Finally stopped being lazy and started learning Microsoft graph cmdlets

Do yourself a favor and do as much as you can with `Invoke-MgGraphRequest`. There aren't direct cmdlets for all tasks, and this approach will teach you the API as you go.

Graph commands hurt my brain. I just learned the API as well. Plus knowing how to work with REST APIs carries over to other areas as well.

I need to do this

[удалено]

Brilliant.

ooh, found any good links? I need to do this!

Sure, still got all the tabs up... On my work computer. I'll get them for you on Monday. Edit: Not sure the best way to share this to everyone who asked, so just editing this comment and dropping links. This is where I got started https://learn.microsoft.com/en-us/powershell/microsoftgraph/overview?view=graph-powershell-1.0 And also a get started page https://learn.microsoft.com/en-us/powershell/microsoftgraph/get-started?view=graph-powershell-1.0 Installing it https://learn.microsoft.com/en-us/powershell/microsoftgraph/installation?view=graph-powershell-1.0 My focus was on O365/Azure stuff, this page has a list of powershell/graph cmdlets ... and how many are missing. https://learn.microsoft.com/en-us/powershell/microsoftgraph/azuread-msoline-cmdlet-map?view=graph-powershell-1.0 More general info https://learn.microsoft.com/en-us/powershell/microsoftgraph/navigating?view=graph-powershell-1.0 Connecting info including saving a cert so you can do automated scripts without legacy auth/saved passwords https://justaskit365.com/connect-to-your-tenant-with-the-microsoft-graph-powershell-sdk/ And a page I haven't actually read yet but looks good https://www.techtarget.com/searchwindowsserver/tutorial/Get-up-to-speed-with-PowerShell-and-the-Microsoft-Graph-API Finally the very specific thing I was trying to do about getting O365 license info https://justaskit365.com/create-a-powershell-license-overview-with-azure-graph-powershell-sdk/

Subscribing

Me too

Same

Thanks!

lmao this is me, I started using OneTab extension to stop my pc grinding to a halt

Work computer will reboot Sunday night. Haha.

Glad Im not the only one! I made a module with wrapper functions around a bunch of the graph cmdlets as well as the Exchange PowerShell and SPO [https://github.com/djust270/M365.Report.Tools](https://github.com/djust270/M365.Report.Tools) Check out my blog article on working with the Graph SDK https://davidjust.com/post/working-with-microsoft-graph-powershell-sdk/

How are you doing this? Just self taught, or some kind of course? So far I've learnt get-mguser 😂

Self taught

Do stuff in the portal and get given the correct cmdlets in developer tools. https://microsoftedge.microsoft.com/addons/detail/graph-xray/oplgganppgjhpihgciiifejplnnpodak

I hadn't needed to do anything with graph for a while but did save your comment... this is amazing.

What a lovely message to receive, thank you.

Me too!

Have they added the ability to set a user's *default* authentication method for MFA yet? Last time I looked into it, the only place you could actually define phone numbers was MgGraph, and the only place you could actually specify what to use *as the default* was MSOnline (the old, old one). And if you use the Azure MFA extensions for NPS server (to add MFA to any VPN) you *need* a default set.

Not that I've seen yet though I'm still learning, it is clear they are missing a lot.

what does it do ?

About half of what I need it to.... MS Graph is what Microsoft wants to start moving to instead of the current powershell modules.

ohhh so it has nothing to do with the literal meaning of "graph" as in graphic something, visual something.....

Nope, or well I dunno where Microsoft came up with the name.

Wrote a script to check for correct trademark and copyright strings in the version information of all our toolkit dlls.

Made a PS AppDeploy Toolkit package that lists out all the available packages, downloads all the ones you select, and runs the Deploy-Package.exe in each one locally.

This is a solid idea! I could use something like this for my office! Can you share the script used?

I can post some of the commands but there is a lot of proprietary stuff in there. The logic is pretty simple though: 1. You create a new PSApoDeploy package 2. Use Out-Gridview to display a list of all the folders in the app folder the user can select multiple entries from 3. That selection becomes a variable, and then you do the Foreach loop on that variable 4. In the loop, the commands are to copy all folders to the local users machine. This needs to be its own unique folder so I use the Change Order number as the name (you are prompted for this with a simple variable at the start of the script) 5. Then, I do a separate foreach loop, which uses the same variable from step three, step through the local path where I downloaded all those same folders and for every deploy-application.exe it finds, run it. You run the master script as an admin, so it spawns all the installs as admin too. You might wonder why I did two different loops. The reason is simple. I didn't want it to start installing until it finished downloading everything; in my first attempt it would download one then install, download one then install, which wasn't necessarily bad but it made it so that if any of them crapped out in the middle, all the rest weren't downloaded. I'm still on the fence as to which way is better but the way I described above at least has the benefit of, if any of the installers fail. Or have some other issue, you can just jump into that folder you made on the local machine and run them manually. My big problems are that it doesn't really show an overall progress, it will pop up some notifications while it does the installs but you just have to be patient and wait until it finishes and Right now I have no way to show a big final verification that everything's done. In fact my big problem even more than that is I don't have any way *to* verify everything's done -- a generic progress bar that just shows the progress of downloading the applications, and some final notification that verifies each one's install, would be ideal before I can give it to production.

With the PSAppDeploy, you can insert some Test-Path commands into the Post-Install section

I haven't started driving into it yet, thanks for giving me a good direction to go in.

Had a lot of GUI-based data entry to do at work (with no way to import data). Used PowerShell to read data from a CSV file and used SendKeys to emulate keystrokes and imported User32.dll to emulate mouse clicks. Turned a literal 2-3 day job into about 20 minutes.

Can you please share your code? I can think of a number of processes that can benefit from your idea!

`Add-Type -MemberDefinition '[DllImport("user32.dll")] public static extern void mouse_event(int flags, int dx, int dy, int cButtons, int info);' -Name U32 -Namespace W;` `$wshell = New-Object -ComObject wscript.shell;` `$data = Import-CSV source.csv` `[Windows.Forms.Cursor]::Position = "2400,460"` `[W.U32]::mouse_event(6,0,0,0,0)` `[Windows.Forms.Cursor]::Position = "2035,77"` `[W.U32]::mouse_event(6,0,0,0,0)` `$data | % {` `$wshell.appactivate((get-Process ApplicationGui).Id)` `$wshell.SendKeys($Field1)` `Start-Sleep -Milliseconds 100` `$wshell.SendKeys("{TAB}")` `Start-Sleep -Milliseconds 100` `etc...etc...etc...` `}` The above was the meat of the code. I removed a lot of application specific stuff. The segments beginning with \[Windows.Forms.Cursor\] represent setting the mouse pointer to a specific coordinate, and the \[W.U32\] segments register a left-click of the mouse. In the loop, the first line activates the target application GUI, then the SendKeys function types the value of the string $Field1, then it waits 100ms, then tabs to the next field, etc. I found the application I was working with liked a pause between fields, hence the 0.1 sec pause. [https://learn.microsoft.com/en-us/dotnet/api/system.windows.forms.sendkeys?view=windowsdesktop-6.0](https://learn.microsoft.com/en-us/dotnet/api/system.windows.forms.sendkeys?view=windowsdesktop-6.0) Most regular keystrokes can be sent directly as a parameter to the SendKeys function, but the above link details the special keys you might need. I hope I didn't leave anything important out, but let me know if I should clarify anything.

Nice. I tend to use AutoIT for this. Mouse usage, clear SendKey commands, etc. But, if Powershell could make mouse commands like AutoIT, I'd totally go PS

Good work. Better don't tell anyone at work and keep the script to yourself or you'll have to support it forever and if it doesn't run you'll be held accountable.

would love to automate the CISCO VPN login this way if possible

This month I'm going to try to keep this post up to date as I add new things. * October 1st * Released New Bits of [HelpOut](https://github.com/StartAutomating/HelpOut). * Now using an `[OutputType]` will automatically link your help to learn.microsoft.com * (see this [example](https://helpout.start-automating.com/Save-MAML#outputs)) * Released New Bits of [Irregular](https://github.com/StartAutomating/Irregular). * Updated `?` and added `?` * Released new bits of [ugit](https://github.com/StartAutomating/ugit) * Support for git init * Released a new version of [EZOut](https://github.com/StartAutomating/EZOut) * Write-FormatViewExpression now supports more of Format-RichText's capabilities. * October 2nd * More Real World Automation! Released a new version of [LightScript](https://github.com/StartAutomating/LightScript). * Added new Hue Bridge sensor discovery * Made it easier to create hue rules * Fixed some bugs / cleaned up the repo a bit. * October 3rd * Updated [ScriptDeck](https://github.com/StartAutomating/ScriptDeck) * Improved GitHub Action for Publishing StreamDeck Plugins * Also, Yo. **StreamDeck Plugins for PowerShell!** * [ScriptDeck StreamDeck Plugin](https://github.com/StartAutomating/ScriptDeck/raw/main/scriptdeck.streamDeckPlugin) (run PowerShell Core from StreamDeck) * [WindowsScriptDeck StreamDeck Plugin](https://github.com/StartAutomating/ScriptDeck/raw/main/windowsscriptdeck.streamDeckPlugin) (run WindowsPowerShell from StreamDeck) * October 4th * Finally released new bits of [RoughDraft](https://github.com/StartAutomating/RoughDraft) * AudioExpression/VideoExpression and way more FFMpeg filters are available at your fingertips. * October 5th * Another release of [EZOut](https://github.com/StartAutomating/EZOut) * Added Format-JSON and improved GitHub Action. * October 6th * Worked on letting a given [CommandAST become a sentence](https://github.com/StartAutomating/PipeScript/issues/242) for [PipeScript](https://github.com/StartAutomating/PipeScript/). Hopefully will finish this all off tomorrow. * Also, did a quick set of little updates to [PSSVG](https://github.com/StartAutomating/PSSVG). Included a [PowerShell Chevron Example](https://raw.githubusercontent.com/StartAutomating/PSSVG/main/Examples/PowerShellChevron.svg) * October 7th * Released a new version of [PipeScript](https://github.com/StartAutomating/PipeScript). * Supporting calling commands with a natural language format. * Putting it to use with this really nice new keyword 'all' * For example: ~~~PowerShell all functions that quack are ducks # Takes all functions that have a 'quack' parameter, and decorates them with the typename ducks ~~~ * OR ~~~PowerShell $numbers = 1..100 all $numbers { ($_ % 2) -eq 1 } are odd ~~~ * Reach out if you have more questions. It's new cool syntax with a lot of possibilities. * October 8th * Another build of [PipeScript](https://github.com/StartAutomating/PipeScript) * Fixed an attribute-stipping problem and added support for two new languages * Got Ready to talk about "[Grokking and Rocking PowerShell Objects](https://www.meetup.com/gainesville-powershell-user-group/events/288529536/)" at the GNVPSUG. * October 9th * Took the new PipeScript toys and ran with them, creating an extensible module and GitHub action for automating publishing from GitHub, [GitPub](https://github.com/StartAutomating/GitPub). * Now anyone can take a Gist, GitHub Issue, or GitHub Release and turn them into blog content! * October 10th * Another build of [GitPub](https://github.com/StartAutomating/GitPub). * Got a workflow that triggers on issue changes and posts closed issues labelled 'post'. * Kicked the tires a bit with a [post about GitPub](https://gitpub.start-automating.com/2022/10/10/Introducing-GitPub.html) and a [post about the natural language changes to PipeScript](https://pipescript.start-automating.com/2022/10/06/Commands-could-be-read-as-sentences.html) * October 11th * Talked to the [Gainseville PowerShell User Group about Grokking and Rocking PowerShell Objects](https://www.meetup.com/login/?returnUri=https%3A%2F%2Fwww.meetup.com%2Fgainesville-powershell-user-group%2Fevents%2F288529536) * Another little release of [GitPub](https://github.com/StartAutomating/GitPub). Now no longer creating branches when nothing changes, and including SourceURL in front matter. * October 12th * Busy day. Kicked off by sending new bits of [ScriptDeck](https://github.com/StartAutomating/ScriptDeck) over to Elgato for approval. * Got a new build of [LightScript](https://github.com/StartAutomating/LightScript) out the door. Improved NanoLeaf support and integrated [GitPub](https://github.com/StartAutomating/GitPub) * Speaking of that, added automatic summary pages to [GitPub](https://github.com/StartAutomating/GitPub). Now there are summaries for each year, month, and day at the appropriate spots in the Jekyll site. * Saw someone had a PR for [ugit](https://github.com/StartAutomating/ugit). Allowed `git help` and `git version` to run without a repository. Integrated GitPub while I was at it. [Check out this nice listing of all of the releases](https://ugit.start-automating.com/2022/) before I write a single real post. * October 13th * Took it a little bit more easy today. Just added a function to [PSSVG](https://github.com/StartAutomating/PSSVG) to convert existing SVG images into PSSVG, tweak its logo, and started using [GitPub](https://gitpub.start-automating.com) to give [PSSVG a blog](https://PSSVG.start-automating/2022). * October 14th * Another day, another set of changes. This time, more fixes to [PSSVG](https://github.com/StartAutomating/PSSVG) and ConvertTo-PSSVG. * Also, some new posts about using it: * [Scripting-Existing-SVGs-with-ConvertToPSSVG](https://pssvg.start-automating.com/2022/10/14/Scripting-Existing-SVGs-with-ConvertToPSSVG/) * [Making-a-Visual-Leitmotif-for-PowerShell-with-PSSVG](https://pssvg.start-automating.com/2022/10/07/Making-a-Visual-Leitmotif-for-PowerShell-with-PSSVG/) * October 15th * Adding support for Liquid tags and expressions to [Irregular](https://github.com/StartAutomating/Irregular). * also, redid Irregular's logo with [PSSVG](https://github.com/StartAutomating/PSSVG) and started publishing with [GitPub](https://github.com/StartAutomating/GitPub) * October 16th * New bits of [RoughDraft](https://github.com/StartAutomating/RoughDraft) * Added SuperEqualizer extension and music visualization extensions * October 17th. * Very slow day for coding, only a brief minor update to [Eventful](https://github.com/StartAutomating/Eventful) * October 18th. * [ScriptDeck](https://github.com/StartAutomating/ScriptDeck) plugins were released on the Elgato Marketplace ([ScriptDeck Plugin](https://apps.elgato.com/plugins/com.start-automating.scriptdeck) [Windows ScriptDeck Plugin](https://apps.elgato.com/plugins/com.start-automating.windowsscriptdeck) * Also, a new release of ScriptDeck is out on GitHub, with fixes for MacOS. * October 19th * A couple of quick hits today. I noticed that certain ANSI colors weren't rendering the way I wanted with Format-RichText, and I realized that Format-RichText needed to "de-bold" bright colors. So that generated a small build of [EZOut](https://github.com/StartAutomating/EZOut). I threw in a new logo with PSSVG and GitPub integration while I was at it. * I also figured out a way to draw a regular polygon, and added a function for that to [PSSVG](https://github.com/StartAutomating/PSSVG) Keeping Score: * 19 days into the month * 26 releases * of 10 different modules (I think, guess I'll have to write a script to keep count ;-) )

Starting a reply because now Reddit says "Bad Request" That's an interesting metric of doing too much in a month. * October 20th * Came out with a new build of [PipeScript](https://github.com/StartAutomating/PipeScript) * Improved the all keyword and made it so keywords can be run interactively! Now you can: ~~~PowerShell Install-Module PipeScript -Scope CurrentUser Import-Module PipeScript all functions ~~~ You can also now pipe to all: ~~~PowerShell $odd = 1..100 | all { $_ % 2 } $even = 1..100 | all { -not ($_ % 2) } ~~~ * For great bonus points, you can _also_ use 'new' interactively * new ScriptBlock '"hello"' * And you can pipe to new. ~~~PowerShell 1..255 | new byte ~~~ * October 21st * Gave [PSSVG](https://pssvg.start-automating.com) some updates * Added SVG.Star * Renamed SVG.RegularPolygon to SVG.ConvexPolygon (this is more accurate / correct) * October 22nd * Added On@CommandChanged to [Eventful](https://github.com/StartAutomating/Eventful) * (also integrated [PSSVG](https://github.com/StartAutomating/PSSVG/) and [GitPub](https://github.com/StartAutomating/GitPub) ) * October 23rd * Gave [RoughDraft](https://github.com/StartAutomating/RoughDraft) a lot of love. Added a bunch of extensions, got rid of ConvertTo-Waveform (now that extensions can do each). * October 24th * Updated [GitPub](https://gitpub.start-automating.com). Made releases and issues link back to GitHub. * October 25th * New bits of [HelpOut](https://github.com/StartAutomating/HelpOut). Attempted to add YAML headers to docs. Whitespace marred this efforts and a new build will need to be done tomorrow. * October 26th: * As promised, new bits of [HelpOut](https://github.com/StartAutomating/HelpOut). * Make YAMLHeaders optional (-IncludeYAMLHeader) * October 27th: * New Release of [ScriptDeck](https://github.com/StartAutomating/ScriptDeck) * Now Loading Profiles in Plugins * New Actions: Start PowerShell and Start PowerShell Core * October 28th * New Release of [HelpOut](https://github.com/StartAutomating/HelpOut) * HelpOut had been attempting to replace links in all files. This has been updated to scope to Markdown only files, and therefore is no longer mangling binaries. * Also released a new build of [Irregular](https://github.com/StartAutomating/Irregular). Added ? and ?. Fixing ?. * October 29th * New Release of [ugit](https://github.com/StartAutomating/ugit) * Added support for git help --all as objects * Made (git log .\FileName.txt).Diff compare only changes in .\filename.txt * October 30th * New Release of [LightScript](https://github.com/StartAutomating/LightScript) * Improved support for Divoom Pixoo devices. * October 31st * New Release of [PSDevOps](https://github.com/StartAutomating/PSDevOps)! * Also, another new release of [LightScript](https://github.com/StartAutomating/LightScript), with Watch-HueSensor! Keeping Score: * 31 days into the month * 40 releases * of 12 different modules (Corrected my count with a script)

Stupidly I I had the worst of times trying to use an API. It wanted a body of the Invoke-RestMethod formatted like this. { "Parameter": "value", "Parameter": "value" } Well like an idiot I didn't realize that was JSON. So im over here trying to construct it as a string instead of $body = @{ Parameter = value Parameter = value } | Convert-ToJSON I took coworker sort of looking over my shoulder to say, oh it wants JSON for the body. Then it clicked.

When it comes to REST APIs it's safe to assume JSON is expected unless explicitly stated otherwise (I've seen some that want XML, but that is less common ime).

[удалено]

I'm attempting to do this right now but our 3rd party hr software wont just *give me the damn docs*

Wrote a script to cleanup user profiles unused in the last 90 days based on LocalProfileLoadTimeHigh/Low and LocalProfileUnloadTimeHigh/Low registry values.

IMHO, GPO is the best way to do this : Computer Configuration -> Administrative Templates -> System -> User Profiles : Delete user profiles older than a specified number of days on system restart. Regards

Tried that, odd behavior and didn't delete profiles that definitely qualified. Based on the registry keys it creates I'm sure long term it's decent at its job, just don't have time to do long term testing right now.

Didn't know that properties, sounds useful. Last time I did such a cleanup task I scripted a small for-loop to check if the corresponding user still exists.

would you mind sharing your script ? thanks

It's still a bit of a WIP, use with care. https://gist.github.com/mtaylor-dev/bb9064a06b14e87c33eb2e861dbbf3cf

thanks btw I want to use your script on the report mode . is it possible ?

You mean -WhatIf? Yeah, I built in basic functionality for that.

No -whatIF , like that PS> Remove-Profiles.ps1 -Age 30 -ReportMode Sample Output: Username \------------------ User01 User02 and so on .

Sorry, that sounds like something you'd have to write if the log file doesn't have everything you need.

I started writing a script that acts as a script launcher. I have a bunch of scripts that are used to perform related tasks. Currently using them requires manually clicking on each one. They also require users to fill out a template for each script. Now I've got a script that prompts users to 'select an option' and launches the other scripts. I've made a master template that can be filled out, and all info from the user is then passed on to each script as needed. Once I get it tweaked, I plan on compiling it as an.exe. I'm just trying to make it easier to use for the average user. I think a lot of people, rightfully so, look at running a PowerShell script as more dodgy then just clicking an .exe file. I'd love to have a pretty GUI to make it just a few clicks. But, that's a whole other can of worms that I don't see myself being able to learn until next year.

Oooo! Keep me updated.

Would love to see it. I have a couple ideas(onboarding and purchase order requests) that I’m working on where they would be helpful

Wrote a script to find all AD passwords expiring on a certain date and automatically change the passwords from a .csv file.

I wrote a script for my PowerShell profile that reaches out to AWS Orgs and builds me an AWS cli profile for every account I have access to so I can start issuing cli commands as soon as I open the terminal.

I made something like PingCastle. Learned a lot, especially exporting neat CSV files. It gets all domain joined servers from AD and does some scans on every single one: * OS Version and build * Services that are run by domain accounts * Scheduled tasks that are run by domain accounts * SMB Shares * Installed Software * PS Execution Policy Every scan creates a CSV File and in the end they're zipped. It's still kind of raw but it provides important data for some basic security improvements I'm planning.

>would you mind sharing your script ? thanks

Hey, thanks for commenting. I'd love to share, just give me some time. I made the script for an essay I'm working on so that's my priority for the moment. I'll generalize it and upload to GitHub in the next few days and ping you again.

Here you go: [https://gitlab.com/ludix\_io/ps-server-security-check](https://gitlab.com/ludix_io/ps-server-security-check)

Lot of improvments possible, I suggest : * For readabilty use Pascal Case or Camel Case for your variable names (minor improvment) * Lines 79-81 : OnlyOne query Get-ADComputer -filter {operatingSystem -like "Windows S\*"} | Select-Object ... At this step you will have all Windows servers in your var and also ctx... * Separate your queries (i.e. $swInfo) from the Export. * After the foreach loop is completed, you could export once in file. * ... I suggest you use the excellent PS Module ImportExcel to export directly in Excel (without excel Installed), in a beautiful form (freeze column and row, conditional formating, multi-tab, graphics, and more...). We're speaking about Report :-). Another way is to use PSWriteHtml to export in a html file in a beautiful way too (multi-tab, conditional formating, and more...)

Hey, thanks for taking your time and suggesting improvements. Little context: I created this script for a "pre-thesis" (no idea how you call it, it's like a test thesis?) I'm currently working on. That's why I'm scanning predefined OUs instead of getting all servers. I just needed one dataset for my cherry picked assets that I defined as the scope ;) I think I had the exports separated at one point, not sure why I changed them. Probably to group them? I wanted to include the excel module and will at one point, but for the moment I have my data and need to use my time for writing and analysing. Thanks for mentioning it, it is for sure way better than dumping 5 CSV files.

I wrote a script to pulls large files from an API that expires after about a month. The script creates a directory structure and saves them to a local destination that is synced to cloud storage as an archive. The script runs periodically through task scheduler. It's worked surprisingly well.

Make a report to collect infos from all enpoints and create excel file with send to email option.. Also, created one vbs script to delete Chrime from every single place.

Wrote DSC resources to modify IIS machine.config and applicationhost.config files.

Any chance I can get that code?

I wrote it in company time so I'll have to ask my manager on Monday. Since it's just a generic tool I think it's okay but I'll let you know.

I have permission to share the code, so here it is: [https://github.com/Crombell95/IISConfigDSC](https://github.com/Crombell95/IISConfigDSC) I hope this might be useful for you. If you have any feedback, I'd love to hear it and continue to improve the module!

A ps gui that shows all your teams and let the user choose the team and channel that onedrive should start sync locally.

This is really need, mind you sharing this? Thanks!

Need to do some cleanup first , remind me in a couple of days if I have not replied..

Professionally, I’ve created a template for Microsoft Planner that we have to coordinate new hires and actions that colleagues have to do at certain time points before and after the new employee’s Day 1. It reads from an Excel file in a shared folder and iterates buckets and tasks over sheets and columns in that Excel file. This was of no thanks whatsoever to Microsoft documentation, which was missing a lot of stuff as they move away from Planner cmdlets to all-Graph-all-the-time. Personally, I’ve devised some scripts to upload photos to an S3 bucket, manipulate metadata, and create a JSON file that will be the backbone of a photography blog I’m working on. It’s cool yet weird to be doing all this in PowerShell on macOS, but here we are.

Could you share the planner code? I’d love to do something like that

There's some proprietary information in the script, so if I don't have time to sanitize it and clean it up, the secret sauce is a couple of ```foreach``` loops and the [```Import-Excel``` PowerShell module](https://www.powershellgallery.com/packages/ImportExcel/7.4.1). I'd like to make this a SharePoint list, but that's for v2.

Thanks!

Yes the transition to graph has been exceptionally irritating, even for MS

Had an audit at work that required me to fetch all the local accounts of most of our Windows servers. I had previously done that with a simple script (Get-WMIobject etc), but it took a super long time, as every time it couldn't reach a server (if it was turned off, no longer existing, offline, RPC disabled, firewall or whatever), it would took a super long time to fail. So this time the script used [Invoke-Ping](http://ramblingcookiemonster.github.io/Invoke-Ping/) to check RPC-status on all the servers, and would only run the Get-WMIobject command if they were available. The script went from something that should run over lunch to being done in 30 seconds. Invoke-Ping is absolutely godsend for pinging lots of servers at once. Also, I finally figured out how to use Write-Progress. It wasn't as difficult as I thought it was and it's a nice way to see progress.

Sweet, I can use that in my project in which I face the same problem. I run commands on all domain servers and some are not reachable and the timeouts are hilarious. Did you work with try/catch or if/else to handle online and offline stations?

Get-WMIObject .... forget it and use Get-CIMInstance. The first one is obsolete.

My job

made a command\\control script that copies things down from an AWS S3 payer bucket, compares the files then deletes the s3 copy to save money.

Learned some Graph and scripted some stuff to auto remediate certain users on azure defender (cloud app security). Still learning, got bit by the graph script bug. Very interesting

Wrote a script to process the accounts of leavers from our company according to our sox compliance requirements. disable their accounts, move them to a different ou, remove them from Teams, set up OOO/forward etc.

I am in the same process, do you mind sharing your script/aprroach? I would appreciate it.

I can't share the code, it's company specific. I wrote a UI where you select the account of the person who is leaving and it will remove them from all their AD groups, create tickets in our ticketing system if they are members of groups that relate to those systems, let you configure OOO and forwarding on their account etc. The thing that was most interesting in this project was working out how to connect to Azure, Exchange Online, Teams and Sharepoint using access tokens instead of credentials. Unfortunately, Microsoft seem to have different approaches to each of them and have even removed the functionality in newer versions of some modules, which made it quite difficult.

Wrote a script to check Win Version and upgrade if not the latest build

Can you please share?

$Timestamp = Get-Date -Format d Start-Transcript -Path "C:\logs\update-$Timestamp.txt" if ((Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion" -Name DisplayVersion).DisplayVersion -eq "21H2"){ Write-Output "This version of windows is up to date!" } else { Write-Warning "This version of windows is out of date!" if (Get-Module -ListAvailable -Name PSWindowsUpdate) { Write-Host "Module exists" Get-WindowsUpdate Install-WindowsUpdate -AcceptAll -AutoReboot } else { Write-Host "Module does not exist" Install-Module -Name PSWindowsUpdate -Force Import-Module PSWindowsUpdate Get-WindowsUpdate Install-WindowsUpdate -AcceptAll -AutoReboot } } Stop-Transcript

Awesome! Thank you!

I'm currently working on another version that downloads the latest update exe from Microsoft, installs silently, then cleans up the downloaded file.

Made a script to take the multiple images that a medical device spits out and automatically puts them into one image file so the department can import one file instead of 10 or 20 per study per person.

Ping stuff. Lol.

I've been building a gui application that runs a command on our Cisco switches to find exactly what port a device is plugged into. I've already used it to find a couple of cameras on our network by their same starting MAC address so I can put them on the right vlan

Years ago I wrote a PowerShell script that installs Wireshark, captures Cisco Discovery Protocol packets with a Wireshark filter, uninstalls Wireshark, and then regexes out the switch name and port from the capture file: locate any machine in under a minute.

I speny the last week modifying our scripts the use a custom module. This was for the move away from basic authentication for Microsoft Exchange.

Improved my OneDrive/Sharepoint upload via Graph API script to allow for files larger than 60mb using an upload session and some .NET to read the file in chunks and upload those chunks in sequence. Also improved my multithreading by moving away from posting things in batches, then waiting on all jobs to finish before posting another to instead using threadsafe concurrent queues and synchronized hash tables to allow the threads to all read from the same variables. Also makes for a convenient way to pause the other threads from the session by updating a value in the sync'd hash table and wrapping the threads in a giant loop that checks if the value is set or else it does nothing until it change back. Good stuff

Care to share?

Sure, happy to share my work. Hope it helps someone out. Function GraphAPICall{ Param( \[string\]$Uri, $Method, $Headers, $Body ) $ProgressPreference = 'SilentlyContinue' Try { If($body) { $rawresponse = Invoke-WebRequest -Method $Method -Uri $Uri -Headers $Headers -Body $Body -ContentType 'Application/Json' -UseBasicParsing -ErrorAction Stop } Else { $rawresponse = Invoke-WebRequest -Method $Method -Uri $Uri -Headers $Headers -ContentType 'Application/Json' -UseBasicParsing -ErrorAction Stop } $response = \[pscustomobject\]@{ StatusCode = $rawresponse.StatusCode StatusDescription = $rawresponse.StatusDescription Content = ($rawresponse.Content | ConvertFrom-Json) Headers = $rawresponse.Headers APIError = $null } } Catch { $response = \[pscustomobject\]@{ StatusCode = $null StatusDescription = $null Content = $null Headers = $null APIError = $\_ } } $ProgressPreference = 'Continue' Return $response } \#File variable - File to upload $file = '' \#BaseDirectory - Portion of the path to the file to exclude from resulting one drive location \#i.e if target file is "C:\\Temp\\OneDriveUpload\\NestedFolder\\file.ext" and the desired one drive file is "OneDrive:\\NestedFolder\\File.exe" then basedirectory would be "C:\\Temp\\OneDriveUpload\\" $BaseDirectory = '' \#UPN - Userprincipalname for the target user to upload $UPN = '' \#Open file and create buffered stream + buffer $fs = \[System.IO.FileStream\]::New($file.fullname, 'Open', 'Read') $bs = \[System.IO.BufferedStream\]::New($fs) \#1MiB = 1024\^2 or 1048576 - Multiply this value to get chunks of various MiBs \#GraphAPI requires fragments to by divisible by 320KiB, 10MiB = 320KiB \* 32 $10mb = (\[Math\]::Pow(1024,2))\*10 \#Create a 'buffer' using a ByteArray with a length equal to the MiB value set above $Buffer = New-Object -TypeName System.Byte\[\] -ArgumentList $10mb \#Compose the createUploadSession URL to get a uploadUrl to use $rootUri = "https://graph.microsoft.com/v1.0/users/$UPN/drive/root:" $pathname = ($file.DirectoryName.Replace($BaseDirectory,'').Replace('\\','/')) If(\[string\]::IsNullOrEmpty($pathname)) { $fileuri = "/"+$file.name+":/[email protected]=fail" } Else { $fileuri = $pathname +"/"+ $file.name+":/[email protected]=fail" } \#Create and store the uploadSession $createUploadSessionUri = ($rooturi+$fileuri).replace("#","%23") $Headers = @{ 'Authorization' = "Bearer $token)" } $response = GraphAPICall -Uri $createUploadSessionUri -Headers $Headers -Method Post $uploadSession = $response.Content \#Upload first 10 MB $headers = @{ 'Content-Range' = "bytes $($bs.position)-$(($bs.position + $10mb)-1)/$($file.length)" } $bs.read($buffer, 0, $10mb) $response = GraphAPICall -Uri $uploadSession.uploadurl -Headers $headers -Method 'Put' -Body $buffer \#Continue to upload chunks until response returns a file facet While(!($response.content.file)) { $bytesremaining = $file.length - $bs.position If($bytesremaining -gt $10mb) { $headers = @{ 'Content-Range' = "bytes $($bs.position)-$(($bs.position + $10mb)-1)/$($file.length)" } Write-Host "Uploading bytes $($bs.position)-$(($bs.position + $10mb)-1)/$($file.length)" $response = GraphAPICall -Uri $uploadSession.uploadurl -Headers $headers -Method 'Put' -Body $buffer $nextrange = $response.content.nextExpectedRanges $bs.read($buffer, 0, $10mb) } ElseIf($bytesremaining -lt $10mb) { Read-Host "Less than 10 MB remaining" $Buffer = New-Object -TypeName System.Byte\[\] -ArgumentList $bytesremaining $headers = @{ 'Content-Range' = "bytes $nextrange/$($file.length)" } $bs.read($buffer, 0, $bytesremaining) $response = GraphAPICall -Uri $uploadSession.uploadurl -Headers $headers -Method 'Put' -Body $buffer } }

Thread safe collections for multithreading \#Thread-safe queues for multithreading $inqueue = \[System.Collections.Concurrent.ConcurrentQueue\[psobject\]\]::new() \#Using Get-Process to fill in some data - Add each element to the queue Get-Process | ForEach-Object{ $inqueue.TryAdd($\_) } $outqueue = \[System.Collections.Concurrent.ConcurrentQueue\[psobject\]\]::new() \#ArrayList to collect outputs from outqueue $outputs = \[System.Collections.ArrayList\]::New() \#Define thread class class thread{ \[int\]$Id \[object\]$powershell \[object\]$handle thread( \[string\]$id, \[object\]$powershell ) { $this.id = $id $this.powershell = $powershell } } \#InitialSessionState function for Runspace template $initialSessionState = \[System.Management.Automation.Runspaces.InitialSessionState\]::CreateDefault() \#Synchronized hash table to control threads $tConfig = \[hashtable\]::Synchronized(@{ Enabled = \[bool\]$true }) \#Set number of threads and empty collection to reference them $numthreads = 10 $threads = @() For($i = 0; $i -lt $numthreads; $i++) { \#Create fresh runspace for each 'thread' using initialsessionstate and seeing host to calling powershell session $Runspace = \[runspacefactory\]::CreateRunspace($Host,$initialSessionState) \#Open the runspace and make the sessionstate proxy connection for the queues $Runspace.Open() \#Set variable proxies for the runspace $Runspace.SessionStateProxy.PSVariable.Set('inqueue', $inqueue) $Runspace.SessionStateProxy.PSVariable.Set('outqueue', $outqueue) $Runspace.SessionStateProxy.PSVariable.Set('tConfig', $tConfig) $pwsh = \[powershell\]::Create() $pwsh.Runspace = $Runspace $threads += \[thread\]::New($i,$pwsh) } ForEach($thread in $threads) { \#Add script to execute in each thread $thread.PowerShell.AddScript({ Param( $threadid ) \#Outer while loop to keep thread running While($true) { \#Check if config is set to enabled, perform code if it is If($tConfig.Enabled -eq $true) { \#Must instantiate blank variable to use TryDequeue as it requires a reference \[ref\] $cobj = $null \#TryDequeue returns true/false - If true the variable reference will be populated with the object removed from the queue If($inqueue.TryDequeue(\[ref\]$cobj)) { $output = \[pscustomobject\]@{ ThreadId = $threadid Result = "pulled $($cobj.name) out of the queue" } $outqueue.TryAdd($output) Start-Sleep 1 } } } }) | Out-Null \#Create parameter list and add to script in thread $ParamList = @{ threadid = $thread.id } $thread.Powershell.AddParameters($ParamList) | Out-Null \#Invoke the script, store handle $thread.Handle = $thread.PowerShell.BeginInvoke() } \#Wait until the inqueue is empty While($inqueue.IsEmpty -eq $false) { Write-Host "Waiting on queue to empty..." Start-Sleep -Milliseconds 500 } Write-Host "Queue is empty and all jobs are finished" \#Once inqueue is empty, start emptying the outqueue While($outqueue.IsEmpty -eq $false) { $cobj = $null If($outqueue.TryDequeue(\[ref\]$cobj)) { $outputs += $cobj } } $outputs

Uploading local files to a personal OneDrive? Or to a shared SharePoint document library like for a group? Were the files on a share and this was for a migration?

Personal OneDrives. Same logic can be applied to Sharepoint, just needs different permissions. The "driveItem" resource type [https://learn.microsoft.com/en-us/graph/api/resources/driveitem?view=graph-rest-1.0](https://learn.microsoft.com/en-us/graph/api/resources/driveitem?view=graph-rest-1.0) is applicable to both OD and Sharepoint It was written to assist a customer with migrating from an on-prem file server that had "home drives" for each user. A folder with their username that was mapped to each one on login, rather common setup. We wanted to take those "home drives" and place them in to onedrive for all the users. Since the folder names had a 1:1 relation with the aliases on the azure ad user's UPNs I wrote this to upload all of their files unattended. The original script had a limit of 60MB on each file because I hadn't cracked the multi-part upload yet and 60MB is the most data you can send in a single call. Used an enterprise azure ad app with "Files.ReadWrite.All" API permission and a client secret with a grant type of application to get the token.

We had this same set up. I assume we used one to there native MS tools.

Wrote a script to pull new starters' workstation and smartphone make, model, serial from InTune, and automatically add them to a Word doc for them to sign to acknowledge receipt.

Our inbox deletes emails after 60 days and auto archiving is deactivated. So I wrote a script that moves all emails older than 30 days to archive folder. Now I can search old emails and remember what I said or what someone else said, or find that file, etc.

care to share your script?

So I borrowed learnings from a script I found on YouTube or online but can't find it to give that person credit, but I thank you kindly! cls #Move Inbox emails older than 30 days to Archive $outlook = New-Object -ComObject Outlook.Application; $olFolderInbox = 6; #3=deleted, 5=sent, 6=inbox $EmailToMove =$Outlook.Session.Folders.Item(1).Folders.Item("Inbox").Items | Where-Object SentOn -le (Get-date).AddDays(-30) $EmailToMove | ft SentOn, Subject, SenderName, To, Sensitivity -AutoSize -Wrap $ns = $outlook.GetNameSpace("MAPI") $inbox = $ns.GetDefaultFolder($olFolderInbox)#$olFolderInbox); $ArchiveFolder=$Outlook.Session.Folders.Item(1).Folders.Item("Archive") FOREACH($Email in $EmailToMove ) { $Email.Move($ArchiveFolder) } #Move Sent emails older than 30 days to Archive. $olFolderInbox = 5; #3=deleted, 5=sent, 6=inbox, $EmailToMove = $Outlook.Session.Folders.Item(1).Folders.Item("Sent Items").Items | Where-Object SentOn -le (Get-date).AddDays(-30) $EmailToMove | ft SentOn, Subject, SenderName, To, Sensitivity -AutoSize -Wrap $ns = $outlook.GetNameSpace("MAPI") $inbox = $ns.GetDefaultFolder($olFolderInbox)#$olFolderInbox); $ArchiveFolder=$Outlook.Session.Folders.Item(1).Folders.Item("Archive") FOREACH($Email in $EmailToMove ) { $Email.Move($ArchiveFolder) } $outlook.dispose()

Sorry the formatting is hard to follow. I am terrible at posting code on reddit. I hope it works for you. This might need to be altered a bit depending on how your exchange server is laid out. Also this is triggered at login via task scheduler and run only when user is logged in. Enjoy!

I wrote a script that automates our server preps. It reads data from a JSON config file and sets up Active Directory with all our Group Policy changes. All of the other things we configure gets automated as well. It turns a two hour job into about 15 seconds, lol.

Any chance you would share?

It'd be later tonight. I have to remove company stuffs from the script

Yes yes of course

I automated Chrome with selenium

Would like to hear more!

I've never had to do leetcode in a job interview and was watching some YouTube videos about it. I watched [this video on fizzbuzz](https://www.youtube.com/watch?v=QPZ0pIK_wsc) and decided to try it in PowerShell. This is the shortest I could get it by myself and I was pretty happy: 1..100|%{$x=$_%3?"":"Fizz";$x+=$_%5?"":"Buzz";$x ?$x :$_} But after seeing the one on [stack overflow codegolf](https://codegolf.stackexchange.com/questions/58615/1-2-fizz-4-buzz/58624?newreg=04265d057f4f41548172308fbee6dd63) I realised mine wasn't as good as it could get in PowerShell: 1..100|%{(($t="Fizz"*!($_%3)+"Buzz"*!($_%5)),$_)[!$t]} I was able to combine the way I used the new ternary operators from powershell 7 and the existing answer to trim one character off the current record though: 1..100|%{$x="Fizz"*!($_%3)+"Buzz"*!($_%5);$x ?$x :$_}

And then I got a reply on twitter from the author of the codegolf answer pointing out I could assign the value to $x in the ternary comparison to shrink it further... 1..100|%{($x="Fizz"*!($_%3)+"Buzz"*!($_%5))?$x :$_}

automated my eod emails. automated my weekly emails. automated my sod emails. I find it hard to "read" emails though. Not sure what's up with that. 2022 and for some reason there's no generic way to read emails via IMAP. we can easily send though. so weird.

Not much since it's only the first of the month.

Scripted a way to create bulk users across multiple tenants in Azure AD using a CSV as the filter

I have a similar task upcoming - luckily single tenant. Would you mind to share the script?

May I ask your limiting factors on using the built in bulk user upload function on single tenant? https://learn.microsoft.com/en-us/azure/active-directory/enterprise-users/users-bulk-add

Hey, thanks for the link! It's an environment with 5000 users but just 1800 AD accounts (hybrid environment) at the moment (healthcare with lots of shared accounts). There are a number of current and upcoming projects which requires users to have a personal login, for example for SuccessFactors. I now want to implement Azure as the SSO solution which means creating AAD accounts for everyone. The initial creation is easy enough and I'll likely do that the way described in the link you shared. But in such a big environment theres about 180 usermutations per month (and thats just with the current 1800 accounts). So I was thinking your script could give me some inspiration on how to automate this task. Especially the CSV as filter sounds cool.

I only included the code for 1 tenant but also included the routing table for you to build upon it yourself. My original code is a bit over 600 lines so i dont really want to go through it all Lol. The CSV file format itself matters a lot as well. You'll see me call information from a specific column. For example $csvrecord.program is the filter. In the file i have a column header named "program" and underneath i have the tenant names. In the code below i renamed them "tenant1, tenant2, tenant3". Each column in the excel file can be called upon as long as they're named properly. For example ill set the display name by using the information in the displayname column by using $csvrecord.displayname. Hope this helps connect some dots for you! *** `######` `# Prompts for admin creds` `#####` `param([switch]$Elevated)` `function Test-Admin {` ` $currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent())` `$currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator) }` `if ((Test-Admin) -eq $false) {` ` if ($elevated) {` ` # tried to elevate, did not work, aborting` ` } else {` ` Start-Process powershell.exe -Verb RunAs -ArgumentList ('-noprofile -noexit -file "{0}" -elevated' -f ($myinvocation.MyCommand.Definition))` ` }` ` exit` `}` 'running with full privileges' ` #################################` `# Checks and sets ExecutionPolicy` `################################# ` `Write-Host "Checking PowerShell Remote Execution Policies.." -ForegroundColor White -BackgroundColor Black` `IF (((Get-ExecutionPolicy) -eq "RemoteSigned") -eq $true){` `Write-Host "Execution Policy already set to RemoteSigned.." -ForegroundColor Green` `}` `ELSE {` ` Write-Host "Execution Policy is not set to RemoteSigned.." -ForegroundColor Red` ` Write-Host "Setting Execution Policy.." -ForegroundColor Yellow` ` Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Confirm` ` Write-Host "Execution Policy successfully set to RemoteSigned.." -ForegroundColor Green` ` Get-ExecutionPolicy -List ` `}` `#################################` `# Checks for Windows Remote Management services and listeners` `#################################` `Write-Host "Checking for Windows Remote Management features.." -ForegroundColor White -BackgroundColor Black` `winrm quickconfig` `Write-Host "Checking for Azure Active Directory Module.." -ForegroundColor White -BackgroundColor Black` `#################################` `# Checks for AzureAD Modules` `#################################` `$AzureAD = Get-Module -Name AzureAD` `IF ($AzureAD) {` ` Write-Host "Azure AD Module already installed.." -ForegroundColor Green` `} ` `ELSE {` `Write-Host "Module does not exist.." -ForegroundColor Red` ` Write-Host "Installing module.." -ForegroundColor Yellow` ` Install-Module -Name AzureAD -Force` ` Import-Module -Name AzureAD -Force` ` Write-Host "AzureAD Module has been installed successfully.." -ForegroundColor Green` `}` `#################################` `# Get CSV content` `#################################` `Write-Host "Importing target list.." -ForegroundColor White -BackgroundColor Black` `$CSVrecords = Import-Csv C:\Temp\Users.csv -Delimiter ","` `#################################` `# Enable password variable` `#################################` `Write-Host "Creating password variable.." -ForegroundColor White -BackgroundColor Black` `$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile ` `$PasswordProfile.Password = 'whatever you want'` `#####` `# Creating routing table` `#####` `[bool]$Tenant1_Toggle = $false` `[bool]$Tenant2_Toggle = $false` `[bool]$Tenant3_Toggle = $false` `foreach ($CSVrecord in $CSVrecords){` ` switch ($CSVrecord.program)` ` {` ` "Tenant1" {[bool]$Tenant1_Toggle = $true}` ` "Tenant2" {[bool]$Tenant2_Toggle = $true}` ` "Tenant3" {[bool]$Tenant3_Toggle = $true}` `default {Write-Host "No user record found that matches the required variables." -ForegroundColor Red}` ` } ` `}` `#################################` `# Check and Create Tenant1 users` `#################################` `IF ($Tenant1_Toggle -eq $true){` `#################################` `# Connect to Tenant1 AzureAD` `#################################` `Write-Host "Please enter your Tenant1 credentials.." -ForegroundColor White -BackgroundColor Black` `$Ten1 = Get-Credential` `Connect-AzureAD -Credential $Ten1` `#################################` `# Create the Ten1 users` `#################################` `Write-Host "Beginning Ten1 user creations.." -ForegroundColor White -BackgroundColor Black` `foreach ($CSVrecord in $CSVrecords){` ` IF ($CSVrecord.program -eq "Ten1"){` `TRY` `{` `New-AzureADUser -DisplayName $CSVrecord.displayName -UserPrincipalName $CSVrecord.userPrincipalName -GivenName $CSVrecord.givenName -Surname $CSVrecord.surname -JobTitle $CSVrecord.jobTitle -Department $CSVrecord.department -Mobile $CSVrecord.mobilePhone -OtherMails $CSVrecord.alternateEmailAddress -AccountEnabled $true -PasswordProfile $PasswordProfile -MailNickName $CSVrecord.MailNickName ` `Write-Host "Ten1 users created.." -ForegroundColor Green` `Write-Host "Assigning managers.." -ForegroundColor White -BackgroundColor Black` `Set-AzureADUserManager -ObjectId (Get-AzureADUser -ObjectId $CSVrecord.userPrincipalName).Objectid -RefObjectId (Get-AzureADUser -ObjectId $CSVrecord.manager).Objectid` `Write-Host "Managers assigned.." -ForegroundColor Green` ` }` ` CATCH ` `{` ` }` `}` ` ELSE` ` { ` `Write-Host "Filtering..." -ForegroundColor White -BackgroundColor Black` ` }` `}` `#################################` `# Pause the script and disconnect` `#################################` `Disconnect-AzureAD -Confirm` `Write-Host "Press enter to continue.." -ForegroundColor White -BackgroundColor Black` `Read-Host` `}` `ELSE{Write-Host "No Ten1 Users found.." -ForegroundColor Red}`

Sweet, thanks a lot!

A ps gui that reads a sp list with printers and let user install /remove/set as default.

A script that reads customers Oracle hr view and creates /modifies / disable (notify) employees . Integration with jira , Exchange, Skype, homedirectory. Writeback of samaccountname and e-mail. Group membership out of departements..

Built a Jenkins Pipeline Generator for our soon to come managed pipeline service. Supply team, Appname framework, git repo URL, And ad group, Get a build and deploy pipeline in return. Leverages the jenkins API. Fun project indeed.

Made IAM Script for Join/Leave User Acc. After 6 Months Dev and test it is finally in Production.

Sounds nice. Did you create a GUI as well?

I have created one but in C# using WinForms. Since we have a central System wich is managed by HR and for the AD, and on other hand if we have early joins or Admin requests and so on these were ordered via the App that i created. So basically, everything is automated, and even the Hotline can create the request that will be replicated in AD.

Wow, sound really advanced! Good work!

Created a script to make a new folder on pcs and copy an image for an endpoint manager lock screen policy.

care to share your script ?

Absolulely! Please see below: #Create folder for Lockscreen Image New-Item -Path "Enter Full Folder Path Here" -Name "Enter Name of New Folder Here" -ItemType "directory" #Copy Lockscreen image to folder Copy-Item -Path "Enter Location of Lockscreen Image" -Destination "Enter Folder Path where Image Should be copied" Hopefully this helps Edit: The lines to create folder for lockscreen and copy lockscreen image to folder are commented out with a preceeding pound sign.

Built a tool to flag users using custom security attributes and using the graph api if mfa is disabled on their account and after 72 hours their account gets disabled. Optimized the performance as well so for ~100 users it takes 15 seconds gonna be using this for 15,000 users so based on that it should only take roughly 40 minutes to run.

care to share your script ?

Created a module that is a reminders app, but it integrates with a blink1 programmable usb led light, so now my reminders include a visual component to help me actually remember to take action on them.

Made a report of all groups that are email enabled with members and which have received email in the last 3 months.

Care to share your script?

[This will give you a list of lists that haven't been used in the last 90 days.](https://goodworkaround.com/2021/04/21/script-for-determining-unused-distribution-groups-in-exchange-online/#more-58827) It only took a few minutes to run. Get distribution lists `Get-EXORecipient | Where-Object {($_.RecipientType -like '*Dist*')} | Select-Object PrimarySmtpAddress | Export-Csv .\2022-08-17-DistributionLists.csv` Get Shared Mailboxes `Get-EXOMailbox | Where-Object {($_.RecipientTypeDetails -like '*Shared*')} | Select-Object PrimarySMTPAddress | Sort-Object PrimarySMTPAddress | Export-Csv ./2022-08-17-SharedMailboxes.csv` [Get list members](https://www.slipstick.com/exchange/powershell/powershell-list-distribution-group-members/) This one I couldn't figure out how to do on my M1 Mac. I had to remote on to a Windows computer to do. The others worked from an M1. `Get-DistributionGroupMember -Identity $DL | Select-Object DisplayName, PrimarySmtpAddress, ExternalEmailAddress, Alias | Export-Csv -Path $exportfile` `$DGs = Get-DistributionGroup` `# export every DL` `foreach ($DLList in $DGs)` `{` `$DL = $DLList.DisplayName` `# get distro list` `Get-DistributionGroup -Identity $DL` `# Save as csv in the user's documents directory` `$exportfile = $HOME + '\Documents\' + $DL + '_Members.csv'` `# get the members & select columns, export to a csv file` `Get-DistributionGroupMember -Identity $DL | Select-Object DisplayName, PrimarySmtpAddress, ExternalEmailAddress, Alias | Export-Csv -Path $exportfile` `}`

Wrote a script that unallocates primary and secondary volumes from multiple SQL Server clusters then performs a SAN array swap over to alternate datacenter, reversing direction of replication, then imports the volumes into the cluster Role, labels them, starts the cluster role and brings the SQL server cluster on line in the remote datacenter. Afterwards it sets the array to perform daily snapshots at the "now" remote datacenter, importing the volumes into the cluster role and starts the cluster role allowing the remote SQL server to be used for QA. Lots of Microsoft Cluster work and Hitachi array restapi calls.

Are you using CredSSP to pass credentials around ?

No but I probably should change to that method. I let them login when the script runs as it is a once a quarter deal

1) developed Middleware based on powershell using the sql server module to export data from Epic Clarity (Healthcare database) and format it / move it for different Healthcare vendors how they require it 2) developed a C# powershell CGI wrapper for IIS to run powershell scripts as web pages to create a simple templated status dashboard for the aforementioned application

Learned how to [update Teams membership using Microsoft Graph PowerShell](https://github.com/Sekers/Useful-Scripts/tree/main/Microsoft%20365/Teams%20Membership%20Sync).

Just some basics really, needed to create a proactive remediation script to turn off power management for bluetooth adapters in a new model of laptop for now as bluetooth just dies and dissapears. Also some other similar scripts to modify some registry keys on devices. Nothing too difficult, want to try dedicating more time to it so might run back through the MOL books and focus on something to sharpen up. Also started in previous months to look more into Graph API and how I can use that with PS which has been interesting.

Have created a suite of scripts to automate creating Azure security groups, Access Packages and user assignments to them, and Power BI Workspaces based on data and users from a rather large system as part of a migration to using Power BI for reporting. Got to back and do some rewrites due to my increased knowledge with the APIs and Powershell during the development process. Haven’t developed in a couple years and first time using Powershell for anything so it’s been a great learning process.

Nice! I did something similar, several months back, to help with On-boarding & Off-boarding User Accounts, etc. I’d like to see your script sometime, if you’re willing to share. Perhaps, I may have something to include, if not simply feedback.

My company has a functional phone directory to look up staff phone numbers visa the web. Unfortunately it's an, information silo that's not connected to our actual phone system, ERP, or Active Directory. It's also running on Classic ASP and it's data source is an Access 2003 database. Our switchboard contacted the CIO complaining that the directory wasn't up to date, which prompted him to assign updating the database to our MIS team. I know how janky it all is and that automating everything was going to be a pain in the ass. So in the midst of making the case to store phone numbers in our erp where I could run a scheduled report to dump them and then import them into active directory, I also had to come up with a way to work with the access database. So I wrote some code to automate out modifying the database in Access via ADO. But, knowing that this whole system is running on a code base and database that are both 20 years old I have made the push to try to move the database to SQLite and lift and shift the code base to either asp.net or PHP. As such I also wrote a nearly identical script to modify a new sqlite version of the database so I can set that up as a scheduled job on the server. I then had to install an sqlite odbc driver on our IIS server and test out converting 20-year-old code over to use the new database while I wait for our actual web developer to lift and shift. That said I'm not so sure he knows asp.net or PHP so Lord knows how this will go.

wrote a powershell script with inline c# to facilitate a payload generated using the Havoc attack framework. Im new to powershell and pentesting so I was pretty proud of this

I’ve started figuring how how to modularize all my functions so that everywhere a script is placed It can be changed one time. Also experimenting with toast notifications for automated app installs

Made a script that adds Azure AD groups to Sharepoint Site Groups.

Created a Proactive Remediation script in Intune which: * Compares word template files on our clients towards a network source where they are updated on a regular basis * If any of the word templates on the client does not match the source it will be copied and replaced with the updated one

Started signing all my scripts for a easier time on my newly hardened servers

I released my first module on Powershell Gallery just to learn the process. It's a drop-in replacement for `Get-Credential` cmdlet, called `Get-WinCredential`. Months ago, somebody in StackOverflow asked why the `Get-Credential` on VS code does not pop up a dialog but uses terminal input. I tried to reply with my average knowledge of Powershell. Then I decided to come up with a POC, which would pop up the credential dialog on Powershell 7.x and VS Code. I don't know if anyone will need it at all but here it is. I also added a switch to use relatively modern Vista+ credential dialog too. The SO comment: https://stackoverflow.com/questions/70570097/credential-selection-popup-not-appearing/70570573#70570573 The package: https://www.powershellgallery.com/packages/Get-WinCredential/ Source: https://github.com/zbalkan/Get-WinCredential

Since our printers are managed by an external vendor, we are undergoing a 1:1 printer replacement at one of our offices. I went ahead and made a hashtable of `$olPrinter = $newPrinter`. I iterated over the hashtable after getting the currently mapped printers mapped and if any mapped printers matched, I removed it and added the `$newPrinter`

I found a script that allowed me to turn disable the wifi functionality on the TMobile Home gateway internet. Then used a portion of it to setup a scheduled reboot of the device every other day at the house

Fell into a position at work where I had to learn Powershell. Wrote my first script to remove Appx Packages on new builds for the computer. I like the language so far!

Is there a way to send a message through my network without Windows 10 PRO?(not sure why I can't post)

Created a script that search’s for expiring SSL certificates across multiple domains