Getting non-common attributes from AD B2C users with PowerShell - powershell

I would like to retrieve the following attributes: "createdDateTime, extension_xxxxxx_yyyyy, identities" from AD B2C users. With Graph Explorer, I could do this with:
https://graph.microsoft.com/v1.0/users?$select=createdDateTime extension_xxxxxx_yyyyy, identities
Then, I tried the snippet generated by Graph Explorer for PowerShell
Get-MgUser -Property “createdDateTime,+ extension_xxxxxx_yyyyy,identities”
I got the following error:
Parsing OData Select and Expand failed: Syntax error: character '+' is
not valid at position 17 in 'createdDateTime, +exten ……
I removed the “+” and retried, it had no error, but all the returned fields were blank.
I am using Microsoft Graph PowerShell SDK 1.18

It is easier to use the beta version of the API
Select-MgProfile -Name "beta"
CreatedDateTime can be got directly
Identities can be got directly but it is an array
extension_xxxxxx_yyyyy is the trickiest, it is packed inside the AdditionalProperties

Related

Assign ITGlue Contact to the Field using API powershell

I just want to assign the contacts to Application's field and another field with API Powershell but I don't know how to do it. could anyone help me?
According to their API documentation, there is no 'Application' resource type. Is it a custom resource, or a field on a different type of object? (what type?)
Try installing ITGlue's PowerShell wrapper module ITGlueAPI from the gallery (or github link):
Install-Module ITGlueAPI
Import-Module ITGlueAPI
# Check out all the available commands
Get-Command -Module ITGlueAPI
# initial setup:
Add-ITGlueBaseURI -base_uri 'http://myapi.gateway.example.com'
Add-ITGlueAPIKey -ApiKey 'your-key-here'
# Play around with these kinds of "Get-" commands which exist for each resource type:
# This is a good way to see how the data is formatted, and which fields exist per resource
Get-ITGlueFlexibleAssets
Get-ITGlueContacts -organization_id 1234 -filter_first_name 'Foo' -sort 'first_name'
# To make changes, run similar "Set-" or "New-" commands with the updates in hash table format:
Set-ITGlueContacts -id 1234 -data #{
location-id = 795
location-name = "San Francisco - HQ"
field-name = "Value"
}

List of AWS instances by TAG value using powershell

We are taging our AWS instances, I will like to retrieve a list of ALL our instances (ELB, S3, EC2, Security Groups) by TAG reference. for instance we consistently TAG our resources with something like this:
{ "Key": "Project",
"Value": "bananas"
},
How can we obtain trough power-shell a list of ALL our resources that contain the TAG Project value "bananas"?
I was able to get all my EC2s using the below script:
$instance = Get-EC2Instance
-Filter #( #{name='tag:Project'; values="bananas"};
#{name='instance-state-code'; values = 16} )
| Select-Object -ExpandProperty instances #Get instance ID ignoring any terminated instances
$instance | Export-CSV "C:\ec2.csv"
But I'm not sure how to obtain all my tagged resources using one script.
Check out the AWS Resource Groups Tagging API cmdlets -- these are relatively new, so you may have to update your AWS Tools for PowerShell to the latest version to be able to use them.
Example
The example below calls Get-RGTResource for the tag Key=Project, Value=Bananas, and filters the response to all ResourceARNs that were retrieved. The ResourceARN is a unique identifier for each AWS resource, and you can use these as a starting point to call out to other AWS services to get more details about each associated resource.
(Get-RGTResource -TagFilter #{Key="Project"; Values = #("bananas")}).ResourceARN
Example Output
arn:aws:ec2:us-east-1:<accountid>:instance/i-abcd1234
arn:aws:ec2:us-west-2:<accountid>:vpc/vpc-abcd1234
arn:aws:ec2:us-east-2:<accountid>:security-group/sg-abcd1234
arn:aws:elasticloadbalancing:us-east-1:<accountid>:loadbalancer/abcd1234
arn:aws:elasticmapreduce:us-east-1:<accountid>:cluster/abcd1234
Further Reading
AWS Documentation - Get-RGTResource
AWS Documentation - Amazon Resource Names (ARNs)

Starting Runbook via Azure API, Portal, or ISE Add-On yields "input parameter type mismatch" error

Given a simple runbook:
workflow test
{
[CmdletBinding()]
param([string] $NumericString)
write-output $NumericString
}
When starting it with a numeric value (ie: 5) via the Azure Portal as a new Job (published), via the Test Pane, or using the Azure Automation PowerShell ISE Add-On, the following error is returned and the execution Fails.
[edit] Just out of curiosity I tried some other values. 'true' or 'false' (without quotes in ise/the ui) will also cause the error (and are sent to the API inside quotes).[\edit]
The values provided for the root activity's arguments did not satisfy
the root activity's requirements: 'DynamicActivity': Expected an input
parameter value of type 'System.String' for parameter named 'Numeric'.
Parameter name: rootArgumentValues
AFAIK, this is not a factor when I've executed via a parent runbook, webhook, etc.
The PowerShell ISE Add-On issues this PUT request to the API:
(https://management.azure.com/subscriptions/<id>/resourceGroups/<rg>/providers/Microsoft.Automation/automationAccounts/<aa>/runbooks/<rb>/draft/testJob?api-version=2015-10-31)
{
"parameters": {
"Numeric": "5" <-- notice it's a string
}
}
This is a bug in the Automation portal and ISE add on. For portal, this should be fixed in a week or so. For ISE add on, can you please file a bug on this here: https://github.com/azureautomation/azure-automation-ise-addon/issues
This would appear to be a bug, similar to Azure Automation Error 'DynamicActivity': Expected an input parameter value of type
To mitigate the issue, just wrap your numeric value in quotes in the Portal or ISE Add-On
If you are starting runbooks outside of the formal SDKs, it appears you need to know about required extra escaping for sending Numeric or Boolean values for string parameters (in the least).
This is what the subsequent PUT request should look like (from ISE Add-On)
{
"parameters": {
"Numeric": "\"5\""
}
}

How to add a contributor to a TFS2010 project via PowerShell?

How do I add a contributor to a TFS2010 project via PowerShell?
Watching the powershell documentation (C:\Program Files (x86)\Microsoft Team Foundation Server 2010 Power Tools\Help\PowerShellCmdlets.mht), it looks like there is no option to add users to groups in TFS. But if you have the TFS Power Tools installed, you can use the tfssecurity tool in the command line.
C:\Program Files (x86)\Microsoft Visual Studio 10.0\VC>tfssecurity /?
[...]
/g+ groupIdentity memberIdentity (/collection:CollectionURI | /server:ServerURI)
Adds a user or a group to an existing group.
[...]
Identity Specifiers:
sid:sid - References the identity with the specified SID.
Example: sid:S-1-5-21-2127521184-1604012920-1887927527-588340
n:[domain\]name - References the identity with the specified name. For Windows, name is the logon name. If the referenced identity is in a domain, the domain name is required. For application groups, name is the group display name and domain is the URI or GUID of the containing project. In this context, if domain is omitted, the scope is assumed to be collection-level.
Example: To reference the identity of the user "John Peoples" in the domain "Datum1" at the fictitious company "A. Datum Corporation, you would use the following syntax:
n:DATUM1\jpeoples
Example: To reference application groups, you could use either of the following syntaxes:
n:"Full-time Employees"
n:00a10d23-7d45-4439-981b-d3b3e0b0b1ee\Vendors
[...]
So it would look like:
tfssecurity /g+ [ProjectName]\Contributor Domain\UserName /collection:http://yourTfs:8080/ProjectCollection

How do I delete a sharepoint group that has arabic characters in the title?

I have a sharepoint group that has arabic characters in the title. The site has been deleted, and I need to remove the group. When I use the GUI, I get this error message:
Error Code: 500 Internal Server Error. The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. (12202)
When I use stsadm -o enumgroups I get this as the group name:
<Name>Blah blah -- ????? ??????? ????????? Members</Name>
stsadm -o deletegroup -name "Blah blah -- ????? ??????? ????????? Members" -url http://myurl.com returns:
Group cannot be found.
I know the group ID, any way I can use that in my quest for deletion?
Remember that deletegroup requires the site URL as well. In this case I think you'll have to use the OM - you can use the SPGroupCollection.RemoveByID() method to do so.
I would use a console application to explore the group, (see if there is any information within it that you need to keep) and then delete it.