Powershell write-host not working when logged in as another admin - powershell

I have the below powershell script that I call via a command prompt outputting any text to >> .log file. What it does is it creates 2 OU's based on variables from an input file, checks to see if those OU's got created and finally outputs to a .log file (this is entered in the command prompt). It works as expected when executing the code as a domain admin on the abc.acme.ldt.com domain; it creares the OU's and outputs the text to .log file as expected.
But I'm experiencing a weird problem when running it as a forest admin acme.ldt.com user (with local domain admin privileges on that child domain ABC); It's able to create the OU's successfully but for whatever the reason it does not output the text file to the .log file. If I check with a [ADSI]::Exists("full-manual-path") I get a TRUE in response, so the script does create the OU's but I just cant get the text to appear in the .log file as I do when executing as a domain admin on the ABC domain.
Import-Csv ".\source\input.csv" | ForEach {
If ($_.FQDN -eq $(gwmi win32_computersystem).domain) { $OU_Name1 = $_.'OU Name1' }
If ($_.FQDN -eq $(gwmi win32_computersystem).domain) { $OU_Name2 = $_.'OU Name2' }
If ($_.FQDN -eq $(gwmi win32_computersystem).domain) { $OU_Name3 = $_.'OU Name3' }
If ($_.FQDN -eq $(gwmi win32_computersystem).domain) { $Path1 = $_.'OU Path1' }
If ($_.FQDN -eq $(gwmi win32_computersystem).domain) { $Path2 = $_.'OU Path2' }
If ($_.FQDN -eq $(gwmi win32_computersystem).domain) { $Full_windows7_OU_Path2 = $_.'Full Windows 7 OU path2' }
}
New-ADorganizationalUnit -Name $OU_Name1 -Path "$Path1"
Start-Sleep -s 10
New-ADorganizationalUnit -Name $OU_Name2 -Path "$Path2"
New-ADorganizationalUnit -Name $OU_Name3 -Path "$Path2"
if ([ADSI]::Exists("LDAP://$Full_windows7_OU_Path2"))
{
Write-Host "# Checking Logs to Confirm the OU Structure For Win7 Has been created #"
} Else {
Exit
}

Sometimes the simplest things let us doubt ourselves..
As I said in the comment:
Check if that user has write permissions on the share with: "test" | Out-File $location
You're welcome :)

Related

Powershell Script using for each to export only Valid AD Users to csv and suppress Users it cannot find in AD

Good day all, I'm trying to write a script that will check if a User is valid and export the results to a .csv file. I'm using the "for each" and erroraction -silentlycontinue cmdlet to check a list of Users from a .csv file and then verify on the Microsoft Teams admin center if that is a Valid User.
The problem I'm having is if I add the "$errorActionpreference" cmdlet which suppresses errors (or Users Not Found on Screen) the results in the CSV File are empty, If I remove the $errorAction cmdlet (hashed out in the script below), then it works fine by exporting the valid Users BUT it spits out a lot of errors on the screen.
The scripts just need to suppress error messages for invalid Users, Move to the next User in the csv file, and finally export the results of the valid Users to another csv file.
$path = Read-Host -Prompt "`nEnter the path of .csv file:"
if (Test-Path -Path $path) { break }
Write-Host "Wrong file or path specified. Please enter the correct
path to file!" -ForegroundColor Red
Write-Host "File has been located in the path specified!" -
ForegroundColor Green
$CsvFilePath = Import-CSV -Path $path
# $ErrorActionPreference = "silentlycontinue"
$results = foreach ($Users in $CsvFilePath) {
$User = $Users.UserPrincipalName
Get-CsOnlineUser $User | Select-Object UserPri*, LineURI,
TeamsUpgradeE*,IsSipEnabled, Enterprise*,
#{l="AssignedPlan";e={$_.AssignedPlan
- join "; "}}, #{l="FeatureTypes";e={$_.FeatureTypes -join ";
"}}
}
# $ErrorActionPreference = "silentlycontinue
#Export Results: Prompt for Path, If file does not exist, create it!#
$resultspathfilelocation = Read-Host -Prompt "`nEnter file path
to export results of
the Post Checks: "
$FileName = "$resultspathfilelocation"
if(Get-Item -Path $FileName -ErrorAction Ignore){
Write-Host "File found in directory specified!"
}
else{
New-Item -Verbose $FileName -ItemType File
}
$results | Export-Csv $resultspathfilelocation
Instead of trying to ignore the errors, why not just handle them properly?
$Results = foreach ($Users in $CsvFilePath) {
Try {
$User = $Users.UserPrincipalName
$ThisUser = Get-CsOnlineUser $User -ErrorAction Stop
# Output as custom object
[pscustomobject]#{UPN = $User
TeamsUpgradeEffectiveMode = $ThisUser.TeamsUpgradeEffectiveMode
IsSipEnabled = $ThisUser.IsSipEnabled
AssignedPlan = ($ThisUser.AssignedPlan -join "; ")
FeatureTypes = ($ThisUser.FeatureTypes -join "; ")
Error = ''}
}
Catch {
# User not found or error, output object with blank fields except for error
[pscustomobject]#{UPN = $User
TeamsUpgradeEffectiveMode = ''
IsSipEnabled = ''
AssignedPlan = ''
FeatureTypes = ''
Error = $_.Exception.Message}
}
}

Powershell - Get desktop path for all users [OneDrive Sync on some of them]

I am trying to search all user's desktops for a particular shortcut and I find difficulties enumerate all desktop paths for different users on the computer as some of them have OneDrive sync and the standard path c:\Users\%user%\Desktop is not to be found.
I have tried getting the path with the GetFolderPath which only returns the path to the current user:
[System.Environment]::GetFolderPath("Desktop")
So briefly the path scenarios are:
C:\users\username\Desktop
C:\users\username\One Drive - Company\Desktop
I would be glad if somebody has a hint how to find all paths in this mixed environment.
Here's my older training script. I don't know how (or if any) it works with OneDrive cync as I have OneDrive disabled (or even uninstalled) because I found it extremely irritating…
Remove-Variable path -ErrorAction SilentlyContinue
Write-Verbose "--- Special Folders ---" -Verbose
$SpecialFolders = #{}
$names = [Environment+SpecialFolder]::GetNames( [Environment+SpecialFolder])
ForEach ($name in $names) {
# assign and then check
if( $path = [Environment]::GetFolderPath($name) ){
$SpecialFolders[$name] = $path
} else {
Write-Warning $name
$SpecialFolders[$name] = ''
}
}
$SpecialFolders.GetEnumerator() |
Sort-Object -Property name #| Format-Table -AutoSize
"---"
###Pause
$ShellFolders=#{}
Write-Verbose "--- Shell Folders ---" -Verbose
[System.Enum]::GetValues([System.Environment+SpecialFolder]) |
ForEach-Object {
$ShellFolders[$_.ToString()] =
($_.value__, [System.Environment]::GetFolderPath($_))
}
$ShellFolders.GetEnumerator() |
Sort-Object -Property name # | Format-Table -AutoSize

need to output BitLocker status to txt file

I have a simple PowerShell script to check the status of BitLocker drive encryption on a computer on the network. I'd like for the script to determine the status of multiple computers in a text file.
Here's my basic script so far that Nathan Rice had helped with:
$TextFilePath = Read-Host "What is the path to the text file?"
If (Test-Path $TextFilePath) {
$ComputersArray = Get-Content $TextFilePath
ForEach ($Computer in $ComputersArray) {
If (Test-Connection $Computer -Count 1) {
$ComputerStatus = manage-bde -status -cn "$Computer"
Write-Host($ComputerStatus)
} Else {
Write-Host("$Computer appears to be offline.")
}
}
} Else {
Write-Error "The text file was not found, check the path."
}
I modified the code but it only writes one result to the text file, meaning if I have 5 computers in the list, it writes only the results for the first computer:
$TextFilePath = Read-Host "What is the path to the text file?"
If (Test-Path $TextFilePath){
$ComputersArray = Get-Content $TextFilePath
ForEach ($Computer in $ComputersArray) {
If (Test-Connection $Computer -Count 1) {
$ComputerStatus = manage-bde -status -cn "$Computer" |
Out-File -filepath "c:\users\enduser\Bitlocker-Status.txt"
} Else {
Write-Host("$Computer appears to be offline.")
}
}
} Else {
Write-Error "The text file was not found, check the path."
}
I'd like it to write the results for each device to the list.
Create a collection of results. After the loop, write the collection to a file.
$TextFilePath = Read-Host "What is the path to the text file?"
If (Test-Path $TextFilePath){
$ComputersArray = Get-Content $TextFilePath
$ComputerStatusCol = #()
ForEach ($Computer in $ComputersArray) {
If (Test-Connection $Computer -Count 1){
$ComputerStatus = manage-bde -status -cn "$Computer"
$ComputerStatusCol += $ComputerStatus
} Else {
Write-Host("$Computer appears to be offline.")
}
}
$ComputerStatusCol | Out-File -filepath "c:\users\enduser\Bitlocker-Status.txt"
} Else {
Write-Error "The text file was not found, check the path."
}
You need to add the parameter -Append to the Out-File, so that your output is appended to the existing content instead of replacing it:
$ComputerStatus = manage-bde -status -cn "$Computer" |
Out-File -filepath "c:\users\enduser\Bitlocker-Status.txt" -append -force
Easy batch file for admins who want a nice easy file to look through. Just set this up at one of my clients AD Networks, worked like a charm:
Setup a .cdm file, dump it into the netlogon folder
script:
echo Computer:%ComputerName% with username:%username% - Bitlocker check of drive C: >> "\server\share\folder\BitlockerCheck.log"manage-bde -status c: >> "\server\share\folder\BitlockerCheck\BitlockerCheck.log"
Make sure everyone has access to share path (domain users)Edit Group Policy for the container you want it to run in (default domain policy should never be touched, if you want everyone, make a new policy at the top and name it Bitcloker status check).
Go to User Configuration - Policies - Windows Settings - Scripts Right-click Logon, properties, Add - browse to \dcname\netlogon\filename.cmdclick OK, after about 15 minutes (without a forced gpupdate) the file will start populating as users logon/logoff.
On Non-BitLocker computers, it will show the computer name and user with no info.May be cumbersome on very large networks, but you could break out Gp script by OU and separate files as most large companies don't have everyone in one container.

Powershell: How to get file extensions of public folder attachments

i wonder if there is a way to get the file extension from a public folder attachment?
Backgroud:
We are using a software (AttachmentsProcessor) which extracts all attachments from the e-mails in the public folder structure and save it to the filesystem. The software puts a .lnk in the e-mail, which points to the location in the filesystem. So we can open the attachment by double-click.
Lately we moved our public folder structure from internal Exchange to Office365 / Exchange Online. During this process we tried to put all extracted attachments back into the e-mails. After we done some tests, we noticed the this didn't work for some of the e-mails. We have still the .lnk as an attachment.
So what am I looking for?
I would like to write a script in powershell which shows me a list of all e-mails and the corresponding folders (Identites), which have a .lnk file attached.
On my search I just found something that works for mailboxes but nothing for public folders.
-> Get-Mailbox | Export-Mailbox -AttachmentFilenames "*.PDF"
-> Get-Mailbox | New-MailboxExportRequest -ContentFilter {Attachment -like "*.PDF"}
Any help would be very nice. ;-)
Thanks for your attention
Peter
I can't overtly write all the code for you. But I have something that can get you started. This script will recursively iterate through your public folders and find items that have attachments on them. The last bit of code inside the loop currently saves the files to disk, but that's where you can replace that with some logic to do what you need it to do (i.e. filtering by attachment, pulling the link information, etc.).
$TargetDirectory = "C:\temp\PublicFolders"
function process-folders-recursive($folder, $path) {
if($folder.DefaultMessageClass -ne "IPM.Appointment" -and $folder.DefaultMessageClass -ne "IPM.Contact")
{
$path = (Join-Path $path $folder.name)
write-host $folder.class $path
if($folder.Items.Count -gt 0 ){
foreach($item in $folder.Items){
if($item.MessageClass -ne "IPM.Appointment")
{
#Write-Host $item.name
if($item.Attachments.Count -gt 0 ) {
if(!(Test-Path -path $path)){
New-Item -ItemType directory -Path $path
}
foreach($attch in $item.Attachments){
try
{
Write-Host $attch.FileName
$fileName = $attch.FileName
$fileNameAndPath = (Join-Path $path $fileName)
$attch.saveasfile($fileNameAndPath)
}
catch [System.Exception]
{
Write-Host $path $fileName # $_.Exception.ToString()
}
}
}
}
}
}
$folder.Folders | ForEach { process-folders-recursive $_ $path}
}
}
$objOutlook = New-Object -comobject outlook.application
$objNamespace = $objOutlook.GetNamespace(“MAPI”)
#Get Outlook folder with name Public Folders
$publicFolders = $objNamespace.Folders | Where { $_.name.StartsWith("Public Folders") } | Select -f 1
#Go into the "All Public Folders" folder
$AllPublicFolders = $publicFolders.Folders | Where { $_.name -eq "All Public Folders" } | Select -f 1
#Recurse through the Public Folders
process-folders-recursive $AllPublicFolders $TargetDirectory

PowerShell - Win2k8 - Script

I'm making a script to add some user from a csv to my AD and it doesn't work for some reason that i can't find out ^^'.
I'm using the file ADlog to see where my code goes or not and it goes in the "else (Woot?)" so maybe it can't access to my AD thx to a mistake in my code or ... dunno
#connection to the Active Directory
$objOU=[ADSI]"LDAP://localhost:389/DC=maho,DC=lan"
if($objOU.Children -ne $null) {
# import data from the csv file
$dataSource=import-csv ("\user.csv")
ForEach($dataRecord in $dataSource) {
$ou=$dataRecord.service
#checking the existance of the UO
if(($objOU.Children | where {$_.Path -match "OU=$ou"}) -eq $null){
#if it doesn't, we creat it
$objOU = $objOU.create("organizationalUnit", "ou="+$ou)
$objOU.SetInfo()
"UO not there" | Add-Content C:\ADlog.txt
}
else {
#if it does exist we point on it to creat the new user
$objOU = $objOU.Children.Find("OU=$ou")
"WOOT ?" | Add-Content C:\ADlog.txt
}
$SamAccountName=$dataRecord.login
$GivenName=$dataRecord.fname
$sn=$dataRecord.lname
$cn=$GivenName + " " + $sn
$displayName=$cn
$description=$dataRecord.description
$UserPrincipalname=$SamAccountName +"#"+$DNS_DomainName
#we create the obj user in the AD
$objUser=$objOU.Create("User","CN="+$cn)
$objUser.Put("SamAccountName",$SamAccountName)
$objUser.Put("UserPrincipalName",$UserPrincipalName)
$objUser.Put("DisplayName",$Displayname)
$objUser.Put("Description",$description)
$objUser.Put("GivenName",$GivenName)
$objUser.Put("sn",$sn)
$objUser.SetInfo()
#$objUser.setPassword("")
#empty to make the user choise his own passwd
#we activate the account
$objUser.psbase.InvokeSet("AccountDisabled",$false)
$objUser.SetInfo()
#we check that the acc is created
if(($objOU.Children | where {$_.Path -match "CN=$cn"}) -ne $null) {
"User : "+$UserPrincipalName+" Ok" | Add-Content C:\ADlog.txt
}
$objOU=[ADSI]"LDAP://localhost:389/DC=maho,DC=lan"
}
Write-Host "Sucess!"
#Delete the reg key
Remove-ItemProperty -Path "HKLM:\Software\Microsoft\Windows\CurrentVersion\Run"-Name "Unattend*"
}
else {
"Failure" | Add-Content C:\ADlog.txt
}
Check out This Scripting Guy article, pretty straight forward
http://blogs.technet.com/b/heyscriptingguy/archive/2011/12/22/use-powershell-to-read-a-csv-file-and-create-active-directory-user-accounts.aspx