public List<string> WMIGetPrinterList(string pcname)
{
string query = "Select * from Win32_Printer";
pcname = CleanPCName(pcname);
StringBuilder queryResult = new StringBuilder();
List<string> resultList = new List<string>();
if (PcNameIsNotNullOrVoid(pcname))
{
try
{
ManagementScope scope = new ManagementScope(backslashes + pcname + @"\root\cimv2");
scope.Connect();
ObjectQuery obquery = new ObjectQuery(query);
ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, obquery);
foreach (ManagementObject obj in searcher.Get())
{
try
{
resultList.Add("Name: " + obj["Name"].ToString());
resultList.Add("Port: " + obj["PortName"].ToString());
resultList.Add("DeviceID: " + obj["DeviceID"].ToString());
resultList.Add("DriverName: " + obj["DriverName"].ToString());
if (obj["Shared"].ToString().Equals(true.ToString()))
{
resultList.Add("Share Name: " + obj["ShareName"].ToString());
}
//resultList.Add("Status: " + obj["Status"].ToString());
//resultList.Add("Printer Status: " + obj["PrinterStatus"].ToString());
//resultList.Add("Printer State: " + obj["PrinterState"].ToString());
//int state = Int32.Parse(obj["ExtendedPrinterStatus"].ToString());
//switch (state)
//{
// case 1: //Other
// resultList.Add("Other");
// break;
// case 2: //Unknown
// resultList.Add("Unknown 2");
// break;
// case 7: //Offline
// resultList.Add("Offline");
// break;
// case 9: //error
// resultList.Add("Error");
// break;
// case 11: //Not Available
// break;
// default:
// resultList.Add("None of the above.");
// break;
//}
resultList.Add("");
}
catch
{
resultList.Add("Unknown");
}
}
}
catch (Exception e)
{
MessageBox.Show(e.Message);
}
}
//resultList.Sort();
return resultList;
}
//Deletes the printer
public void WMIDeletePrinter(string pcname, string printerName)
{
try
{
if (PcNameIsNotNullOrVoid(pcname) && !string.IsNullOrEmpty(printerName))
{
string query = @"SELECT * FROM Win32_Printer WHERE Name = '" + printerName.Replace("\\", "\\\\") + "'";
pcname = CleanPCName(pcname);
ManagementScope scope = new ManagementScope(backslashes + pcname + @"\root\cimv2");
scope.Connect();
SelectQuery obquery = new SelectQuery(query);
ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, obquery);
ManagementObjectCollection oObjectCollection = searcher.Get();
if (oObjectCollection.Count > 0)
{
foreach (ManagementObject oItem in oObjectCollection)
{
oItem.Delete();
MessageBox.Show(oItem["Name"].ToString() + " deleted.");
}
}
else
{
MessageBox.Show("Printer not Found");
}
}
}
catch (Exception e)
{
MessageBox.Show(e.Message);
}
}
Thursday, October 15, 2015
List and Delete printers with WMI and .NET
Works, but looks like it was a work in progress I never completely finished.
Get currently logged in user with WMI and .NET
public List<string> WMIGetLoggedOnUser(string pcname)
{
string query = "select UserName from Win32_ComputerSystem";
pcname = CleanPCName(pcname);
StringBuilder queryResult = new StringBuilder();
List<string> resultList = new List<string>();
try
{
ManagementScope scope = new ManagementScope(backslashes + pcname + @"\root\cimv2");
scope.Connect();
ObjectQuery obquery = new ObjectQuery(query);
ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, obquery);
foreach (ManagementObject obj in searcher.Get())
{
try
{
resultList.Add(obj["UserName"].ToString());
}
catch
{
resultList.Add("Unknown");
}
}
}
catch (Exception e)
{
MessageBox.Show(e.Message);
}
resultList.Sort();
return resultList;
}
Get service tag on a Dell machine in WMI and .NET
public List<string> WMIGetServiceTag(string pcname)
{
string query = "Select * from Win32_SystemEnclosure";
pcname = CleanPCName(pcname);
StringBuilder queryResult = new StringBuilder();
List<string> resultList = new List<string>();
try
{
ManagementScope scope = new ManagementScope(backslashes + pcname + @"\root\cimv2");
scope.Connect();
ObjectQuery obquery = new ObjectQuery(query);
ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, obquery);
foreach (ManagementObject obj in searcher.Get())
{
try
{
resultList.Add(obj["SerialNumber"].ToString());
}
catch
{
resultList.Add("Unknown");
}
}
}
catch (Exception e)
{
MessageBox.Show(e.Message);
}
resultList.Sort();
return resultList;
}
Getting Installed software and hotfixes remotely in .NET with WMI
public List<string> WMIGetInstalledSoftware(string pcname)
{
string query = "select Name from win32_product";
pcname = CleanPCName(pcname);
StringBuilder queryResult = new StringBuilder();
List<string> resultList = new List<string>();
try
{
ManagementScope scope = new ManagementScope(backslashes + pcname + @"\root\cimv2");
scope.Connect();
ObjectQuery obquery = new ObjectQuery(query);
ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, obquery);
foreach (ManagementObject obj in searcher.Get())
{
try
{
resultList.Add(obj["Name"].ToString());
}
catch
{
resultList.Add("Unknown");
}
}
}
catch (Exception e)
{
MessageBox.Show(e.Message);
}
resultList.Sort();
return resultList;
}
public List<string> WMIGetHotfixes(string pcname)
{
string query = "select HotFixID from Win32_QuickFixEngineering";
pcname = CleanPCName(pcname);
StringBuilder queryResult = new StringBuilder();
List<string> resultList = new List<string>();
try
{
ManagementScope scope = new ManagementScope(backslashes + pcname + @"\root\cimv2");
scope.Connect();
ObjectQuery obquery = new ObjectQuery(query);
ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, obquery);
foreach (ManagementObject obj in searcher.Get())
{
try
{
if (!obj["HotFixID"].Equals(null))
{
if (!obj["HotFixID"].ToString().Contains("File 1"))
{
resultList.Add(obj["HotFixID"].ToString());
}
}
}
catch
{
resultList.Add("Unknown");
}
}
}
catch (Exception e)
{
MessageBox.Show(e.Message);
}
resultList.Sort();
return resultList;
}
Get Mapped drives remotely in .NET with WMI
public List<string> GetMappedDrives(string pcname)
{
pcname = CleanPCName(pcname);
List<string> resultList = WMIGetMappedDrives(pcname);
List<string> resultList2 = RegGetMappedDrives(pcname);
resultList.Add("");
List<string> combinedList = new List<string>();
combinedList.AddRange(resultList);
combinedList.AddRange(resultList2);
return combinedList;
}
private List<string> WMIGetMappedDrives(string pcname)
{
List<string> resultList = new List<string>();
string query = "Select * from Win32_MappedLogicalDisk";
StringBuilder queryResult = new StringBuilder();
try
{
ManagementScope scope = new ManagementScope(backslashes + pcname + @"\root\cimv2");
scope.Connect();
ObjectQuery obquery = new ObjectQuery(query);
ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, obquery);
foreach (ManagementObject obj in searcher.Get())
{
try
{
resultList.Add(obj["Name"].ToString() + " " + obj["ProviderName"]);
}
catch
{
resultList.Add("Unknown");
}
}
}
catch (Exception e)
{
MessageBox.Show(e.Message);
}
//resultList.Sort();
return resultList;
}
private List<string> RegGetMappedDrives(string pcname)
{
string sid = WmiGetUserSID(pcname, WmiGetExplorerProcessOwner(pcname));
pcname = CleanPCName(pcname);
RegistryKey regKey;
StringBuilder queryResult = new StringBuilder();
List<string> resultList = new List<string>();
try
{
regKey = RegistryKey.OpenRemoteBaseKey(RegistryHive.Users, pcname).OpenSubKey(sid + @"\\Network");
//PrintKeys(rk);
foreach (string subKeyName in regKey.GetSubKeyNames())
{
try
{
string strPath = regKey.OpenSubKey(subKeyName).GetValue("RemotePath").ToString();
resultList.Add(subKeyName + ": " + strPath);
}
catch
{
resultList.Add("Unknown");
}
}
regKey.Close();
resultList.Sort();
regKey = RegistryKey.OpenRemoteBaseKey(RegistryHive.Users, pcname).OpenSubKey(sid + @"\\Volatile Environment");
resultList.Add(regKey.GetValue("HOMEDRIVE").ToString() + " " + regKey.GetValue("HOMESHARE").ToString() + " (HOMEDRIVE setting)");
regKey.Close();
}
catch //(Exception e)
{
//MessageBox.Show(e.GetType().Name + ": " + e.Message);
resultList.Add("");
}
return resultList;
}
private string WmiGetUserSID(string pcname, string domainBslashAccount)
{
string domain, user;
domain = domainBslashAccount.Substring(0, domainBslashAccount.IndexOf(@"\"));
user = domainBslashAccount.Substring(domainBslashAccount.IndexOf(@"\") + 1);
//string query = "Select * from Win32_UserAccount" + " Where Name='hadye' and Domain='domain'";
string query = "Select * from Win32_UserAccount" + " Where Name='" + user + "' and Domain='" + domain + "'";
ManagementScope scope = new ManagementScope(backslashes + pcname + @"\root\cimv2");
string sid = "unknown";
StringBuilder queryResult = new StringBuilder();
List<string> resultList = new List<string>();
pcname = CleanPCName(pcname);
try
{
scope.Connect();
ObjectQuery obquery = new ObjectQuery(query);
ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, obquery);
foreach (ManagementObject obj in searcher.Get())
{
try
{
sid = obj["SID"].ToString();
return sid;
}
catch (Exception e)
{
MessageBox.Show(e.Message);
return sid;
}
}
return sid;
}
catch (Exception e)
{
MessageBox.Show(e.Message);
return "SID unknown";
}
}
private string WmiGetExplorerProcessOwner(string pcname)
{
string query = "Select * from Win32_Process" + " Where Name='explorer.exe'"; // and SessionID=0"; sessionid=0 is not correct on widnows7
ManagementScope scope = new ManagementScope(backslashes + pcname + @"\root\cimv2");
StringBuilder queryResult = new StringBuilder();
List<string> resultList = new List<string>();
pcname = CleanPCName(pcname);
try
{
scope.Connect();
ObjectQuery obquery = new ObjectQuery(query);
ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, obquery);
//MessageBox.Show(searcher.Get().Count.ToString());
if (searcher.Get().Count >= 0)
{
ManagementObjectCollection processList = searcher.Get();
foreach (ManagementObject obj in processList)
{
string[] argList = new string[] { string.Empty, string.Empty };
int returnVal = Convert.ToInt32(obj.InvokeMethod("GetOwner", argList));
if (returnVal == 0)
{
// return DOMAIN\user
string owner = argList[1] + "\\" + argList[0];
return owner;
}
}
}
else
{
return @"localhost\administrator";
}
return @"localhost\administrator";
}
catch (Exception e)
{
MessageBox.Show(e.Message);
return @"localhost\administrator";
}
}
Thursday, August 27, 2015
BASH SSH Key Scripts for authorized_keys
Replace all instances of "user" with a variable and set to correct username.
Delete a Key from authorized_keys
Delete a Key from authorized_keys
#!/bin/bash
#/usr/local/bin/delete_key
echo " "
echo " "
echo " "
echo "current number of keys before deletion: " $(cat /home/user/.ssh/authorized_keys |wc -l)
echo " "
echo "Backing up keys..."
cp -fv /home/user/.ssh/authorized_keys /home/user/.ssh/authorized_keys.$(date +%Y.%m.%d)
echo " "
if [ $1 ]; then
keytodelete=$1
if [ ${#keytodelete} -gt 4 ]; then
keys=$(cat /home/user/.ssh/authorized_keys |grep $keytodelete |awk '{print $3}')
echo "key(s) will be deleted: " $keys
echo " "
if [ $2 ]; then
if [ $2 == "yes" ]; then
sed -i /$1/d /home/user/.ssh/authorized_keys;
echo "current number of keys after deletion: " $(cat /home/user/.ssh/authorized_keys |wc -l)
fi
else
echo "The above keys will be deleted, if this is what you want run again with 'yes' as your second argument"
fi
fi
else
echo "Key you want to delete must be at least 5 chars..."
echo "Syntax: delete_key npp56"
fi
#!/bin/bash
#/usr/local/bin/backup_keys
echo "current number of keys: " $(cat /home/user/.ssh/authorized_keys |wc -l)
cp -fv /home/user/.ssh/authorized_keys /home/user/.ssh/authorized_keys.$(date +%Y.%m.%d)
#!/bin/bash
#/usr/local/bin/show_keys
echo "current number of keys: " $(cat /home/user/.ssh/authorized_keys| wc -l)
echo " "
echo " "
echo "SSH Keys:"
echo " "
cat /home/user/.ssh/authorized_keys |awk '{print $3}'
echo " "
echo " "
Monday, April 20, 2015
Changelog
----------
2015.4.20
Added Tools -> System Tools -> Remote Command Line
(Brings up an interactive dos command line on remote pc)
Thursday, April 9, 2015
Reset a user's password in AD with C#.NET
public void ResetUsersPassword(string user, string fQDomainName, string ou)
{
if (!string.IsNullOrEmpty(user))
{
try
{
PrincipalContext ctx = new PrincipalContext(ContextType.Domain, fQDomainName, ou);
UserPrincipalsEx usr = UserPrincipalsEx.FindByIdentity(ctx, user);
if (usr != null)
{
DialogResult yesNoDialog;
string resetPasswordString = "Are you sure you want to reset " + usr.DisplayName + "'s password?";
yesNoDialog = MessageBox.Show(resetPasswordString, "Password Reset", MessageBoxButtons.YesNo);
if (yesNoDialog == DialogResult.Yes)
{
usr.SetPassword("Password1");
usr.ExpirePasswordNow();
MessageBox.Show(usr.DisplayName + "'s password has been reset.");
}
if (usr.IsAccountLockedOut())
{
usr.UnlockAccount();
MessageBox.Show(usr.DisplayName + "'s account unlocked");
}
usr.Dispose();
}
ctx.Dispose();
}
catch (Exception unlockException)
{
MessageBox.Show(unlockException.Message);
}
}
}
My solution to disable popup blocker(or any registry setting in HKCU) on a remote machine on an IE zone, without GPO.
So basically, the C# writes a Batch file on the user's Desktop that the user must double click so it runs under their credentials, the Batch file then creates a .reg file on the desktop that it in turn runs to change the registry setting in HKCU, then it deletes the .reg and then itself. I was proud of this a few years ago when I wrote it with the 3 nested syntaxes and all. As you can see it relies on other custom methods I wrote, but what you need to do to replicate should be clear.
public void DisablePopupBlocker(string pcname, string profile)
{
try
{
if (PcNameIsNotNullOrVoid(pcname) && !string.IsNullOrEmpty(profile))
{
pcname = CleanPCName(pcname);
profile = CheckForProfileDotDomain(pcname, profile);
//string filename = backslashes + pcname + @"\" + cshare + @"\Documents and Settings\" + profile + @"\Desktop\Disable PopUp Blocker.bat";
string filename = GetDesktopLocation(profile) +profile + @"\Desktop\Disable PopUp Blocker.bat";
if (File.Exists(filename))
{
File.Delete(filename);
}
try
{
using (StreamWriter writer = new StreamWriter(filename))
{
writer.WriteLine(@"@echo off");
writer.WriteLine(@"");
writer.WriteLine(@"echo Windows Registry Editor Version 5.00 >popup.reg");
writer.WriteLine(@"echo ;Pop up blocker disable >>popup.reg");
writer.WriteLine(@"echo [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] >>popup.reg");
writer.WriteLine("echo \"1809\"=dword:00000003 >>popup.reg");
writer.WriteLine("echo \"2200\"=dword:00000000 >>popup.reg");
writer.WriteLine("echo \"1609\"=dword:00000000 >>popup.reg");
writer.WriteLine("echo \"2101\"=dword:00000000 >>popup.reg");
writer.WriteLine(@"");
writer.WriteLine(@"regedit.exe /s popup.reg");
writer.WriteLine(@"");
writer.WriteLine(@"del /q popup.reg");
writer.WriteLine(@"del %0");
writer.Flush();
writer.Close();
MessageBox.Show("Created Disable PopUp Blocker.bat on " + profile + "'s Desktop.");
writer.Dispose();
}
}
catch (IOException ioe)
{
MessageBox.Show(ioe.Message);
}
}
}
catch (Exception popupException)
{
MessageBox.Show(popupException.Message);
}
}
Example of how to call Powershell Pipeline in C# and bring in Exchange SnapIn
public List<string> getBlockedSenders()
{
RunspaceConfiguration rsConfig = RunspaceConfiguration.Create();
PSSnapInException snapInException = null;
PSSnapInInfo info = rsConfig.AddPSSnapIn("Microsoft.Exchange.Management.PowerShell.E2010", out snapInException);
Runspace myRunSpace = RunspaceFactory.CreateRunspace(rsConfig);
myRunSpace.Open();
Pipeline ps = myRunSpace.CreatePipeline();
Command getSenderFilterConfigCommand = new Command("Get-SenderFilterConfig");
ps.Commands.Add(getSenderFilterConfigCommand);
Command selectObjectCommand = new Command("Select-Object");
CommandParameter selectObjectArgs = new CommandParameter("ExpandProperty", "BlockedSenders");
selectObjectCommand.Parameters.Add(selectObjectArgs);
ps.Commands.Add(selectObjectCommand);
Command outStringCommand = new Command("Out-String");
CommandParameter outStringArgs = new CommandParameter("Stream");
outStringCommand.Parameters.Add(outStringArgs);
ps.Commands.Add(outStringCommand);
List<string> output = new List<string>();
foreach (PSObject result in ps.Invoke())
{
output.Add(result.ToString());
}
myRunSpace.Dispose();
return output;
}
Wednesday, April 8, 2015
Example of one of my configs for a remote site on a Ubiquiti Edgerouter with PPTP, OSPF, VTIs, and DCHP Lync Phone Settings
firewall {
all-ping enable
broadcast-ping disable
group {
address-group DMZ_External {
address *.177.*.*
description ""
}
address-group DMZ_Web_Internal {
address 192.168.105.25
description ""
}
address-group GatewaysAdmin {
address 192.168.1.1
address 192.168.10.1
description ""
}
address-group GatewaysRED {
address 192.168.86.1
address 192.168.87.1
description ""
}
address-group Mail_External {
address *.177.*.*
description ""
}
address-group Mail_Internal {
address 192.168.1.7
description ""
}
address-group VPN_external {
address *.177.*.*
description ""
}
network-group SubnetsAdmin {
description ""
network 192.168.1.0/24
network 192.168.10.0/24
}
network-group SubnetsRED {
description ""
network 192.168.86.0/24
network 192.168.87.0/24
}
port-group DMZ_web {
description "DMZ_web HTTP,HTTPS"
port 80
port 443
}
port-group Mail {
description "Mail SMTP,SMTPS,IMAP,IMAPS,HTTPS"
port 25
port 465
port 143
port 993
port 443
}
}
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name WAN_IN {
default-action drop
description "packets from internet to LAN and WLAN"
enable-default-log
rule 1 {
action accept
description "allow established sessions"
log disable
protocol all
state {
established enable
invalid disable
new disable
related enable
}
}
rule 2 {
action drop
description "drop invalid state"
log disable
protocol all
state {
established disable
invalid enable
new disable
related disable
}
}
rule 3 {
action accept
description "allow VPN traffic from admin"
destination {
group {
network-group SubnetsRED
}
}
log disable
source {
group {
network-group SubnetsAdmin
}
}
}
}
name WAN_LOCAL {
default-action drop
description "packets from internet to the router"
enable-default-log
rule 1 {
action accept
description "allow established sessions"
log enable
protocol all
state {
established enable
invalid disable
new disable
related enable
}
}
rule 2 {
action drop
description "drop invalid state"
log disable
protocol all
state {
established disable
invalid enable
new disable
related disable
}
}
rule 3 {
action accept
description "allow VPN traffic from Admin to the router"
destination {
group {
address-group GatewaysRED
}
}
log disable
source {
group {
network-group SubnetsAdmin
}
}
}
rule 5 {
action accept
description "allow IKE-UDP-500"
destination {
port 500
}
log disable
protocol udp
}
rule 6 {
action accept
description "allow ESP-50"
log disable
protocol esp
}
rule 7 {
action accept
description "allow NAT-T-UDP-4500"
destination {
port 4500
}
log disable
protocol udp
}
rule 8 {
action accept
description "allow PPTP VPN gre"
protocol gre
}
rule 9 {
action accept
description "allow PPTP VPN pptp"
destination {
port 1723
}
protocol tcp
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
ethernet eth0 {
address *.*.*.231/28
description WAN
duplex auto
firewall {
in {
name WAN_IN
}
local {
name WAN_LOCAL
}
}
speed auto
}
ethernet eth1 {
address 192.168.86.1/24
description LAN
duplex auto
speed auto
}
ethernet eth2 {
description VLANS
duplex auto
speed auto
vif 10 {
address 192.168.87.1/24
description VOICE.10
mtu 1500
}
}
loopback lo {
}
vti vti1 {
address 10.87.1.87/24
description ADM
ip {
ospf {
dead-interval 40
hello-interval 10
network point-to-point
priority 1
retransmit-interval 5
transmit-delay 1
}
}
mtu 1398
}
vti vti18 {
address 10.18.87.87/24
description SMI
ip {
ospf {
dead-interval 40
hello-interval 10
network point-to-point
priority 1
retransmit-interval 5
transmit-delay 1
}
}
mtu 1398
}
vti vti28 {
address 10.28.87.87/24
description SMA
ip {
ospf {
dead-interval 40
hello-interval 10
network point-to-point
priority 1
retransmit-interval 5
transmit-delay 1
}
}
mtu 1398
}
vti vti33 {
address 10.87.33.87/24
description GDA
ip {
ospf {
dead-interval 40
hello-interval 10
network point-to-point
priority 1
retransmit-interval 5
transmit-delay 1
}
}
mtu 1398
}
vti vti39 {
address 10.87.39.87/24
description FAR
ip {
ospf {
dead-interval 40
hello-interval 10
network point-to-point
priority 1
retransmit-interval 5
transmit-delay 1
}
}
mtu 1398
}
vti vti60 {
address 10.60.87.87/24
description RDO
ip {
ospf {
dead-interval 40
hello-interval 10
network point-to-point
priority 1
retransmit-interval 5
transmit-delay 1
}
}
mtu 1398
}
vti vti74 {
address 10.87.*.87/24
description DAR
ip {
ospf {
dead-interval 40
hello-interval 10
network point-to-point
priority 1
retransmit-interval 5
transmit-delay 1
}
}
mtu 1398
}
vti vti95 {
address 10.95.87.87/24
description SST
ip {
ospf {
dead-interval 40
hello-interval 10
network point-to-point
priority 1
retransmit-interval 5
transmit-delay 1
}
}
mtu 1398
}
vti vti113 {
address 10.87.113.87/24
description GRA
ip {
ospf {
dead-interval 40
hello-interval 10
network point-to-point
priority 1
retransmit-interval 5
transmit-delay 1
}
}
mtu 1398
}
vti vti116 {
address 10.87.116.87/24
description LAM
ip {
ospf {
dead-interval 40
hello-interval 10
network point-to-point
priority 1
retransmit-interval 5
transmit-delay 1
}
}
mtu 1398
}
vti vti204 {
address 10.87.204.87/24
description CDO
ip {
ospf {
dead-interval 40
hello-interval 10
network point-to-point
priority 1
retransmit-interval 5
transmit-delay 1
}
}
mtu 1398
}
}
protocols {
ospf {
area 0.0.0.0 {
network 192.168.86.0/24
network 192.168.87.0/24
network 10.18.87.0/24
network 10.28.87.0/24
network 10.87.33.0/24
network 10.87.39.0/24
network 10.60.87.0/24
network 10.87.*.0/24
network 10.87.1.0/24
network 10.95.87.0/24
network 10.87.113.0/24
network 10.87.116.0/24
network 10.87.204.0/24
}
log-adjacency-changes {
}
parameters {
abr-type cisco
router-id 192.168.86.1
}
passive-interface default
passive-interface-exclude vti1
passive-interface-exclude vti116
passive-interface-exclude vti204
passive-interface-exclude vti33
passive-interface-exclude vti39
passive-interface-exclude vti74
passive-interface-exclude vti113
passive-interface-exclude vti18
passive-interface-exclude vti28
passive-interface-exclude vti60
passive-interface-exclude vti95
}
static {
interface-route 192.168.1.0/24 {
next-hop-interface vti1 {
distance 152
}
}
interface-route 192.168.10.0/24 {
next-hop-interface vti1 {
distance 152
}
}
interface-route 192.168.87.0/24 {
next-hop-interface eth2.10 {
}
}
}
}
service {
dhcp-server {
disabled false
global-parameters "class "vendor-classes" {"
global-parameters "match option vendor-class-identifier;"
global-parameters "}"
global-parameters "option space MSUCClient;"
global-parameters "option MSUCClient.UCIdentifier code 1 = string;"
global-parameters "option MSUCClient.URLScheme code 2 = string;"
global-parameters "option MSUCClient.WebServerFqdn code 3 = string;"
global-parameters "option MSUCClient.WebServerPort code 4 = string;"
global-parameters "option MSUCClient.CertProvRelPath code 5 = string;"
global-parameters "option UCSipServer code 120 = string;"
global-parameters "subclass "vendor-classes" "MS-UC-Client" {"
global-parameters "vendor-option-space MSUCClient;"
global-parameters "option MSUCClient.UCIdentifier 4D:53:2D:55:43:2D:43:6C:69:65:6E:74;"
global-parameters "option MSUCClient.URLScheme 68:74:74:70:73;"
global-parameters "option MSUCClient.WebServerFqdn 61:64:6D:2D:6C:79:6E:63:2E:68:65:61:64:73:74:61:72:74:2E:61:64:6D:69:6E;"
global-parameters "option MSUCClient.WebServerPort 34:34:33;"
global-parameters "option MSUCClient.CertProvRelPath"
global-parameters "2F:43:65:72:74:50:72:6F:76:2F:43:65:72:74:50:72:6F:76:69:73:69:6F:6E:69:6E:67:53:65:72:76:69:63:65:2E:73:76:63;"
global-parameters "} "
hostfile-update disable
shared-network-name 192.168.86.0 {
authoritative disable
subnet 192.168.86.0/24 {
default-router 192.168.86.1
dns-server 192.168.1.29
dns-server 192.168.1.30
domain-name ExampleDomain.com
lease 86400
ntp-server 192.168.1.29
ntp-server 192.168.1.30
start 192.168.86.100 {
stop 192.168.86.210
}
subnet-parameters "option UCSipServer 00:08:61:64:6D:2D:6C:79:6E:63:09:68:65:61:64:73:74:61:72:74:05:61:64:6D:69:6E:00;"
unifi-controller 192.168.1.30
}
}
shared-network-name 192.168.87.0 {
authoritative disable
subnet 192.168.87.0/24 {
default-router 192.168.87.1
dns-server 192.168.1.29
dns-server 192.168.1.30
domain-name ExampleDomain.com
lease 86400
ntp-server 192.168.1.29
ntp-server 192.168.1.30
start 192.168.87.100 {
stop 192.168.87.210
}
subnet-parameters "option UCSipServer 00:08:61:64:6D:2D:6C:79:6E:63:09:68:65:61:64:73:74:61:72:74:05:61:64:6D:69:6E:00;"
}
}
}
gui {
https-port 443
}
nat {
rule 1 {
description Mail_NAT_SMTP
destination {
address 192.168.1.7
port 25
}
inbound-interface eth0
inside-address {
address *.177.*.*
port 25
}
log enable
protocol tcp
type destination
}
rule 2 {
description Mail_NAT_SMTPS
destination {
address 192.168.1.7
port 465
}
inbound-interface eth0
inside-address {
address *.177.*.*
port 465
}
log enable
protocol tcp
type destination
}
rule 3 {
description Mail_NAT_IMAP
destination {
address 192.168.1.7
port 143
}
inbound-interface eth0
inside-address {
address *.177.*.*
port 143
}
log enable
protocol tcp
type destination
}
rule 4 {
description Mail_NAT_IMAPS
destination {
address 192.168.1.7
port 993
}
inbound-interface eth0
inside-address {
address *.177.*.*
port 993
}
log enable
protocol tcp
type destination
}
rule 5 {
description Mail_NAT_HTTPS
destination {
address 192.168.1.7
port 443
}
inbound-interface eth0
inside-address {
address *.177.*.*
port 443
}
log enable
protocol tcp
type destination
}
rule 6 {
description DMZ_website_HTTP
destination {
address 192.168.105.25
port 80
}
inbound-interface eth0
inside-address {
address *.177.*.*
port 80
}
log disable
protocol tcp
type destination
}
rule 7 {
description DMZ_website_HTTPS
destination {
address 192.168.105.25
port 443
}
inbound-interface eth0
inside-address {
address *.177.*.*
port 443
}
log disable
protocol tcp
type destination
}
rule 5000 {
description "masquerade for WAN"
log disable
outbound-interface eth0
protocol all
type masquerade
}
rule 5001 {
destination {
address 192.168.1.0/24
}
exclude
outbound-interface eth0
source {
address 192.168.86.0/24
}
type masquerade
}
}
snmp {
community public {
authorization ro
}
location "1145 Redwood Ave El Cajon, CA 92020"
}
ssh {
port 22
protocol-version v2
}
}
system {
conntrack {
expect-table-size 4096
hash-size 4096
table-size 32768
tcp {
half-open-connections 512
loose enable
max-retrans 3
}
}
domain-name ExampleDomain.com
gateway-address *.*.*.225
host-name RED-ERLite
login {
user AccountName1 {
authentication {
encrypted-password ****************
plaintext-password ****************
}
full-name AccountName1
level admin
}
}
name-server 8.8.8.8
name-server 8.8.4.4
ntp {
server 0.ubnt.pool.ntp.org {
}
server 1.ubnt.pool.ntp.org {
}
server 2.ubnt.pool.ntp.org {
}
server 3.ubnt.pool.ntp.org {
}
}
offload {
ipsec enable
ipv4 {
forwarding enable
}
ipv6 {
forwarding disable
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone America/Los_Angeles
}
vpn {
ipsec {
auto-firewall-nat-exclude enable
esp-group FOO0 {
compression disable
lifetime 3600
mode tunnel
pfs enable
proposal 1 {
encryption aes128
hash sha1
}
}
ike-group FOO0 {
key-exchange ikev1
lifetime 28800
proposal 1 {
dh-group 14
encryption aes128
hash sha1
}
}
ipsec-interfaces {
interface eth0
}
nat-networks {
allowed-network 0.0.0.0/0 {
}
}
nat-traversal enable
site-to-site {
peer 68.15.0.* {
authentication {
mode pre-shared-secret
pre-shared-secret ****************
}
connection-type initiate
ike-group FOO0
local-address *.*.*.231
vti {
bind vti116
esp-group FOO0
}
}
peer 68.15.*.* {
authentication {
mode pre-shared-secret
pre-shared-secret ****************
}
connection-type initiate
ike-group FOO0
local-address *.*.*.231
vti {
bind vti74
esp-group FOO0
}
}
peer *.*.2.166 {
authentication {
mode pre-shared-secret
pre-shared-secret ****************
}
connection-type initiate
ike-group FOO0
local-address *.*.*.231
vti {
bind vti28
esp-group FOO0
}
}
peer *.*.*.*15 {
authentication {
mode pre-shared-secret
pre-shared-secret ****************
}
connection-type initiate
ike-group FOO0
local-address *.*.*.231
vti {
bind vti95
esp-group FOO0
}
}
peer *.*.6.126 {
authentication {
mode pre-shared-secret
pre-shared-secret ****************
}
connection-type initiate
ike-group FOO0
local-address *.*.*.231
vti {
bind vti33
esp-group FOO0
}
}
peer *.*.28.72 {
authentication {
mode pre-shared-secret
pre-shared-secret ****************
}
connection-type initiate
ike-group FOO0
local-address *.*.*.231
vti {
bind vti204
esp-group FOO0
}
}
peer *.*.*.125 {
authentication {
mode pre-shared-secret
pre-shared-secret ****************
}
connection-type initiate
ike-group FOO0
local-address *.*.*.231
vti {
bind vti39
esp-group FOO0
}
}
peer *.173.62.* {
authentication {
mode pre-shared-secret
pre-shared-secret ****************
}
connection-type initiate
ike-group FOO0
local-address *.*.*.231
vti {
bind vti18
esp-group FOO0
}
}
peer *.175.247.* {
authentication {
mode pre-shared-secret
pre-shared-secret ****************
}
connection-type initiate
ike-group FOO0
local-address *.*.*.231
vti {
bind vti60
esp-group FOO0
}
}
peer 174.78.*.* {
authentication {
mode pre-shared-secret
pre-shared-secret ****************
}
connection-type initiate
ike-group FOO0
local-address *.*.*.231
vti {
bind vti113
esp-group FOO0
}
}
peer *.177.*.* {
authentication {
mode pre-shared-secret
pre-shared-secret ****************
}
connection-type initiate
ike-group FOO0
local-address *.*.*.231
vti {
bind vti1
esp-group FOO0
}
}
}
}
pptp {
remote-access {
authentication {
local-users {
username AccountName1 {
password ****************
}
username AccountName2 {
password ****************
}
}
mode local
}
client-ip-pool {
start 192.168.103.100
stop 192.168.103.210
}
dns-servers {
server-1 192.168.1.29
server-2 192.168.1.30
}
mtu 1492
outside-address *.*.*.231
}
}
}
Fix NTFS permissions on user subfolders of a redirect folder
Ran in to this problem a few times and had to fix, script requires installation of NTFSSecurity. I made a script once that doesn't require NTFSSecurity, but it is much more complex.
Write-Host ""
Write-Host ""
$startingDir = "\\fileserver\redirect"
$domain = "ExampleDomain.com"
cd $startingDir
$adminServiceAccount = New-Object System.Security.Principal.NTAccount($domain + "\" + "AdministratorAccountName")
Function setPermissions
{
param ($file, $user)
$user = $domain + "\" + $user
Write-Host user is $user
$objUser = New-Object System.Security.Principal.NTAccount($user)
Get-ChildItem $file -Recurse | ForEach-Object {
setOwner $_.FullName.ToString() $adminServiceAccount
}
#$acl.SetAccessRuleProtection($False,$True)
$acl = Get-Acl $file.ToString()
Write-Host $file
Add-NTFSAccess -Path $file -Account $user -AccessRights FullControl
Get-Acl $file |fl
Get-ChildItem $file -Recurse | ForEach-Object {
setOwner $_.FullName.ToString() $objUser
}
}
Function setOwner
{
param ($file, $user)
Write-Host Setting ownership of $file to $user
$owner = New-Object System.Security.Principal.NTAccount($user)
$acl = Get-Acl $file
$acl.SetOwner($owner)
Set-Acl $file $acl
}
Get-ChildItem $startingDir | ForEach-Object {
$folderFullPath = $_.FullName
$user = $_.Name.ToString()
Write-Host Setting permissions on $folderFullPath
setPermissions $folderFullPath $user
}
Create AD accounts from a csv in Powershell
I made this to create a bunch of users who need Apache website access, but don't actually need to log into domain, thus the PasswordNeverExpires, edit to your liking before using.
$domain = "ExampleDomain.com"
$pass = "ExamplePass-$@#%$#^"
Import-Csv \\adm-dc\redirect\kwalker\Desktop\Users.csv | ForEach-Object {
$first = $_.first
$last = $_.last
$email = $_.email
$location = $_.location
$name = $first + " " + $last
$sam = $first.Substring(0,2) + $last
$principal = $sam + "@" + $domain
Write-Host $name
New-ADUser -PasswordNeverExpires $true -Path "OU=POC,DC=EXAMPLEDOMAIN,DC=COM" -GivenName $first -Surname $last -AccountPassword (ConvertTo-SecureString $pass -AsPlainText -force) -DisplayName $name -Name $name -SamAccountName $sam -UserPrincipalName $principal
}
Short Spam and Content Filter Scripts for Exchange 2013
ShowCurrentConfig
WhiteListSpamSender
WhiteListSpamDomain
unWhiteListSpamSender
UnWhiteListSpamDomain
BlackListSender
BlackListDomain
UnBlackListSender
UnBlackListDomain
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn
$cfc = Get-ContentFilterConfig
$sfc = Get-SenderFilterConfig
Write-Host 'Blacklisted Senders:'
$sfc | Select-Object -ExpandProperty BlockedSenders
Write-Host ' '
Write-Host ' '
Write-Host ' '
Write-Host 'Whitelisted Senders:'
$cfc | Select-Object -ExpandProperty BypassedSenders
Write-Host ' '
Write-Host ' '
Write-Host ' '
Write-Host 'Blacklisted Domains:'
$sfc | Select-Object -ExpandProperty BlockedDomains
Write-Host ' '
Write-Host ' '
Write-Host ' '
Write-Host 'Blacklisted SubDomains:'
$sfc | Select-Object -ExpandProperty BlockedDomainsAndSubdomains
Write-Host ' '
Write-Host ' '
Write-Host ' '
Write-Host 'Whitelisted Domains:'
$cfc | Select-Object -ExpandProperty BypassedSenderDomains
Write-Host ' '
Write-Host ' '
Write-Host ' '
WhiteListSpamSender
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn
$sender = Read-Host 'Enter the name of the sender you would like to WHITELIST '
Set-ContentFilterConfig -BypassedSenders @{Add=$sender}
WhiteListSpamDomain
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn
$domain = Read-Host 'Enter the name of the domain you would like to WHITELIST '
Set-ContentFilterConfig -BypassedSenderDomains @{Add=$domain}
unWhiteListSpamSender
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn
$sender = Read-Host 'Enter the name of the sender you would like to REMOVE from WHITELIST '
Set-ContentFilterConfig -BypassedSenders @{Remove=$sender}
UnWhiteListSpamDomain
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn
$domain = Read-Host 'Enter the name of the domain you would like to REMOVE from WHITELIST '
Set-ContentFilterConfig -BypassedSenderDomains @{Remove=$domain}
BlackListSender
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn
$sender = Read-Host 'Enter the name of the sender you would like to BLACKLIST '
Set-SenderFilterConfig -BlockedSenders @{Add=$sender}
BlackListDomain
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn
$domain = Read-Host 'Enter the name of the domain you would like to BLACKLIST '
Set-SenderFilterConfig -BlockedDomains @{Add=$domain}
UnBlackListSender
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn
$sender = Read-Host 'Enter the name of the sender you would like to REMOVE from BLACKLIST '
Set-SenderFilterConfig -BlockedSenders @{Remove=$sender}
UnBlackListDomain
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn
$domain = Read-Host 'Enter the name of the domain you would like to REMOVE from BLACKLIST '
Set-SenderFilterConfig -BlockedDomains @{Remove=$domain}
Workgroup Creation script for Exchange UM/Lync
I pumped this really quick because I needed to change the sip URIs of more than 10 workgroups in a row, Lync/Exchange does not allow you to do this without deleting and recreating the workgroup from scratch, so, Powershell to the rescue. Obviously you would need to edit this to fit your organization and this script is in no way automated, but should be a good direction to get you started. DO NOT use this script as is, unless of course you work at the same company as I do!
#Read-Host
$Location = "VisatLaMesa";
$displayName = "Vista La Mesa";
$vmUser= "sip:" + "VistaLaMesaVM@headstart.admin";
$displayNumber = "4032"
$prompt = " ";
$promptOffHours = "Thank you for calling A K A Head Starts " + $displayName + " location, our normal business hours are 8 A M to 4 30 P M, please stay on the line if you would like to leave a message.";
$promptHoliday = "Thank you for calling A K A Head Starts " + $displayName + " location, our normal business hours are 8 A M to 4 30 P M, please stay on the line if you would like to leave a message.";
$lineUri = "TEL:" + $displayNumber;
$uri = "sip:" + $Location + "RG@headstart.admin";
$displayNameFull = $displayName + " Reception RG";
$qname = $displayName + " Reception";
$qid = (Get-CsRgsQueue -Name $qname).Identity;
$promptWM = New-CsRgsPrompt -TextToSpeechPrompt $prompt;
$promptBusWM = New-CsRgsPrompt -TextToSpeechPrompt $promptOffHours;
$promptHolWM = New-CsRgsPrompt -TextToSpeechPrompt $promptHoliday;
$busHours = Get-CsRgsHoursOfBusiness;
$actionWM = New-CsRgsCallAction -Prompt $promptWM -Action TransferToQueue -QueueID $qid
#$actionBusWM = New-CsRgsCallAction -Prompt $promptBusWM -Action TransferToVoiceMailUri -Uri $vmUser
#$actionHolWM = New-CsRgsCallAction -Prompt $promptHolWM -Action TransferToVoiceMailUri -Uri $vmUser
$actionBusWM = New-CsRgsCallAction -Prompt $promptBusWM -Action Terminate
$actionHolWM = New-CsRgsCallAction -Prompt $promptHolWM -Action Terminate
$serviceId="service:"+(Get-CSService | ?{$_.Applications -like "*RGS*"}).ServiceId;
$workflowHG = New-CsRgsWorkflow -Parent $serviceId -Name $displayNameFull -PrimaryUri $uri -LineUri $lineUri -DisplayNumber $displayNumber -Active $true -DefaultAction $actionWM -EnabledForFederation $true -NonBusinessHoursAction $actionBusWM -HolidayAction $actionHolWM -BusinessHoursID $busHours.Identity
Enable/Disable OWA access based on group membership
Use scenario for this is disabling OWA access to employees who are non-exempt and enabling it for exempt employees.
Powershell:
Disable Members:
Powershell:
Disable Members:
$members=Get-Group -Identity "all aka employees" |select members
Foreach($person in $members)
{
$name = $person.members.name
Foreach($n in $name)
{
Write-Host $n
Set-CasMailbox -identity $n -OWAEnabled $false
}
}
$members=Get-Group -Identity "exemptemployees" |select members
Foreach($person in $members)
{
$name = $person.members.name
Foreach($n in $name)
{
Write-Host $n
Set-CasMailbox -identity $n -OWAEnabled $true
}
}
Enable users VM Boxes for Exchange UM
Powershell Script:
I guess I could have thrown this in a For Loop asking you if you needed to add more users, but I didn't. Change the pin of course to what you would want and if you have 5 digit pin policy change the wording.
I guess I could have thrown this in a For Loop asking you if you needed to add more users, but I didn't. Change the pin of course to what you would want and if you have 5 digit pin policy change the wording.
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn
$user = Read-Host 'Enter the name of the user you would like to setup voicemail for '
$extension = Read-Host 'Enter 4 digit extension of user '
Enable-UMMailbox -UMMailboxPolicy "AdminDialPlan Default Policy" -PinExpired $true -Pin 4321 -Extensions $extension -Identity $user
Friday, March 27, 2015
Alternative to Changing an Executive's outgoing CID
Rather than changing our Executive Director's caller ID on outgoing calls or setting this user's personal operator an alternate approach I went with here is to use an inbound translation rule on the dial plan applied to the SIP trunk. If someone internal tries to call our Executive Director's DID they reach her as normal, but if she is dialed by someone external to our organisation the caller is connected to a response group containing the person or persons who you would normally set as the executive's personal operator.
New SANs Build
Custom built two new NAS/SANs. 16 x 4 TB SATA3 drives in RAID 10 ZFS, 64 GB of RAM, 4 hot swap 750w PSUs, 2 Haswell CPUs, 2 16GB USB3 drives with FreeNAS in read only mode. Attached storage to Xenserver through 2 LACP bonded connections per host and 4 pair LACP bonded connections from each NAS.
Update: We later switch to a Chelsio 10G fiber cards with two ports per card on each device for direct connect between each host and each SAN and used iSCSI multipathing. This yielded extremely better performance than the 4x1Gb nics in LACP.
Update: We later switch to a Chelsio 10G fiber cards with two ports per card on each device for direct connect between each host and each SAN and used iSCSI multipathing. This yielded extremely better performance than the 4x1Gb nics in LACP.
Script to change Exchange/Lync 2013 User Photos
Can take a command line argument of the user's name otherwise it asks.
Powershell:
Last line commented out because it is no longer needed as of Exchange 2013 CU, CU3 I believe, but it could be an earlier CU. Uncomment if on and older build or if pictures don't actually populate.
Powershell:
param([String]$UserName)
$DefaultPhotoPath = “\\headstart.admin\share\redirect3\”
if (!$username) {
$UserName = "Username"
$UserName = Read-Host "Please place photo into" $DefaultPhotoPath"Username\ folder with naming format username.jpg and then type UserName into this script and press enter"
}
$DefaultPhotoPath = “\\headstart.admin\share\redirect3\” + $UserName + "\"
$PhotoPath = $DefaultPhotoPath + $UserName + “.jpg”
$photo = ([Byte[]] $(Get-Content -Path $PhotoPath -Encoding Byte -ReadCount 0))
Remove-UserPhoto $UserName -Confirm:$False
Set-UserPhoto -Identity $UserName -PictureData $photo -Confirm:$False
#Set-UserPhoto -Identity $UserName -Save -Confirm:$False
Last line commented out because it is no longer needed as of Exchange 2013 CU, CU3 I believe, but it could be an earlier CU. Uncomment if on and older build or if pictures don't actually populate.
Observium
Observium is a great tool for monitoring SNMP devices with a free version available.
OSPF Neighbors
Resource Usage
Subscribe to:
Posts (Atom)