jbmurphy.com

  • PowerShell wrapper script to send email

    I wanted a standard function that I can call from other scripts to send email. I needed multiple recipients, and default sender and smtp arguments. Here is the script that I came up with.

    function JBMURPHY-Send-Email {
Param(	[parameter(Mandatory = $true)]$ToAddress,
	[parameter(Mandatory = $true)]$Subject,
	[parameter(Mandatory = $true)]$Body,
	[parameter(Mandatory = $false)]$FromAddress="[email protected]",
	[parameter(Mandatory = $false)]$SMTPAddress="192.168.1.1")
$msg = New-Object Net.Mail.MailMessage
$msg.From = $FromAddress
$msg.Body = $Body
$msg.Subject = $Subject
if($ToAddress -isnot [Object[]]) {$ToAddresses = ([string]$ToAddress).Split(";")}
foreach($Address in $ToAddresses) { $msg.To.Add($Address)}
$smtp = new-object Net.Mail.SmtpClient($SMTPAddress)
$smtp.Send($msg)
}

  • PowerShell script to add users to a group

    In this previous post : PowerShell wrapper for creating a new distribution group, I created a script for creating a new distribution group. I wanted to take that a step further and prompt the SysAdmin to add users. I created a new recursive function called AddToDistributionGroup. In this code, I prompt for a group name, and a user to add. The SysAdmin types in the first few parts of the name (I could have used samaccountname) and then I then loop through ADusers with that name asking the SysAdmin if that is the user they want to add. 

    function JBMURPHY-EXCHANGE-AddToDistributionGroup {
Param(	[parameter(Mandatory = $true)]$GroupName,
	[parameter(Mandatory = $true)]$UserToAdd)
JBM-EXCHANGE-StartPSSESSION
if (!($GroupName)) {write-host "you need to specify a group name"
break}
if (($UserToAdd)) {
 $UserToAdd=$UserToAdd+"*"
 Get-aduser -filter {(name -like $UserToAdd) -and (Enabled -eq $true)} | foreach-object {
  $UserName=$_.Name
  $message = "Add $UserName to the group: $GroupName"
  $yes = New-Object System.Management.Automation.Host.ChoiceDescription "&Yes","Yes add $UserName to the group $GroupName"
  $no = New-Object System.Management.Automation.Host.ChoiceDescription "&No","No, don't add $UserName to the group $GroupName?"
  $options = [System.Management.Automation.Host.ChoiceDescription[]]($yes, $no)
  $result = $host.ui.PromptForChoice($title, $message, $options, 0) 
  if ($result -eq 0){
   write-host "Adding $UserName"
   Add-DistributionGroupMember -Identity $GroupName -Member $UserName
  }
 }
JBM-EXCHANGE-AddToDistributionGroup $GroupName
}
}

    * Note, there is not any error checking to see if the group exists. I am mainly using this code to be called from a NewDistributionGroup script, where I know the name of the group. I may add a lookup to see if the group exists at some point.

    ** Now that I think about it, this is for any type group, not just distribution groups.

  • VMware Fusion 4 – Did they move vmrun?

    Did they move vmrun in VMware Fusion 4?

    In version 4, I find it here: “/Applications/VMware Fusion.app/Contents/Library/”

    But this documentation says that the command should be in “/Library/Application Support/VMware Fusion”, but I found it here”/Applications/VMware\ Fusion.app/Contents/Library/vmrun”

    I don’t see anything in the release notes.

    Anyone?

     

  • PowerShell wrapper for creating a new distribution group

    Unknown to me, in Exchange 2010 when you create a new distribution group in EMC, by default, the group will not receive email from external recipients – the setting “Require that senders are authenticated” is checked. We use distribution groups to communicate with clients, so unauthenticated senders need to email these groups.  This setting is on the Mail Flow Setting – Message Delivery restrictions page.  I wrote a simple wrapper script to create a new distribution group and turn off the “Require that senders are authenticated” setting:

    function JBMURPHY-EXCHANGE-NewDistributionGroup {
Param([parameter(Mandatory = $true)]$GroupName)
Write-host "Creating group named $GroupName"
new-DistributionGroup -Name $GroupName -OrganizationalUnit 'site.name/OUName' -SamAccountName $GroupName -Alias $GroupName
Set-DistributionGroup $GroupName -RequireSenderAuthenticationEnabled $false
write-host "The $GroupName distribution group has been created."
}

    Simple one. I know.

  • PowerShell wrapper scripts for Exchange 2010 – first step: make a connection

    As I talked about in this previous post, I like to write wrapper scripts that collect input and pass it along to the actual provided functions. I call these wrapper scripts because they are not really doing anything ground breaking, they are just a series of conditionals and commands that I put together, with a common naming convention. Then, all we have to do is tab completion through the scripts that I have written.

    I wanted to do the same for creating new distribution groups in Exchange 2010, but first ,I needed to make  the Exchange 2010 PowerShell functions available on our local machines. I wrote the following function that starts a PSSession on the exchange server. This function will be called at the beginning of every Exchange wrapper script, guaranteeing that we have a connection to the Exchange PowerShell functions.

    Here is that function:

    Function JBMURPHY-EXCHANGE-StartPSSESSION {
if(! (Get-PSSession | Where-Object { $_.ComputerName -like "servername.company.com" })){
Write-Host "Createing PSSession to SVNYEXCH01.SARDVERB.LOCAL" -ForegroundColor Green
Import-PSSession (New-PSSession -Configurationname Microsoft.Exchange –ConnectionUri http://servername.company.com/powershell) | out-null
}
}

  • PowerShell script to email users if password expires soon, and send a summary to IT

    I wanted to expand on my previous script: powershell-to-list-all-users-and-when-their-password-expires, so that it would send the user an email if their password was going to expire soon. Additionally I wanted to send a summary to our IT staff of accounts that were going to expire soon.

    Here is that script:

    $maxdays=(Get-ADDefaultDomainPasswordPolicy).MaxPasswordAge.TotalDays
$summarybody="Name `t ExpireDate `t DaysToExpire `n"

(Get-ADUser -filter {(Description -notlike "IfYouWantToExclude*") -and (Enabled -eq "True") -and (PasswordNeverExpires -eq "False")} -properties *) | Sort-Object pwdLastSet |
foreach-object {

$lastset=Get-Date([System.DateTime]::FromFileTimeUtc($_.pwdLastSet))
$expires=$lastset.AddDays($maxdays).ToShortDateString()
$daystoexpire=[math]::round((New-TimeSpan -Start $(Get-Date) -End $expires).TotalDays)
$samname=$_.samaccountname
$firstname=$_.GivenName
if ($daystoexpire -le 3){
	$ThereAreExpiring=$true

	$emailFrom = "[email protected]"
	$emailTo = "[email protected]"
	$subject = "$firstname, your password expires in $daystoexpire day(s)"
	$body = "$firstname,
	Your password expires in $daystoexpire day(s).

	Please press Ctrl + Alt + Del -> Change password"

	$smtpServer = "smtp.yourdomain.com"
	$smtp = new-object Net.Mail.SmtpClient($smtpServer)
	$smtp.Send($emailFrom, $emailTo, $subject, $body)

	$summarybody += "$samname `t $expires `t $daystoexpire `n"
}
}
if ($ThereAreExpiring) {
$emailFrom = "[email protected]"
$emailTo = "[email protected]"
$subject = "Expiring passwords"
$body = $summarybody
$smtpServer = "smtp.yourdomain.com"
$smtp = new-object Net.Mail.SmtpClient($smtpServer)
$smtp.Send($emailFrom, $emailTo, $subject, $body)
}

  • Quick bash script to change .htpasswd passwords across a server

    I wanted to change passwords for a users that is in all of our htpasswds. Here is a quick bash find script to do that:

    for PATH in $(find / -name .htpasswd); do htpasswd -b $PATH username NewPassword; done

  • Cisco ASA hacking – Getting started

    My wife (Team Murphy’s CFO) allowed me to purchase a Cisco ASA 5505 for home. We use ASAs at work, and I am interested in how we can leverage these devices to their fullest. I am new to Cisco and to their IOS (the original IOS). I was impressed, the 5505 was easy to setup, I just swapped out my existing DDWRT and it worked out of the box. The 5505 had DHCP running on the internal interface, and NAT configured correctly.

    Next I wanted to change the default network to use a different range. That proved more difficult when trying to do it over a network connection. I know I should be using the serial connection, but I did not want to sit in my coat closet to make the change. I also knew I would be hacking my config, and I wanted a scenario where I could early reset to the defaults. Every time I tried to reset to the defaults, the interface would hang because i was trying to do it over the network (as expected).

    I found this link in the ASA documentation that described the default config for an ASA. I also found the environmental variable CONFIG_FILE. My thinking was, I could use the default config listed in the ASA documentation and save it to a file on the flash. If I wanted to return to the defaults, I could just change the  CONFIG_FILE environmental to point to that default config file on disk0:, and I would be back up and running in “factory defaults”.

    I took it a step further and I added the following to my “jbmurphy_factory_defaults”:

    ssh 192.168.XX.0 255.255.255.0 inside
ssh timeout 5
aaa authentication ssh console LOCAL
ssh scopy enable

    These 4 lines enable ssh access to the ASA and allow me to scp my config file to disk0. Now, when I am working on a new config, I can scp it from my filesystem to the onboard storage, and issue a reboot.

    That is my workflow so far. Thoughts?