SpamAutoLearn.sh
bash /volume1/@appstore/AntiVirus/scripts/clamav.sh check_update
AD Send mail on password reset
This is based on Security Event ID 4724. When this is logged on the domain controller, Task Scheduler kicks this script. And send a mail to Admin and user. And also creates a local log file who reset the password.
# Created by Daag van der Meer on 12-10-2018
# Blog.van-daag.nl
# Powershell Send mail When account password reset is done To user and admin.
# Save this also in a Log file
##################
## Temp location for creating HTML email
##################
$Report= "c:\Temp\reset.html"
##################
## Log location
##################
$log= "C:\Logs\Accountreset.csv"
$HTML=@"
<title>Account locked out Report</title>
<!--mce:0-->
"@
##################
## Retrieve eventlog with all value
##################
$event = Get-EventLog -LogName Security -InstanceId 4724 -Newest 1 |
Select TimeGenerated, ReplacementStrings |
% {
New-Object PSObject -Property @{
"Account name" = $_.ReplacementStrings[0]
"Account Domain" = $_.ReplacementStrings[1]
"Reset by" = $_.ReplacementStrings[4]
Date = $_.TimeGenerated
}
}
##################
## Retrieve eventlog For filter username
##################
$userevent= Get-EventLog -LogName Security -InstanceId 4724 -Newest 1 | Select-Object @{n='UserName';e={$_.ReplacementStrings[0]}}
$user= $userevent -replace ".*=" -replace "}"
##################
## send mail to admin
##################
$event | ConvertTo-Html -Property "Account name","Account Domain","Reset By",Date -head $HTML -body "<H2> User account password is reset</H2>"|
Out-File $Report -Append
##################
## Mail config admin
##################
$MailBody= Get-Content $Report
$MailSubject= "User password reset"
$SmtpClient = New-Object system.net.mail.smtpClient
$SmtpClient.host = "<MAIL SERVER>"
$MailMessage = New-Object system.net.mail.mailmessage
$MailMessage.from = "<FROM MAILADRESS>"
$MailMessage.To.add("<MAILADRESS>")
$MailMessage.Subject = $MailSubject
$MailMessage.IsBodyHtml = 1
$MailMessage.Body = $MailBody
$SmtpClient.Send($MailMessage)
del c:\Temp\reset.html
$event | Export-Csv $log -NoTypeInformation -Append
#############################
### Send mail to user #######
#############################
$useremail = Get-ADUser $user -Properties mail | Select-Object -ExpandProperty mail
$userfirstname1 = Get-ADUser $user -Properties GivenName | Select-Object GivenName
$userfirstname = $userfirstname1 -replace ".*=" -replace "}"
$userlastsname1 = Get-ADUser $user -Properties Surname | Select-Object Surname
$userlastsname = $userlastsname1 -replace ".*=" -replace "}"
$Pic = '<ADD LOCATION FOR PICTURE IN MAIL>'
$att1 = new-object Net.Mail.Attachment($Pic)
$att1.ContentType.MediaType = “image/png”
$att1.ContentId = “Attachment”
##################
## HTML mail setup to user
##################
$userBody = @"
<html>
<body>
<span lang=NL style='font-size:10.0pt;line-height:106%;color:black'>
Dear $userfirstname $userlastsname,<br>
<br>
The password for your <b>DOMAIN\$user</b> account has been reset.<br>
If you did not request this, please inform:<br>
<br>
This is an automated email.<br>
<br>
</span>
<img src="cid:Attachment">
"@
##################
## Mail config user
##################
$userSubject = "Your password is changed"
$userMessage = New-Object system.net.mail.mailmessage
$userMessage.from = "<FROM MAILADRESS>"
$userMessage.To.add("$useremail")
$userMessage.Subject = $userSubject
$userMessage.IsBodyHtml = 1
$userMessage.Body = $userBody
$userMessage.Attachments.Add($att1)
$SmtpClient.Send($userMessage)
AD Send mail on Account Lock
At a company where I worked, there was no logging with account lock and the had plans to change the GPO that accounts will not be auto unlocked.
So I also added mailing to the admin of that specific OU (Country)
I found a script from Maxzor1908 on Technet
That was the basic. I Added a lot of extra.
# Powershell User Account locked out Maxzor1908 *16/4/2013*
# Checked and edit by Daag van der Meer - 03-10-2018
# blog.van-daag.nl
# Email adress needs to be filled in at the admin account.
##################
## Temp location for creating HTML email
##################
$Report= "c:\Temp\Lockedhtml.html"
##################
## Log location
##################
$log= "C:\Logs\AccountLocked.csv"
$HTML=@"
<title>Account locked out Report</title>
<!--mce:0-->
"@
$Account_Name = @{n='Account name';e={$_.ReplacementStrings[-1]}}
$Account_domain = @{n='Account Domain';e={$_.ReplacementStrings[-2]}}
$Caller_Computer_Name = @{n='Caller Computer Name';e={$_.ReplacementStrings[-1]}}
##################
## Retrieve eventlog with all value
##################
$event= Get-EventLog -LogName Security -InstanceId 4740 -Newest 1 |
Select TimeGenerated,ReplacementStrings,"Account name","Account Domain","Caller Computer Name" |
% {
New-Object PSObject -Property @{
"Account name" = $_.ReplacementStrings[-7]
"Account Domain" = $_.ReplacementStrings[5]
"Caller Computer Name" = $_.ReplacementStrings[1]
Date = $_.TimeGenerated
}
}
$event | ConvertTo-Html -Property "Account name","Account Domain","Caller Computer Name",Date -head $HTML -body "<H2> User is locked in the Active Directory</H2>"|
Out-File $Report -Append
##################
## Retrieve eventlog For filter username
##################
$user= Get-EventLog -LogName Security -InstanceId 4740 -Newest 1 |
Select ReplacementStrings |
% {
New-Object PSObject -Property @{
"Account name" = $_.ReplacementStrings[-7]
}
}
$userrename = $user -replace ".*=" -replace "}"
$userou = Get-ADUser $userrename -Properties DistinguishedName | Select-Object -ExpandPropert DistinguishedName
##############################
## Here is the ad Groups configured who can unlock accounts
#############################
if ($userou.Contains('OU=<OU>')) {$mail = "<AD GROUP>"}
elseif ($userou.Contains('OU=<OU>')) {$mail = "<AD GROUP>"}
else {$mail = "<AD GROUP>" }
$adminmail = Get-ADGroupMember $mail | select samaccountname | %{Get-ADUser $_.samaccountname -Properties mail} | %{write-output "$($_.mail)"}
$mailadmin = $adminmail -join "," -replace ",,"
##################
## Mail config admin
##################
$MailBody= Get-Content $Report
$MailSubject= "User Account locked out"
$SmtpClient = New-Object system.net.mail.smtpClient
$SmtpClient.host = "<MAIL SERVER>"
$MailMessage = New-Object system.net.mail.mailmessage
$MailMessage.from = "<FROM MAIL ADRESS>"
$MailMessage.To.add("<TO MAIL ADRESS>,$mailadmin")
$MailMessage.Subject = $MailSubject
$MailMessage.IsBodyHtml = 1
$MailMessage.Body = $MailBody
$SmtpClient.Send($MailMessage)
##################
## Remove the temp document
##################
del c:\Temp\Lockedhtml.html
##################
## Write to log about the account lock
##################
$event | Export-Csv $log -NoTypeInformation -AppendAD Change Display name
At the company were I worked we had a name change. They also use the display name in outlook to send mail. Example: Daag van der Meer [Company] So everyone see direct what the company is.
The script below built the display name with firstname lastname [Company]
# Script created by Daag van der Meer
# Blog.van-daag.nl
Import-Module ActiveDirectory
#creates a list of all users (change all between <>
$allUsers = Get-ADUser -Filter * -SearchBase 'ou=Users,ou=<OU>,DC=<DC>,DC=<DC' -Properties cn,displayName
# Add your company name or something else after username
$hi = "<company>"
foreach ( $u in $allUsers | Where-Object { ($_.givenName) -and ($_.surName) } ) {
$fn = $u.givenName.Trim()
$ln = $u.surName.Trim()
Write-Host $fn $ln
Set-ADUser -Identity $u -DisplayName "$fn $ln $hi" -GivenName "$fn" -SurName "$ln"-PassThru |
Rename-ADObject -NewName "$fn $ln $hi"
}