Import-Module RemoteDesktop
Set-RDWorkspace -Name "My Apps"
Created a R/RW/L SG for root folders in a share
$folders = get-childitem -directory -path "\\Server\share"
ForEach ($name in $folders)
{
$ns = $name.name -replace ' ','.'
#write-host "Grant Read/Write access to '$($name.FullName)' This is a SN Group only"
#Write-host "sg.ag.$($ns).RW"
#Read/Write Groups
#New-ADGroup -server "ral1-dc01" -DisplayName "sg.ag.$($ns).RW" -Name "sg.ag.$($ns).RW" -Description "Grant Read/Write access to '$($name.FullName)' This is a SN Group only" -GroupScope Universal -Path "OU=ServiceNow,OU=File Groups,OU=Security Groups,DC=trialcard,DC=com"
#Read Groups
New-ADGroup -server "ral1-dc01" -DisplayName "sg.ag.$($ns).R" -Name "sg.ag.$($ns).R" -Description "Grant Read Only access to '$($name.FullName)' This is a SN Group only" -GroupScope Universal -Path "OU=ServiceNow,OU=File Groups,OU=Security Groups,DC=trialcard,DC=com"
#List Groups
New-ADGroup -server "ral1-dc01" -DisplayName "sg.ag.$($ns).L" -Name "sg.ag.$($ns).L" -Description "Grant List access to '$($name.FullName)' This is a SN Group only" -GroupScope Universal -Path "OU=ServiceNow,OU=File Groups,OU=Security Groups,DC=trialcard,DC=com"
$users = Get-Content c:\scripts\list.txt
ForEach($userlist in $users)
{
$user = Get-ADUser $userlist
$dn= [ADSI](“LDAP://” + $user)
$acl= $dn.psbase.objectSecurity
if ($acl.get_AreAccessRulesProtected())
{
$isProtected = $false # $false to enable inheritance
# $true to disable inheritance
$preserveInheritance = $true # $true to keep inherited access rules
# $false to remove inherited access rules.
# ignored if isProtected=$false
$acl.SetAccessRuleProtection($isProtected, $preserveInheritance)
$dn.psbase.commitchanges()
Write-Host($user.SamAccountName + "|" + `
$user.DistinguishedName + `
"|inheritance set to enabled")
}
else
{
write-host($user.SamAccountName + "|" + `
$user.DistinguishedName + `
"|inheritance was already enabled - no change")
}
}
Install-Module Microsoft.Graph -Scope AllUsers
$AllFolders = Get-ChildItem -Directory -Path "\\server\Share$\" -Force -depth 3
$Results = @()
Foreach ($Folder in $AllFolders) {
$Acl = Get-Acl -Path $Folder.FullName
foreach ($Access in $acl.Access) {
if ($Access.IdentityReference -notlike "BUILTIN\Administrators" -and $Access.IdentityReference -notlike "domain\Domain Admins" -and $Access.IdentityReference -notlike "CREATOR OWNER" -and $access.IdentityReference -notlike "NT AUTHORITY\SYSTEM") {
$Properties = [ordered]@{'FolderName'=$Folder.FullName;'AD Group'=$Access.IdentityReference;'Permissions'=$Access.FileSystemRights;'Inherited'=$Access.IsInherited}
$Results += New-Object -TypeName PSObject -Property $Properties
}
}
}
$Results | Export-Csv -path "C:\temp\FileName - $(Get-Date -format MMyy) b.csv"
rm -r /etc/vmware/license.cfg cp /etc/vmware/.#license.cfg /etc/vmware/license.cfg /etc/init.d/vpxa restart
Get-VM | ForEach-Object {Get-VHD -ComputerName $_.ComputerName -VMId $_.VMId} | Select -Property path,computername,vhdtype,@{label='Size(GB)';expression={$_.filesize/1gb -as [int]}}
# ReportPermissionsOnMailboxes.PS1
# https://github.com/12Knocksinna/Office365itpros/edit/master/ReportPermissionsOnMailboxes.PS1
# Quick and simple script to generate a report of non-standard permissions applied to Exchange Online user and shared mailboxes
# Needs to be connected to Exchange Online PowerShell with an administrative account to run
# V1.0 25-Feb-2020
CLS
Write-Host "Fetching mailboxes"
$Mbx = Get-ExoMailbox -RecipientTypeDetails UserMailbox, SharedMailbox -Properties RecipientTypeDetails -ResultSize Unlimited
If ($Mbx.Count -eq 0) { Write-Error "No mailboxes found. Script exiting..." -ErrorAction Stop }
# We have some mailboxes, so we can process them...
CLS
$Report = [System.Collections.Generic.List[Object]]::new() # Create output file
$ProgressDelta = 100/($Mbx.count); $PercentComplete = 0; $MbxNumber = 0
ForEach ($M in $Mbx) {
$MbxNumber++
$MbxStatus = $M.DisplayName + " ["+ $MbxNumber +"/" + $Mbx.Count + "]"
Write-Progress -Activity "Processing mailbox" -Status $MbxStatus -PercentComplete $PercentComplete
$PercentComplete += $ProgressDelta
# REST cmdlet equivalent
# $Permissions = Get-ExoMailboxPermission -Identity $M.UserPrincipalName | ? {$_.User -Like "*@*" }
$Permissions = Get-MailboxPermission -Identity $M.UserPrincipalName | ? {$_.User -Like "*@*" }
If ($Null -ne $Permissions) {
# Grab each permission and output it into the report
ForEach ($Permission in $Permissions) {
$ReportLine = [PSCustomObject] @{
Mailbox = $M.DisplayName
UPN = $M.UserPrincipalName
Permission = $Permission | Select -ExpandProperty AccessRights
AssignedTo = $Permission.User
MailboxType = $M.RecipientTypeDetails }
$Report.Add($ReportLine) }
}
}
$Report | Sort -Property @{Expression = {$_.MailboxType}; Ascending= $False}, Mailbox | Export-CSV c:\temp\MailboxPermissions.csv -NoTypeInformation
Write-Host "All done." $Mbx.Count "mailboxes scanned. Report of non-standard permissions available in c:\temp\MailboxPermissions.csv"
# An example script used to illustrate a concept. More information about the topic can be found in the Office 365 for IT Pros eBook https://gum.co/O365IT/
# and/or a relevant article on https://office365itpros.com or https://www.petri.com. See our post about the Office 365 for IT Pros repository # https://office365itpros.com/office-365-github-repository/ for information about the scripts we write.
# Do not use our scripts in production until you are satisfied that the code meets the need of your organization. Never run any code downloaded from the Internet without
# first validating the code in a non-production environment.e
https://office365itpros.com/2020/03/16/creating-report-exchange-online-mailbox-permissions/
get-aduser -filter { passwordNeverExpires -eq $true -and enabled -eq $true } |select Name,UserPrincipalName,samaccountname
And output to CSV
get-aduser -filter { passwordNeverExpires -eq $true -and enabled -eq $true } |select Name,UserPrincipalName,samaccountname | Export-csv c:\temp\PassExpires3.csv
Filter by OU
get-aduser -filter { passwordNeverExpires -eq $true -and enabled -eq $true } -searchbase "OU=123,DC=domain,DC=Local" | sort | ft Name,UserPrincipalName,samaccountname
Get-Mailbox user@domin.com | Get-MailboxStatistics | Select-Object DisplayName, ItemCount, TotalItemSize | Format-Table -autosize