├── .gitignore
├── CMTrace.exe
├── Certs
├── CACerts.ps1
├── Create-ConfigMgrCerts.ps1
├── GetInfo.ps1
├── GetInfo_v2.ps1
├── NewCACert.ps1
├── NewTemplate.ps1
├── Test.ps1
└── Test2.ps1
├── CodeDump
├── Repair-WMIClass.ps1
├── RepairDomainTrust.ps1
├── RollBackCPlusPlusRedist
│ ├── 14.32.31332.0
│ │ ├── VC_redist.x64.exe
│ │ └── VC_redist.x86.exe
│ ├── 14.34.31931.0
│ │ ├── VC_redist.x64.exe
│ │ └── VC_redist.x86.exe
│ ├── RollBackCPlusPlusRedist.ps1
│ └── movefile64.exe
├── Set-PowerPlanToBalanced.ps1
└── Test For Broken Lenovo Catalog Agent.ps1
├── ConfigMgr
├── AD_CM Cleanup Scripts
│ ├── ADCleanup_ADSI.ps1
│ └── DeleteComputerFromADAndSCCMFromCSV_GIT.ps1
├── AdminService
│ ├── AdminSerivce-GetBitlockerRecoveryKey.ps1
│ ├── AdminServiceQuerySamples.PS1
│ ├── AdminServiceUsingTokenAuth.ps1
│ ├── Applications
│ │ ├── AdminService-NewApplicationBasic.ps1
│ │ └── AdminService-NewApplicationFull.ps1
│ ├── CMPivotOverCMG.ps1
│ ├── Certs
│ │ ├── ChkCert.ps1
│ │ ├── GetCertChain.ps1
│ │ └── GetTSVars.ps1
│ ├── Collect-ClientLogsInTS.ps1
│ ├── Get-AADAuthToken.ps1
│ ├── GifsInSoftwareCenter
│ │ ├── .vscode
│ │ │ └── launch.json
│ │ ├── Devicescripts.js
│ │ ├── Gifs
│ │ │ ├── Feature Update Scripts.gif
│ │ │ ├── MicrosoftEdgeBeta.gif
│ │ │ ├── MicrosoftEdgeDev.gif
│ │ │ ├── MicrosoftEdgeStable.gif
│ │ │ ├── Office 365 Pro Plus x64.gif
│ │ │ ├── Office 365 Pro Plus x86.gif
│ │ │ ├── Recast RCT.gif
│ │ │ ├── RecastRCT.gif
│ │ │ ├── Right Click Tools.gif
│ │ │ ├── chrome.gif
│ │ │ ├── office.gif
│ │ │ ├── onedrive.gif
│ │ │ └── power bi desktop.gif
│ │ ├── SoftwareCenter.html
│ │ ├── ntlm.js
│ │ ├── origscripts.js
│ │ ├── scripts.js
│ │ ├── style.css
│ │ ├── t.json
│ │ └── web.config
│ ├── InitiateClientAction.ps1
│ ├── InitiateClientAction_OverInternet.ps1
│ ├── ListAdminServiceFunctions.ps1
│ ├── MMSJazz
│ │ ├── ASDTestFile.txt
│ │ ├── MMSJazzSample1.JSON
│ │ └── MMSJazzSample2.json
│ ├── MiscSamples
│ │ ├── AdminService-GridViewDemo.ps1
│ │ ├── AdminService-Test1.ps1
│ │ ├── CMPivotSample.ps1
│ │ ├── RunScriptSample.ps1
│ │ ├── SyncNowSample.ps1
│ │ └── TriggerInstantAppInstall.PS1
│ ├── PowerBI
│ │ ├── PowerBIAdminServiceDemo.pbix
│ │ └── SCCM Logo.png
│ ├── README.md
│ ├── Run-CMPivot.ps1
│ ├── SMS_ClientOperation TypeList.txt
│ ├── WMI 4 Ways - AdminService Demo.ps1
│ └── WMI_CIM_AdminService_1910TP.ps1
├── BootImage
│ ├── Exclude
│ │ └── RegenerateBootImageWinPE10.ps1
│ ├── New-BootImage.ps1
│ ├── Pre-Start
│ │ ├── Custom.cmd
│ │ ├── Custom
│ │ │ └── ADD CUSTOM FILES HERE.md
│ │ └── Windows
│ │ │ └── System32
│ │ │ ├── BCP47Langs.dll
│ │ │ ├── BCP47mrm.dll
│ │ │ ├── DartConfig.dat
│ │ │ ├── Explorer.exe
│ │ │ ├── FauxShell.dll
│ │ │ ├── FirewallExceptionChange.dll
│ │ │ ├── LockingHooks.dll
│ │ │ ├── MSDartCmn.dll
│ │ │ ├── RdpCore.dll
│ │ │ ├── RemoteRecovery.exe
│ │ │ ├── WaitForConnection.exe
│ │ │ ├── fe.cfg
│ │ │ ├── mfc100u.dll
│ │ │ ├── msvcp100.dll
│ │ │ ├── msvcr100.dll
│ │ │ ├── rdpencom.dll
│ │ │ └── smsts.ini
│ ├── README.md
│ ├── Run-Command.ps1
│ └── Run-NewBootImage.ps1
├── BranchCache
│ ├── BranchCacheErrorsCMPivot.kql
│ ├── Decode-BranchCacheURLfromEventLog.ps1
│ ├── HashValidationDeploymentError.SQL
│ ├── Move-BCCacheLocation.ps1
│ ├── Process-CMPivotBCErrors.ps1
│ └── Test-BCDownloads.ps1
├── CMPivot
│ ├── CMPivot Query Examples - MMSMiami 2021.kql
│ ├── CMPivotEvents.ps1
│ ├── CMPivotLocalScriptExample.ps1
│ ├── CMPivotMarkdown.md
│ ├── CMPivotOverAdminService
│ ├── Compat Appraiser Version Info.kql
│ ├── ControlService.ps1
│ ├── Feature Update TargetVersionUpgradeExperienceIndicators.kql
│ └── ViewAllScripts.sql
├── Client
│ ├── ConfigMgrClientDetectionScript.ps1
│ └── Install-ConfigMgrClientOverTheInternet.ps1
├── ClientActions
│ ├── RunScript-TriggerClientAction.ps1
│ ├── SMS_ClientOperation TypeList.txt
│ ├── Trigger-CMClientActions.ps1
│ ├── Trigger-ClientRebootTimer.ps1
│ ├── Trigger-ClientRebootWithNotification.ps1
│ └── Trigger-DCMBaselineDuringTS.ps1
├── ClientDataSources
│ ├── ClientDataSources.ps1
│ ├── Get-DownloadHistoryStatusMessage.ps1
│ └── RedistContent.ps1
├── Collections
│ ├── Collection - Duplicate Azure AD Device ID.MOF
│ ├── ConfigMgrVIPCollections.TXT
│ └── WorkstationClient.txt
├── DesktopAnalytics
│ └── Get-DesktopAnalytics.ps1
├── Drivers
│ └── Create Driver Packages.ps1
├── ErrorLookup
│ ├── AdminUI.UIResources.dll
│ ├── DatabaseResources.dll
│ ├── List.txt
│ ├── Lookup-Error.ps1
│ └── SrsResources.dll
├── ManageDPCertificates
│ ├── CopyAndRun.ps1
│ ├── New-CertReq.ps1
│ ├── Run-NewCertReq.ps1
│ └── UpdateDPsWithCerts.ps1
├── README.md
├── SQL
│ ├── BoundaryMapping.ps1
│ ├── CoManagementWorkloads.sql
│ ├── CollectionMemberMismatch.ps1
│ ├── ConfigMgr
│ │ ├── AppsWithRetiredSupersedence.sql
│ │ ├── FindCollectionsUsingSoftwareInventoryViews.sql
│ │ ├── OSMapTesting- WIP.sql
│ │ ├── OSVersionMapping.sql
│ │ └── OSVersionMappingSum.sql
│ ├── ExtractQueriesFromSSRSRDL.ps1
│ ├── README.md
│ ├── UMR.txt
│ ├── UtilityQueries
│ │ └── FindTextInDB.sql
│ └── v_OSBuildNumberParts.sql
├── Scripts
│ ├── Disable-MeteredConnections.ps1
│ ├── Fix-WindowsUpdateBootLoop.ps1
│ ├── FixOSKey.ps1
│ ├── Get-CMApplicationList.ps1
│ ├── Get-CollectionPath.ps1
│ ├── GetTPMVersion.ps1
│ ├── Invoke-DCMBaseline.ps1
│ ├── PSLogSanitizer.ps1
│ ├── ResetLocalAdminPwd.ps1
│ ├── TeamsInventory.ps1
│ ├── ThisIsNotAPSScript.vbs
│ └── WaitForSCCMSchedulesBeforeTriggeringActions.ps1
├── StatusMessages
│ ├── New-CustomStatusMessage.ps1
│ └── New-CustomStatusMessage.txt
├── TaskSequence
│ ├── New-DriverVariableTSStep.ps1
│ ├── Update-CMClientPackages.ps1
│ └── Update-TSBootImageID.ps1
├── TaskSequenceMonitor
│ ├── Monitor-TaskSequence.ps1
│ ├── Process-TaskSequence.ps1
│ └── readme.md
├── Troubleshooting
│ ├── CleanupFoldersWithRoboCopy.ps1
│ ├── Get-BadMIFs.ps1
│ └── Remove-NetworkMetering.ps1
├── Updates
│ └── Fix-WindowsUpdateBootLoop.ps1
└── WindowsImage
│ ├── Import-WindowsImage.ps1
│ └── Run-ImportWindowsImage.ps1
├── DataIngestion
├── Import-DataToSQL.ps1
└── MGGraph-Helper.ps1
├── Day4-Input.txt
├── Demo Content
├── AdminService (CTSMUG)
│ ├── AdminService-GridViewDemo.ps1
│ ├── AdminService-Test1.ps1
│ ├── PowerBIAdminServiceDemo.pbix
│ └── WMIQueryTest.ps1
├── AdminService (MMSJazz)
│ ├── CommunityNode.xml
│ ├── ConnectedConsole.xml
│ ├── SiteConfigurationNode.xml
│ ├── WhatsNewNode.xml
│ └── Youtube1280x720.png
├── CMPivot (MMSMiami)
│ ├── CMPivot Query Examples - MMSMiami 2021.kql
│ ├── CMPivotEvents.ps1
│ ├── CMPivotLocalScriptExample.ps1
│ ├── CMPivotMarkdown.md
│ ├── CMPivotOverAdminService.ps1
│ ├── ControlService.ps1
│ └── ViewAllScripts.sql
├── Client Data Sources (TXSMUG)
│ ├── ClientDataSourcesStatusMessageSample.XML
│ ├── Enable-ClientDebugLogging.ps1
│ └── Get-DownloadHistoryStatusMessage.ps1
├── Graph API and AdminService (MMSMiami)
│ ├── AllTheThingsOverTheInternet.ps1
│ ├── Get-AADUserDevices_Runbook.ps1
│ ├── Microsoft.IdentityModel.Clients.ActiveDirectory.dll
│ ├── Microsoft.IdentityModel.Clients.ActiveDirectory.xml
│ ├── README.MD
│ └── Set-ManagedDeviceName.ps1
├── HomeLab (MMSMiami)
│ ├── AutomatedLabSetup.ps1
│ └── Intune.HV.Tools.ps1
├── Manage Any Device Anywhere (MEMUG)
│ ├── AdminServiceDemo.pbix
│ ├── AdminServiceOverAppProxy.ps1
│ ├── AdminServiceQuerySamples.PS1
│ ├── InitiateClientAction.ps1
│ ├── ListAdminServiceFunctions.ps1
│ └── WMI 4 Ways - AdminService Demo.ps1
├── Manage Any Device Anywhere (NWSCUG)
│ ├── AdminServiceDemo.pbix
│ ├── AdminServiceOverAppProxy.ps1
│ ├── AdminServiceQuerySamples.PS1
│ ├── InitiateClientAction.ps1
│ ├── ListAdminServiceFunctions.ps1
│ └── WMI 4 Ways - AdminService Demo.ps1
└── Task Sequences (AZSMUG)
│ ├── GetOSInfo.ps1
│ ├── TaskSequences
│ ├── CustomDialog.zip
│ ├── CustomDialog_files
│ │ └── TS Tools
│ │ │ ├── ASCIIArt.ps1
│ │ │ ├── Invoke-PSScriptAsUser.ps1
│ │ │ ├── Monitor-TaskSequence.ps1
│ │ │ ├── Process-TaskSequence.ps1
│ │ │ ├── Progress_RunSpace_Mahapps_Ring_FullScreen.ps1
│ │ │ ├── Run_Progress.ps1
│ │ │ ├── ServiceUI.exe
│ │ │ ├── Test.ps1
│ │ │ ├── assembly
│ │ │ ├── MahApps.Metro.dll
│ │ │ └── System.Windows.Interactivity.dll
│ │ │ └── cmtrace.exe
│ ├── DynamicVars1.zip
│ ├── DynamicVars1_files
│ │ └── TS Tools
│ │ │ ├── ASCIIArt.ps1
│ │ │ ├── Invoke-PSScriptAsUser.ps1
│ │ │ ├── Monitor-TaskSequence.ps1
│ │ │ ├── Process-TaskSequence.ps1
│ │ │ ├── Progress_RunSpace_Mahapps_Ring_FullScreen.ps1
│ │ │ ├── Run_Progress.ps1
│ │ │ ├── ServiceUI.exe
│ │ │ ├── Test.ps1
│ │ │ ├── assembly
│ │ │ ├── MahApps.Metro.dll
│ │ │ └── System.Windows.Interactivity.dll
│ │ │ └── cmtrace.exe
│ ├── DynamicVars2.zip
│ └── TryCatch.zip
│ └── Tools
│ ├── ASCIIArt.ps1
│ ├── Invoke-PSScriptAsUser.ps1
│ ├── Monitor-TaskSequence.ps1
│ ├── Process-TaskSequence.ps1
│ ├── Progress_RunSpace_Mahapps_Ring_FullScreen.ps1
│ ├── Run_Progress.ps1
│ ├── ServiceUI.exe
│ ├── Test.ps1
│ ├── assembly
│ ├── MahApps.Metro.dll
│ └── System.Windows.Interactivity.dll
│ └── cmtrace.exe
├── Graph
└── AddUserToAADGroup.ps1
├── Group Policy
├── Copy-GPO.ps1
└── README.md
├── Hello For Business Notes.txt
├── Intune Graph Sample - Graph Auth Function.pbix
├── Intune
├── ADMXIngestion
│ ├── RemovedComboBoxItems.txt
│ ├── receiver_ComboBoxRemoved.adml
│ └── receiver_ComboBoxRemoved.admx
├── AddUserToAADGroup.ps1
├── Assignements.ps1
├── Assignements2.ps1
├── AzureADtoLocalAdmin.ps1
├── ConvertToBase64.ps1
├── Fix-PANGPS_Launcher.ps1
├── Get-DSREGCMDStatus.ps1
├── Intune-UnHybridJoin.ps1
├── Invoke-BulkRemediation.ps1
├── LogIngestion
│ └── IntuneInventory
│ │ ├── UserSoftwareInventory.ps1
│ │ └── run.ps1
├── MGGraph-Helper.ps1
├── Manage-Services.ps1
├── New-Win32App
│ └── New-IntuneApp.ps1
├── Proactive Remediations
│ ├── AVD
│ │ ├── Detect-AVDRegKeys.ps1
│ │ └── Remediate-AVDRegKeys.ps1
│ ├── DefaultIMApp
│ │ └── Detect-DefaultIMApp.ps1
│ ├── DefenderFirewallReportingAuditing
│ │ ├── Detect-DefenderFirewallReportingAuditing.ps1
│ │ ├── README.md
│ │ └── Remediate-DefenderFirewallReportingAuditing.ps1
│ ├── IntelSmartSound
│ │ ├── Detect-IntelSmartSound.ps1
│ │ └── Remediate-IntelSmartSound.ps1
│ ├── RegistryKeys
│ │ ├── Detect Registry Keys.ps1
│ │ └── Remediate Registry Keys.ps1
│ ├── RemoveAutopilotRebootKeys
│ │ └── Remove-AutopilotRebootKeys.ps1
│ ├── TeamViewer
│ │ ├── Remediate-TeamViewer.ps1
│ │ └── TeamViewer.ps1
│ ├── TeamsFirewallRule
│ │ ├── Detect-TeamsFirewallRule.ps1
│ │ └── Remediate-TeamsFirewallRule.ps1
│ ├── TeamsHomeClient
│ │ ├── Detect-TeamsHomeClient.ps1
│ │ └── Remediate-TeamsHomeClient.ps1
│ ├── WindowsUpdatePendingReboot
│ │ └── Detect-WindowsUpdatePendingReboot.ps1
│ └── WindowsUpdatePolicyKey
│ │ ├── Detect-WindowsUpdatePolicyKey.ps1
│ │ └── Remediate-WindowsUpdatePolicyKey.ps1
└── TimeZoneStuff
│ └── Add-Type -AssemblyName System.Device.ps1
├── MicrosoftDefender
├── README.md
└── USBControl
│ ├── Defender-PassiveModeRemediation.ps1
│ ├── GPO
│ ├── DeviceControlGroups.XML
│ └── DeviceControlRules.XML
│ ├── GPOFileBuilder.ps1
│ └── Intune
│ ├── Groups
│ ├── 2994483d-64d6-44f2-a95c-63b905298dae.xml
│ ├── 2a93d745-7ff4-4667-a384-a57b84344ff0.xml
│ ├── 3551c70b-349b-4e2a-bd3e-a5687d94a22c.xml
│ ├── 3cb15697-09a3-4f0d-872c-691b6b377e71.xml
│ ├── 6f34e099-573d-4fd9-b6ac-eb8650d7d99b.xml
│ ├── ad32c4e8-981a-43e1-bf2c-496fa176256c.xml
│ └── cad1615e-e5d6-4c11-94aa-2df05861a372.xml
│ └── Rules
│ ├── 492a1994-8e0d-426e-8800-e717d5badc97.xml
│ ├── 5f1dfdc6-05f8-43b7-828b-39b76b74b347.xml
│ ├── b395c7ac-5fbf-41e9-a5fd-52e23167b143.xml
│ └── bddfbc76-7f03-490e-9433-67774831c770.xml
├── PartnerPortal
└── Add Device To Partner Portal.ps1
├── PowerBI
└── PowerBI App List.md
├── README.md
├── Unified Write Filter
├── Detect-UWF.ps1
├── Detect-UWFFeature.ps1
├── Disable-UWF.ps1
├── Enable-UWF.ps1
├── Remediate-UWFFeature.ps1
└── readme.md
├── Windows
├── Kiosk
│ ├── Kiosk Workstation.htm
│ └── Kiosk.txt
└── OfflineServicing
│ ├── Import-WindowsImage.ps1
│ ├── Readme.md
│ ├── Run-ServiceWIMandImportImage.ps1
│ └── Service-WIM.ps1
└── mdmcertcheckandremediate.ps1
/.gitignore:
--------------------------------------------------------------------------------
1 | ConfigMgr/AdminService/Auth.Json
2 | .vscode/settings.json
3 | Reference Scripts/
4 | secrets.json
5 | Private/
6 |
--------------------------------------------------------------------------------
/CMTrace.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/CMTrace.exe
--------------------------------------------------------------------------------
/Certs/CACerts.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 | #http://www.checkyourlogs.net/?p=56283
9 |
10 | Import-Module ActiveDirectory
11 |
12 | $ConfigContext = ([ADSI]"LDAP://RootDSE").ConfigurationNamingContext
13 | $ADSI = [ADSI]"LDAP://CN=Certificate Templates,CN=Public Key Services,CN=Services,$ConfigContext"
14 | #$ADSI.Children | Sort-Object Name | Select-Object DisplayName, Name, msPKI-Cert-Template-OID
15 | $Templates1 = @()
16 | $templates = $ADSI.Children | Sort-Object Name | ForEach {
17 | $Templates1 += Get-ADObject $_.distinguishedName.ToString() -Properties * | Select *
18 | }
19 |
20 |
21 | ($Templates1 | Where-Object Name -eq ConfigMgrWebServerCertificate).pKIExpirationPeriod.GetType()
22 |
23 |
24 |
25 |
26 |
27 |
--------------------------------------------------------------------------------
/Certs/GetInfo.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 | $templateName = "ConfigMgrCloudServicesCertificate"
9 |
10 | $ConfigContext = ([ADSI]"LDAP://RootDSE").ConfigurationNamingContext
11 | $ADSI = [ADSI]"LDAP://CN=Certificate Templates,CN=Public Key Services,CN=Services,$ConfigContext"
12 | $template = [ADSI]"LDAP://CN=$templateName,CN=Certificate Templates,CN=Public Key Services,CN=Services,$ConfigContext"
13 | $template.Properties.PropertyNames | ? {$_.StartsWith("pKI") -or $_.StartsWith("msPKI-")} | % {
14 | Write-Host """$_"" = ""$($template.psbase.Properties.Item($_).ToString())"""
15 | }
--------------------------------------------------------------------------------
/Certs/GetInfo_v2.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 | $SourceTemplateCN = "DomainControllerAuthentication(KDC)"
9 |
10 | $ConfigContext = ([ADSI]"LDAP://RootDSE").ConfigurationNamingContext
11 | $ADSI = [ADSI]"LDAP://CN=Certificate Templates,CN=Public Key Services,CN=Services,$ConfigContext"
12 | $Template = [ADSI]"LDAP://CN=$SourceTemplateCN,CN=Certificate Templates,CN=Public Key Services,CN=Services,$ConfigContext"
13 | $PropertyList = $Template.Properties.PropertyNames | Where-Object {$_.StartsWith("pKI") -or $_.StartsWith("flags") -or $_.StartsWith("msPKI-")}
14 |
15 | ForEach($Property in $PropertyList) {
16 | $Value = $Template.psbase.Properties.Item($Property).Value
17 | If($Property -eq "pKIExpirationPeriod" -or $Property -eq "pKIOverlapPeriod") {
18 | $b = $Value -join ','
19 | Write-Host """$Property"" = ([Byte[]]($b))"
20 |
21 | }
22 | ElseIf($Value -is [byte[]]) {
23 | $b = '"{0}"' -f ($Value -join '","')
24 | Write-Host """$Property"" = [Byte[]]("$($b.ToString())")"
25 | }
26 | ElseIf($Value -is [Object[]]) {
27 | $b = '"{0}"' -f ($Value -join '","')
28 | Write-Host """$Property"" = @("$($b.ToString())")"
29 | }
30 | ElseIf($Value -match '`') {
31 | $NewVal = $Value.Replace('`','``')
32 | Write-Host """$Property"" = ""$($NewVal.ToString())"""
33 | }
34 | Else {
35 | Write-Host """$Property"" = ""$($Value.ToString())"""
36 | }
37 | }
38 |
39 |
40 | #GetPermissions
41 | #$Good = "ConfigMgrClientCertificate"
42 | #$GoodTemplate = [ADSI]"LDAP://CN=$($Good),CN=Certificate Templates,CN=Public Key Services,CN=Services,$ConfigContext"
43 | #$GoodTemplate.ObjectSecurity.Access | Select * | Format-List
44 |
45 |
46 |
--------------------------------------------------------------------------------
/Certs/Test.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 | $ConfigContext = ([ADSI]"LDAP://RootDSE").ConfigurationNamingContext
9 | $ADSI = [ADSI]"LDAP://CN=Certificate Templates,CN=Public Key Services,CN=Services,$ConfigContext"
10 |
11 | # and put other atributes that you need
12 | $WATempl = $ADSI.psbase.children | where {$_.cn -eq "WebServer"}
13 |
14 | #Remove-CATemplate -name $NewTemplateName -Force -ErrorAction SilentlyContinue
15 | $NewTemplate = $ADSI.Create("pKICertificateTemplate", "CN=Test")
16 | $NewTemplate.DeleteTree()
17 | $NewTemplate = $ADSI.Create("pKICertificateTemplate", "CN=Test")
18 | $NewTemplate.put("distinguishedName","CN=Test,CN=Certificate Templates,CN=Public Key Services,CN=Services,$ConfigContext")
19 |
20 | #$WATempl..ToString()
21 |
22 | $NewTemplate.put("flags","131649")
23 | $NewTemplate.put("displayName","Test")
24 | $NewTemplate.put("revision",$WATempl.revision.ToString())
25 | $NewTemplate.put("pKIDefaultKeySpec",$WATempl.pKIDefaultKeySpec.ToString())
26 | $NewTemplate.SetInfo()
27 |
28 | $NewTemplate.put("msPKI-Cert-Template-OID",$WATempl.'msPKI-Cert-Template-OID'.ToString())
29 | $NewTemplate.put("pKIMaxIssuingDepth",$WATempl.pKIMaxIssuingDepth.ToString())
30 | $NewTemplate.put("pKICriticalExtensions",$WATempl.pKICriticalExtensions.ToString())
31 | $NewTemplate.put("pKIExtendedKeyUsage",$WATempl.pKIExtendedKeyUsage.ToString())
32 | $NewTemplate.put("pKIDefaultCSPs",$WATempl.pKIDefaultCSPs.ToString())
33 | $NewTemplate.put("msPKI-RA-Signature",$WATempl.'msPKI-RA-Signature'.ToString())
34 | $NewTemplate.put("msPKI-Enrollment-Flag",$WATempl.'msPKI-Enrollment-Flag'.ToString())
35 | $NewTemplate.put("msPKI-Private-Key-Flag",$WATempl.'msPKI-Private-Key-Flag'.ToString())
36 | $NewTemplate.put("msPKI-Certificate-Name-Flag",$WATempl.'msPKI-Certificate-Name-Flag'.ToString())
37 | $NewTemplate.put("msPKI-Minimal-Key-Size",$WATempl.'msPKI-Minimal-Key-Size'.ToString())
38 | $NewTemplate.put("msPKI-Template-Schema-Version","2")
39 | $NewTemplate.put("msPKI-Template-Minor-Revision","2")
40 | $NewTemplate.put("msPKI-Certificate-Application-Policy",$WATempl.pKIExtendedKeyUsage.ToString())
41 |
42 | $NewTemplate.SetInfo()
43 |
44 |
45 |
46 | #before
47 | $NewTemplate.pKIKeyUsage = $WATempl.pKIKeyUsage
48 | $NewTemplate.pKIExpirationPeriod = $WATempl.pKIExpirationPeriod
49 | $NewTemplate.pKIOverlapPeriod = $WATempl.pKIOverlapPeriod
50 | $NewTemplate.SetInfo()
51 |
52 | $NewTemplate | select *
--------------------------------------------------------------------------------
/CodeDump/Repair-WMIClass.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 |
9 | param(
10 | [Parameter()]
11 | [string]
12 | $InputParam,
13 |
14 | [Parameter()]
15 | [switch]
16 | $Remediate = $True,
17 |
18 | [Parameter()]
19 | [string]
20 | $NameSpace = "root\cimv2",
21 |
22 | [Parameter()]
23 | [string]
24 | $ClassName = "Win32_UserProfile",
25 |
26 | [Parameter()]
27 | [string]
28 | $ValidProperty = "HealthStatus",
29 |
30 | [Parameter()]
31 | [string[]]
32 | $FileList = @(
33 | "C:\Windows\System32\wbem\UserProfileWmiProvider.mof",
34 | "C:\Windows\System32\wbem\UserProfileConfigurationWmiProvider.mof"
35 | "C:\Windows\System32\wbem\en-us\UserProfileWmiProvider.mfl",
36 | "C:\Windows\System32\wbem\en-us\UserProfileConfigurationWmiProvider.mfl"
37 | )
38 | )
39 |
40 | Try {
41 | $Class = Get-CimInstance -Namespace $NameSpace -ClassName $ClassName
42 | If(!($Class[0].PSObject.Properties.Name -contains $ValidProperty)) {
43 | If($Remediate.IsPresent) {
44 | ForEach($File in $FileList) {
45 | If(Get-Item -Path $File -ErrorAction Stop) {
46 | mofcomp.exe $File
47 | }
48 | Else {
49 | Write-Host "File $($File) not found."
50 | }
51 | }
52 | Return 0
53 | }
54 | Return 1
55 | }
56 | Else {
57 | Return 0
58 | }
59 | }
60 | Catch {
61 | Return 0
62 | }
--------------------------------------------------------------------------------
/CodeDump/RepairDomainTrust.ps1:
--------------------------------------------------------------------------------
1 | Test-ComputerSecureChannel -Server DC02 -Credential (Get-Credential) -Repair
--------------------------------------------------------------------------------
/CodeDump/RollBackCPlusPlusRedist/14.32.31332.0/VC_redist.x64.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/CodeDump/RollBackCPlusPlusRedist/14.32.31332.0/VC_redist.x64.exe
--------------------------------------------------------------------------------
/CodeDump/RollBackCPlusPlusRedist/14.32.31332.0/VC_redist.x86.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/CodeDump/RollBackCPlusPlusRedist/14.32.31332.0/VC_redist.x86.exe
--------------------------------------------------------------------------------
/CodeDump/RollBackCPlusPlusRedist/14.34.31931.0/VC_redist.x64.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/CodeDump/RollBackCPlusPlusRedist/14.34.31931.0/VC_redist.x64.exe
--------------------------------------------------------------------------------
/CodeDump/RollBackCPlusPlusRedist/14.34.31931.0/VC_redist.x86.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/CodeDump/RollBackCPlusPlusRedist/14.34.31931.0/VC_redist.x86.exe
--------------------------------------------------------------------------------
/CodeDump/RollBackCPlusPlusRedist/movefile64.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/CodeDump/RollBackCPlusPlusRedist/movefile64.exe
--------------------------------------------------------------------------------
/CodeDump/Set-PowerPlanToBalanced.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 | #https://docs.microsoft.com/en-us/windows/win32/power/power-policy-settings
9 |
10 | [cmdletbinding()]
11 | param (
12 | [switch]$Remediate = $false,
13 | $PlanToActivate = "Balanced",
14 | $PlansToChange = ("Power Plan","High performance","Task Sequence High Performance","Power Saver","Task Sequence High Performance","Ultimate Performance")
15 | )
16 |
17 | $DefaultPlans = @{
18 | "Power saver" = [PSCustomObject]@{
19 | ElementName = "Power saver"
20 | InstanceID = "Microsoft:PowerPlan\{a1841308-3541-4fab-bc81-f71556f20b4a}"
21 | GUID = "a1841308-3541-4fab-bc81-f71556f20b4a"
22 | }
23 |
24 | "Balanced" = [PSCustomObject]@{
25 | ElementName = "Balanced"
26 | InstanceID = "Microsoft:PowerPlan\{381b4222-f694-41f0-9685-ff5bb260df2e}"
27 | GUID = "381b4222-f694-41f0-9685-ff5bb260df2e"
28 | }
29 |
30 | "High performance" = [PSCustomObject]@{
31 | ElementName = "High performance"
32 | InstanceID = "Microsoft:PowerPlan\{8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c}"
33 | GUID = "8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c"
34 | }
35 | }
36 |
37 | $NameSpace = "ROOT\cimv2\power"
38 | $ClassName = "Win32_PowerPlan"
39 |
40 | try {
41 | $ActivePlan = Get-CIMInstance -Namespace $NameSpace -ClassName $ClassName | Where-Object {$_.IsActive -eq $True} -ErrorAction SilentlyContinue
42 | if($ActivePlan -and $ActivePlan.InstanceID -ne $DefaultPlans[$PlanToActivate].InstanceID -and ($ActivePlan.ElementName -in $PlansToChange)) {
43 | if($Remediate.IsPresent) {
44 | & powercfg.exe /s $DefaultPlans[$PlanToActivate].GUID
45 | $NewActivePlan = Get-CIMInstance -Namespace $NameSpace -ClassName $ClassName | Where-Object {$_.IsActive -eq $True} -ErrorAction SilentlyContinue
46 | & powercfg /change standby-timeout-ac 0
47 | & powercfg /change monitor-timeout-ac 0
48 | & powercfg /change hibernate-timeout-ac 0
49 | & powercfg -setacvalueindex 381b4222-f694-41f0-9685-ff5bb260df2e 4f971e89-eebd-4455-a8de-9e59040e7347 5ca83367-6e45-459f-a27b-476b1d01c936 0
50 | reg.exe add "HKLM\SYSTEM\ControlSet001\Control\Power" /v CSEnabled /t REG_DWORD /d 1 /f
51 | Return $NewActivePlan.ElementName
52 | }
53 | else {
54 | Return $ActivePlan.ElementName
55 | }
56 | }
57 | else {
58 | #Default High Perf Plan not Enabled. Nothing to do.
59 | return $ActivePlan.ElementName
60 | }
61 | }
62 | catch {
63 | throw $_
64 | }
--------------------------------------------------------------------------------
/CodeDump/Test For Broken Lenovo Catalog Agent.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 | Try {
9 | $Value = Get-CIMInstance -Namespace ROOT\Lenovo\Drivers -ClassName Win32_PnPSignedDriverEx -ErrorAction Stop
10 | }
11 | Catch [Microsoft.Management.Infrastructure.CimException]{
12 | #Write-Host "Error"
13 | if($_.Exception.Message -like "*Invalid namespace*") {
14 | return $true
15 | }
16 | else {
17 | return $false
18 | }
19 | }
20 |
21 | $Event = Get-WinEvent -LogName Application -MaxEvents 3
22 | if($Event.ProviderName -eq "Windows Error Reporting") {
23 | #$Event | Select *
24 | Return $false
25 | }
26 | {
27 | Return $true
28 | }
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/AdminSerivce-GetBitlockerRecoveryKey.ps1:
--------------------------------------------------------------------------------
1 | [cmdletbinding()]
2 | param(
3 | [int]$ResourceID,
4 | [string]$SMSProvider
5 | )
6 |
7 | #region AdminService URLs
8 | [string]$VersionedBaseUrl = "https://$($SMSProvider)/AdminService/v1.0"
9 | [string]$DeviceClassURL = "$($VersionedBaseUrl)/Device"
10 | #endregion
11 |
12 | #AdminService
13 | $asGetParams = @{
14 | Method = "GET"
15 | ContentType = "application/json"
16 | ErrorAction = "SilentlyContinue"
17 | UseDefaultCredentials = $True
18 | }
19 |
20 | $asPostParams = @{
21 | Method = "POST"
22 | ContentType = "application/json"
23 | ErrorAction = "SilentlyContinue"
24 | UseDefaultCredentials = $True
25 | }
26 | #endregion
27 |
28 |
29 | #region Get ConfigMgr Device
30 | try{
31 | $asGetParams["URI"] = "$($DeviceClassURL)($($ResourceID))"
32 | $CMDeviceResponse = Invoke-RestMethod @asGetParams
33 | if ($CMDeviceResponse) {
34 | $CMDevice = $CMDeviceResponse
35 | Write-Output "Found ConfigMgr Device: $($CMDevice.Name)"
36 | }
37 | }
38 | catch {
39 | Write-Output "No CM Device found for device: $($ManagedDevice.deviceName)"
40 | }
41 |
42 | if ($CMDevice) {
43 | try {
44 | $asGetParams["URI"] = "$($DeviceClassURL)($($CMDevice.MachineId))/RecoveryKeys"
45 | $RecoveryKeyResponse = Invoke-RestMethod @asGetParams
46 | $RecoveryKeys = $RecoveryKeyResponse.value
47 |
48 | if ($RecoveryKeys) {
49 | foreach ($key in $RecoveryKeys) {
50 | try {
51 | $asPostParams["Body"] = @{
52 | RecoveryKeyId = $Key.RecoveryKeyId
53 | } | ConvertTo-Json
54 | $asPostParams["URI"] = "$($DeviceClassURL)($($CMDevice.MachineId))/AdminService.GetRecoveryKeyValue"
55 | $GetRecoveryKeyValueResponse = Invoke-RestMethod @asPostParams
56 | $KeyObject = [PSCustomObject]@{
57 | ResourceId = $CMDevice.MachineId
58 | DeviceName = $CMDevice.Name
59 | ItemKey = $key.ItemKey
60 | RecoveryKeyId = $key.RecoveryKeyId
61 | VolumeTypeId = $key.VolumeTypeId
62 | RecoveryKey = if($GetRecoveryKeyValueResponse.value) {$GetRecoveryKeyValueResponse.value} else {$null}
63 | }
64 | $KeyObject
65 | }
66 | catch {
67 | Throw $_
68 | }
69 |
70 | }
71 | }
72 | }
73 | catch {
74 | $RecoveryKeys = $null
75 | }
76 | }
77 | #endregion
78 |
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/Applications/AdminService-NewApplicationBasic.ps1:
--------------------------------------------------------------------------------
1 | [cmdletbinding()]
2 | param (
3 | [Parameter(Mandatory=$true)]
4 | $ServerName,
5 |
6 | [Parameter(Mandatory=$true)]
7 | $ApplicationTitle,
8 |
9 | [Parameter(Mandatory=$false)]
10 | $ApplicationVersion = 1.0
11 | )
12 |
13 | function New-ScopeID {
14 | param (
15 | $ServerName
16 | )
17 | try {
18 | #
19 | $GetSiteID = Invoke-RestMethod -Method Get -Uri "https://$ServerName/AdminService/wmi/SMS_Identification.GetSiteID" -UseDefaultCredentials
20 | $SiteID = $GetSiteID.SiteID
21 | $SiteID = ($SiteID -Replace "{|}", "").ToUpper()
22 | $ScopeID = "ScopeId_$SiteID"
23 |
24 | return $ScopeID
25 | }
26 | catch {
27 | throw $_
28 | }
29 | }
30 |
31 | function New-ResourceID {
32 | $guid = New-Guid
33 | [int]$resnum = [Math]::Abs($guid.GetHashCode())
34 | $ResourceID = "Res_$resnum"
35 | return $ResourceID
36 | }
37 |
38 | #App Variables
39 | $ScopeID = New-ScopeID -ServerName $ServerName
40 | $ApplicationID = "Application_$(New-Guid)"
41 | $DigestVersion = 1
42 | $Language = (Get-Culture).Name
43 |
44 | #SDMPackageXML Template
45 | $SDMPackageXML = @'
46 |
47 |
48 |
49 |
50 | {4}
51 |
52 |
53 | {4}
54 |
55 |
56 | '@ -f $ScopeID, $ApplicationID, $DigestVersion, $Language, $ApplicationTitle, (New-ResourceID)
57 |
58 | $SDMPackageXMLJson = @{
59 | SDMPackageXML = $SDMPackageXML
60 | } | ConvertTo-Json
61 |
62 | try {
63 | $PostParams = @{
64 | Method = Post
65 | Uri = "https://$ServerName/AdminService/wmi/SMS_Application"
66 | Body = $SDMPackageXMLJson
67 | UseDefaultCredentials = $true
68 | ContentType = 'Application/Json'
69 | }
70 | $NewApp = Invoke-RestMethod @PostParams
71 | $NewApp
72 | }
73 | catch {
74 | throw $_
75 | }
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/CMPivotOverCMG.ps1:
--------------------------------------------------------------------------------
1 | Param (
2 | [switch]$CreateNewContext=$True
3 | )
4 | [System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }
5 | [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
6 |
7 | #Install-Module Az
8 | Import-Module Az
9 | Login-AzAccount
10 | #region Get Upgrade Analytics Data
11 | If($CreateNewContext.IsPresent) {
12 | Login-AzAccount
13 | Save-AzContext -Path "$($PSScriptRoot)\azprofile.json" -Force
14 | }
15 | Import-AzContext -Path "$($PSScriptRoot)\azprofile.json" -ErrorAction Stop
16 |
17 | $SiteServer = "cmtp3-cm1.asd.lab"
18 | $BaseUri = "https://$($SiteServer)/AdminService/v1.0/"
19 |
20 | $Query = "OS"
21 | $Params = @{
22 | Method = "Post"
23 | Uri = "$($BaseUri)Collections('SMS00001')/AdminService.RunCmpivot"
24 | Body = @{"InputQuery"="$($Query)"} | ConvertTo-Json
25 | ContentType = "application/json"
26 | UseDefaultCredentials = $true
27 | }
28 | $Result = Invoke-RestMethod @Params
29 |
30 | <#
31 | $Params = @{
32 | Method = "Get"
33 | Uri = "$($BaseUri)Collections"
34 | UseDefaultCredentials = $true
35 | UseBasicParsing = $true
36 | Headers = @{ACCEPT="application/json"}
37 | }
38 |
39 | $Result = Invoke-RestMethod @Params -Verbose
40 |
41 | Invoke-RestMethod ""
42 | #>
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/Certs/ChkCert.ps1:
--------------------------------------------------------------------------------
1 | # CertInfo.ps1
2 | #
3 | # Written by: Rob VandenBrink
4 | #
5 | # Params: Site name or IP ($ip), Port ($port)
6 |
7 |
8 | function ChkCert
9 | {
10 | Param ($ip,[int] $Port)
11 | $TCPClient = New-Object -TypeName System.Net.Sockets.TCPClient
12 | try
13 | {
14 | $TcpSocket = New-Object Net.Sockets.TcpClient($ip,$port)
15 | $tcpstream = $TcpSocket.GetStream()
16 | $Callback = {param($sender,$cert,$chain,$errors) return $true}
17 | $SSLStream = New-Object -TypeName System.Net.Security.SSLStream -ArgumentList @($tcpstream, $True, $Callback)
18 | try
19 | {
20 | $SSLStream.AuthenticateAsClient($IP)
21 | $Certificate = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($SSLStream.RemoteCertificate)
22 | }
23 | finally
24 | {
25 | $SSLStream.Dispose()
26 | }
27 | }
28 | finally
29 | {
30 | $TCPClient.Dispose()
31 | }
32 | return $Certificate
33 |
34 | }
35 |
36 | $Cert = chkcert "cm01.asd.net" 443
37 |
38 |
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/Certs/GetCertChain.ps1:
--------------------------------------------------------------------------------
1 | $Cert | Select *
2 |
3 | #This is just for testing
4 | #$RootCertString = "308203333082021BA00302010202102ADD16574C0450A440AC012FD59EC567300D06092A864886F70D01010B05003016311430120603550403130B534D532049737375696E67301E170D3139303131353137353234395A170D3231303131353137353234395A3016311430120603550403130B534D532049737375696E6730820122300D06092A864886F70D01010105000382010F003082010A02820101009F5C1FD16B2D0FC5F55560098F18B2FD6D88CAAEFD82978FE79C2860AB2C1F1399954D2A15707CA8EEC11DDE69CC1D3577D63BF63799519FD9D83B848EDEE92A3FDD35898BB8FDBFDEE5C37C75BE0D47D149377867A21CE8562C0F6D73DA6DA948B15DB37A3D8B30FC55CDC6A49AECEB75C93548AEAABE3DC639DC0F7D2FF39DB040F238EE24AAC22D89D9DBA1E786D52659CAD785C0A63A09EB6D469D2E475D7CEE347986B93E7AD509FA480BB33D2F8B4665E1A3FF61634C535309745569E84BDD387464BC9D3014FE7132AE0046477169E59A42F2843BFC86F3218406AF24AAB944EDD21F8816AA99B4DB0061BE1D0D7AEF9DDB1B0233D6438E2CA410FBA70203010001A37D307B300E0603551D0F0101FF040403020284300F0603551D130101FF040530030101FF301C06082A864886F714050604107BCEBC894ECC8F45A3F97E5BE4ADEF9E301C06082A864886F714050B0410FAA224589960524F95DAE122857124E9301C06082A864886F71405040410312AFD1907E3D14883A6F44D290C9721300D06092A864886F70D01010B050003820101007E4C4A6107C888F00468FB133319FCEB2A327DC73F121D8AB405DA9657B43CA01EB0E0187E52801285EB862B71B028C2F8204EB2138FDA26F3DE7C738F02968945783DE6E8D707C139FAF67FA6FAB4E2CD26D610BC8B4F66B8A4A3649ED21560353E3EBA6E47165A3B8ED8F12C6FEDF5E6E42074989EA9CB08546F402544A737C5AC583F38B41A92F710FFCD06029D0DABB0AF9C357EF585E5CC325181B60059128562ED73FE50BBB376412BD7745D9C9CA095368677409D1967CE9AE62FF00AFE350A0C55411E5922F6AA29A0681C8500CA230D4FA8DC03048480966582A9C0BBA3EC71FED91AE460D1B4D5B2FB6B360FB45A93C61AAD399147F4074737C686"
5 |
6 | [Security.Cryptography.X509Certificates.X509Certificate2UI]::
7 | $certs = New-Object Security.Cryptography.X509Certificates.X509Certificate2Collection
8 | if ($IncludeAllCerts) {
9 | $chain = New-Object Security.Cryptography.X509Certificates.X509Chain
10 | $chain.ChainPolicy.RevocationMode = "NoCheck"
11 | [void]$chain.Build($Cert)
12 |
13 | $chain.ChainElements | ForEach-Object {[void]$certs.Add($_.Certificate)}
14 | $chain.Reset()
15 | } else {
16 | [void]$certs.Add($Certificate)
17 | }
18 |
19 | $Cert.
20 |
21 | $chain.ChainElements[0].Certificate
22 | $rootCert = $chain.ChainElements[1].Certificate.GetRawCertDataString()
23 |
24 | $RootCert -eq $RootCertString
25 |
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/Certs/GetTSVars.ps1:
--------------------------------------------------------------------------------
1 | # https://ccmexec.com/2016/11/dump-task-sequence-variables-during-osd-the-safe-way/
2 |
3 | #$ExcludeVariables = @('_OSDOAF','_SMSTSReserved','_SMSTSTaskSequence')
4 |
5 | # Config End
6 |
7 | $tsenv = New-Object -COMObject Microsoft.SMS.TSEnvironment
8 | $logPath = $tsenv.Value("_SMSTSLogPath")
9 | $now = Get-Date -Format "yyyy-MM-dd-HH-mm-ss"
10 | $logFile = "TSVariables-$now.log"
11 | $logFileFullName = Join-Path -Path $logPath -ChildPath $logFile
12 |
13 | function MatchArrayItem {
14 | param (
15 | [array]$Arr,
16 | [string]$Item
17 | )
18 |
19 | $result = ($null -ne ($Arr | ? { $Item -match $_ }))
20 | return $result
21 | }
22 |
23 | $tsenv.GetVariables() | % {
24 | "$_ = $($tsenv.Value($_))"
25 | }
26 |
27 |
28 |
29 | $tsenv.Value("_SMSTSRootCACerts")
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/Collect-ClientLogsInTS.ps1:
--------------------------------------------------------------------------------
1 | Param (
2 | [Parameter(Mandatory=$False,HelpMessage="Enter your server name where AdminService is runnning (SMS Provider Role")]
3 | [string]$ServerName = "CMTP3-CM1",
4 |
5 | [Parameter(Mandatory=$false,HelpMessage="Enter the ResourceID of the target device")]
6 | [uint32[]]$TargetResourceIDs = 16777219,
7 |
8 | [Parameter(Mandatory=$false,HelpMessage="Enter a Collection ID that the target device is in")]
9 | [string]$TargetCollectionID = "SMS00001",
10 | [uint32]
11 | $Type=22
12 |
13 | )
14 |
15 | [uint32]$RandomizationWindow = 1
16 | [string]$MethodClass = "SMS_ClientOperation"
17 | [string]$MethodName = "InitiateClientOperation"
18 | [string]$ResultClass = "SMS_ClientOperationStatus"
19 |
20 | $Type=22
21 |
22 | $PostURL = "https://{0}/AdminService/wmi/{1}.{2}" -f $ServerName,$MethodClass,$MethodName
23 | $Headers = @{
24 | "Content-Type" = "Application/json"
25 | }
26 | $Body = @{
27 | TargetCollectionID = $TargetCollectionID
28 | Type = $Type
29 | RandomizationWindow = $RandomizationWindow
30 | TargetResourceIDs = $TargetResourceIDs
31 | } | ConvertTo-Json
32 |
33 | Invoke-RestMethod -Method Post -Uri "$($PostURL)" -Body $Body -Headers $Headers -UseDefaultCredentials | Select-Object ReturnValue
34 |
35 | #Get Results
36 | $GetURL = "https://{0}/AdminService/wmi/{1}" -f $ServerName,$ResultClass
37 | (Invoke-RestMethod -Method Get -Uri "$($GetURL)" -UseDefaultCredentials).Value | Format-Table
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/GifsInSoftwareCenter/.vscode/launch.json:
--------------------------------------------------------------------------------
1 | {
2 | // Use IntelliSense to learn about possible attributes.
3 | // Hover to view descriptions of existing attributes.
4 | // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
5 | "version": "0.2.0",
6 | "configurations": [
7 |
8 | {
9 | "type": "chrome",
10 | "request": "launch",
11 | "name": "Launch Chrome against localhost",
12 | "url": "https://cm01.asd.net/SoftwareCenter/SoftwareCenter.html",
13 | "webRoot": "${workspaceFolder}"
14 | },
15 | {
16 | "name": "PowerShell Launch Current File",
17 | "type": "PowerShell",
18 | "request": "launch",
19 | "script": "${file}",
20 | "args": [],
21 | "cwd": "${file}"
22 | },
23 | {
24 | "name": "PowerShell Launch Current File in Temporary Console",
25 | "type": "PowerShell",
26 | "request": "launch",
27 | "script": "${file}",
28 | "args": [],
29 | "cwd": "${file}",
30 | "createTemporaryIntegratedConsole": true
31 | },
32 | {
33 | "name": "PowerShell Launch Current File w/Args Prompt",
34 | "type": "PowerShell",
35 | "request": "launch",
36 | "script": "${file}",
37 | "args": [
38 | "${command:SpecifyScriptArgs}"
39 | ],
40 | "cwd": "${file}"
41 | },
42 | {
43 | "name": "PowerShell Attach to Host Process",
44 | "type": "PowerShell",
45 | "request": "attach"
46 | },
47 | {
48 | "name": "PowerShell Interactive Session",
49 | "type": "PowerShell",
50 | "request": "launch",
51 | "cwd": ""
52 | },
53 | {
54 | "name": "PowerShell Attach Interactive Session Runspace",
55 | "type": "PowerShell",
56 | "request": "attach",
57 | "processId": "current"
58 | }
59 | ]
60 | }
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/GifsInSoftwareCenter/Devicescripts.js:
--------------------------------------------------------------------------------
1 | const app = document.getElementById('root');
2 |
3 | const container = document.createElement('div');
4 | container.setAttribute('class', 'container');
5 |
6 | app.appendChild(container);
7 |
8 | var data = null;
9 | var request = new XMLHttpRequest();
10 | request.open('GET', 'https://cm01.asd.net/AdminService/wmi/SMS_R_System', true);
11 |
12 | request.addEventListener("readystatechange", function () {
13 | if (this.readyState === 4) {
14 | console.log(this.responseText);
15 | }
16 | });
17 |
18 | request.onload = function () {
19 |
20 | // Begin accessing JSON data here
21 | var data = JSON.parse(this.response).value;
22 | //if (request.status >= 200 && request.status < 400) {
23 | data.forEach(function(system) {
24 | const card = document.createElement('div');
25 | card.setAttribute('class', 'card');
26 |
27 | const h1 = document.createElement('h1');
28 | h1.textContent = system.Name;
29 |
30 | const p = document.createElement('p');
31 | p.textContent = system.DistinguishedName;
32 |
33 | container.appendChild(card);
34 | card.appendChild(h1);
35 | card.appendChild(p);
36 | }
37 | );
38 | //} else {
39 | const errorMessage = document.createElement('marquee');
40 | errorMessage.textContent = "Gah, it's not working!";
41 | app.appendChild(errorMessage);
42 | //}
43 | }
44 |
45 | request.send();
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/Feature Update Scripts.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/Feature Update Scripts.gif
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/MicrosoftEdgeBeta.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/MicrosoftEdgeBeta.gif
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/MicrosoftEdgeDev.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/MicrosoftEdgeDev.gif
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/MicrosoftEdgeStable.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/MicrosoftEdgeStable.gif
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/Office 365 Pro Plus x64.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/Office 365 Pro Plus x64.gif
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/Office 365 Pro Plus x86.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/Office 365 Pro Plus x86.gif
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/Recast RCT.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/Recast RCT.gif
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/RecastRCT.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/RecastRCT.gif
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/Right Click Tools.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/Right Click Tools.gif
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/chrome.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/chrome.gif
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/office.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/office.gif
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/onedrive.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/onedrive.gif
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/power bi desktop.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/AdminService/GifsInSoftwareCenter/Gifs/power bi desktop.gif
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/GifsInSoftwareCenter/SoftwareCenter.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 | Software Center
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/GifsInSoftwareCenter/origscripts.js:
--------------------------------------------------------------------------------
1 | const app = document.getElementById('root');
2 |
3 | const logo = document.createElement('img');
4 | logo.src = 'logo.png';
5 |
6 | const container = document.createElement('div');
7 | container.setAttribute('class', 'container');
8 |
9 | app.appendChild(logo);
10 | app.appendChild(container);
11 |
12 | var request = new XMLHttpRequest();
13 | request.open('GET', 'https://ghibliapi.herokuapp.com/films', true);
14 | request.onload = function () {
15 |
16 | // Begin accessing JSON data here
17 | var data = JSON.parse(this.response);
18 | if (request.status >= 200 && request.status < 400) {
19 | data.forEach(movie => {
20 | const card = document.createElement('div');
21 | card.setAttribute('class', 'card');
22 |
23 | const h1 = document.createElement('h1');
24 | h1.textContent = movie.title;
25 |
26 | const p = document.createElement('p');
27 | movie.description = movie.description.substring(0, 300);
28 | p.textContent = `${movie.description}...`;
29 |
30 | container.appendChild(card);
31 | card.appendChild(h1);
32 | card.appendChild(p);
33 | });
34 | } else {
35 | const errorMessage = document.createElement('marquee');
36 | errorMessage.textContent = `Gah, it's not working!`;
37 | app.appendChild(errorMessage);
38 | }
39 | }
40 |
41 | request.send();
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/GifsInSoftwareCenter/style.css:
--------------------------------------------------------------------------------
1 | * {
2 | box-sizing: border-box
3 | }
4 |
5 | html {
6 | -webkit-font-smoothing: antialiased;
7 | -moz-osx-font-smoothing: grayscale;
8 | font-family: 'Dosis', sans-serif;
9 | line-height: 1.6;
10 | color: #666;
11 | background: #F6F6F6;
12 | }
13 |
14 | #root {
15 | max-width: 1200px;
16 | margin: 0 auto;
17 | }
18 |
19 | h1 {
20 | text-align: center;
21 | padding: .5rem .5rem;
22 | background-image: linear-gradient(120deg, #fbc2eb 0%, #a6c1ee 100%);
23 | margin: 0 0 0 0;
24 | color: white;
25 | font-size: 10pt;
26 | }
27 |
28 | img {
29 | display: block;
30 | margin: .5rem auto;
31 | max-width: 100%;
32 | }
33 |
34 | p {
35 | padding: 0 .5rem .5rem;
36 | margin: 0;
37 | }
38 |
39 | .container {
40 | display: flex;
41 | flex-wrap: wrap;
42 | max-width: 800px;
43 | }
44 |
45 | .card {
46 | margin: 1rem;
47 | background: white;
48 | box-shadow: 2px 4px 25px rgba(0, 0, 0, .1);
49 | border-radius: 5px;
50 | overflow: hidden;
51 | transition: all .2s linear;
52 | max-width: 200px;
53 | }
54 |
55 | .card:hover {
56 | box-shadow: 2px 8px 45px rgba(0, 0, 0, .15);
57 | transform: translate3D(0, -2px, 0);
58 | }
59 |
60 | @media screen and (min-width: 600px) {
61 | .card {
62 | flex: 1 1 calc(50% - 2rem);
63 | }
64 | }
65 |
66 | @media screen and (min-width: 900px) {
67 | .card {
68 | flex: 1 1 calc(33% - 2rem);
69 | }
70 | }
71 |
72 | .card:nth-child(2n) h1 {
73 | background-image: linear-gradient(120deg, #84fab0 0%, #8fd3f4 100%);
74 | }
75 |
76 | .card:nth-child(4n) h1 {
77 | background-image: linear-gradient(120deg, #ff9a9e 0%, #fecfef 100%);
78 | }
79 |
80 | .card:nth-child(5n) h1 {
81 | background-image: linear-gradient(120deg, #ffc3a0 0%, #ffafbd 100%);
82 | }
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/GifsInSoftwareCenter/web.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/InitiateClientAction.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | www.github.com/AdamGrossTX
3 | twitter.com/AdamGrossTX
4 | asquaredozen.com
5 | note: this script could be optimized but is broken up to make it easy to read and step through for learning how AdminService works.
6 | #>
7 | [cmdletbinding()]
8 | Param (
9 | [Parameter(HelpMessage="Enter your server name where AdminService is runnning (SMS Provider Role")]
10 | [string]$ServerName = "CM01.ASD.NET",
11 |
12 | [Parameter(HelpMessage="Enter the ResourceID of the target device")]
13 | [uint32[]]$TargetResourceIDs = '16860287',
14 |
15 | [Parameter(HelpMessage="Enter a Collection ID that the target device is in")]
16 | [string]$TargetCollectionID = "SMS00001"
17 | )
18 |
19 | $Types = [Ordered]@{
20 | "DownloadComputerPolicy" = 8
21 | "DownloadUserPolicy" = 9
22 | "CollectDiscoveryData" = 10
23 | "CollectSoftwareInventory" = 11
24 | "CollectHardwareInventory" = 12
25 | "EvaluateApplicationDeployments" = 13
26 | "EvaluateSoftwareUpdateDeployments" = 14
27 | "SwitchToNextSoftwareUpdatePoint" = 15
28 | "EvaluateDeviceHealthAttestation" = 16
29 | "CheckConditionalAccessCompliance" = 125
30 | "WakeUp" = 150
31 | "Restart" = 17
32 | "EnableVerboseLogging" = 20
33 | "DisableVerboseLogging" = 21
34 | "CollectClientLogs" = 22
35 | }
36 |
37 | [uint32]$RandomizationWindow = 1
38 | [string]$MethodClass = "SMS_ClientOperation"
39 | [string]$MethodName = "InitiateClientOperation"
40 | [string]$ResultClass = "SMS_ClientOperationStatus"
41 |
42 | $Types.Keys | ForEach-Object {Write-Host $Types[$_] : $_}
43 | [uint32]$Type = Read-Host -Prompt "Which client action?"
44 |
45 | $BaseUri = "https://$($ServerName)/AdminService/wmi/"
46 | Write-Host $BaseUri
47 |
48 | $PostURL = "$($BaseUri)$($MethodClass).$($MethodName)"
49 | $Headers = @{
50 | "Content-Type" = "Application/json"
51 | }
52 | $Body = @{
53 | TargetCollectionID = $TargetCollectionID
54 | Type = $Type
55 | RandomizationWindow = $RandomizationWindow
56 | TargetResourceIDs = $TargetResourceIDs
57 | } | ConvertTo-Json
58 |
59 | $Result = Invoke-RestMethod -Method Post -Uri $PostURL -Body $Body -Headers $Headers -UseDefaultCredentials | Select-Object ReturnValue
60 |
61 | $Result
62 |
63 | #Get Results
64 | #start-sleep -Seconds 30
65 |
66 | #$GetURL = "$($BaseUri)$($ResultClass)"
67 | #$Results = Invoke-RestMethod -Method Get -Uri $GetURL -UseDefaultCredentials
68 | #$Results.Value | Format-Table
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/MMSJazz/ASDTestFile.txt:
--------------------------------------------------------------------------------
1 | #MMSJazz Demo Content - 1906 CB
2 |
3 | Demo URLs
4 |
5 | https://CM01/AdminService/wmi
6 |
7 | https://CM01/AdminService/wmi/$Metadata
8 |
9 | https://CM01/AdminService/wmi/SMS_R_System
10 |
11 | https://CM01/AdminService/wmi/SMS_R_System(16777308)
12 |
13 | https://CM01/AdminService/wmi/SMS_UserMachineRelationship?$filter=ResourceName eq 'ASD-46637895'
14 |
15 | #MMAJazz Demo Params - 1906 CB
16 | <#
17 | $SCCMServerName = "CM01.asd.net"
18 | $CollectionName = "All Systems"
19 | $CollectionNameFilter = "All"
20 | $DeviceName="ASD-41365722"
21 | $UserName = "Adam"
22 | #>
23 |
24 | #MMAJazz Demo Params - 1910 TP
25 | <#
26 | $SCCMServerName = "CMTP3-CM1.asd.lab"
27 | $CollectionName = "All Systems"
28 | $CollectionNameFilter = "All"
29 | $DeviceName="CMTP3-CM1"
30 | $UserName = "Adam"
31 | #>
32 |
33 |
34 | #Using ConfigMgr Native Client App
35 | <#
36 | $ClientID = "6a4e5c57-a766-43fe-acc8-ccbc479e9f9f"
37 | $TenantID = "86c2857f-9fb5-4b97-bf85-87c2f8ca9ff5"
38 | $ResourceAppIdURI = "https://asdclougmgmt.ConfigMgrService"
39 | $RedirectURI = "ms-appx-web://Microsoft.AAD.BrokerPlugin/6a4e5c57-a766-43fe-acc8-ccbc479e9f9f"
40 | $InternetBaseURL = "HTTPS://ASQUAREDOZENCLOUDSERVICE.ASQUAREDOZEN.COM/CCM_Proxy_ServerAuth/72057594037927941/AdminService"
41 | $InternalBaseURL = "https://cm01.asd.net/AdminService"
42 | #>
43 |
44 | #Using Custom App
45 | <#
46 | $ClientID = "fe25cb4f-dae4-4195-bd48-08ee51726f2e"
47 | $TenantID = "86c2857f-9fb5-4b97-bf85-87c2f8ca9ff5"
48 | $ResourceAppIdURI = "https://asdclougmgmt.ConfigMgrService"
49 | $RedirectURI = "urn:ietf:wg:oauth:2.0:oob"
50 | $InternetBaseURL = "HTTPS://ASQUAREDOZENCLOUDSERVICE.ASQUAREDOZEN.COM/CCM_Proxy_ServerAuth/72057594037927941/AdminService"
51 | $InternalBaseURL = "https://cm01.asd.net/AdminService"
52 | #>
53 |
54 |
55 | $ClientID = "3e4b7f40-3c04-4eb9-8c97-1a1b56c9b745"
56 | $TenantID = "2d18bd28-ac48-42a9-a47f-82198ab76dc2"
57 | $ResourceAppIdURI = "https://1911TPCMA.ConfigMgrService"
58 | $RedirectURI = "urn:ietf:wg:oauth:2.0:oob"
59 | $InternetBaseURL = "HTTPS://ASDCMTP1911.CLOUDAPP.NET/CCM_Proxy_ServerAuth/72057594037927941/AdminService"
60 | $InternalBaseURL = "https://cmtp3-cm1.asd.lab/AdminService"
61 |
62 |
63 |
64 |
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/MMSJazz/MMSJazzSample2.json:
--------------------------------------------------------------------------------
1 | {
2 | "@odata.context": "https://cm01.asd.net/AdminService/wmi/$metadata#SMS_UserMachineRelationship",
3 | "value": [
4 | {
5 | "@odata.etag": "25165835",
6 | "__LAZYPROPERTIES": [],
7 | "__GENUS": 2,
8 | "__CLASS": "SMS_UserMachineRelationship",
9 | "__SUPERCLASS": "SMS_BaseClass",
10 | "__DYNASTY": "SMS_BaseClass",
11 | "__RELPATH": "SMS_UserMachineRelationship.RelationshipResourceID=25165835",
12 | "__PROPERTY_COUNT": 9,
13 | "__DERIVATION": [
14 | "SMS_BaseClass"
15 | ],
16 | "__SERVER": "CM01",
17 | "__NAMESPACE": "root\\sms\\site_PS1",
18 | "__PATH": "\\\\CM01\\root\\sms\\site_PS1:SMS_UserMachineRelationship.RelationshipResourceID=25165835",
19 | "CreationTime": "2019-11-02T05:37:56.03Z",
20 | "IsActive": true,
21 | "RelationshipResourceID": 25165835,
22 | "ResourceClientType": null,
23 | "ResourceID": 16777308,
24 | "ResourceName": "ASD-46637895",
25 | "Sources": [
26 | 2
27 | ],
28 | "Types": [
29 | 1
30 | ],
31 | "UniqueUserName": "ASD\\Adam"
32 | }
33 | ]
34 | }
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/MiscSamples/CMPivotSample.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | www.github.com/AdamGrossTX
3 | twitter.com/AdamGrossTX
4 | asquaredozen.com
5 |
6 | note: this script could be optimized but is broken up to make it easy to read and step through for learning how AdminService works.
7 | #>
8 | [cmdletbinding()]
9 | Param (
10 | [string]
11 | $SiteServer,
12 |
13 | [string]
14 | $DeviceName
15 | )
16 |
17 | $SiteServer = "CM01.ASD.NET"
18 | $DeviceName="CM01"
19 |
20 | $BaseUri = "https://$($SiteServer)/AdminService/v1.0/"
21 | Write-Host $BaseUri
22 |
23 | $ClassName = "Device"
24 | $GetDeviceParams = @{
25 | Method = "Get"
26 | Uri = "$($BaseUri)$($ClassName)?`$filter=Name eq `'$($DeviceName)`'"
27 | ContentType = "application/json"
28 | UseDefaultCredentials = $true
29 | }
30 |
31 | $Device = Invoke-RestMethod @GetDeviceParams
32 | $MachineId = $Device.Value.MachineId
33 |
34 | If($MachineId) {
35 | $CMPivotQuery = "OperatingSystem"
36 | $RunCMPivotParams = @{
37 | Method = "Post"
38 | Uri = "$($BaseUri)Device($($MachineId))/AdminService.RunCMPivot"
39 | Body = @{"InputQuery"="$($CMPivotQuery)"} | ConvertTo-Json
40 | ContentType = "application/json"
41 | UseDefaultCredentials = $true
42 | }
43 |
44 | $RunCMPivotPivotResult = Invoke-RestMethod @RunCMPivotParams
45 | $OperationID = $RunCMPivotPivotResult.Value.OperationId
46 | Write-Host "OperationID: $($OperationID)"
47 |
48 | $CMPivotResultParams = @{
49 | Method = "Get"
50 | Uri = "$($BaseUri)Device($($MachineId))/AdminService.CMPivotResult(OperationId=$($OperationID))"
51 | ContentType = "application/json"
52 | UseDefaultCredentials = $true
53 | }
54 |
55 | [bool]$ResultsFound = $False
56 | Do {
57 | Try {
58 | $CMPivotResult = Invoke-RestMethod @CMPivotResultParams -ErrorAction Stop
59 | If($CMPivotResult) {
60 | [bool]$ResultsFound = $True
61 | }
62 | }
63 | Catch {
64 | If("Response status code does not indicate success: 404 (Not Found).") {
65 | Start-Sleep -seconds 10
66 | Write-host "No results found. Waiting 10 seconds."
67 | Continue
68 | }
69 | Else {
70 | Throw $_
71 | }
72 | }
73 | } Until ($ResultsFound)
74 |
75 | $CMPivotResult.value.Result
76 | $CMPivotResult.value.Result | Out-GridView
77 | }
78 | Else {
79 | Write-Host "Device $($DeviceName) not found."
80 | }
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/MiscSamples/SyncNowSample.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | www.github.com/AdamGrossTX
3 | twitter.com/AdamGrossTX
4 | asquaredozen.com
5 | note: this script could be optimized but is broken up to make it easy to read and step through for learning how AdminService works.
6 |
7 | #Doesn't work. Some issue with SQL.
8 | Check the DM_GetSyncNowStatus Stored Proc in SQL.
9 |
10 | #>
11 | [cmdletbinding()]
12 | Param (
13 | [string]
14 | $SiteServer,
15 |
16 | [string]
17 | $DeviceName
18 | )
19 |
20 | $SiteServer = "CM01.ASD.NET"
21 | $DeviceName ="ASD-50124588"
22 |
23 | [string]$MethodClass = "SMS_DeviceMethods"
24 | [string]$MethodName = "SyncNow"
25 |
26 | $BaseUri = "https://$($SiteServer)/AdminService/wmi/"
27 | Write-Host $BaseUri
28 |
29 | $ClassName = "SMS_R_System"
30 | $GetDeviceParams = @{
31 | Method = "Get"
32 | Uri = "$($BaseUri)$($ClassName)?`$filter=Name eq `'$($DeviceName)`'"
33 | ContentType = "application/json"
34 | UseDefaultCredentials = $true
35 | }
36 |
37 | $Device = Invoke-RestMethod @GetDeviceParams
38 | [uint32]$ResourceId = $Device.Value.ResourceId
39 |
40 | $MethodParams = @{
41 | Method = "Post"
42 | Uri = "$($BaseUri)$($MethodClass).$($MethodName)"
43 | ContentType = "application/json"
44 | UseDefaultCredentials = $true
45 | }
46 | $Body = @{ResourceId = $ResourceId} | ConvertTo-Json
47 | $Result = Invoke-RestMethod @MethodParams -Body $Body | Select-Object ReturnValue
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/MiscSamples/TriggerInstantAppInstall.PS1:
--------------------------------------------------------------------------------
1 | #AdminService Query Samples - ConfigMgr 1906
2 | Param(
3 | [Parameter(Mandatory=$false)]
4 | [string]
5 | $SCCMServerName,
6 |
7 | [Parameter(Mandatory=$false)]
8 | [string]
9 | $DeviceName,
10 |
11 | [Parameter(Mandatory=$false)]
12 | [string]
13 | $UserName
14 |
15 | [Parameter(Mandatory=$false)]
16 | [string]
17 | $AppName
18 | )
19 |
20 | <#
21 | $SCCMServerName = "CM01.ASD.NET"
22 | $DeviceName="ASD-MyDevice"
23 | $UserName = "Adam"
24 | $AppName = "Google Chrome for Enterprise 60.0.3112.90"
25 | #>
26 |
27 |
28 | #Get Specific Device
29 | $URL3 = "https://{0}/AdminService/wmi/SMS_R_System?`$filter=Name eq '{1}'" -f $SCCMServerName,$DeviceName
30 | Write-Host $URL3
31 | $Result3 = Invoke-RestMethod -Method Get -Uri "$($URL3)" -UseDefaultCredentials
32 | $Result3 | ConvertTo-Json
33 | $Result3.value.ResourceId #Returns Device ResourceIDs
34 |
35 | #Get Application
36 | $URL1 = "https://{0}/AdminService/wmi/SMS_ApplicationLatest?`$filter=LocalizedDisplayName eq '{1}'" -f $SCCMServerName,$AppName
37 | Write-Host $URL1
38 | $Result1 = Invoke-RestMethod -Method Get -Uri "$($URL1)" -UseDefaultCredentials
39 | $Result1 | ConvertTo-Json
40 | $Result1.value.CI_UniqueID #Returns Device ResourceIDs
41 |
42 | $URL6 = "https://{0}/AdminService/wmi/SMS_ApplicationRequest.CreateApprovedRequest" -f $SCCMServerName
43 | Write-Host $URL6
44 | $ClientGUID = $Result3.value.SMSUniqueIdentifier
45 | $ModelName = $Result1.value.ModelName #Returns Device ResourceIDs
46 | $Headers = @{
47 | "Content-Type" = "Application/json"
48 | }
49 | $Params = @{
50 | ApplicationId = $ModelName
51 | AutoInstall = $True
52 | ClientGUID = $ClientGUID
53 | Comments = "This is a test from the AdminService"
54 | Username = $null
55 | }
56 |
57 | $RequestBody = $Params | ConvertTo-Json
58 |
59 | Write-Host $RequestBody
60 | Write-Host "$($URL6)"
61 | Invoke-RestMethod -Method Post -Uri "$($URL6)" -Body $RequestBody -UseDefaultCredentials -Headers $Headers
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/PowerBI/PowerBIAdminServiceDemo.pbix:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/AdminService/PowerBI/PowerBIAdminServiceDemo.pbix
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/PowerBI/SCCM Logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/AdminService/PowerBI/SCCM Logo.png
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/README.md:
--------------------------------------------------------------------------------
1 | Access the full post for these files at
2 | http://www.asquaredozen.com/2018/10/14/the-configmgr-odata-web-service-v2/
3 |
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/Run-CMPivot.ps1:
--------------------------------------------------------------------------------
1 | ################
2 | #Sample script for running CMPivot using ConfigMgr AdminService
3 | # By: Adam Gross
4 | # @AdamGrossTX
5 | # https://www.asquaredozen.com
6 | ###############
7 |
8 | Param (
9 | $SiteServer = "YourServerName"
10 | )
11 |
12 | $BaseUri = "https://$($SiteServer)/AdminService/v1.0/"
13 |
14 | $Query = "OperatingSystem"
15 |
16 | $Params = @{
17 | Method = "Post"
18 | Uri = "$($BaseUri)/Collections('SMS00001')/AdminService.RunCmpivot"
19 | Body = @{"InputQuery"="$($Query)"} | ConvertTo-Json
20 | ContentType = "application/json"
21 | UseDefaultCredentials = $true
22 | }
23 |
24 | $Result = Invoke-RestMethod @Params
25 | $OperationID = $Result.OperationId
26 |
27 |
28 | Function Get-Status
29 | {
30 | If ($OperationID) {
31 | #start-sleep -seconds 30
32 | $uri = '{0}SMS_CMPivotStatus?$filter=ClientOperationId eq {1}' -f $BaseUri, $OperationID
33 |
34 | $Params = @{
35 | Method = "Get"
36 | Uri = [System.Web.HTTPUtility]::UrlEncode($uri)
37 | ContentType = "application/json"
38 | UseDefaultCredentials = $true
39 | }
40 |
41 | $agentsquery = New-Object System.Net.WebClient
42 | $agentsquery.UseDefaultCredentials =$true
43 | [System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }
44 | $Result = $agentsquery.DownloadString($uri)
45 | }
46 |
47 | $obj = @()
48 | $XML = ($Result | ConvertFrom-Json).value.ScriptOutput
49 | ForEach($ResultObj in $XML)
50 | {
51 | $Obj += @(([XML]$ResultObj).ChildNodes.e)
52 | }
53 |
54 | $ClickResult = $Obj | Out-GridView -OutputMode Single
55 |
56 | $GetResults = Read-Host -Prompt "Do you want to check for results? [y]es or [n]o"
57 | If ($GetResults = 'Y') {Get-Status}
58 |
59 | }
60 |
61 | Get-Status
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/SMS_ClientOperation TypeList.txt:
--------------------------------------------------------------------------------
1 | 8 = Download Computer Policy
2 | 9 = Download User Policy
3 | 10 = Collect Discovery Data
4 | 11 = Collect Software Inventory
5 | 12 = Collect Hardware Inventory
6 | 13 = Evaluate Application Deployments
7 | 14 = Evaluate Software Update Deployments
8 | 15 = Switch to Next Software Update Point
9 | 16 = Evaluate Device Health Attestation
10 | 125 = Check Conditional Access Compliance
11 | 150 = Wake Up
12 | 17 = Restart
13 | 20 = Enable Verbose Logging
14 | 21 = Disable Verbose Logging
15 |
16 | EndPoint Protection
17 | 1 = Full Scan
18 | 2 = Quick Scan
19 | 4 = Download Definition (Software Update deployment)
20 | 3 = Download Definition (Endpoint protection client source)
21 |
22 |
23 |
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/WMI 4 Ways - AdminService Demo.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | www.github.com/AdamGrossTX
3 | twitter.com/AdamGrossTX
4 | asquaredozen.com
5 |
6 | This code shows 4 ways to Query and Update SCCM/WMI with PowerShell
7 | #>
8 | [cmdletbinding()]
9 | Param (
10 | [string]
11 | $SiteServer,
12 |
13 | [string]
14 | $SiteCode
15 | )
16 |
17 | <#
18 | $ServerName = "cm01.asd.net"
19 | $SiteCode = "ps1"
20 | #>
21 |
22 | $NameSpace = "root\SMS\Site_{0}" -f $SiteCode
23 | $ClassName = "SMS_R_System"
24 |
25 | #WMI
26 | Get-WMIObject -Namespace $NameSpace -Class $ClassName | Format-Table
27 |
28 | #CIM
29 | Get-CimInstance -Namespace $NameSpace -ClassName $ClassName | Format-Table
30 |
31 | #AdminService
32 | $GetURL = "https://{0}/AdminService/wmi/{1}" -f $ServerName,$ClassName
33 | (Invoke-RestMethod -Method Get -Uri "$($GetURL)" -UseDefaultCredentials).Value | Format-Table
34 |
35 | $GetURL = "https://{0}/AdminService/wmi/`$metadata" -f $ServerName
36 | $Result = Invoke-RestMethod -Method Get -Uri "$($GetURL)" -UseDefaultCredentials
37 |
38 | $Result.InnerXml | select * | format-List
39 | [xml]$Result.InnerXml | Out-File .\wmi.XML -Force
40 |
41 | #ConfigMgr PS CmdLets
42 | #This approach is most limited.
43 | $initParams = @{}
44 | if((Get-Module ConfigurationManager) -eq $null) {
45 | Import-Module "$($ENV:SMS_ADMIN_UI_PATH)\..\ConfigurationManager.psd1" @initParams
46 | }
47 | if((Get-PSDrive -Name $SiteCode -PSProvider CMSite -ErrorAction SilentlyContinue) -eq $null) {
48 | New-PSDrive -Name $SiteCode -PSProvider CMSite -Root $ServerName @initParams
49 | }
50 | Set-Location "$($SiteCode):\" @initParams
51 | Get-CMDevice -Name '*'
52 |
--------------------------------------------------------------------------------
/ConfigMgr/AdminService/WMI_CIM_AdminService_1910TP.ps1:
--------------------------------------------------------------------------------
1 | #This code shows 4 ways to Query and Update SCCM/WMI with PowerShell
2 |
3 | $ServerName = "CM01.asd.net"
4 | $SiteCode = "ps1"
5 | $NameSpace = "root\SMS\Site_{0}" -f $SiteCode
6 | $ClassName = "SMS_UserMachineRelationship"
7 | $MethodName = "CreateRelationship"
8 | [uint32]$ResourceId = 16777316
9 | [uint32]$WMISourceId = 2
10 | [uint32]$CIMSourceId = 4
11 | [uint32]$AdminSvcSourceId = 6
12 | [uint32]$TypeId = 1
13 | $UserAccountName = "ASD\Adam"
14 |
15 | #region WMI
16 | Get-WMIObject -Namespace $NameSpace -Class $ClassName | Format-Table
17 | $Args = @($ResourceId,$WMISourceId,$TypeId,$UserAccountName)
18 | Invoke-WmiMethod -Namespace $NameSpace -Class $ClassName -Name $MethodName -ArgumentList $Args | Select-Object StatusCode
19 | #endregion
20 |
21 | #region CIM
22 | Get-CimInstance -Namespace $NameSpace -ClassName $ClassName | Format-Table
23 | $Args = @{
24 | MachineResourceId = $ResourceId
25 | SourceId = $CIMSourceId
26 | TypeId = $TypeId
27 | UserAccountName = $UserAccountName
28 | }
29 | Invoke-CimMethod -Namespace $NameSpace -ClassName $ClassName -MethodName $MethodName -Arguments $Args | Select-Object ReturnValue
30 | #endregion
31 |
32 | #region AdminService 1910 TP
33 | $GetURL = "https://{0}/AdminService/wmi/{1}" -f $ServerName,$ClassName
34 | (Invoke-RestMethod -Method Get -Uri "$($GetURL)" -UseDefaultCredentials).Value | Format-Table
35 |
36 | $PostURL = "https://{0}/AdminService/wmi/{1}.{2}" -f $ServerName,$ClassName,$MethodName
37 | $Headers = @{
38 | "Content-Type" = "Application/json"
39 | }
40 | $Body = @{
41 | MachineResourceId = $ResourceId
42 | SourceId = $AdminSvcSourceId
43 | TypeId = 1
44 | UserAccountName = "$($UserAccountName)"
45 | } | ConvertTo-Json
46 |
47 | Invoke-RestMethod -Method Post -Uri "$($PostURL)" -Body $Body -Headers $Headers -UseDefaultCredentials | Select-Object ReturnValue
48 | #end region
49 |
50 | #Region SCCM PS CmdLets
51 | #This approach is most limited.
52 | $initParams = @{}
53 | if((Get-Module ConfigurationManager) -eq $null) {
54 | Import-Module "$($ENV:SMS_ADMIN_UI_PATH)\..\ConfigurationManager.psd1" @initParams
55 | }
56 | if((Get-PSDrive -Name $SiteCode -PSProvider CMSite -ErrorAction SilentlyContinue) -eq $null) {
57 | New-PSDrive -Name $SiteCode -PSProvider CMSite -Root $ServerName @initParams
58 | }
59 | Set-Location "$($SiteCode):\" @initParams
60 |
61 | Get-CMUserDeviceAffinity -UserName $UserAccountName | Format-Table
62 | Add-CMDeviceAffinityToUser -UserName $UserAccountName -DeviceId $ResourceId
63 |
64 | #endregion
65 | (Get-COmmand Add-CMDeviceCollectionDirectMembershipRule).dll
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/Pre-Start/Custom.cmd:
--------------------------------------------------------------------------------
1 | xcopy * x:\ /E
2 | START "RemoteRecovery" /MIN remoterecovery.exe -nomessage
3 |
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/Pre-Start/Custom/ADD CUSTOM FILES HERE.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/BootImage/Pre-Start/Custom/ADD CUSTOM FILES HERE.md
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/Pre-Start/Windows/System32/BCP47Langs.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/BootImage/Pre-Start/Windows/System32/BCP47Langs.dll
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/Pre-Start/Windows/System32/BCP47mrm.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/BootImage/Pre-Start/Windows/System32/BCP47mrm.dll
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/Pre-Start/Windows/System32/DartConfig.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/BootImage/Pre-Start/Windows/System32/DartConfig.dat
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/Pre-Start/Windows/System32/Explorer.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/BootImage/Pre-Start/Windows/System32/Explorer.exe
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/Pre-Start/Windows/System32/FauxShell.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/BootImage/Pre-Start/Windows/System32/FauxShell.dll
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/Pre-Start/Windows/System32/FirewallExceptionChange.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/BootImage/Pre-Start/Windows/System32/FirewallExceptionChange.dll
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/Pre-Start/Windows/System32/LockingHooks.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/BootImage/Pre-Start/Windows/System32/LockingHooks.dll
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/Pre-Start/Windows/System32/MSDartCmn.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/BootImage/Pre-Start/Windows/System32/MSDartCmn.dll
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/Pre-Start/Windows/System32/RdpCore.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/BootImage/Pre-Start/Windows/System32/RdpCore.dll
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/Pre-Start/Windows/System32/RemoteRecovery.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/BootImage/Pre-Start/Windows/System32/RemoteRecovery.exe
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/Pre-Start/Windows/System32/WaitForConnection.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/BootImage/Pre-Start/Windows/System32/WaitForConnection.exe
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/Pre-Start/Windows/System32/fe.cfg:
--------------------------------------------------------------------------------
1 | .ini %SYSTEMROOT%\system32\notepad.exe
2 | .txt %SYSTEMROOT%\system32\notepad.exe
3 | .log %SYSTEMROOT%\system32\notepad.exe
4 | .inf %SYSTEMROOT%\system32\notepad.exe
5 | .xml %SYSTEMROOT%\system32\notepad.exe
6 | .reg %SYSTEMROOT%\system32\ERDregedit.exe
7 | .zip %SYSTEMROOT%\system32\explorer.exe
8 | .cab %SYSTEMROOT%\system32\explorer.exe
9 |
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/Pre-Start/Windows/System32/mfc100u.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/BootImage/Pre-Start/Windows/System32/mfc100u.dll
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/Pre-Start/Windows/System32/msvcp100.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/BootImage/Pre-Start/Windows/System32/msvcp100.dll
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/Pre-Start/Windows/System32/msvcr100.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/BootImage/Pre-Start/Windows/System32/msvcr100.dll
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/Pre-Start/Windows/System32/rdpencom.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/BootImage/Pre-Start/Windows/System32/rdpencom.dll
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/Pre-Start/Windows/System32/smsts.ini:
--------------------------------------------------------------------------------
1 | [Logging]
2 | LOGLEVEL=0
3 | LOGMAXSIZE=5242880
4 | LOGMAXHISTORY=5
5 | DEBUGLOGGING=1
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/README.md:
--------------------------------------------------------------------------------
1 | Create custom boot image in ConfigMgr Console. This is an ALPHA release. Use at your own risk.
2 |
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/Run-Command.ps1:
--------------------------------------------------------------------------------
1 |
2 | #New-BootImage
3 | $BootImageSplat = @{
4 | SiteCode = "PS1"
5 | SiteServer = "CM01.asd.net"
6 | BootImageRoot = "\\cm01\Media\BootImages"
7 | Arch = "x64"
8 | BootImageFolderName = "WinPE10x64-ADK1903-$(Get-Date -Format yyyyMMdd)"
9 | BootImageName = "Prod - Boot Image $(Get-Date -Format yyyyMMdd)"
10 | BootImageDescription = "ADK 1903 $(Get-Date -Format yyyyMMdd)"
11 | DPGroupName = "All Distribution Points"
12 | ConsoleFolder = "Windows 10"
13 | DriverCategoryName = "WinPE"
14 | PrestartCommandLine = "Custom.cmd"
15 | PrestartIncludeFilesDirectory = ".\Pre-Start"
16 | ConsoleFolderPath = "\Production Boot Images"
17 | }
18 |
19 | .\New-BootImage @BootImageSplat
20 |
21 |
22 | #Update-BootImage
23 | $UpdateBootImageSplat = @{
24 | ConfigMgrBootWim = "E:\Program Files\Microsoft Configuration Manager\OSD\boot\x64\boot.wim"
25 | BootImagesPath = "E:\Media\BootImages\"
26 | NewFolderName = "WinPE1809_20190414"
27 | MountDir = "F:\Mount"
28 | CustomFiles = "$($PSScriptRoot)\Custom"
29 | CustomFolders = (Get-ChildItem -Path $CustomFiles)
30 | BootWIMUNC = "\\CM01\Media\BootImages\WinPE1809_20190414\boot.wim"
31 | SiteCode = "PS1"
32 | ServerName = "CM01.asd.net"
33 | }
34 |
35 | .\UpdateBootImage.ps1 @UpdateBootImageSplat
36 |
37 | #Import-WindowsImage
38 | $ImportWindowsImageSplat = @{
39 | ServerName = "cm01.asd.net"
40 | SiteCode = "PS1"
41 | SourceMediaRootPath = "C:\ImageServicing\CompletedMedia"
42 | DestinationRootPath = "\\sources\OSInstallFiles\Windows 10"
43 | OSVersion = "1909"
44 | OSArch = "x64"
45 | Month = "2019-12"
46 | ImageType = "Both"
47 | ConsoleFolderPath = "\Windows 10"
48 | DPGroupName = "All Distribution Points"
49 | }
50 |
51 | .\Import-WindowsImage.ps1 @ImportWindowsImageSplat
52 |
53 |
54 | #Update-TSBootImageID
55 | $UpdateTSBootImageIDSplat = @{
56 | SiteCode = "PS1"
57 | ServerName = "cm01.asd.net"
58 | OldBootImageID = "PS1000001"
59 | NewBootImageID = "PS1000002"
60 | }
61 |
62 | .\Update-TSBootImageID.ps1 @UpdateTSBootImageIDSplat
63 |
64 | $ServiceWIMSplat = @{
65 | OSName = "Windows 10 Enterprise"
66 | OSVersion = "1909"
67 | OSArch = "x64"
68 | Month = "2019-11"
69 | RootFolder = "C:\ImageServicing"
70 | SCCMServer = "CM01"
71 | SiteCode = "PS1"
72 | DISMPath = "Dism.exe"
73 | CreateProdMedia = $true
74 | ApplyDynamicUpdates = $true
75 | Cleanup = $false
76 | Optimize = $false
77 | RemoveInBoxApps = $true
78 | }
79 |
80 | .\Sevice-WIM.ps1 @ServiceWIMSplat
--------------------------------------------------------------------------------
/ConfigMgr/BootImage/Run-NewBootImage.ps1:
--------------------------------------------------------------------------------
1 | $NewBootImageSplat = @{
2 | SiteCode = "PS1"
3 | SiteServer = "CM01.asd.net"
4 | OSArch = "x64"
5 | BootImageRoot = "\\cm01\Media\BootImages"
6 | BootImageFolderName = "WinPE10x64-ADK1903-$(Get-Date -Format yyyyMMdd)"
7 | BootImageName = "Prod - Boot Image $(Get-Date -Format yyyyMMdd)"
8 | BootImageDescription = "ADK 1903 $(Get-Date -Format yyyyMMdd)"
9 | DPGroupName = "All Distribution Points"
10 | DriverCategoryName = "WinPE"
11 | PrestartCommandLine = "Custom.cmd"
12 | ConsoleFolderPath = "\Production Boot Images"
13 | }
14 |
15 | .\New-BootImage @NewBootImageSplat
--------------------------------------------------------------------------------
/ConfigMgr/BranchCache/BranchCacheErrorsCMPivot.kql:
--------------------------------------------------------------------------------
1 | WinEvent('Microsoft-Windows-BranchCache/Operational',1d)
2 | | where ID == 13
3 | | project Device, DateTime, ID, Message
--------------------------------------------------------------------------------
/ConfigMgr/BranchCache/Decode-BranchCacheURLfromEventLog.ps1:
--------------------------------------------------------------------------------
1 | #Find EventId 13 in the Microsoft-Windows-BranchCache/Operational event log.
2 | #Copy the value from ContentId to $val. Do not include the leading 0x if it exists
3 | #Stolen from Johan Arwidmark - https://github.com/AdamGrossTX/DRFiles/blob/master/Scripts/BranchCache/Get-BranchCacheError13FileList.ps1
4 | [string[]]$encodedURLs = @()
5 |
6 | $decodedURLs =
7 | foreach($url in $encodedURLs) {
8 | $url = $url.Replace("0x")
9 | -join (
10 | $url | Select-String ".." -AllMatches |
11 | ForEach-Object Matches |
12 |
13 | ForEach-Object {
14 | If ([string]$_ -eq "00") {}
15 | Else{[char]+"0x$_"}
16 | }
17 | )
18 | }
19 | $decodedURLs
--------------------------------------------------------------------------------
/ConfigMgr/BranchCache/HashValidationDeploymentError.SQL:
--------------------------------------------------------------------------------
1 | SELECT
2 | AssignmentID,
3 | MachineName,
4 | MachineID,
5 | UserName,
6 | AppName,
7 | DTName,
8 | CollectionName
9 | FROM
10 | fn_AppDeploymentErrorAssetDetails(1033)
11 | WHERE
12 | ErrorCode = N'-2146889721'
--------------------------------------------------------------------------------
/ConfigMgr/BranchCache/Move-BCCacheLocation.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .SYNOPSIS
3 | Moves BranchCache location for ConfigMgr DPs
4 |
5 | Version: 1.0
6 | Author: Adam Gross - @AdamGrossTX
7 | GitHub: https://www.github.com/AdamGrossTX
8 | WebSite: https://www.asquaredozen.com
9 | Creation Date: 03/27/2022
10 |
11 | #>
12 |
13 | $NewHashFolder = "E:\BCPublicationCache"
14 | $NewHashSize = 10
15 | $BCStatus = Get-BCStatus
16 | $BCStatus
17 | if($NewHashFolder -ne $BCStatus.HashCache.CacheFileDirectoryPath) {
18 | Get-Service PeerDistSvc | stop-service
19 | Clear-BCCache -Force
20 | New-Item -Path $NewHashFolder -ItemType Directory -force
21 |
22 | Set-BCCache -Path $BCStatus.HashCache.CacheFileDirectoryPath -MoveTo $NewHashFolder -Force
23 | $BCHashCache = Get-BCHashCache
24 | $BCHashCache | Set-BCCache -Percentage $NewHashSize -Force
25 | Start-Service PeerDistSvc
26 | }
27 | $BCStatus = Get-BCStatus; $BCStatus.HashCache.CacheFileDirectoryPath;
--------------------------------------------------------------------------------
/ConfigMgr/CMPivot/CMPivotEvents.ps1:
--------------------------------------------------------------------------------
1 | function Get-CMPivotEventMessages {
2 | #ExcludeMe
3 | $logFileName = 'Microsoft-Windows-PowerShell/Operational'
4 | $ComputerName = [System.Environment]::MachineName
5 | $EventStartDate = (Get-Date).AddMinutes(-10)
6 | $EventEndTime = (Get-Date)
7 | $filterTable = @{logname = $logFileName; StartTime=$EventStartDate; EndTime=$EventEndTime; Id=4104;}
8 |
9 | # Filter out the winEvent logs that we need
10 | try {
11 | $winEvents = Get-WinEvent -ComputerName $ComputerName -FilterHashTable $filterTable -ErrorAction Stop | Where-Object {$_.Message -like '*C:\Windows\CCM\ScriptStore\*' -and $_.Message -like '*-kustoquery*' -and $_.Message -notlike '*ExcludeMe*'}
12 | $Messages = $winEvents | Select-Object -ExpandProperty Message
13 | Return $Messages
14 | }
15 | catch {
16 | throw "No Match Found"
17 | }
18 | }
19 |
20 | function Get-CMPivotVars {
21 | param(
22 | $Message
23 | )
24 | [regex]$KustoQueryRegex = "(?:-kustoquery.*?')(.*?)(?:')"
25 | [regex]$WMIQueryRegex = "(?:-wmiquery.*?')(.*?)(?:')"
26 | [regex]$SelectRegex = "(?:-select.*?')(.*?)(?:')"
27 |
28 | $KustoQueryMatches = ($Message | Select-String -AllMatches -Pattern $KustoQueryRegex).Matches.Value
29 | $WMIQueryMatches = ($Message | Select-String -AllMatches -Pattern $WMIQueryRegex).Matches.Value
30 | $SelectMatches = ($Message | Select-String -AllMatches -Pattern $SelectRegex).Matches.Value
31 |
32 | $kustoquery = $KustoQueryMatches.Replace("-kustoquery ", "").Replace("'","")
33 | $wmiquery = $WMIQueryMatches.Replace("-wmiquery ", "").Replace("'","")
34 | $select = $SelectMatches.Replace("-select ", "").Replace("'","")
35 |
36 | @{
37 | kustoquery = $kustoquery
38 | wmiquery = $wmiquery
39 | select = $select
40 | }
41 | }
42 |
43 | function Decode-CMPivotVars {
44 | param([string] $kustoquery, [string] $wmiquery, [string] $select)
45 | # Read the queries and selects
46 | $kustoquery = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($kustoquery.Substring(2))).Split([Environment]::NewLine, [StringSplitOptions]::RemoveEmptyEntries)
47 | $wmiqueries = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($wmiquery.Substring(2))).Split([Environment]::NewLine, [StringSplitOptions]::RemoveEmptyEntries)
48 | $selects = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($select.Substring(2))).Split([Environment]::NewLine, [StringSplitOptions]::RemoveEmptyEntries)
49 |
50 | [PSCustomObject]@{
51 | kustoquery = $kustoquery
52 | wmiqueries = $wmiqueries
53 | selects = $selects
54 | }
55 | }
56 |
57 | $EventMessages = Get-CMPivotEventMessages
58 | $Results = foreach($Message in $EventMessages) {
59 | $vars = Get-CMPivotVars -Message $Message
60 | if($vars) {
61 | Decode-CMPivotVars @vars
62 | }
63 | }
64 |
65 | $Results[0].kustoquery
66 | $Results[0].wmiqueries
67 | $Results[0].selects
--------------------------------------------------------------------------------
/ConfigMgr/CMPivot/CMPivotOverAdminService:
--------------------------------------------------------------------------------
1 | ################
2 | #Sample script for running CMPivot using ConfigMgr AdminService
3 | # By: Adam Gross
4 | # @AdamGrossTX
5 | # https://www.asquaredozen.com
6 | ###############
7 |
8 | Param (
9 | $SiteServer = "cm01.asd.net"
10 | )
11 |
12 | $BaseUri = "https://$($SiteServer)/AdminService/v1.0/"
13 | $Query = "OperatingSystem"
14 |
15 | $Params = @{
16 | Method = "Post"
17 | Uri = "$($BaseUri)Collections('SMS00001')/AdminService.RunCMPivot"
18 | Body = @{"InputQuery"="$($Query)"} | ConvertTo-Json
19 | ContentType = "application/json"
20 | UseDefaultCredentials = $true
21 | }
22 |
23 | $Result = Invoke-RestMethod @Params
24 | $OperationID = $Result.OperationId
25 |
26 | Function Get-Status
27 | {
28 | If ($OperationID) {
29 | #start-sleep -seconds 30
30 | $uri = '{0}SMS_CMPivotStatus?$filter=ClientOperationId eq {1}' -f $BaseUri, $OperationID
31 |
32 | $Params = @{
33 | Method = "Get"
34 | Uri = [System.Web.HTTPUtility]::UrlEncode($uri)
35 | ContentType = "application/json"
36 | UseDefaultCredentials = $true
37 | }
38 |
39 | $agentsquery = New-Object System.Net.WebClient
40 | $agentsquery.UseDefaultCredentials =$true
41 | [System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }
42 | $Result = $agentsquery.DownloadString($uri)
43 | }
44 |
45 | $obj = @()
46 | $XML = ($Result | ConvertFrom-Json).value.ScriptOutput
47 | ForEach($ResultObj in $XML)
48 | {
49 | $Obj += @(([XML]$ResultObj).ChildNodes.e)
50 | }
51 |
52 | $ClickResult = $Obj | Out-GridView -OutputMode Single
53 |
54 | #$GetResults = Read-Host -Prompt "Do you want to check for results? [y]es or [n]o"
55 | #If ($GetResults = 'Y') {Get-Status}
56 |
57 | }
58 |
59 | Get-Status
60 |
61 | #Rework using this #https://cm01.asd.net/AdminService/v1.0/SMS_CMPivotTask(16818775)
--------------------------------------------------------------------------------
/ConfigMgr/CMPivot/Compat Appraiser Version Info.kql:
--------------------------------------------------------------------------------
1 | Registry('HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\OneSettings\\compat\\appraiser\\Settings')
2 | | where Property == 'ALTERNATEDATALINK'
3 | | join kind=inner
4 | (
5 | Registry('HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\OneSettings\\compat\\appraiser\\Settings')
6 | | where Property == 'ALTERNATEDATAVERSION'
7 | )
8 | | project Device, ALTERNATEDATALINK = Value, ALTERNATEDATAVERSION = Value1
9 |
--------------------------------------------------------------------------------
/ConfigMgr/CMPivot/ControlService.ps1:
--------------------------------------------------------------------------------
1 | [cmdletbinding()]
2 | param (
3 | [Parameter(Mandatory)]
4 | [string]$ServiceName,
5 |
6 | [Parameter(Mandatory)]
7 | [ValidateSet("Start","Stop","Restart","Disable","Enable")]
8 | [string]$Action
9 | )
10 | try {
11 | $Service = Get-Service $ServiceName -ErrorAction Stop
12 |
13 | if($Service) {
14 | switch($Action) {
15 | "Start" {$Service | Start-Service -Force -PassThru}
16 | "Stop" {$Service | Stop-Service -Force -PassThru}
17 | "Restart" {$Service | Restart-Service -Force -PassThru}
18 | "Disable" {$Service | Set-Service -StartupType Disabled -PassThru | Stop-Service -PassThru}
19 | "Enable" {$Service | Set-Service -StartupType Enabled -PassThru | Start-Service -PassThru}
20 | }
21 | }
22 | else {
23 | Return "Service $($ServiceName) not found."
24 | }
25 | }
26 | catch {
27 | Throw $_
28 | }
--------------------------------------------------------------------------------
/ConfigMgr/CMPivot/Feature Update TargetVersionUpgradeExperienceIndicators.kql:
--------------------------------------------------------------------------------
1 | Registry('HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\AppCompatFlags\\TargetVersionUpgradeExperienceIndicators\\*\\')
2 | | where Property == 'GatedBlockId'
3 | | join kind=inner
4 | (
5 | Registry('HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\AppCompatFlags\\TargetVersionUpgradeExperienceIndicators\\*\\')
6 | | where Property == 'GatedBlockReason'
7 | )
8 | | where Key == Key1
9 | | join kind=inner
10 | (
11 | Registry('HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\AppCompatFlags\\TargetVersionUpgradeExperienceIndicators\\*\\')
12 | | where Property == 'RedReason'
13 | )
14 | | where Key == Key2
15 | | join kind=inner
16 | (
17 | Registry('HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\AppCompatFlags\\TargetVersionUpgradeExperienceIndicators\\*\\')
18 | | where Property == 'UpgEx'
19 | )
20 | | where Key == Key3
21 | | join kind=leftouter
22 | (
23 | Registry('HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\AppCompatFlags\\Appraiser\\GWX')
24 | | where Property == 'SdbEntries'
25 | )
26 | | project Device, TargetOSBuild = substring(Key,indexof(Key,'TargetVersionUpgradeExperienceIndicators\\')+strlen('TargetVersionUpgradeExperienceIndicators\\')), GatedBlockID = Value, GatedBlockReason = Value1, RedReason = Value2, UpgEx = Value3, SdbEntries = Value4
27 | //| where TargetOSBuild == 'CO21H2'
28 |
--------------------------------------------------------------------------------
/ConfigMgr/CMPivot/ViewAllScripts.sql:
--------------------------------------------------------------------------------
1 | SELECT
2 | ScriptName,
3 | Script,
4 | Base64Script,
5 | CAST (Script as nvarchar(max)),
6 | ScriptText =
7 | CASE WHEN Base64Script like 'FFFE%' THEN
8 | CAST( CAST( Base64Script as XML ).value('.','varbinary(max)') AS nvarchar(max) )
9 | ELSE
10 | CONVERT(NVARCHAR(MAX),CAST( CAST( Base64Script as XML ).value('.','varbinary(max)') AS nvarchar(max) ))
11 | END
12 | FROM
13 | Scripts
14 | CROSS APPLY (SELECT CONVERT(NVARCHAR(MAX),Script,2) AS '*' FOR XML PATH('')) T (Base64Script)
15 | ORDER BY
16 | Script
--------------------------------------------------------------------------------
/ConfigMgr/Client/ConfigMgrClientDetectionScript.ps1:
--------------------------------------------------------------------------------
1 | Start-Transcript c:\windows\temp\detect-configmgrclientinstalled.log -Force -ErrorAction SilentlyContinue
2 |
3 | try {
4 | Write-Host "Sleeping 60 seconds before attempting detection to wait for client startup."
5 | Start-Sleep -Seconds 60
6 | $Installed = $false
7 | $SiteCode = "CRT"
8 | $clientVersion = (Get-CimInstance SMS_Client -Namespace root\ccm -ErrorAction SilentlyContinue).ClientVersion
9 | $SMSauthority = (Get-CimInstance SMS_Authority -Namespace root\ccm -ErrorAction SilentlyContinue)
10 | $ClientAlwaysOnInternet = Get-ItemProperty -Path registry::"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CCM\Security" -Name "ClientAlwaysOnInternet" -ErrorAction SilentlyContinue
11 | $task = try {Get-ScheduledTask -Taskname "Configuration Manager Client Retry Task" -ErrorAction SilentlyContinue} catch {}
12 | $taskExists = if($task) {$true} else {$false}
13 | $ccmsetupdl = Test-Path C:\Windows\Temp\CCMsetup\ccmsetup.exe -ErrorAction SilentlyContinue
14 | $ccmservice = Get-Service ccmsetup -ErrorAction SilentlyContinue
15 | $ccmsetupexe = Get-Process ccmsetup -ErrorAction SilentlyContinue
16 | if (($clientVersion -and ($SMSauthority.Name -eq "SMS:$SiteCode" -and $SMSauthority.CurrentManagementPoint)) -or ($taskExists -and $ccmsetupdl) -or $ccmservice -or $ccmsetupexe -or ($clientVersion -and $ClientAlwaysOnInternet.ClientAlwaysOnInternet -eq 1)) {
17 | $Installed = $true
18 | }
19 |
20 | if ($Installed) {
21 | Write-Host "Client Installed"
22 | exit 0
23 | }
24 | else {
25 | Write-Host "No Client | ClientVersion: $($clientVersion) | SMSauthorityName: $($SMSauthority.Name) | CurrentManagementPoint: $($SMSauthority.CurrentManagementPoint) | TaskExists: $($taskExists) | SetupExists: $($ccmsetupdl) | SetupServiceExists: $($ccmservice) | SetupRunning: $($ccmsetupexe) | ClientOnInternet: $($ClientAlwaysOnInternet.ClientAlwaysOnInternet)"
26 | exit 1
27 | }
28 | }
29 | catch {
30 | throw $_
31 | }
32 | Stop-Transcript -ErrorAction SilentlyContinue
33 |
--------------------------------------------------------------------------------
/ConfigMgr/Client/Install-ConfigMgrClientOverTheInternet.ps1:
--------------------------------------------------------------------------------
1 | #Update the commandline using the docs reference here:
2 | #https://learn.microsoft.com/en-us/mem/configmgr/core/clients/deploy/deploy-clients-cmg-azure#install-and-register-the-client-using-azure-ad-identity
3 | #Copy ccmsetup.msi, ccmsetup.exe & cmtrace.exe down with the script
4 |
5 | Start-Transcript -Path "C:\Windows\Temp\CcmSetup.msi.ps1.log" -Force -ErrorAction SilentlyContinue
6 | try {
7 | Write-Host (Get-Date)
8 |
9 | $TempFolder = "C:\Windows\Temp\CCMsetup"
10 |
11 | if (!(Test-Path $TempFolder)) {
12 | New-Item -ItemType Directory -Path $TempFolder
13 | }
14 |
15 | Copy-Item .\ccmsetup.exe $TempFolder -Force -ErrorAction SilentlyContinue
16 | Copy-Item .\ccmsetup.msi $TempFolder -Force -ErrorAction SilentlyContinue
17 | Copy-Item .\cmtrace.exe $TempFolder -Force -ErrorAction SilentlyContinue
18 |
19 | Start-Process msiexec -Wait -ArgumentList '/i ccmsetup.msi /q CCMSETUPCMD="/usepkicert /mp: CCMHOSTNAME= SMSSiteCode=CRT AADRESOURCEURI= AADTENANTID= AADCLIENTAPPID= MANAGEDINSTALLER=1"' -Verbose
20 |
21 | do {
22 | Write-Host "Waiting for ccmsetup to complete."
23 | Start-Sleep -Seconds 30
24 | } while ((Get-Process -Name ccmsetup -ErrorAction SilentlyContinue) -ne $null)
25 |
26 | Write-Host (Get-Date)
27 | Start-Sleep -Seconds 10
28 |
29 | [string[]]$string = @("CcmSetup is exiting with return code ","CcmSetup failed with error code ")
30 | $exitlog = get-content "C:\Windows\ccmsetup\Logs\ccmsetup.log" | select-string $string
31 | $split = (($exitlog -split "]").Item(0)).split(" ")
32 | $ccmsetup_exitcode = $split.item(($split.Count) - 1)
33 |
34 | $ExistingTask = Get-ScheduledTask -TaskName "Configuration Manager Client Retry Task" -ErrorAction SilentlyContinue
35 | if ($ExistingTask) {
36 | $ExistingTriggers = $ExistingTask.Triggers
37 | if (-not ($ExistingTriggers.CimClass.CimClassName -eq 'MSFT_TaskLogonTrigger')) {
38 | $ExistingTask.Triggers += New-ScheduledTaskTrigger -AtLogOn
39 | $ExistingTask | Set-ScheduledTask
40 | }
41 | else {
42 | Write-Host "Trigger Already Exists"
43 | }
44 | }
45 | else {
46 | Write-Host "No Scheduled Task Found"
47 | }
48 |
49 | Write-Host (Get-Date)
50 | if ($ccmsetup_exitcode -in (0, 7)) {
51 | Write-Host "Client Installed"
52 | }
53 | else {
54 | Write-Error $ccmsetup_exitcode
55 | }
56 | return $ccmsetup_exitcode
57 |
58 | }
59 | catch {
60 | throw $_
61 | }
62 |
63 | Stop-Transcript -ErrorAction SilentlyContinue
64 |
--------------------------------------------------------------------------------
/ConfigMgr/ClientActions/RunScript-TriggerClientAction.ps1:
--------------------------------------------------------------------------------
1 | Param(
2 | $strAction = "{00000000-0000-0000-0000-000000000001}"
3 | )
4 |
5 | Get-WmiObject -Namespace "root\ccm\invagt" -Class InventoryActionStatus | where {$_.InventoryActionID -eq "$($strAction)"} | Remove-WmiObject
6 |
7 | try {
8 | Invoke-WmiMethod -Namespace root\ccm -Class SMS_Client -Name TriggerSchedule -ArgumentList $strAction -ErrorAction Stop | Out-Null
9 | Return 0
10 | }
11 | catch {
12 | Return $Error[0]
13 | }
--------------------------------------------------------------------------------
/ConfigMgr/ClientActions/SMS_ClientOperation TypeList.txt:
--------------------------------------------------------------------------------
1 | 8 = Download Computer Policy
2 | 9 = Download User Policy
3 | 10 = Collect Discovery Data
4 | 11 = Collect Software Inventory
5 | 12 = Collect Hardware Inventory
6 | 13 = Evaluate Application Deployments
7 | 14 = Evaluate Software Update Deployments
8 | 15 = Switch to Next Software Update Point
9 | 16 = Evaluate Device Health Attestation
10 | 125 = Check Conditional Access Compliance
11 | 150 = Wake Up
12 | 17 = Restart
13 | 20 = Enable Verbose Logging
14 | 21 = Disable Verbose Logging
15 |
16 | EndPoint Protection
17 | 1 = Full Scan
18 | 2 = Quick Scan
19 | 4 = Download Definition (Software Update deployment)
20 | 3 = Download Definition (Endpoint protection client source)
21 |
22 |
23 |
--------------------------------------------------------------------------------
/ConfigMgr/ClientActions/Trigger-CMClientActions.ps1:
--------------------------------------------------------------------------------
1 |
2 | Do {
3 | $GotObj = Get-WmiObject -Namespace "root\ccm\Scheduler" -Class "CCM_Scheduler_History" -ErrorAction SilentlyContinue
4 | Start-Sleep -seconds 10
5 | Write-Host "Retrying"
6 | } Until ($GotObj)
7 |
8 | $GotObj
9 |
10 | try {
11 | $Triggered = Invoke-WmiMethod -Namespace root\CCM -Class SMS_Client -Name RequestMachinePolicy -ErrorAction Stop
12 | }
13 | catch{
14 | Write-Host "Trigger Failed for $($Schedule.ScheduleID) with Error $($Error[0].Exception)."
15 | Start-Sleep -seconds 30
16 | break;
17 | }
18 |
19 | try {
20 | $Triggered = Invoke-WmiMethod -Namespace root\CCM -Class SMS_Client -Name EvaluateMachinePolicy -ErrorAction Stop
21 | }
22 | catch{
23 | Write-Host "Trigger Failed for $($Schedule.ScheduleID) with Error $($Error[0].Exception)."
24 | Start-Sleep -seconds 30
25 | break;
26 | }
27 |
28 |
29 | $EnabledSchedules = @()
30 | $EnabledSchedules += [pscustomobject]@{ ScheduleName = 'Software Update Deployment Evaluation Cycle'; ScheduleID = '{00000000-0000-0000-0000-000000000114}' }
31 | $EnabledSchedules += [pscustomobject]@{ ScheduleName = 'Application Deployment Evaluation Cycle'; ScheduleID = '{00000000-0000-0000-0000-000000000121}' }
32 | $EnabledSchedules += [pscustomobject]@{ ScheduleName = 'Request Machine Assignments'; ScheduleID = '{00000000-0000-0000-0000-000000000021}' }
33 | $EnabledSchedules += [pscustomobject]@{ ScheduleName = 'Hardware Inventory'; ScheduleID = '{00000000-0000-0000-0000-000000000001}' }
34 | $EnabledSchedules += [pscustomobject]@{ ScheduleName = 'Discovery Inventory'; ScheduleID = '{00000000-0000-0000-0000-000000000003}' }
35 |
36 | Try {
37 | ForEach($Schedule in $EnabledSchedules) {
38 | $Done = $false
39 | Do {
40 | Write-Host "Attempting to Trigger Schedule $($Schedule.ScheduleName)"
41 | $SheduleObject = Get-WmiObject -Namespace "root\ccm\Scheduler" -Class "CCM_Scheduler_History" -Filter "ScheduleID = '$($Schedule.ScheduleID)'" -ErrorAction SilentlyContinue
42 | $SheduleObject
43 | If($SheduleObject.ScheduleID -eq $Schedule.ScheduleID)
44 | {
45 | $SheduleObject | Select-Object ActivationMessageSent,ActivationMessageSentIsGMT,ExpirationMessageSent,ExpirationMessageSentIsGMT,FirstEvalTime,LastTriggerTime,ScheduleID,TriggerState,UserSID
46 | try {
47 | Invoke-WmiMethod -Namespace root\CCM -Class SMS_Client -Name TriggerSchedule $Schedule.ScheduleID -ErrorAction Stop
48 | $Done = $true
49 | }
50 | catch{
51 | Write-Host "Trigger Failed for $($Schedule.ScheduleID) with Error $($Error[0].Exception)."
52 | }
53 | }
54 | else
55 | {
56 | Write-Host "Schedule not found. Sleeping for 10 seconds."
57 | Start-Sleep -seconds 10
58 | }
59 |
60 | } Until ($Done -eq $True)
61 | Write-Host "Successfully Triggered schedule $($Schedule.ScheduleID)."
62 | }
63 | }
64 | catch{
65 | Write-Host "Failed."
66 | }
--------------------------------------------------------------------------------
/ConfigMgr/ClientActions/Trigger-ClientRebootTimer.ps1:
--------------------------------------------------------------------------------
1 | Param(
2 | [int]$GraceSeconds = 5400, #Sets the max value for the timer - Default 90 mins
3 | [int]$FinalSeconds = 900 #Sets the time when Snooze stops working - Default 15 mins
4 | )
5 |
6 | #https://docs.microsoft.com/en-us/configmgr/develop/reference/core/clients/sdk/ccm_instanceevent-client-wmi-class
7 | $NameSpace = "root\CCM\ClientSDK"
8 | $ClassName = "CCM_ClientInternalUtilities"
9 | $MethodName = "RaiseEvent"
10 |
11 | $EpochTimeSeconds = ([DateTimeOffset](Get-Date)).ToUnixTimeSeconds()
12 |
13 | $Class = $null
14 | $TargetInstancePath = $null
15 | $ActionType = [uint32]4 #RebootCountdonwStart
16 | $UserSID = $null
17 | $SessionID = $SessionID = [uint32]::MaxValue
18 | $MessageLevel = [uint32]0
19 | $Value = "{0}`t{1}`t{2}" -f $EpochTimeSeconds, $GraceSeconds,$FinalSeconds
20 | $Verbosity = [uint32]30
21 |
22 | #region CIM
23 | $CIMArgs = @{
24 | ClassName = $Class
25 | TargetInstancePath = $TargetInstancePath
26 | ActionType = $ActionType
27 | UserSID = $UserSID
28 | SessionID = $SessionID
29 | MessageLevel = $MessageLevel
30 | Value = $Value
31 | Verbosity = $Verbosity
32 | }
33 |
34 | Invoke-CimMethod -Namespace $NameSpace -ClassName $ClassName -MethodName $MethodName -Arguments $CIMArgs
35 |
--------------------------------------------------------------------------------
/ConfigMgr/ClientActions/Trigger-ClientRebootWithNotification.ps1:
--------------------------------------------------------------------------------
1 |
2 | Param(
3 | [datetime]$CustomDateTime,
4 | [int]$Days,
5 | [int]$Hours,
6 | [int]$Minutes,
7 | [int]$Seconds,
8 | [int]$GraceSeconds = 5400,
9 | [int]$FinalSeconds = 900
10 | )
11 |
12 |
13 | If($CustomDateTime) {
14 | $RebootDateTime = $CustomDateTime
15 | }
16 | Else {
17 | $RebootTimeSpan = New-TimeSpan -Days $Days -Hours $Hours -Minutes $Minutes -Seconds $Seconds
18 | If($RebootTimeSpan.Seconds -eq 0) {
19 | $RebootDateTime = $(Get-Date) + $RebootTimeSpan
20 | }
21 | $RestartEpochDateTimeSeconds = ([DateTimeOffset]$RebootDateTime).ToUnixTimeSeconds()
22 |
23 |
24 | #https://docs.microsoft.com/en-us/configmgr/develop/reference/core/clients/sdk/ccm_instanceevent-client-wmi-class
25 | $NameSpace = "root\CCM\ClientSDK"
26 | $ClassName = "CCM_ClientInternalUtilities"
27 | $MethodName = "RaiseEvent"
28 |
29 | $Class = $null
30 | $TargetInstancePath = $null
31 | $ActionType = [uint32]4 #RebootCountdonwStart
32 | $UserSID = $null
33 | $SessionID = $SessionID = [uint32]::MaxValue
34 | $MessageLevel = [uint32]0
35 | $Value = "{0}`t{1}`t{2}" -f $RestartEpochDateTimeSeconds, $GraceSeconds,$FinalSeconds
36 | $Verbosity = [uint32]30
37 |
38 | #region CIM
39 | $CIMArgs = @{
40 | ClassName = $Class
41 | TargetInstancePath = $TargetInstancePath
42 | ActionType = $ActionType
43 | UserSID = $UserSID
44 | SessionID = $SessionID
45 | MessageLevel = $MessageLevel
46 | Value = $Value
47 | Verbosity = $Verbosity
48 | }
49 | Invoke-CimMethod -Namespace $NameSpace -ClassName $ClassName -MethodName $MethodName -Arguments $CIMArgs
50 |
--------------------------------------------------------------------------------
/ConfigMgr/ClientDataSources/Get-DownloadHistoryStatusMessage.ps1:
--------------------------------------------------------------------------------
1 | $NameSpace = 'root\ccm\StateMsg'
2 | $ClassName = 'CCM_StateMsg'
3 | $TopicID = "STATE_STATEID_DOWNLOAD_AGGREGATE_DATA_UPLOAD"
4 | $TopicType = 7202
5 |
6 | Get-CIMInstance -Namespace $NameSpace -Class $ClassName -Filter "TopicType = $($TopicType)"
7 | [XML]$StateDetails = $StateMessageInstance.StateDetails
8 |
9 |
10 |
11 |
--------------------------------------------------------------------------------
/ConfigMgr/ClientDataSources/RedistContent.ps1:
--------------------------------------------------------------------------------
1 | $DPS = Get-CimInstance -ComputerName $SiteServer -Namespace "root\sms\site_$($SiteCode)" -query "SELECT * FROM SMS_SystemResourceList WHERE RoleName='SMS Distribution Point'" | Select-Object -ExpandProperty ServerName
2 |
3 | foreach ($DP in $DPs){
4 |
5 | # Get Packages in INSTALL_RETRYING state (2)
6 | $Query = "select * from SMS_PackageStatusDistPointsSummarizer where State in ('1','2','3','7') and SourceNALPath like '%$DP%'"
7 | $Failures = Get-CimInstance -ComputerName $SiteServer -Namespace "root\sms\site_$($SiteCode)" -Query $Query
8 | #$Failures | Select PackageID
9 | Write-Information "INSTALL_RETRYING counts on $($DP) is:" $(($Failures | Measure-Object).Count) -InformationAction Continue
10 |
11 | foreach ($Failure in $Failures) {
12 | $PackageID = $Failure.PackageID
13 | Write-Information "Package in INSTALL_RETRYING state on $($DP): $PackageID" -InformationAction Continue
14 | }
15 | }
--------------------------------------------------------------------------------
/ConfigMgr/Collections/WorkstationClient.txt:
--------------------------------------------------------------------------------
1 | select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where SMS_R_System.OperatingSystemNameandVersion like "Microsoft Windows NT Workstation%" AND ((ClientType = 1) OR (SMS_R_System.AgentEdition0 = 5))
--------------------------------------------------------------------------------
/ConfigMgr/DesktopAnalytics/Get-DesktopAnalytics.ps1:
--------------------------------------------------------------------------------
1 | param(
2 | [string]$WorkspaceID = "", #Desktop Analytics WorkspaceID
3 | [switch]$CreateNewContext = $false,
4 | [int]$Hours = 24
5 | )
6 |
7 | if (-not (Get-Module -Name Az)) {Install-Module Az -Force}
8 |
9 | Try {
10 |
11 | #region Get Desktop Analytics Data
12 | If($CreateNewContext.IsPresent) {
13 | Connect-AzAccount
14 | Login-AzAccount
15 | Save-AzContext -Path "$($PSScriptRoot)\azprofile.json" -Force
16 | }
17 |
18 | $Query ='MADevice'
19 | $TimeSpan = (New-TimeSpan -Hours $Hours)
20 | Import-AzContext -Path "$($PSScriptRoot)\azprofile.json" -ErrorAction Stop
21 |
22 | $AzResults = Invoke-AzOperationalInsightsQuery -WorkspaceId $WorkspaceID -Query $Query -Timespan $TimeSpan
23 | $AzComputerList = $AzResults.Results | Sort-Object Computer
24 |
25 | If(!($AzResults) -or !($AzComputerList)) {
26 | Write-Output "No Azure Results, exiting."
27 | Break;
28 | }
29 | Else {
30 | Write-Output ("Retrieved {0} Azure Records" -f $AzComputerList.Count)
31 | }
32 | }
33 | Catch
34 | {
35 | Write-Output "An error occurred connecting to Azure"
36 | $Error[0].Exception
37 | Return 1
38 | }
39 |
--------------------------------------------------------------------------------
/ConfigMgr/ErrorLookup/AdminUI.UIResources.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/ErrorLookup/AdminUI.UIResources.dll
--------------------------------------------------------------------------------
/ConfigMgr/ErrorLookup/DatabaseResources.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/ErrorLookup/DatabaseResources.dll
--------------------------------------------------------------------------------
/ConfigMgr/ErrorLookup/Lookup-Error.ps1:
--------------------------------------------------------------------------------
1 | param([int]$ErrorCode=0x87d00664)
2 | [void][System.Reflection.Assembly]::LoadFrom("c:\temp\errorLookup\SrsResources.dll")
3 | $Message = [SrsResources.Localization]::GetErrorMessage($ErrorCode,"en-US")
4 |
5 | Return $Message
6 |
7 |
8 |
9 | #'-2147467262'
10 | #
11 | #Invoke-RestMethod -URI "https://asdwinerrorlookup.azurewebsites.net/api/ErrorLookup?ErrorCode=0xc00000f"
12 | #
13 | #$Code = 0xc00000f
14 | #
15 | #$ex = New-Object System.ComponentModel.Win32Exception('0x800700C1')
16 | #return $ex.Message
17 | #
18 | #0x80000002 | gm
19 | #-2147483646 -eq 0x80000002
20 | #2147483650 | gm
21 | #"{0:X0}" -f ([int64]2147483650)
22 | #
23 | #$hex = "{0:X0}" -f ([int32]$code)
24 | # $int64 = [Convert]::ToInt64($hex,16)
25 | # $int32 = $code
26 | #
27 | #$code = 0x80000002
28 |
29 |
--------------------------------------------------------------------------------
/ConfigMgr/ErrorLookup/SrsResources.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/ConfigMgr/ErrorLookup/SrsResources.dll
--------------------------------------------------------------------------------
/ConfigMgr/ManageDPCertificates/CopyAndRun.ps1:
--------------------------------------------------------------------------------
1 | #This code isn't great. Needs more work. But good starting point.
2 | $TargetDevices = @(
3 | )
4 |
5 | ForEach($TargetDevice in $TargetDevices) {
6 | Copy-Item "$($PSScriptRoot)\New-CertReq.ps1","$($PSScriptRoot)\Run-NewCertReq.ps1" -Destination "\\$($TargetDevice)\c$\Temp" -Container -Force
7 | $Session = Enter-PSSession -ComputerName $TargetDevice -EnableNetworkAccess
8 | Invoke-Command -ComputerName $TargetDevice -FilePath "C:\Temp\Run-NewCertReq.ps1" -Credential (Get-Credential)
9 | Exit-PSSession
10 |
11 | }
--------------------------------------------------------------------------------
/ConfigMgr/ManageDPCertificates/Run-NewCertReq.ps1:
--------------------------------------------------------------------------------
1 | $NewCertReqSplat = @{
2 | ConnectTo = "DEVICENAME"
3 | DNSName = ($ENV:ComputerName).ToString().ToLower()
4 | FQDN = ([System.Net.DNS]::GetHostByName(($DNSName)).HostName).ToString().ToLower()
5 | TemplateName = "ASD-Web Server/Client Auth"
6 | CertStoreLocation = "cert:\LocalMachine\MY"
7 | CAUrl = "CN=A Square Dozen Issuing CA2,CN=CA01,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=ASD,DC=net"
8 | FriendlyName = "ConfigMgr Web Server/Client Auth"
9 | OutputFile = "c:\Temp\CertRequest.txt"
10 | RequestNewCert = $False
11 | UpdateIISCert = $True
12 | Export = $False
13 | ExportPath = "c:\DPCerts"
14 | }
15 |
16 | Set-Location $PSScriptRoot
17 | .\New-CertReq.ps1 @NewCertReqSplat
--------------------------------------------------------------------------------
/ConfigMgr/ManageDPCertificates/UpdateDPsWithCerts.ps1:
--------------------------------------------------------------------------------
1 | $SiteCode = "ASD" # Site code
2 | $ProviderMachineName = "CM01.ASD.NET" # SMS Provider machine name
3 | $initParams = @{}
4 | if((Get-Module ConfigurationManager) -eq $null) {
5 | Import-Module "$($ENV:SMS_ADMIN_UI_PATH)\..\ConfigurationManager.psd1" @initParams
6 | }
7 |
8 | if((Get-PSDrive -Name $SiteCode -PSProvider CMSite -ErrorAction SilentlyContinue) -eq $null) {
9 | New-PSDrive -Name $SiteCode -PSProvider CMSite -Root $ProviderMachineName @initParams
10 | }
11 |
12 | Set-Location "$($SiteCode):\" @initParams
13 |
14 | $myPwd = ConvertTo-SecureString -string "P@ssw0rd" -Force -AsPlainText
15 | $TargetDevices = @(
16 |
17 | )
18 |
19 | ForEach($TargetDevice in $TargetDevices) {
20 | $DP = Get-CMDistributionPoint | Where-Object {$_.NalPath -match $TargetDevice}
21 | $DP | Set-CMDistributionPoint -CertificatePath "\\CM01.ASD.Net\DPCerts\$($TargetDevice)_DPCert.PFX" -CertificatePassword $myPwd
22 | }
23 |
--------------------------------------------------------------------------------
/ConfigMgr/README.md:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/ConfigMgr/SQL/BoundaryMapping.ps1:
--------------------------------------------------------------------------------
1 | SELECT
2 | BoundaryGroupName = BG.Name,
3 | Boundaryname = B.Name,
4 | DeviceName = S.Name0,
5 | CountOfIPs = Count(s.ResourceID) OVER (PARTITION BY a.ResourceID),
6 | S.ResourceID,
7 | IPAddress = ip_addresses0,
8 | B.*,
9 | bg.*
10 | FROM
11 | v_R_System s LEFT OUTER JOIN
12 | v_RA_System_IPAddresses A ON s.ResourceID = A.ResourceID AND A.ip_addresses0 NOT LIKE '%:%' LEFT OUTER JOIN
13 | v_RA_System_IPSubnets sub ON sub.ResourceID = S.ResourceID LEFT OUTER JOIN
14 | BoundaryEx B ON dbo.fnGetNumericIPAddress(A.ip_addresses0) BETWEEN B.NumericValueLow AND B.NumericValueHigh LEFT OUTER JOIN
15 | BoundaryGroupMembers m ON m.BoundaryID = B.BoundaryID LEFT OUTER JOIN
16 | BoundaryGroup bg ON bg.GroupID = M.GroupID
17 | WHERE
18 | S.Operating_System_Name_and0 like 'Microsoft Windows NT Workstation%'
19 | ORDER BY
20 | S.Name0,A.IP_Addresses0
21 |
--------------------------------------------------------------------------------
/ConfigMgr/SQL/CoManagementWorkloads.sql:
--------------------------------------------------------------------------------
1 | --spGetMDMWorkloadEnabledCount
2 | --AdminUI.CoManagement.dll - CoManagementFlags
3 | --CoManagementFlags
4 | /*
5 | None = 0, 0x0
6 | Inventory = 1, 0x1
7 | CompliancePolicy = 2, 0x2
8 | ResourceAccess = 4, 0x4
9 | ConfigurationSettings = 8, 0x8
10 | WUfB = 16, 0x10
11 | Security = 32, 0x20
12 | ModernApps = 64, 0x40
13 | Office365 = 128, 0x80
14 | DiskEncryption = 4096, 0x1000
15 | EpSplit = 8192, 0x2000
16 | Default = 8193 0x2001
17 | */
18 |
19 | SELECT
20 | s.ResourceID,
21 | MDMEnrolled = cms.MDMEnrolled,
22 | Authority = cms.Authority,
23 | MDMWorkloads = cms.MDMWorkloads,
24 | ComgmtPolicyPresent = cms.ComgmtPolicyPresent,
25 | Name = cms.Name,
26 | SiteCode = cms.SiteCode,
27 | AADDeviceID = cms.AADDeviceID,
28 | MDMProvisioned = cms.MDMProvisioned,
29 | HybridAADJoined = cms.HybridAADJoined,
30 | AADJoined = cms.AADJoined,
31 | EnrollmentFailed = cms.EnrollmentFailed,
32 | PendingLogon = cms.PendingLogon,
33 | EnrollmentScheduled = cms.EnrollmentScheduled,
34 | EnrollmentStatusCode = cms.EnrollmentStatusCode,
35 | EnrollmentErrorDetail = cms.EnrollmentErrorDetail,
36 | None = CASE WHEN ISNULL(TRY_convert(bigint, MDMWorkloads), 2147483647) & 0x0 = 0x0 THEN 1 ELSE 0 END,
37 | Inventory = CASE WHEN ISNULL(TRY_convert(bigint, MDMWorkloads), 2147483647) & 0x1 = 0x1 THEN 1 ELSE 0 END,
38 | CompliancePolicy = CASE WHEN ISNULL(TRY_convert(bigint, MDMWorkloads), 2147483647) & 0x2 = 0x2 THEN 1 ELSE 0 END,
39 | ResourceAccess = CASE WHEN ISNULL(TRY_convert(bigint, MDMWorkloads), 2147483647) & 0x4 = 0x4 THEN 1 ELSE 0 END,
40 | ConfigurationSettings = CASE WHEN ISNULL(TRY_convert(bigint, MDMWorkloads), 2147483647) & 0x8 = 0x8 THEN 1 ELSE 0 END,
41 | WUfB = CASE WHEN ISNULL(TRY_convert(bigint, MDMWorkloads), 2147483647) & 0x10 = 0x10 THEN 1 ELSE 0 END,
42 | Security = CASE WHEN ISNULL(TRY_convert(bigint, MDMWorkloads), 2147483647) & 0x20 = 0x20 THEN 1 ELSE 0 END,
43 | ModernApps = CASE WHEN ISNULL(TRY_convert(bigint, MDMWorkloads), 2147483647) & 0x40 = 0x40 THEN 1 ELSE 0 END,
44 | Office365 = CASE WHEN ISNULL(TRY_convert(bigint, MDMWorkloads), 2147483647) & 0x80 = 0x80 THEN 1 ELSE 0 END,
45 | DiskEncryption = CASE WHEN ISNULL(TRY_convert(bigint, MDMWorkloads), 2147483647) & 0x1000 = 0x1000 THEN 1 ELSE 0 END,
46 | EndpointProtection = CASE WHEN ISNULL(TRY_convert(bigint, MDMWorkloads), 2147483647) & 0x2000 = 0x2000 THEN 1 ELSE 0 END,
47 | [Default] = CASE WHEN ISNULL(TRY_convert(bigint, MDMWorkloads), 2147483647) & 0x2001 = 0x2001 THEN 1 ELSE 0 END,
48 | Intune = CASE WHEN ISNULL(TRY_convert(bigint, MDMWorkloads), 2147483647) & 0xFFFFFFFF = 0xFFFFFFFF THEN 1 ELSE 0 END
49 | FROM
50 | (SELECT ResourceID = MAX(ResourceID) FROM v_r_system WHERE Operating_System_Name_and0 like 'Microsoft Windows NT Workstation%' AND Client0 = 1 GROUP BY Name0) s LEFT OUTER JOIN
51 | v_ClientCoManagementState cms ON s.ResourceID = cms.ResourceID
52 | ORDER BY
53 | MDMWorkloads
54 | DESC
55 |
56 |
57 |
58 |
--------------------------------------------------------------------------------
/ConfigMgr/SQL/CollectionMemberMismatch.ps1:
--------------------------------------------------------------------------------
1 | SELECT * FROM
2 | (select
3 | Name,
4 | machineid,
5 | CountMachineID = COUNT(*) OVER (PARTITION BY MachineID),
6 | CountName = COUNT(*) OVER (PARTITION BY Name),
7 | c.*
8 | FROM
9 | CollectionMembers cm LEFT OUTER JOIN
10 | collections c ON cm.SiteID = c.SiteID
11 | --where machineid = 16789646
12 | ) a where a.CountMachineID <> a.CountName
--------------------------------------------------------------------------------
/ConfigMgr/SQL/ConfigMgr/AppsWithRetiredSupersedence.sql:
--------------------------------------------------------------------------------
1 | Declare @TaskSequenceID char(8);
2 | set @TaskSequenceID = 'YOURTSID'
3 |
4 | SELECT
5 | CI.CI_ID,
6 | CI.CI_UniqueID,
7 | CI.Manufacturer,
8 | CI.DisplayName,
9 | CI.SoftwareVersion,
10 | ARF.ToApplication as RetiredSupersededApp
11 | FROM
12 | v_TaskSequenceAppReferencesInfo INNER JOIN
13 | fn_ListLatestApplicationCIs(1033) CI ON CI.CI_ID = v_TaskSequenceAppReferencesInfo.RefAppCI_ID INNER JOIN
14 | (
15 | select
16 | locpropFromapp.CI_ID as FromAppCI,
17 | locpropFromapp.DisplayName as FromApp,
18 | locpropFromDT.DisplayName as FromDeploymentType,
19 | locpropToapp.DisplayName as ToApplication,
20 | locpropToDT.DisplayName as ToDeploymentType
21 | from
22 | vSMS_AppRelation_Flat as appflat
23 | JOIN v_LocalizedCIProperties as locpropFromapp ON locpropFromapp.CI_ID = appflat.FromApplicationCIID
24 | JOIN v_LocalizedCIProperties as locpropFromDT ON locpropFromDT.CI_ID = appflat.FromDeploymentTypeCIID
25 | JOIN v_LocalizedCIProperties as locpropToapp ON locpropToapp.CI_ID = appflat.ToApplicationCIID
26 | JOIN v_LocalizedCIProperties as locpropToDT ON locpropToDT.CI_ID = appflat.ToDeploymentTypeCIID
27 | JOIN v_ConfigurationItems as ciFrom ON locpropFromapp.CI_ID = ciFrom.CI_ID
28 | JOIN v_ConfigurationItems as ciTo ON locpropToapp.CI_ID = ciTo.CI_ID
29 | where
30 | appflat.RelationType=15
31 | --AND ciFrom.IsTombstoned = 0
32 | AND ciFrom.IsLatest = 1
33 | AND ciFrom.IsExpired = 0
34 | --AND
35 | --ciTo.IsTombstoned = 1
36 | --AND ciTo.IsLatest = 1
37 | AND
38 | ciTo.IsExpired = 1
39 | ) ARF ON ARF.FromAppCI = CI.CI_ID
40 | WHERE
41 | v_TaskSequenceAppReferencesInfo.PackageID = @TaskSequenceID AND
42 | CI.ISSuperseding = 1
43 |
44 |
--------------------------------------------------------------------------------
/ConfigMgr/SQL/ConfigMgr/FindCollectionsUsingSoftwareInventoryViews.sql:
--------------------------------------------------------------------------------
1 | SELECT
2 | *
3 | FROM
4 | Collection_Rules_SQL
5 | WHERE
6 | SQL like '%CollectedFile%' OR
7 | SQL like '%LastSoftwareScan%' OR
8 | SQL like '%Mapped_Add_Remove_Programs%' OR
9 | SQL like '%SoftwareFile%' OR
10 | SQL like '%SoftwareProduct%' OR
11 | SQL like '%UnknownFile%' OR
12 | SQL like '%ProductFileInfo%' OR
13 | SQL like '%SoftwareFile%' OR
14 | SQL like '%SoftwareProduct%'
--------------------------------------------------------------------------------
/ConfigMgr/SQL/ConfigMgr/OSMapTesting- WIP.sql:
--------------------------------------------------------------------------------
1 | SELECT
2 | s.Name0,
3 | s.ResourceID
4 | ,Build01
5 | ,CASE
6 | LEFT(BUILD01,Charindex('.',Build01)-1)
7 | WHEN 5 THEN 'XP'
8 | WHEN 6 THEN '7'
9 | WHEN 10 THEN '10'
10 | ELSE NULL
11 | END as OSBaseVersion
12 | ,BuildExt
13 | ,Operating_System_Name_and0
14 | ,os.Version0
15 | ,BuildNumber0
16 | ,Caption0
17 | ,CSDVersion0
18 | ,ProductType0
19 | ,Version0
20 | ,ss.*
21 | ,ln.*
22 | ,c.*
23 | FROM
24 | v_r_system s LEFT OUTER JOIN
25 | v_GS_OPERATING_SYSTEM os ON s.ResourceID = os.ResourceID AND s.Build01 = os.Version0 LEFT OUTER JOIN
26 | --v_GS_OPERATING_SYSTEM os2 ON s.ResourceID = os2.ResourceID FULL OUTER JOIN
27 | fn_GetWindowsServicingStates() ss ON s.Build01 = ss.Build AND s.OSBranch01 = ss.Branch LEFT OUTER JOIN
28 | fn_GetWindowsServicingLocalizedNames() ln ON ln.Name = ss.Name
29 | Where Caption0 like '%pro%' and BUILD01 like '10.%'
30 |
--------------------------------------------------------------------------------
/ConfigMgr/SQL/ExtractQueriesFromSSRSRDL.ps1:
--------------------------------------------------------------------------------
1 | $ReportPath = "C:\SSRS"
2 | $Reports = Get-ChildItem -Path $ReportPath -file "*.rdl"
3 |
4 | Try {
5 | ForEach($Report in $Reports) {
6 | Write-Host "Extracting $($Report.Name)" -ForegroundColor Green
7 | [xml]$ReportContent = $Report | Get-Content
8 | $DataSets = $ReportContent.Report.DataSets.DataSet
9 | $Count = $DataSets.Count
10 | ForEach($DataSet in $DataSets) {
11 | $Number++
12 | Write-Host "Report $Number of $Count" -ForegroundColor Green
13 | $DataSet.Query.CommandText | Out-File -FilePath "$($ReportPath)\$($Report).BaseName_$($DataSet.Name).SQL" -Encoding utf8 -Force
14 | }
15 | $Count = 0
16 | $Number = 0
17 | }
18 | }
19 | Catch {
20 | Write-Host "Error on $($Report.Name)"
21 | }
--------------------------------------------------------------------------------
/ConfigMgr/SQL/README.md:
--------------------------------------------------------------------------------
1 | # SQL
2 | Misc SQL Queries
--------------------------------------------------------------------------------
/ConfigMgr/SQL/UMR.txt:
--------------------------------------------------------------------------------
1 | select
2 | SMS_R_SYSTEM.ResourceID,
3 | SMS_R_SYSTEM.ResourceType,
4 | SMS_R_SYSTEM.Name,
5 | SMS_R_SYSTEM.SMSUniqueIdentifier,
6 | SMS_R_SYSTEM.ResourceDomainORWorkgroup,
7 | SMS_R_SYSTEM.Client
8 | from
9 | SMS_R_System
10 | where
11 | SMS_R_System.ResourceId in
12 | (
13 | SELECT
14 | s.ResourceID
15 | FROM
16 | SMS_R_User as u JOIN
17 | SMS_R_System as s ON s.EmployeeID = u.cn JOIN
18 | SMS_UserMachineRelationship as umr ON umr.UniqueUserName = u.UniqueUserName AND s.ResourceID = umr.ResourceID JOIN
19 | SMS_UserMachineRelationship as umr2 ON umr2.UniqueUserName = u.UniqueUserName AND s.ResourceID = umr2.ResourceID AND umr.UniqueUserName = umr2.UniqueUserName AND umr.ResourceID = umr2.ResourceID LEFT JOIN
20 | SMS_UserMachineRelationship as umr3 ON s.ResourceID = umr3.ResourceID AND umr3.Sources = 4 WHERE
21 | umr.IsActive = 1 AND
22 | umr.Sources = 6 AND
23 | (umr2.Sources = 4 OR umr3.ResourceID IS NULL) AND
24 | u.UserGroupName = "ASD\\MyUserGroup"
25 | )
--------------------------------------------------------------------------------
/ConfigMgr/SQL/UtilityQueries/FindTextInDB.sql:
--------------------------------------------------------------------------------
1 | --Change the USING to the DB you want to run this against.
2 | USE [CM_ASD]
3 |
4 | --Change the value to your search term
5 | DECLARE @Text nvarchar(1000)
6 | SET @Text = 'TextToFind'
7 |
8 |
9 | ----Main Query--
10 |
11 | DECLARE @newText varchar(1000)
12 | SET @NewText = '%' + @Text + '%'
13 |
14 | SELECT
15 | DISTINCT
16 | 'TableOrView' AS 'ObjectType'
17 | ,TABLE_NAME AS 'ObjectName'
18 | ,CASE WHEN COLUMN_NAME LIKE @NewText THEN COLUMN_NAME ELSE NULL END AS 'ColumnName'
19 | ,NULL AS 'Excerpt'
20 | ,NULL AS 'Definition'
21 | FROM
22 | INFORMATION_SCHEMA.COLUMNS
23 | WHERE
24 | TABLE_NAME LIKE @NewText OR
25 | COLUMN_NAME LIKE @NewText
26 |
27 | UNION
28 |
29 | SELECT
30 | DISTINCT
31 | 'StoredProcedure' AS 'ObjectType'
32 | ,SPECIFIC_NAME AS 'ObjectName'
33 | ,NULL AS 'ColumnName'
34 | ,SUBSTRING(ROUTINE_DEFINITION, CHARINDEX(@Text, ROUTINE_DEFINITION)-50, 100) AS 'Excerpt'
35 | ,ROUTINE_DEFINITION AS 'Definition'
36 | FROM
37 | INFORMATION_SCHEMA.ROUTINES
38 | WHERE
39 | SPECIFIC_NAME LIKE @NewText OR
40 | ROUTINE_DEFINITION LIKE @NewText
41 |
42 | UNION
43 |
44 | SELECT
45 | DISTINCT
46 | 'ViewDefinition' AS 'ObjectType'
47 | ,TABLE_NAME AS 'ObjectName'
48 | ,NULL AS 'ColumnName'
49 | ,SUBSTRING(VIEW_DEFINITION, CHARINDEX(@text, VIEW_DEFINITION)-50, 100) as 'Excerpt'
50 | ,VIEW_DEFINITION AS 'Definition'
51 | FROM
52 | INFORMATION_SCHEMA.VIEWS
53 | WHERE
54 | TABLE_NAME LIKE @NewText OR
55 | VIEW_DEFINITION LIKE @newText
56 |
57 | UNION
58 |
59 | SELECT
60 | DISTINCT
61 | 'Function' AS 'ObjectType'
62 | ,TABLE_NAME AS 'ObjectName'
63 | ,COLUMN_NAME AS 'ColumnName'
64 | ,NULL AS 'Excerpt'
65 | ,NULL AS 'Definition'
66 | FROM
67 | INFORMATION_SCHEMA.ROUTINE_COLUMNS
68 | WHERE
69 | COLUMN_NAME LIKE @newText
70 | ORDER BY
71 | ObjectType,
72 | ColumnName,
73 | ObjectName
--------------------------------------------------------------------------------
/ConfigMgr/Scripts/Disable-MeteredConnections.ps1:
--------------------------------------------------------------------------------
1 | $profiles = [system.collections.arraylist]::new()
2 | (netsh wlan show profiles) | %{
3 | If ($_ -match "(profile)(\s+:)") {
4 | $profiles.Add(($_ -Split ":")[1] -Replace "\s") | Out-Null
5 | }
6 | }
7 |
8 | If (!$profiles) { Break }
9 |
10 | ForEach ($profile in $profiles) {
11 | $config = (netsh wlan show profile name="$profile")
12 | $setting = (($config -match "(Cost\s+:+)") -Split ":")[1] -Replace "\s"
13 |
14 | If ($setting -ne 'Unrestricted') {
15 | (netsh wlan set profile parameter name="$profile" cost="Unrestricted")
16 | }
17 |
18 | }
--------------------------------------------------------------------------------
/ConfigMgr/Scripts/FixOSKey.ps1:
--------------------------------------------------------------------------------
1 | $opk = (Get-WmiObject -query 'select * from SoftwareLicensingService').OA3xOriginalProductKey
2 | #$genericWin10Key = "DXG7C-N36C4-C4HTG-X4T3X-2YV77"
3 | $KMS='NPPR9-FWDCX-D2C8J-H872K-2YT43'
4 | $KMSservice = Get-WMIObject -query "select * from SoftwareLicensingService"
5 | Write-Debug 'Activating Windows.'
6 |
7 | Get-WmiObject -query 'select * from SoftwareLicensingProduct WHERE PartialProductKey <> null and ApplicationID = "55c92734-d682-4d71-983e-d6ec3f16059f"'
8 |
9 | $null = $KMSservice.InstallProductKey($opk)
10 | $null = $KMSservice.RefreshLicenseStatus()
11 |
12 | Get-WmiObject -query 'select * from SoftwareLicensingProduct WHERE PartialProductKey <> null and ApplicationID = "55c92734-d682-4d71-983e-d6ec3f16059f"'
13 |
14 | $null = $KMSservice.InstallProductKey($KMS)
15 | $null = $KMSservice.RefreshLicenseStatus()
16 |
17 | Get-WmiObject -query 'select * from SoftwareLicensingProduct WHERE PartialProductKey <> null and ApplicationID = "55c92734-d682-4d71-983e-d6ec3f16059f"'
18 |
--------------------------------------------------------------------------------
/ConfigMgr/Scripts/Get-CMApplicationList.ps1:
--------------------------------------------------------------------------------
1 | param (
2 | [string]$ApplicationName
3 | )
4 | function Connect-CMSite {
5 | [cmdletBinding()]
6 | param(
7 | [Parameter(Mandatory=$False)]
8 | [string]$Script:SiteServer = (Get-ItemPropertyValue -Path "HKLM:\SOFTWARE\Microsoft\CCM\FSP" -Name "HostName" -ErrorAction Stop),
9 |
10 | [Parameter(Mandatory=$False)]
11 | [string]$Script:SiteCode = (Get-CimInstance -Namespace "root\SMS" -ClassName "SMS_ProviderLocation" -ComputerName $SiteServer -ErrorAction Stop | Select-Object -ExpandProperty SiteCode)
12 | )
13 |
14 | try {
15 | Write-Host " + Connecting to ConfigMgr Site $($Script:SiteServer) - $($Script:SiteCode)" -ForegroundColor Cyan -NoNewline
16 | if((Get-Module ConfigurationManager) -eq $null) {
17 | Import-Module "$($ENV:SMS_ADMIN_UI_PATH)\..\ConfigurationManager.psd1"
18 | }
19 |
20 | if((Get-PSDrive -Name $Script:SiteCode -PSProvider CMSite -ErrorAction SilentlyContinue) -eq $null) {
21 | New-PSDrive -Name $Script:SiteCode -PSProvider CMSite -Root $Script:SiteServer
22 | }
23 | Set-Location "$($Script:SiteCode):\"
24 | Write-Host $Script:tick -ForegroundColor green
25 | }
26 | catch {
27 | throw $_
28 | }
29 | }
30 |
31 | [System.Reflection.Assembly]::LoadWithPartialName('Microsoft.VisualBasic') | Out-Null
32 | Add-Type -AssemblyName PresentationCore,PresentationFramework
33 | Remove-Variable * -ErrorAction SilentlyContinue
34 |
35 | $ApplicationName = [Microsoft.VisualBasic.Interaction]::InputBox("Enter application name (full or partial): ", "Search String", "java")
36 | $ApplicationName = "*$($ApplicationName)*"
37 |
38 | Connect-CMSite
39 |
40 | $Applications = Get-CMApplication -Name $ApplicationName -Fast -ForceWildcardHandling
41 |
42 | $AppList = ForEach ($Application in $Applications) {
43 | $Deployments = $Application | Foreach-Object {Get-CMApplicationDeployment -InputObject $_}
44 | if ($Deployments) {
45 | ForEach ($Deployment in $Deployments) {
46 | $Collections = $Deployment | ForEach-Object {Get-CMCollection -Id $_.TargetCollectionID}
47 | if ($Collections) {
48 | ForEach ($Collection in $Collections) {
49 | [PSCustomObject]@{
50 | AppID = $Collections.Comment.SubString($Collections.Comment.LastIndexOf('|')+1).trim()
51 | Manufacturer = $Application.Manufacturer
52 | ApplicationName = $Application.LocalizedDisplayName
53 | ApplicationVerison = $Application.SoftwareVersion
54 | CollectionName = $Collections.Name
55 | CollectionID = $Collections.CollectionID
56 | CollectionComment = $Collections.Comment
57 | }
58 | }
59 | }
60 | }
61 | }
62 | }
63 |
64 | $AppList | Format-List
--------------------------------------------------------------------------------
/ConfigMgr/Scripts/Get-CollectionPath.ps1:
--------------------------------------------------------------------------------
1 | #$Coll = Get-CMCollection -Name "Adams Machines"
2 |
3 | $Coll.NamedValueDictionary
4 |
5 | Get-CMDeviceCollection -Name "Adams Machines" | dir
6 |
7 | $SiteCode = 'PS1'
8 | $RootPath = -".\DeviceCollection"
9 |
10 | $Folders = Get-ChildItem -Path $RootPath
11 |
12 | ForEach($Folder in $Folders) {
13 | Get-ChildItem -Path "$($RootPath)\$($Folder.Name)"
14 | }
--------------------------------------------------------------------------------
/ConfigMgr/Scripts/GetTPMVersion.ps1:
--------------------------------------------------------------------------------
1 | [CmdletBinding()]
2 | param(
3 | [version]$ExpectedTPMVersion = "1.1.0"
4 | )
5 |
6 | try {
7 | if(-not $ExpectedTPMVersion) {
8 | Return $true
9 | }
10 | $TPM = Get-CimInstance -Namespace "root\CIMV2\Security\MicrosoftTpm" -ClassName "Win32_Tpm" -ErrorAction SilentlyContinue
11 | [bool]$retVal = $false
12 | if ($TPM) {
13 | if($TPM.ManufacturerVersionFull20) {
14 | if ([Version]$TPM.ManufacturerVersionFull20 -ge $ExpectedTPMVersion) {
15 | $retVal = $true
16 | }
17 | }
18 | }
19 | return $retVal
20 | }
21 | catch {
22 | throw $_
23 | }
--------------------------------------------------------------------------------
/ConfigMgr/Scripts/Invoke-DCMBaseline.ps1:
--------------------------------------------------------------------------------
1 | #Trigger-BaselineEvaluation
2 | <#
3 | .SYNOPSIS
4 | Trigger a the evaluation of client baselines
5 | .PARAMETER BaseLineName
6 | The name of the baseline to be triggered. If NO BaseLinName is specified ALL baselines are client evaluated.
7 | .NOTES
8 | Version: 1.0
9 | Author: Adam Gross - @AdamGrossTX
10 | GitHub: https://www.github.com/AdamGrossTX
11 | WebSite: https://www.asquaredozen.com
12 | Creation Date: 09/03/2020
13 | Purpose/Change:
14 | 1.0 Initial script development
15 | #>
16 |
17 | [cmdletbinding()]
18 | Param(
19 | [string]$BaseLineName
20 | )
21 |
22 | $NameSpace = "root\ccm\dcm"
23 | $ClassName = "SMS_DesiredConfiguration"
24 | $MethodName = "TriggerEvaluation"
25 | $Status = @{
26 | 0 = "NonCompliant"
27 | 1 = "Compliant"
28 | 2 = "NotApplicable"
29 | 3 = "Unknown"
30 | 4 = "Error"
31 | 5 = "NotEvaluated"
32 | }
33 |
34 | Try {
35 |
36 | If ($BaselineName) {
37 | $Filter = "DisplayName='{0}' and PolicyType is null" -f $BaseLineName
38 | }
39 | Else {
40 | $Filter = "PolicyType is null"
41 | }
42 | $Baselines = Get-CIMInstance -Namespace $NameSpace -ClassName $ClassName -Filter $Filter
43 |
44 | If ($Baselines) {
45 | $Results = ForEach ($Baseline in $Baselines) {
46 | $ArgsList = @{
47 | Name = $BaseLine.Name
48 | Version = $Baseline.Version
49 | IsMachineTarget = $True
50 | IsEnforced = $True
51 | }
52 | $BaseLine | Invoke-CimMethod -MethodName $MethodName -Arguments $ArgsList | Out-Null
53 | $Filter = "DisplayName='{0}'" -f $BaseLine.DisplayName
54 | [int]$ComplianceStatus = (Get-CIMInstance -Namespace $NameSpace -ClassName $ClassName -Filter $Filter).LastComplianceStatus
55 |
56 | "{0} : {1}" -f $BaseLine.DisplayName, $Status[$ComplianceStatus]
57 | }
58 | Return $Results
59 | }
60 | Else {
61 | Return "No Baseline Found"
62 | }
63 | }
64 | Catch {
65 | Return $_
66 | }
--------------------------------------------------------------------------------
/ConfigMgr/Scripts/PSLogSanitizer.ps1:
--------------------------------------------------------------------------------
1 | #Be sure to test your regular expressions. There are several online test tools available.
2 | #I used this one and it worked very well http://regexstorm.net/tester
3 | #Regex Reference
4 | #https://www.zerrouki.com/powershell-cheatsheet-regular-expressions/
5 |
6 | ##############################################################################################################################################
7 | #Modify these entries to match your site's needs. So far, these 4 are all I need, but there may be others.
8 | #Format is (RegexValue, ReplacementValue)
9 | $regex = @{}
10 | $regex.Add("ASD\w*-\w+","XXX-ServerName") #Replace server names following format *-*
11 | $regex.Add("(CM1)","XXX") #Replace all instances of your configmgr site prefix, mostly seein in package names
12 | $regex.Add("(\.\w?\w?\.|\.)asquaredozen.com",".XXXXXXX.com") #Replace all domain urls matching .*. or .
13 | $regex.Add("(SecretProductName|SecretProductName2)","XXXXXXXXX") #Replace any other exact match words - like internal product names and such.
14 | ##############################################################################################################################################
15 |
16 | #Location of this script.
17 | set-location $PSScriptRoot
18 |
19 | #Path to the log files. Default location is the same folder as this script.
20 | $logfiles = Get-ChildItem "$PSScriptRoot\*.log"
21 |
22 | Write-Host
23 | forEach ($log in $logfiles){
24 | Write-Host -f green "Parsing $($log)"
25 | $Content = (Get-Content $log)
26 | foreach ($rex in $regex.keys)
27 | {
28 | $Content = $Content -ireplace "$($rex)","$($regex[$rex])" #Use ireplace for case insensetive replace
29 | }
30 | #Files are saved with "_parsed appended to the end to preserve your originals.
31 | $parsedLogName = $log.Name.Split('.')[0] + "_parsed." + $log.Name.Split('.')[-1]
32 | $content | Set-Content $parsedLogName
33 |
34 | Write-Host -f green "Parsing Completed for $($log)."
35 | }
36 |
--------------------------------------------------------------------------------
/ConfigMgr/Scripts/ResetLocalAdminPwd.ps1:
--------------------------------------------------------------------------------
1 | Param (
2 | $AccountSID = "S-1-5-21-2499041169-1956781846-35386737-500",
3 | [bool]$Disable = $false,
4 | $Password = "P@ssw0rd"
5 | )
6 |
7 | Try {
8 | $Account = Get-LocalUser -SID $AccountSID
9 | $Return = @()
10 | If($Account) {
11 | If($Disable) {
12 | If($Account.Enabled) {
13 | $Account | Disable-LocalUser
14 | $Return += "Account Disabled"
15 | }
16 | Else {
17 | $Return += "Account Already Diabled"
18 | }
19 | }
20 | Else {
21 | If(-not $Account.Enabled) {
22 | $Account | Enable-LocalUser
23 | $Return += "Account Enabled"
24 | }
25 | Else {
26 | $Return += "Account Already Enabled"
27 | }
28 | }
29 | If($Password) {
30 | $SecurePassword = ConvertTo-SecureString -String $Password -AsPlainText -Force
31 | $Account | Set-LocalUser -Password $SecurePassword
32 | $Return += "Password Reset"
33 | }
34 | }
35 |
36 | $Return
37 | }
38 | Catch {
39 | Return $Error[0]
40 | }
41 |
42 | <#Using NET commands instead
43 | net user Administrator /ACTIVE:YES
44 | net user Administrator P@ssw0rd
45 | #>
--------------------------------------------------------------------------------
/ConfigMgr/StatusMessages/New-CustomStatusMessage.ps1:
--------------------------------------------------------------------------------
1 |
2 | #Usage
3 | #New-CustomStatusMessage.ps1 -Component GenericMsg_SeeInsertionStrings -InsStr1 MsgType_Office365Upgrade -InsStr2 projectInstalled
4 | #New-CustomStatusMessage.ps1 GenericMsg_SeeInsertionStrings MsgType_Office365Upgrade projectInstalled
5 |
6 | <#
7 | SELECT
8 | *
9 | FROM
10 | v_StatMsgWithInsStrings
11 | WHERE
12 | messageid = 39997
13 | #>
14 |
15 | Param (
16 | [Parameter(Position=0)]
17 | [string]$Component = "GenericMsg_SeeInsertionStrings",
18 |
19 | [Parameter(Position=1)]
20 | [string]$InsStr1 = "MsgType_Office365Upgrade",
21 |
22 | [Parameter(Position=2)]
23 | [string]$InsStr2 = "projectInstalled",
24 |
25 | [Parameter(Position=3)]
26 | [string]$InsStr3,
27 |
28 | [Parameter(Position=4)]
29 | [string]$InsStr4,
30 |
31 | [Parameter(Position=5)]
32 | [string]$InsStr5,
33 |
34 | [Parameter(Position=6)]
35 | [string]$InsStr6,
36 |
37 | [Parameter(Position=7)]
38 | [string]$InsStr7,
39 |
40 | [Parameter(Position=8)]
41 | [string]$InsStr8,
42 |
43 | [Parameter(Position=9)]
44 | [string]$InsStr9,
45 |
46 | [Parameter(Position=10)]
47 | [string]$InsStr10
48 |
49 | )
50 |
51 | $PropertyList = @{
52 | "Attribute403" = $Component
53 | "InsertionString1" = $InsStr1
54 | "InsertionString2" = $InsStr2
55 | "InsertionString3" = $InsStr3
56 | "InsertionString4" = $InsStr4
57 | "InsertionString5" = $InsStr5
58 | "InsertionString6" = $InsStr6
59 | "InsertionString7" = $InsStr7
60 | "InsertionString8" = $InsStr8
61 | "InsertionString9" = $InsStr9
62 | "InsertionString10" = $InsStr10
63 | }
64 |
65 | Try {
66 | $eventObj = New-Object -ComObject Microsoft.SMS.Event -ErrorAction Stop
67 | $eventObj.EventType = "SMS_GenericStatusMessage_Info"
68 | ForEach($Key in $PropertyList.Keys) {
69 | If($null -ne $PropertyList[$Key]) {
70 | $eventObj.SetProperty($Key, $PropertyList[$Key])
71 | }
72 | }
73 | $eventObj.Submit()
74 | Return 0
75 | }
76 | Catch {
77 | Write-Error $Error[0]
78 | Return -1
79 | }
80 |
81 |
82 | <#
83 | #Simple Version
84 |
85 | Try {
86 | $eventObj = New-Object -ComObject Microsoft.SMS.Event -ErrorAction Stop
87 | $eventObj.EventType = "SMS_GenericStatusMessage_Info"
88 | $eventObj.SetProperty("Attribute403", "GenericMsg_SeeInsertionStrings");
89 | $eventObj.SetProperty("InsertionString1", "MsgType_Office365Upgrade")
90 | $eventObj.SetProperty("InsertionString2", "projectInstalled")
91 | $eventObj.Submit()
92 | Return 0
93 | }
94 | Catch {
95 | Write-Error $Error[0]
96 | Return -1
97 | }
98 | #>
--------------------------------------------------------------------------------
/ConfigMgr/StatusMessages/New-CustomStatusMessage.txt:
--------------------------------------------------------------------------------
1 |
2 | #Usage
3 | #New-CustomStatusMessage.ps1 -Component GenericMsg_SeeInsertionStrings -InsStr1 MsgType_Office365Upgrade -InsStr2 projectInstalled
4 | #New-CustomStatusMessage.ps1 GenericMsg_SeeInsertionStrings MsgType_Office365Upgrade projectInstalled
5 |
6 | <#
7 | SELECT
8 | *
9 | FROM
10 | v_StatMsgWithInsStrings
11 | WHERE
12 | messageid = 39997
13 | #>
14 |
15 | Param (
16 | [Parameter(Position=0)]
17 | [string]$Component = "GenericMsg_SeeInsertionStrings",
18 |
19 | [Parameter(Position=1)]
20 | [string]$InsStr1 = "MsgType_Office365Upgrade",
21 |
22 | [Parameter(Position=2)]
23 | [string]$InsStr2 = "projectInstalled",
24 |
25 | [Parameter(Position=3)]
26 | [string]$InsStr3,
27 |
28 | [Parameter(Position=4)]
29 | [string]$InsStr4,
30 |
31 | [Parameter(Position=5)]
32 | [string]$InsStr5,
33 |
34 | [Parameter(Position=6)]
35 | [string]$InsStr6,
36 |
37 | [Parameter(Position=7)]
38 | [string]$InsStr7,
39 |
40 | [Parameter(Position=8)]
41 | [string]$InsStr8,
42 |
43 | [Parameter(Position=9)]
44 | [string]$InsStr9,
45 |
46 | [Parameter(Position=10)]
47 | [string]$InsStr10
48 |
49 | )
50 |
51 | $PropertyList = @{
52 | "Attribute403" = $Component
53 | "InsertionString1" = $InsStr1
54 | "InsertionString2" = $InsStr2
55 | "InsertionString3" = $InsStr3
56 | "InsertionString4" = $InsStr4
57 | "InsertionString5" = $InsStr5
58 | "InsertionString6" = $InsStr6
59 | "InsertionString7" = $InsStr7
60 | "InsertionString8" = $InsStr8
61 | "InsertionString9" = $InsStr9
62 | "InsertionString10" = $InsStr10
63 | }
64 |
65 | Try {
66 | $eventObj = New-Object -ComObject Microsoft.SMS.Event -ErrorAction Stop
67 | $eventObj.EventType = "SMS_GenericStatusMessage_Info"
68 | ForEach($Key in $PropertyList.Keys) {
69 | If($null -ne $PropertyList[$Key]) {
70 | $eventObj.SetProperty($Key, $PropertyList[$Key])
71 | }
72 | }
73 | $eventObj.Submit()
74 | Return 0
75 | }
76 | Catch {
77 | Write-Error $Error[0]
78 | Return -1
79 | }
80 |
81 |
82 | <#
83 | #Simple Version
84 |
85 | Try {
86 | $eventObj = New-Object -ComObject Microsoft.SMS.Event -ErrorAction Stop
87 | $eventObj.EventType = "SMS_GenericStatusMessage_Info"
88 | $eventObj.SetProperty("Attribute403", "GenericMsg_SeeInsertionStrings");
89 | $eventObj.SetProperty("InsertionString1", "MsgType_Office365Upgrade")
90 | $eventObj.SetProperty("InsertionString2", "projectInstalled")
91 | $eventObj.Submit()
92 | Return 0
93 | }
94 | Catch {
95 | Write-Error $Error[0]
96 | Return -1
97 | }
98 | #>
--------------------------------------------------------------------------------
/ConfigMgr/TaskSequence/New-DriverVariableTSStep.ps1:
--------------------------------------------------------------------------------
1 | [cmdletBinding()]
2 | param(
3 | [Parameter(Mandatory=$true)]
4 | [string]
5 | $SiteCode,
6 |
7 | [Parameter(Mandatory=$true)]
8 | [string]
9 | $ProviderMachineName
10 | )
11 |
12 | $initParams = @{}
13 | if((Get-Module ConfigurationManager) -eq $null) {
14 | Import-Module "$($ENV:SMS_ADMIN_UI_PATH)\..\ConfigurationManager.psd1" @initParams
15 | }
16 |
17 | if((Get-PSDrive -Name $SiteCode -PSProvider CMSite -ErrorAction SilentlyContinue) -eq $null) {
18 | New-PSDrive -Name $SiteCode -PSProvider CMSite -Root $ProviderMachineName @initParams
19 | }
20 | Set-Location "$($SiteCode):\" @initParams
21 |
22 | $TaskSequenceID = ""
23 | $StepNameBegin = "Set "
24 | $StepNameEnd = " Driver Variables"
25 | $Description = "Sets dynamic variables for drivers"
26 | $PackageSearchDescription = "Windows 10 Driver Package"
27 |
28 | $Packages = Get-CMPackage | Where-Object -Property Description -eq $PackageSearchDescription
29 | $Manufacturers = $Packages | Select-Object -Unique Manufacturer
30 | $TaskSequence = Get-CMTaskSequence -TaskSequencePackageId $TaskSequenceID
31 |
32 | ForEach ($Manufacturer in $Manufacturers.Manufacturer)
33 | {
34 | $RuleList = @()
35 | $StepName = "{0}{1}{2}" -f $StepNameBegin, $Manufacturer, $StepNameEnd
36 |
37 | $FilteredPackages = $Packages | Where-Object Manufacturer -eq $Manufacturer | Select-Object *
38 | Foreach ($Package in $FilteredPackages) {
39 | #Change this to match your driver package naming convention
40 | $Model = $Package.Name.Split("-")[0].trim()
41 | $Model = "*{0}*" -f $Model
42 | $Model
43 | $RuleList += New-CMTSRule -Make $Package.Manufacturer.ToString() -Model $Model -Variable @{"OSDUpgradeDriverPackageID" = $Package.PackageID}
44 | }
45 |
46 | $Step = New-CMTSStepSetDynamicVariable -AddRule $RuleList -Name $StepName -Description $Description
47 | $TaskSequence | Add-CMTaskSequenceStep -Step $Step
48 | }
49 |
50 |
51 |
52 |
--------------------------------------------------------------------------------
/ConfigMgr/TaskSequence/Update-CMClientPackages.ps1:
--------------------------------------------------------------------------------
1 |
2 | [cmdletBinding()]
3 | param(
4 | [Parameter(Mandatory=$true)]
5 | [string]
6 | $SiteCode,
7 |
8 | [Parameter(Mandatory=$true)]
9 | [string]
10 | $ProviderMachineName,
11 |
12 | [Parameter(Mandatory=$true)]
13 | [string]
14 | $ClientVersion = "5.00.8790.1007"
15 | )
16 |
17 | $initParams = @{}
18 | if((Get-Module ConfigurationManager) -eq $null) {
19 | Import-Module "$($ENV:SMS_ADMIN_UI_PATH)\..\ConfigurationManager.psd1" @initParams
20 | }
21 |
22 | if((Get-PSDrive -Name $SiteCode -PSProvider CMSite -ErrorAction SilentlyContinue) -eq $null) {
23 | New-PSDrive -Name $SiteCode -PSProvider CMSite -Root $ProviderMachineName @initParams
24 | }
25 | Set-Location "$($SiteCode):\" @initParams
26 |
27 |
28 | $ClientIDList = @{}
29 | $ClientIDList[""] = ''
30 | $ClientIDList[""] = ''
31 | $ClientIDList[""] = ''
32 |
33 | $ClientSource = '\\SERVER\SCCMClient$'
34 | $ServerPackage = Get-CMPackage -Id $ClientIDList["ServerClient"]
35 | Set-Location "c:\"
36 | Get-ChildItem -Path $ServerPackage.PkgSourcePath | Remove-Item -Recurse
37 | Copy-Item -Path "$($ClientSource)\*" -Destination $ServerPackage.PkgSourcePath -Recurse -Force
38 |
39 | Set-Location "$($SiteCode):\" @initParams
40 | $Count = 0
41 | ForEach($key in $ClientIDList.Keys)
42 | {
43 | $Count ++
44 | Write-Host "#############################"
45 | Write-Host "Processing Record $($Count) of $($ClientIDList.Count): $($Key)"
46 | Get-CMPackage -ID $ClientIDList[$key] | Set-CMPackage -Version $ClientVersion
47 | Update-CMDistributionPoint -PackageId $ClientIDList[$key]
48 | Write-Host "Updated: $($Key)"
49 | }
--------------------------------------------------------------------------------
/ConfigMgr/TaskSequence/Update-TSBootImageID.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .SYNOPSIS
3 | Bulk Update the BootImageID for Task Sequences in ConfigMgr
4 | .DESCRIPTION
5 | Bulk Update the BootImageID for Task Sequences in ConfigMgr
6 | .PARAMETER SiteCode
7 | ConfigMgr Site Code
8 | .PARAMETER SiteServer
9 | ConfigMgr Site Server Name
10 | .PARAMETER OldBootImageID
11 | ID of the current boot image that is being replaced
12 | .PARAMETER NewBootImageID
13 | ID of the new boot image
14 |
15 | .NOTES
16 | Version: 1.0
17 | Author: Adam Gross - @AdamGrossTX
18 | GitHub: https://www.github.com/AdamGrossTX
19 | WebSite: https://www.asquaredozen.com
20 | Creation Date: 12/14/2019
21 |
22 | .EXAMPLE
23 | Update BootImageID
24 | .\Update-TSBootImageID.ps1 $SiteCode "PS1" -ServerName "cm01.asd.net" -OldBootImageID "PS1000001" -NewBootImageID "PS1000002"
25 |
26 | .EXAMPLE
27 | Update BootImageID with Splatting
28 | $UpdateTSBootImageIDSplat = @{
29 | SiteCode = "PS1"
30 | ServerName = "cm01.asd.net"
31 | OldBootImageID = "PS1000001"
32 | NewBootImageID = "PS1000002"
33 | }
34 |
35 | .\Update-TSBootImageID.ps1 $UpdateTSBootImageIDSplat
36 |
37 | #>
38 |
39 | [cmdletBinding()]
40 | param(
41 | [Parameter(Mandatory=$true)]
42 | [string]
43 | $SiteCode,
44 |
45 | [Parameter(Mandatory=$true)]
46 | [string]
47 | $ServerName,
48 |
49 | [Parameter(Mandatory=$true)]
50 | [string]
51 | $OldBootImageID,
52 |
53 | [Parameter(Mandatory=$true)]
54 | [string]
55 | $NewBootImageID
56 | )
57 |
58 | $initParams = @{}
59 | if((Get-Module ConfigurationManager) -eq $null) {
60 | Import-Module "$($ENV:SMS_ADMIN_UI_PATH)\..\ConfigurationManager.psd1" @initParams
61 | }
62 |
63 | if((Get-PSDrive -Name $SiteCode -PSProvider CMSite -ErrorAction SilentlyContinue) -eq $null) {
64 | New-PSDrive -Name $SiteCode -PSProvider CMSite -Root $ServerName @initParams
65 | }
66 | Set-Location "$($SiteCode):\" @initParams
67 |
68 | #######################################################
69 |
70 | $TSList = Get-CMTaskSequence | Where-Object BootImageId -eq $OldBootImageID
71 |
72 | Write-Host "Updating the Boot Image on $($TSList.Count) Task Sequences from $($OldBootImageID) to $($NewBootImageID)"
73 |
74 | $Count = 0
75 | ForEach ($TS in $TSList)
76 | {
77 | $Count ++
78 | Write-Host "#############################"
79 | Write-Host "Processing Record $($Count) of $($TSList.Count): $($TS.Name)"
80 | $TS | Set-CMTaskSequence -BootImageId $NewBootImageID
81 | Write-Host "Updated: $($TS.Name)"
82 | }
--------------------------------------------------------------------------------
/ConfigMgr/TaskSequenceMonitor/readme.md:
--------------------------------------------------------------------------------
1 | This is a work in progress. Use at your own risk.
2 |
--------------------------------------------------------------------------------
/ConfigMgr/Troubleshooting/CleanupFoldersWithRoboCopy.ps1:
--------------------------------------------------------------------------------
1 | [cmdletbinding()]
2 | param(
3 | $incoming,
4 | $Folder = "{3DA228BE-34DA-49f4-A081-66465B077429}",
5 | $DestinationRoot = "C:\Windows\System32",
6 | [switch]$remediate #1 or 0
7 | )
8 |
9 | try {
10 | $DestPath = Join-Path -Path $DestinationRoot -ChildPath $Folder
11 | $DestinationFolder = Get-Item -Path $DestPath -ErrorAction SilentlyContinue
12 | if ($DestinationFolder) {
13 | $TempFolder = New-Item -Path "$($env:TEMP)\$($Folder)" -ItemType Directory -Force
14 | $StartCount = ($DestinationFolder | Get-ChildItem).Count
15 | if ($remediate.IsPresent -and $TempFolder) {
16 | & robocopy "$($TempFolder.FullName)" "$($DestinationFolder.FullName.ToString())" /mir /r:0 /w:0 /e | Out-Null
17 | $TempFolder | Remove-Item -Force #-ErrorAction SilentlyContinue
18 | $EndCount = ($DestinationFolder | Get-ChildItem).Count
19 | return $EndCount
20 | }
21 | else {
22 | return $StartCount
23 | }
24 | }
25 | else {
26 | return 0
27 | }
28 | }
29 | catch {
30 | throw $_
31 | }
32 |
--------------------------------------------------------------------------------
/ConfigMgr/WindowsImage/Run-ImportWindowsImage.ps1:
--------------------------------------------------------------------------------
1 | #Import-WindowsImage
2 | $ImportWindowsImageSplat = @{
3 | ServerName = "cm01.asd.net"
4 | SiteCode = "PS1"
5 | SourceMediaRootPath = "C:\ImageServicing\CompletedMedia"
6 | DestinationRootPath = "\\sources\OSInstallFiles\Windows 10"
7 | OSVersion = "1909"
8 | OSArch = "x64"
9 | Month = "2019-12"
10 | ImageType = "Both"
11 | ConsoleFolderPath = "\Windows 10"
12 | DPGroupName = "All Distribution Points"
13 | }
14 |
15 | .\Import-WindowsImage.ps1 @ImportWindowsImageSplat
--------------------------------------------------------------------------------
/Demo Content/AdminService (CTSMUG)/PowerBIAdminServiceDemo.pbix:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/AdminService (CTSMUG)/PowerBIAdminServiceDemo.pbix
--------------------------------------------------------------------------------
/Demo Content/AdminService (CTSMUG)/WMIQueryTest.ps1:
--------------------------------------------------------------------------------
1 | Get-CimInstance -Namespace "root\SMS\Site_PS1" -Query 'SELECT SMS_R_System.Name FROM SMS_R_System WHERE (Name != "CM01")' -ComputerName localhost | Select Name
2 |
--------------------------------------------------------------------------------
/Demo Content/AdminService (MMSJazz)/Youtube1280x720.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/AdminService (MMSJazz)/Youtube1280x720.png
--------------------------------------------------------------------------------
/Demo Content/CMPivot (MMSMiami)/CMPivotOverAdminService.ps1:
--------------------------------------------------------------------------------
1 | ################
2 | #Sample script for running CMPivot using ConfigMgr AdminService
3 | # By: Adam Gross
4 | # @AdamGrossTX
5 | # https://www.asquaredozen.com
6 | ###############
7 |
8 | Param (
9 | $SiteServer = "cm01.asd.net"
10 | )
11 |
12 | $BaseUri = "https://$($SiteServer)/AdminService/v1.0/"
13 | $Query = "OperatingSystem"
14 |
15 | $Params = @{
16 | Method = "Post"
17 | Uri = "$($BaseUri)Collections('SMS00001')/AdminService.RunCMPivot"
18 | Body = @{"InputQuery"="$($Query)"} | ConvertTo-Json
19 | ContentType = "application/json"
20 | UseDefaultCredentials = $true
21 | }
22 |
23 | $Result = Invoke-RestMethod @Params
24 | $OperationID = $Result.OperationId
25 |
26 | Function Get-Status
27 | {
28 | If ($OperationID) {
29 | #start-sleep -seconds 30
30 | $uri = '{0}SMS_CMPivotStatus?$filter=ClientOperationId eq {1}' -f $BaseUri, $OperationID
31 |
32 | $Params = @{
33 | Method = "Get"
34 | Uri = [System.Web.HTTPUtility]::UrlEncode($uri)
35 | ContentType = "application/json"
36 | UseDefaultCredentials = $true
37 | }
38 |
39 | $agentsquery = New-Object System.Net.WebClient
40 | $agentsquery.UseDefaultCredentials =$true
41 | [System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }
42 | $Result = $agentsquery.DownloadString($uri)
43 | }
44 |
45 | $obj = @()
46 | $XML = ($Result | ConvertFrom-Json).value.ScriptOutput
47 | ForEach($ResultObj in $XML)
48 | {
49 | $Obj += @(([XML]$ResultObj).ChildNodes.e)
50 | }
51 |
52 | $ClickResult = $Obj | Out-GridView -OutputMode Single
53 |
54 | #$GetResults = Read-Host -Prompt "Do you want to check for results? [y]es or [n]o"
55 | #If ($GetResults = 'Y') {Get-Status}
56 |
57 | }
58 |
59 | Get-Status
60 |
61 | #Rework using this #https://cm01.asd.net/AdminService/v1.0/SMS_CMPivotTask(16818775)
--------------------------------------------------------------------------------
/Demo Content/CMPivot (MMSMiami)/ControlService.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 |
9 | [cmdletbinding()]
10 | param (
11 | [Parameter(Mandatory)]
12 | [string]$ServiceName,
13 |
14 | [Parameter(Mandatory)]
15 | [ValidateSet("Start","Stop","Restart","Disable","Enable")]
16 | [string]$Action
17 | )
18 | try {
19 | $Service = Get-Service $ServiceName -ErrorAction Stop
20 |
21 | if($Service) {
22 | switch($Action) {
23 | "Start" {$Service | Start-Service -Force -PassThru}
24 | "Stop" {$Service | Stop-Service -Force -PassThru}
25 | "Restart" {$Service | Restart-Service -Force -PassThru}
26 | "Disable" {$Service | Set-Service -StartupType Disabled -PassThru | Stop-Service -PassThru}
27 | "Enable" {$Service | Set-Service -StartupType Enabled -PassThru | Start-Service -PassThru}
28 | }
29 | }
30 | else {
31 | Return "Service $($ServiceName) not found."
32 | }
33 | }
34 | catch {
35 | Throw $_
36 | }
--------------------------------------------------------------------------------
/Demo Content/CMPivot (MMSMiami)/ViewAllScripts.sql:
--------------------------------------------------------------------------------
1 | SELECT
2 | ScriptName,
3 | Script,
4 | Base64Script,
5 | CAST (Script as nvarchar(max)),
6 | ScriptText =
7 | CASE WHEN Base64Script like 'FFFE%' THEN
8 | CAST( CAST( Base64Script as XML ).value('.','varbinary(max)') AS nvarchar(max) )
9 | ELSE
10 | CONVERT(NVARCHAR(MAX),CAST( CAST( Base64Script as XML ).value('.','varbinary(max)') AS nvarchar(max) ))
11 | END
12 | FROM
13 | Scripts
14 | CROSS APPLY (SELECT CONVERT(NVARCHAR(MAX),Script,2) AS '*' FOR XML PATH('')) T (Base64Script)
15 | ORDER BY
16 | Script
--------------------------------------------------------------------------------
/Demo Content/Client Data Sources (TXSMUG)/ClientDataSourcesStatusMessageSample.XML:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
--------------------------------------------------------------------------------
/Demo Content/Client Data Sources (TXSMUG)/Enable-ClientDebugLogging.ps1:
--------------------------------------------------------------------------------
1 | $GlobalLoggingPath = "HKLM:\SOFTWARE\Microsoft\CCM\Logging\@GLOBAL"
2 | $DebugLoggingPath = "HKLM:\SOFTWARE\Microsoft\CCM\Logging\DebugLogging"
3 |
4 | New-ItemProperty -Path $GlobalLoggingPath -Name LogLevel -PropertyType DWORD -Value 0 -Force
5 | New-ItemProperty -Path $GlobalLoggingPath -Name LogMaxHistory -PropertyType DWORD -Value 4 -Force
6 | New-ItemProperty -Path $GlobalLoggingPath -Name LogMaxSize -PropertyType DWORD -Value 5242880 -Force
7 | New-Item -Path $DebugLoggingPath -ItemType Directory -Force
8 | New-ItemProperty -Path $DebugLoggingPath -Name Enabled -PropertyType String -Value True -Force
9 |
10 | Restart-service ccmexec
11 |
--------------------------------------------------------------------------------
/Demo Content/Client Data Sources (TXSMUG)/Get-DownloadHistoryStatusMessage.ps1:
--------------------------------------------------------------------------------
1 | $NameSpace = 'root\ccm\StateMsg'
2 | $ClassName = 'CCM_StateMsg'
3 | $TopicID = "STATE_STATEID_DOWNLOAD_AGGREGATE_DATA_UPLOAD"
4 | $TopicType = 7202
5 |
6 | Get-CIMInstance -Namespace $NameSpace -Class $ClassName -Filter "TopicType = $($TopicType)"
7 | [XML]$StateDetails = $StateMessageInstance.StateDetails
8 |
--------------------------------------------------------------------------------
/Demo Content/Graph API and AdminService (MMSMiami)/Microsoft.IdentityModel.Clients.ActiveDirectory.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Graph API and AdminService (MMSMiami)/Microsoft.IdentityModel.Clients.ActiveDirectory.dll
--------------------------------------------------------------------------------
/Demo Content/Graph API and AdminService (MMSMiami)/README.MD:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Graph API and AdminService (MMSMiami)/README.MD
--------------------------------------------------------------------------------
/Demo Content/HomeLab (MMSMiami)/AutomatedLabSetup.ps1:
--------------------------------------------------------------------------------
1 | Install-PackageProvider Nuget -Force
2 | Install-Module AutomatedLab -AllowClobber
3 |
4 | Set-PSFConfig -Module AutomatedLab -Name LabAppDataRoot -Value /home/youruser/.alConfig -PassThru | Register-PSFConfig
5 | New-LabSourcesFolder -Drive D
6 |
7 | #
8 | Get-LabAvailableOperatingSystem -Path D:\LabSources
9 |
10 |
11 | #
12 | New-LabDefinition -Name GettingStarted2 -DefaultVirtualizationEngine HyperV
13 |
14 | Add-LabMachineDefinition -Name SecondServer -OperatingSystem 'Windows Server 2019 Standard (Desktop Experience)'
15 |
16 | Install-Lab
17 |
18 | Show-LabDeploymentSummary
--------------------------------------------------------------------------------
/Demo Content/HomeLab (MMSMiami)/Intune.HV.Tools.ps1:
--------------------------------------------------------------------------------
1 | Install-Module -Name Intune.HV.Tools
2 |
3 | Get-Command -Module Intune.HV.Tools
--------------------------------------------------------------------------------
/Demo Content/Manage Any Device Anywhere (MEMUG)/AdminServiceDemo.pbix:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Manage Any Device Anywhere (MEMUG)/AdminServiceDemo.pbix
--------------------------------------------------------------------------------
/Demo Content/Manage Any Device Anywhere (MEMUG)/AdminServiceOverAppProxy.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 | If(!($Credential)) {
9 | $Credential = Get-Credential
10 | }
11 |
12 | $Result = Invoke-WebRequest -Uri "https://ConfigMgr-asdlab1.msappproxy.net/AdminService/v1.0" -Credential $Credential
13 | $ResObj = ConvertFrom-Json $Result.Content
14 | $ResObj.value
15 |
16 | $Result = Invoke-WebRequest -Uri "https://ConfigMgr-asdlab1.msappproxy.net/AdminService/wmi/SMS_R_System" -Credential $Credential
17 | $ResObj = ConvertFrom-Json $Result.Content
18 | $ResObj.Value.Name
19 |
20 |
--------------------------------------------------------------------------------
/Demo Content/Manage Any Device Anywhere (MEMUG)/InitiateClientAction.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 | Param (
9 | [Parameter(Mandatory=$true,HelpMessage="Enter your server name where AdminService is runnning (SMS Provider Role")]
10 | [string]$ServerName,
11 |
12 | [Parameter(Mandatory=$true,HelpMessage="Enter the ResourceID of the target device")]
13 | [uint32[]]$TargetResourceIDs,
14 |
15 | [Parameter(Mandatory=$false,HelpMessage="Enter a Collection ID that the target device is in")]
16 | [string]$TargetCollectionID = "SMS00001"
17 | )
18 |
19 | $Types = [Ordered]@{
20 | "DownloadComputerPolicy" = 8
21 | "DownloadUserPolicy" = 9
22 | "CollectDiscoveryData" = 10
23 | "CollectSoftwareInventory" = 11
24 | "CollectHardwareInventory" = 12
25 | "EvaluateApplicationDeployments" = 13
26 | "EvaluateSoftwareUpdateDeployments" = 14
27 | "SwitchToNextSoftwareUpdatePoint" = 15
28 | "EvaluateDeviceHealthAttestation" = 16
29 | "CheckConditionalAccessCompliance" = 125
30 | "WakeUp" = 150
31 | "Restart" = 17
32 | "EnableVerboseLogging" = 20
33 | "DisableVerboseLogging" = 21
34 | "CollectClientLogs" = 22
35 | }
36 |
37 | [uint32]$RandomizationWindow = 1
38 | [string]$MethodClass = "SMS_ClientOperation"
39 | [string]$MethodName = "InitiateClientOperation"
40 | [string]$ResultClass = "SMS_ClientOperationStatus"
41 |
42 | $Types.Keys | ForEach-Object {Write-Host $Types[$_] : $_}
43 | [uint32]$Type = Read-Host -Prompt "Which client action?"
44 |
45 | $PostURL = "https://{0}/AdminService/wmi/{1}.{2}" -f $ServerName,$MethodClass,$MethodName
46 | $Headers = @{
47 | "Content-Type" = "Application/json"
48 | }
49 | $Body = @{
50 | TargetCollectionID = $TargetCollectionID
51 | Type = $Type
52 | RandomizationWindow = $RandomizationWindow
53 | TargetResourceIDs = $TargetResourceIDs
54 | } | ConvertTo-Json
55 |
56 | Invoke-RestMethod -Method Post -Uri "$($PostURL)" -Body $Body -Headers $Headers -UseDefaultCredentials | Select-Object ReturnValue
57 |
58 | #Get Results
59 | $GetURL = "https://{0}/AdminService/wmi/{1}" -f $ServerName, $ResultClass
60 | (Invoke-RestMethod -Method Get -Uri "$($GetURL)" -UseDefaultCredentials).Value | Format-Table
--------------------------------------------------------------------------------
/Demo Content/Manage Any Device Anywhere (MEMUG)/WMI 4 Ways - AdminService Demo.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 | #This code shows 4 ways to Query and Update SCCM/WMI with PowerShell
9 |
10 | $ServerName = "as01.asd.net"
11 | $SiteCode = "ps1"
12 | $NameSpace = "root\SMS\Site_{0}" -f $SiteCode
13 | $ClassName = "SMS_UserMachineRelationship"
14 | [uint32]$ResourceId = 16777316
15 | $UserAccountName = "ASD\Adam"
16 |
17 | #WMI
18 | Get-WMIObject -Namespace $NameSpace -Class $ClassName | Format-Table
19 | #CIM
20 | Get-CimInstance -Namespace $NameSpace -ClassName $ClassName | Format-Table
21 |
22 | #AdminService
23 | $GetURL = "https://{0}/AdminService/wmi/{1}" -f $ServerName,$ClassName
24 | (Invoke-RestMethod -Method Get -Uri "$($GetURL)" -UseDefaultCredentials).Value | Format-Table
25 |
26 | #ConfigMgr PS CmdLets
27 | #This approach is most limited.
28 | $initParams = @{}
29 | if((Get-Module ConfigurationManager) -eq $null) {
30 | Import-Module "$($ENV:SMS_ADMIN_UI_PATH)\..\ConfigurationManager.psd1" @initParams
31 | }
32 | if((Get-PSDrive -Name $SiteCode -PSProvider CMSite -ErrorAction SilentlyContinue) -eq $null) {
33 | New-PSDrive -Name $SiteCode -PSProvider CMSite -Root $ServerName @initParams
34 | }
35 | Set-Location "$($SiteCode):\" @initParams
36 |
37 | Get-CMUserDeviceAffinity -UserName $UserAccountName | Format-Table
--------------------------------------------------------------------------------
/Demo Content/Manage Any Device Anywhere (NWSCUG)/AdminServiceDemo.pbix:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Manage Any Device Anywhere (NWSCUG)/AdminServiceDemo.pbix
--------------------------------------------------------------------------------
/Demo Content/Manage Any Device Anywhere (NWSCUG)/AdminServiceOverAppProxy.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 | If(!($Credential)) {
9 | $Credential = Get-Credential
10 | }
11 |
12 | $Result = Invoke-WebRequest -Uri "https://configmgradminservice-asdlab1.msappproxy.net/AdminService/v1.0/AdminService/v1.0" -Credential $Credential
13 | $ResObj = ConvertFrom-Json $Result.Content
14 | $ResObj.value
15 |
16 | $Result = Invoke-WebRequest -Uri "https://configmgradminservice-asdlab1.msappproxy.net/AdminService/v1.0/AdminService/wmi/SMS_R_System" -Credential $Credential
17 | $ResObj = ConvertFrom-Json $Result.Content
18 | $ResObj.Value.Name
19 |
20 |
--------------------------------------------------------------------------------
/Demo Content/Manage Any Device Anywhere (NWSCUG)/InitiateClientAction.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 | Param (
9 | [Parameter(Mandatory=$true,HelpMessage="Enter your server name where AdminService is runnning (SMS Provider Role")]
10 | [string]$ServerName,
11 |
12 | [Parameter(Mandatory=$true,HelpMessage="Enter the ResourceID of the target device")]
13 | [uint32[]]$TargetResourceIDs,
14 |
15 | [Parameter(Mandatory=$false,HelpMessage="Enter a Collection ID that the target device is in")]
16 | [string]$TargetCollectionID = "SMS00001"
17 | )
18 |
19 | $Types = [Ordered]@{
20 | "DownloadComputerPolicy" = 8
21 | "DownloadUserPolicy" = 9
22 | "CollectDiscoveryData" = 10
23 | "CollectSoftwareInventory" = 11
24 | "CollectHardwareInventory" = 12
25 | "EvaluateApplicationDeployments" = 13
26 | "EvaluateSoftwareUpdateDeployments" = 14
27 | "SwitchToNextSoftwareUpdatePoint" = 15
28 | "EvaluateDeviceHealthAttestation" = 16
29 | "CheckConditionalAccessCompliance" = 125
30 | "WakeUp" = 150
31 | "Restart" = 17
32 | "EnableVerboseLogging" = 20
33 | "DisableVerboseLogging" = 21
34 | "CollectClientLogs" = 22
35 | }
36 |
37 | [uint32]$RandomizationWindow = 1
38 | [string]$MethodClass = "SMS_ClientOperation"
39 | [string]$MethodName = "InitiateClientOperation"
40 | [string]$ResultClass = "SMS_ClientOperationStatus"
41 |
42 | $Types.Keys | ForEach-Object {Write-Host $Types[$_] : $_}
43 | [uint32]$Type = Read-Host -Prompt "Which client action?"
44 |
45 | $PostURL = "https://{0}/AdminService/wmi/{1}.{2}" -f $ServerName,$MethodClass,$MethodName
46 | $Headers = @{
47 | "Content-Type" = "Application/json"
48 | }
49 | $Body = @{
50 | TargetCollectionID = $TargetCollectionID
51 | Type = $Type
52 | RandomizationWindow = $RandomizationWindow
53 | TargetResourceIDs = $TargetResourceIDs
54 | } | ConvertTo-Json
55 |
56 | Invoke-RestMethod -Method Post -Uri "$($PostURL)" -Body $Body -Headers $Headers -UseDefaultCredentials | Select-Object ReturnValue
57 |
58 | #Get Results
59 | $GetURL = "https://{0}/AdminService/wmi/{1}" -f $ServerName, $ResultClass
60 | (Invoke-RestMethod -Method Get -Uri "$($GetURL)" -UseDefaultCredentials).Value | Format-Table
--------------------------------------------------------------------------------
/Demo Content/Manage Any Device Anywhere (NWSCUG)/WMI 4 Ways - AdminService Demo.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 | #This code shows 4 ways to Query and Update SCCM/WMI with PowerShell
9 |
10 | $ServerName = "cm01.asd.net"
11 | $SiteCode = "ps1"
12 | $NameSpace = "root\SMS\Site_{0}" -f $SiteCode
13 | $ClassName = "SMS_R_System"
14 | [uint32]$ResourceId = 16777316
15 | $UserAccountName = "ASD\Adam"
16 |
17 | #WMI
18 | Get-WMIObject -Namespace $NameSpace -Class $ClassName | Format-Table
19 | #CIM
20 | Get-CimInstance -Namespace $NameSpace -ClassName $ClassName | Format-Table
21 |
22 | #AdminService
23 | $GetURL = "https://cm01.asd.net/AdminService/wmi/SMS_R_System"
24 | (Invoke-RestMethod -Method Get -Uri "$($GetURL)" -UseDefaultCredentials).Value | Format-Table
25 |
26 | #ConfigMgr PS CmdLets
27 | #This approach is most limited.
28 | $initParams = @{}
29 | if((Get-Module ConfigurationManager) -eq $null) {
30 | Import-Module "$($ENV:SMS_ADMIN_UI_PATH)\..\ConfigurationManager.psd1" @initParams
31 | }
32 | if((Get-PSDrive -Name $SiteCode -PSProvider CMSite -ErrorAction SilentlyContinue) -eq $null) {
33 | New-PSDrive -Name $SiteCode -PSProvider CMSite -Root $ServerName @initParams
34 | }
35 | Set-Location "$($SiteCode):\" @initParams
36 |
37 | Get-CMDevice | Format-Table
38 |
39 | Get-CMUserDeviceAffinity -UserName $UserAccountName | Format-Table
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/GetOSInfo.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 | C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Bypass -Command "& {
9 |
10 | $OS = Get-CimInstance Win32_OperatingSystem;
11 | $OSCaption = $OS.Caption;
12 | $OSVersion = $OS.Version;
13 | $OSBuild = $OS.buildNumber;
14 | $OSArchitecture = $OS.OSArchitecture;
15 |
16 | $tsenv = New-Object -COMObject Microsoft.SMS.TSEnvironment;
17 | $tsenv.Value('OSCaption') = $OSCaption;
18 | $tsenv.Value('OSVersion') = $OSVersion;
19 | $tsenv.Value('OSBuild') = $OSBuild;
20 | $tsenv.Value('OSArchitecture') = $OSArchitecture;
21 | Write-Host Getting TS Variables;
22 | Write-Host OSCaption: $tsenv.Value('OSCaption');
23 | Write-Host OSVersion: $tsenv.Value('OSVersion');
24 | Write-Console OSBuild: $tsenv.Value('OSBuild');
25 | Write-Host OSArchitecture: $tsenv.Value('OSArchitecture')
26 |
27 |
28 | }"
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/TaskSequences/CustomDialog.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Task Sequences (AZSMUG)/TaskSequences/CustomDialog.zip
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/TaskSequences/CustomDialog_files/TS Tools/Progress_RunSpace_Mahapps_Ring_FullScreen.ps1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Task Sequences (AZSMUG)/TaskSequences/CustomDialog_files/TS Tools/Progress_RunSpace_Mahapps_Ring_FullScreen.ps1
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/TaskSequences/CustomDialog_files/TS Tools/Run_Progress.ps1:
--------------------------------------------------------------------------------
1 | start-process powershell .\Progress_RunSpace_Mahapps_Ring_FullScreen.ps1
2 |
3 |
4 |
5 |
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/TaskSequences/CustomDialog_files/TS Tools/ServiceUI.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Task Sequences (AZSMUG)/TaskSequences/CustomDialog_files/TS Tools/ServiceUI.exe
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/TaskSequences/CustomDialog_files/TS Tools/Test.ps1:
--------------------------------------------------------------------------------
1 | Get-WmiObject Win32_ComputerSystem
2 | Start-Sleep 10
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/TaskSequences/CustomDialog_files/TS Tools/assembly/MahApps.Metro.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Task Sequences (AZSMUG)/TaskSequences/CustomDialog_files/TS Tools/assembly/MahApps.Metro.dll
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/TaskSequences/CustomDialog_files/TS Tools/assembly/System.Windows.Interactivity.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Task Sequences (AZSMUG)/TaskSequences/CustomDialog_files/TS Tools/assembly/System.Windows.Interactivity.dll
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/TaskSequences/CustomDialog_files/TS Tools/cmtrace.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Task Sequences (AZSMUG)/TaskSequences/CustomDialog_files/TS Tools/cmtrace.exe
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/TaskSequences/DynamicVars1.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Task Sequences (AZSMUG)/TaskSequences/DynamicVars1.zip
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/TaskSequences/DynamicVars1_files/TS Tools/Progress_RunSpace_Mahapps_Ring_FullScreen.ps1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Task Sequences (AZSMUG)/TaskSequences/DynamicVars1_files/TS Tools/Progress_RunSpace_Mahapps_Ring_FullScreen.ps1
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/TaskSequences/DynamicVars1_files/TS Tools/Run_Progress.ps1:
--------------------------------------------------------------------------------
1 | start-process powershell .\Progress_RunSpace_Mahapps_Ring_FullScreen.ps1
2 |
3 |
4 |
5 |
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/TaskSequences/DynamicVars1_files/TS Tools/ServiceUI.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Task Sequences (AZSMUG)/TaskSequences/DynamicVars1_files/TS Tools/ServiceUI.exe
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/TaskSequences/DynamicVars1_files/TS Tools/Test.ps1:
--------------------------------------------------------------------------------
1 | Get-WmiObject Win32_ComputerSystem
2 | Start-Sleep 10
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/TaskSequences/DynamicVars1_files/TS Tools/assembly/MahApps.Metro.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Task Sequences (AZSMUG)/TaskSequences/DynamicVars1_files/TS Tools/assembly/MahApps.Metro.dll
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/TaskSequences/DynamicVars1_files/TS Tools/assembly/System.Windows.Interactivity.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Task Sequences (AZSMUG)/TaskSequences/DynamicVars1_files/TS Tools/assembly/System.Windows.Interactivity.dll
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/TaskSequences/DynamicVars1_files/TS Tools/cmtrace.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Task Sequences (AZSMUG)/TaskSequences/DynamicVars1_files/TS Tools/cmtrace.exe
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/TaskSequences/DynamicVars2.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Task Sequences (AZSMUG)/TaskSequences/DynamicVars2.zip
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/TaskSequences/TryCatch.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Task Sequences (AZSMUG)/TaskSequences/TryCatch.zip
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/Tools/Progress_RunSpace_Mahapps_Ring_FullScreen.ps1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Task Sequences (AZSMUG)/Tools/Progress_RunSpace_Mahapps_Ring_FullScreen.ps1
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/Tools/Run_Progress.ps1:
--------------------------------------------------------------------------------
1 | start-process powershell .\Progress_RunSpace_Mahapps_Ring_FullScreen.ps1
2 |
3 |
4 |
5 |
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/Tools/ServiceUI.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Task Sequences (AZSMUG)/Tools/ServiceUI.exe
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/Tools/Test.ps1:
--------------------------------------------------------------------------------
1 | Get-WmiObject Win32_ComputerSystem
2 | Start-Sleep 10
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/Tools/assembly/MahApps.Metro.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Task Sequences (AZSMUG)/Tools/assembly/MahApps.Metro.dll
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/Tools/assembly/System.Windows.Interactivity.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Task Sequences (AZSMUG)/Tools/assembly/System.Windows.Interactivity.dll
--------------------------------------------------------------------------------
/Demo Content/Task Sequences (AZSMUG)/Tools/cmtrace.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Demo Content/Task Sequences (AZSMUG)/Tools/cmtrace.exe
--------------------------------------------------------------------------------
/Group Policy/README.md:
--------------------------------------------------------------------------------
1 |
2 | Collection of scripts for managing group policies
3 |
--------------------------------------------------------------------------------
/Hello For Business Notes.txt:
--------------------------------------------------------------------------------
1 | Quickly check for KDC Auth Access
2 |
3 | NLTEST /DCList:
4 |
5 |
6 | KLIST
7 | Use KLIST to show issues tickets
8 |
9 | KLIST Purge to clear them
10 |
11 | Should show the DC you hit to get the ticket which is super helpful
12 |
13 |
14 | WireShart
15 |
16 | Use Wireshart filtered with - kerberos -
17 | Should show the kerberos requests and which DC they are hitting
18 |
19 | Add names resolution to the adapters config
20 |
21 | will show the auth failures as well
22 |
23 |
--------------------------------------------------------------------------------
/Intune Graph Sample - Graph Auth Function.pbix:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Intune Graph Sample - Graph Auth Function.pbix
--------------------------------------------------------------------------------
/Intune/ADMXIngestion/RemovedComboBoxItems.txt:
--------------------------------------------------------------------------------
1 | Part_Proxy_ProxyTypeLockdown
2 | Part_AltProxy_ProxyTypeLockdown
3 | Part_SSL_SSLProxyHostLockdown
4 | Part_SSL_SSLPolicyOID
5 | Part_SSL_ClientCertificate
6 | Part_ConfigureClientSelectiveTrust_IEZone
7 | Part_ConfigureClientSelectiveTrust_EffectiveAddress
8 | Part_EnableDriveMappingDisableDrives
9 | Part_Display_Seamless
10 | Part_Display_Width
11 | Part_Display_Height
12 | Part_Display_WorkArea
13 | Part_PublishedApplications_InitialProgram
14 | Part_AltProxy_ProxyFallbackLockdown
15 |
--------------------------------------------------------------------------------
/Intune/Assignements2.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 |
9 | param (
10 | $AuthToken
11 | )
12 |
13 | $GraphURI = "https://graph.microsoft.com/beta/"
14 |
15 | $Headers = @{
16 | "Authorization"="Bearer $($AuthToken)"
17 | }
18 |
19 | $URIList = @(
20 | ("$($GraphURI)deviceManagement/groupPolicyConfigurations?`$expand=assignments"),
21 | ("$($GraphURI)deviceManagement/deviceConfigurations?`$expand=assignments"),
22 | ("$($GraphURI)deviceAppManagement/mobileAppConfigurations?`$expand=assignments"),
23 | ("$($GraphURI)/deviceManagement/configurationPolicies?`$expand=assignments"),
24 | ("$($GraphURI)/deviceManagement/intents?`$expand=assignments")
25 | )
26 |
27 | $Results =
28 | foreach($URI in $URIList) {
29 | (Invoke-RestMethod -Uri $URI -Method Get -Headers $Headers -ContentType "application/json").value
30 | }
31 |
32 | $groupURI = "$($GraphURI)directoryObjects/getByIds"
33 | $ProfileList =
34 | foreach($Result in $Results) {
35 | [string[]]$groupIDs = $null
36 | [string[]]$groupNames = $null
37 | $Assignments = $null
38 |
39 | if($Result."assignments@odata.context" -like '*intents*') {
40 | $AssigmentsURI = ($Result."assignments@odata.context").Replace("`$metadata#","")
41 | $Assignments = (Invoke-RestMethod -Uri $AssigmentsURI -Method Get -Headers $Headers -ContentType "application/json").value
42 | }
43 | else {
44 | $Assignments = $Result.assignments
45 | }
46 |
47 | if($Assignments.target.groupid) {
48 | [string[]]$groupIDs = $Assignments.target.groupid
49 | if($groupIDs) {
50 | $body = @{
51 | ids = $groupIDs
52 | } | ConvertTo-Json
53 | [string[]]$GroupNames = (Invoke-RestMethod -Uri $groupURI -Method Post -Body $body -Headers $Headers -ContentType "application/json").value.displayName
54 | }
55 | }
56 | [PSCustomObject]@{
57 | Id = $Result.id
58 | Name = if($result.DisplayName) {$Result.DisplayName} else {$Result.Name}
59 | IsAssigned = if($Assignments) {$true} else {$Result.isassigned}
60 | Assignments = $Assignments
61 | GroupNames = if($GroupNames) {$GroupNames} else {"None"}
62 | }
63 | }
64 |
65 | $ProfileList | Out-GridView
--------------------------------------------------------------------------------
/Intune/AzureADtoLocalAdmin.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 |
9 | $user = "azuread\xxx@domain.com"
10 | $localadmingroup = get-localgroup -sid S-1-5-32-544
11 | Add-LocalGroupMember -Group $localadmingroup -Member $user
--------------------------------------------------------------------------------
/Intune/ConvertToBase64.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 |
9 | Param (
10 | [System.IO.FileInfo]
11 | $InputFile = ".\DefaultApps.XML"
12 | )
13 | [byte[]]$ContentAsBytes = [System.IO.File]::ReadAllBytes($Path)
14 | [string]$b64 = [System.Convert]::ToBase64String($ContentAsBytes)
15 | $b64 | Out-File -FilePath "$($InputFile.BaseName)_Base64.txt"
--------------------------------------------------------------------------------
/Intune/Invoke-BulkRemediation.ps1:
--------------------------------------------------------------------------------
1 | . .\MGGraph-Helper.ps1
2 |
3 | Connect-MgGraph -scopes "DeviceManagementConfiguration.Read.All", "DeviceManagementManagedDevices.Read.All"
4 |
5 | $Devices = Invoke-GraphGet -URI "https://graph.microsoft.com/beta/deviceManagement/managedDevices"
6 |
7 | $Scripts = Invoke-GraphGet -URI "https://graph.microsoft.com/beta/deviceManagement/deviceHealthScripts?`$expand=assignments,runSummary"
8 |
9 | foreach ($script in $Scripts) {
10 | Write-Host "$([array]::indexof($Scripts,$Script)) : $($Script.DisplayName)"
11 | #$script | Select-Object @{Name="index";expression={[array]::indexof($Scripts,$Script)}},IntuneId,DisplayName, Description
12 | }
13 |
14 | $SelectedScriptId = Read-Host -Prompt "Enter index of the script to run"
15 |
16 | if (-not $SelectedScriptId) {
17 | Write-Host "No script selected. Exiting."
18 | }
19 | elseif (-not $Scripts[$SelectedScriptId]) {
20 | Write-Host "Invalid script ID selected. Exiting."
21 | }
22 | else {
23 | $body = @{
24 | "scriptPolicyId" = "$($Scripts[$SelectedScriptId].id)"
25 | }
26 |
27 | foreach ($device in $Devices) {
28 | Write-Host "Initiating remediation package $($Scripts[$SelectedScriptId].DisplayName) for $($Device.DeviceName)" -ForegroundColor Cyan
29 | $uri = "https://graph.microsoft.com/beta/deviceManagement/managedDevices/$($device.id)/initiateOnDemandProactiveRemediation"
30 | Invoke-GraphPost -Uri $uri -Body $body
31 | }
32 | }
33 |
--------------------------------------------------------------------------------
/Intune/LogIngestion/IntuneInventory/run.ps1:
--------------------------------------------------------------------------------
1 | #WORK IN PROGRESS>DO NOT USE
2 | #Azure Function for Azure Monitor Log Ingestion API
3 | using namespace System.Net
4 | param (
5 | $Request,
6 | $TriggerMetadata
7 | )
8 | Write-Host "PowerShell HTTP trigger function processed a request."
9 |
10 | $LogParams = @{
11 | DceURI = $Request.Query.DceURI
12 | DcrImmutableId = $Request.Query.DcrImmutableId
13 | Table = $Request.Query.Table
14 | LogEntry = $Request.Query.LogEntry
15 | }
16 |
17 | $authParams = @{
18 | tenant_id = $env:tenant_id
19 | client_id = $env:client_id
20 | client_secret = $env:client_secret
21 | resource_url = "https://monitor.azure.com"
22 | }
23 |
24 | function Get-AuthHeader {
25 | param (
26 | [Parameter(mandatory = $true)]
27 | [string]$tenant_id,
28 | [Parameter(mandatory = $true)]
29 | [string]$client_id,
30 | [Parameter(mandatory = $true)]
31 | [string]$client_secret,
32 | [Parameter(mandatory = $true)]
33 | [string]$resource_url,
34 | [Parameter(mandatory = $true)]
35 | [string]$scope
36 |
37 | )
38 | $body = @{
39 | resource = $resource_url
40 | client_id = $client_id
41 | client_secret = $client_secret
42 | grant_type = "client_credentials"
43 | scope = $scope = [System.Web.HttpUtility]::UrlEncode("$($scope)//.default")
44 | }
45 | try {
46 | $response = Invoke-RestMethod -Method post -Uri "https://login.microsoftonline.com/$tenant_id/oauth2/token" -Body $body -ErrorAction Stop
47 | $headers = @{ }
48 | $headers.Add("Authorization", "Bearer " + $response.access_token)
49 | return $headers
50 | }
51 | catch {
52 | Write-Error $_.Exception
53 | }
54 | }
55 |
56 | function Invoke-LogUpload {
57 | param(
58 | $DceURI,
59 | $DcrImmutableId,
60 | $Table,
61 | $LogEntry,
62 | $Header
63 | )
64 |
65 | $params = @{
66 | Body = $LogEntry | ConvertTo-Json -AsArray -Depth 10
67 | Uri = "$($DceURI)/dataCollectionRules/$($DcrImmutableId)/streams/Custom-$($Table)?api-version=2021-11-01-preview"
68 | Method = "Post"
69 | Headers = $Header
70 | ContentType = "application/json"
71 | }
72 |
73 | $uploadResponse = Invoke-RestMethod @Params
74 | return $uploadResponse
75 | }
76 |
77 | $header = Get-AuthHeader @authParams
78 | $result = Invoke-LogUpload @logParams -Header $Header
79 |
80 | # Associate values to output bindings by calling 'Push-OutputBinding'.
81 | Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
82 | StatusCode = $status
83 | Body = $result
84 | })
85 | #endregion
86 |
--------------------------------------------------------------------------------
/Intune/Manage-Services.ps1:
--------------------------------------------------------------------------------
1 | Param
2 | (
3 | [string]$ServiceName = 'tzautoupdate',
4 | [ValidateSet("Start", "Stop", "Restart", "Disable", "Auto", "Manual")]
5 | [string]$Action = "Manual"
6 | )
7 |
8 | try {
9 | Start-Transcript -Path "C:\Windows\Temp\$($ServiceName)_Management.Log" -Force -ErrorAction SilentlyContinue
10 | Get-Date
11 | $service = Get-Service -Name $ServiceName -ErrorAction SilentlyContinue
12 | $service
13 | if ($service) {
14 | Switch ($Action) {
15 | "Start" { Start-Service -Name $ServiceName; Break; }
16 | "Stop" { Stop-Service -Name $ServiceName; Break; }
17 | "Restart" { Restart-Service -Name $ServiceName; Break; }
18 | "Disable" { Set-Service -Name $ServiceName -StartupType Disabled -Status Stopped; Break; }
19 | "Auto" { Set-Service -Name $ServiceName -StartupType Automatic -Status Running; Break; }
20 | "Manual" { Set-Service -Name $ServiceName -StartupType Manual -Status Running; Break; }
21 | }
22 | Get-Service -Name $ServiceName -ErrorAction SilentlyContinue
23 | }
24 | Stop-Transcript -ErrorAction SilentlyContinue
25 | }
26 | catch {
27 | throw $_
28 | }
--------------------------------------------------------------------------------
/Intune/New-Win32App/New-IntuneApp.ps1:
--------------------------------------------------------------------------------
1 | [cmdletbinding()]
2 | param (
3 | [uri]$IntuneWinUtilPath = "https://github.com/microsoft/Microsoft-Win32-Content-Prep-Tool/raw/master/IntuneWinAppUtil.exe",
4 | $SourceRoot = "\\MyShare\Intune",
5 | $SourceFolderName = "Remove-TeamsHomeApp",
6 | $SetupFileName = "Remove-TeamsHomeApp.ps1",
7 | $OutputRoot = "\\MyShare\Intune"
8 | )
9 | function New-IntuneWinFile {
10 | [cmdletbinding()]
11 | param (
12 | [string]$SetupFolder,
13 | [string]$SourceSetupFile,
14 | [string]$OutputFolder,
15 | [switch]$Silent
16 | )
17 |
18 | #download latest intunewinutility
19 | $IntuneWinUtilName = $IntuneWinUtilPath.Segments[$IntuneWinUtilPath.Segments.Count-1]
20 | Invoke-WebRequest -Uri $IntuneWinUtilPath -OutFile "$($env:TEMP)\$($IntuneWinUtilName)"
21 |
22 | $IntuneWinArgs = New-Object -TypeName "System.Collections.ArrayList"
23 | $IntuneWinArgs.Add("-c `"$($SetupFolder)`"")
24 | $IntuneWinArgs.Add("-s `"$($SourceSetupFile)`"")
25 | $IntuneWinArgs.Add("-o `"$($OutputFolder)`"")
26 | if($Silent.IsPresent) {
27 | $IntuneWinArgs.Add("-q")
28 | }
29 |
30 | $Result = Start-Process -FilePath "$($env:TEMP)\$($IntuneWinUtilName)" -ArgumentList $IntuneWinArgs -PassThru
31 | Return $Result
32 | }
33 |
34 |
35 | $NewIntuneWinSplat = @{
36 | SetupFolder = "$($SourceRoot)\$($SourceFolderName)"
37 | SourceSetupFile = $SetupFileName
38 | OutputFolder = "$($OutputRoot)\$($SourceFolderName)"
39 | Silent = $True
40 | }
41 |
42 | New-IntuneWinFile @NewIntuneWinSplat
--------------------------------------------------------------------------------
/Intune/Proactive Remediations/DefaultIMApp/Detect-DefaultIMApp.ps1:
--------------------------------------------------------------------------------
1 | #Thanks @matbg for the tip
2 | #https://twitter.com/matbg/status/1679760512874053632?s=46&t=wqKIfQ91Lwnlhukm2orOpQ
3 | #Run as logged on user.
4 | #Detect the selected IM Provider
5 | #Teams = Microsoft Teams
6 | #MSTeams = New Teams preview appx app
7 | #Skype = Shame on you. Time to upgrade!
8 | try {
9 | $DefaultIMApp = Get-ItemProperty -Path registry::"HKEY_CURRENT_USER\Software\IM Providers" | Select-Object -ExpandProperty DefaultIMApp
10 | if($DefaultIMApp) {
11 | Write-Host $DefaultIMApp
12 | }
13 | else {
14 | Write-Host "NONE"
15 | }
16 | exit 0
17 | }
18 | catch {
19 |
20 | }
21 |
--------------------------------------------------------------------------------
/Intune/Proactive Remediations/DefenderFirewallReportingAuditing/Detect-DefenderFirewallReportingAuditing.ps1:
--------------------------------------------------------------------------------
1 | param (
2 | [switch]$remediate
3 | )
4 | try {
5 |
6 | $categories = "Filtering Platform Packet Drop,Filtering Platform Connection"
7 | $current = auditpol /get /subcategory:"$($categories)" /r | ConvertFrom-Csv
8 | if ($current."Inclusion Setting" -ne "failure") {
9 | if ($remediate.IsPresent) {
10 | Write-Host "Remediating. No Auditing Enabled. $($current | ForEach-Object {$_.Subcategory + ":" + $_.'Inclusion Setting' + ";"})"
11 | $output = auditpol /set /subcategory:"$($categories)" /failure:enable
12 | if($output -eq "The command was successfully executed.") {
13 | Write-Host "$($output)"
14 | exit 0
15 | }
16 | else {
17 | Write-Host "$($output)"
18 | exit 1
19 | }
20 | }
21 | else {
22 | Write-Host "Remediation Needed. $($current | ForEach-Object {$_.Subcategory + ":" + $_.'Inclusion Setting' + ";"})."
23 | exit 1
24 | }
25 | }
26 |
27 | }
28 | catch {
29 | throw $_
30 | }
--------------------------------------------------------------------------------
/Intune/Proactive Remediations/DefenderFirewallReportingAuditing/README.md:
--------------------------------------------------------------------------------
1 | This PR manages the settings required to enable firewall reporting in Defender for Endpoint.
2 |
3 | https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/host-firewall-reporting?view=o365-worldwide
4 |
--------------------------------------------------------------------------------
/Intune/Proactive Remediations/DefenderFirewallReportingAuditing/Remediate-DefenderFirewallReportingAuditing.ps1:
--------------------------------------------------------------------------------
1 | param (
2 | [switch]$remediate=$true
3 | )
4 | try {
5 |
6 | $categories = "Filtering Platform Packet Drop,Filtering Platform Connection"
7 | $current = auditpol /get /subcategory:"$($categories)" /r | ConvertFrom-Csv
8 | if ($current."Inclusion Setting" -ne "failure") {
9 | if ($remediate.IsPresent) {
10 | Write-Host "Remediating. No Auditing Enabled. $($current | ForEach-Object {$_.Subcategory + ":" + $_.'Inclusion Setting' + ";"})"
11 | $output = auditpol /set /subcategory:"$($categories)" /failure:enable
12 | if($output -eq "The command was successfully executed.") {
13 | Write-Host "$($output)"
14 | exit 0
15 | }
16 | else {
17 | Write-Host "$($output)"
18 | exit 1
19 | }
20 | }
21 | else {
22 | Write-Host "Remediation Needed. $($current | ForEach-Object {$_.Subcategory + ":" + $_.'Inclusion Setting' + ";"})."
23 | exit 1
24 | }
25 | }
26 |
27 | }
28 | catch {
29 | throw $_
30 | }
--------------------------------------------------------------------------------
/Intune/Proactive Remediations/IntelSmartSound/Detect-IntelSmartSound.ps1:
--------------------------------------------------------------------------------
1 | param (
2 | $incoming,
3 | $DeviceName = "Intel® Smart Sound Technology for USB Audio",
4 | [switch]$Remediate = $false
5 | )
6 | try {
7 | $Devices = Get-PnpDevice -FriendlyName $DeviceName -ErrorAction SilentlyContinue
8 | $Disabled = $true
9 | foreach($Device in $Devices) {
10 | if($Device.Problem -ne 'CM_PROB_DISABLED' -and $Device.Problem -ne 'CM_PROB_PHANTOM') {
11 | $Disabled = $false
12 | if($Remediate.IsPresent) {
13 | $Device | Disable-PnpDevice -Confirm:$false -ErrorAction SilentlyContinue
14 | Get-PnpDevice -InstanceId $Device.InstanceId -ErrorAction SilentlyContinue
15 | }
16 | }
17 | }
18 | if(-not $Remediate) {
19 | return $Disabled
20 | }
21 | }
22 | catch {
23 | throw $_
24 | }
25 |
--------------------------------------------------------------------------------
/Intune/Proactive Remediations/IntelSmartSound/Remediate-IntelSmartSound.ps1:
--------------------------------------------------------------------------------
1 | param (
2 | $incoming,
3 | $DeviceName = "Intel® Smart Sound Technology for USB Audio",
4 | [switch]$Remediate = $true
5 | )
6 | try {
7 | $Devices = Get-PnpDevice -FriendlyName $DeviceName -ErrorAction SilentlyContinue
8 | $Disabled = $true
9 | foreach($Device in $Devices) {
10 | if($Device.Problem -ne 'CM_PROB_DISABLED' -and $Device.Problem -ne 'CM_PROB_PHANTOM') {
11 | $Disabled = $false
12 | if($Remediate.IsPresent) {
13 | $Device | Disable-PnpDevice -Confirm:$false -ErrorAction SilentlyContinue
14 | Get-PnpDevice -InstanceId $Device.InstanceId -ErrorAction SilentlyContinue
15 | }
16 | }
17 | }
18 | if(-not $Remediate) {
19 | return $Disabled
20 | }
21 | }
22 | catch {
23 | throw $_
24 | }
25 |
--------------------------------------------------------------------------------
/Intune/Proactive Remediations/RegistryKeys/Detect Registry Keys.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 | param (
9 |
10 | $Path = "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient",
11 | $Name = "SearchList",
12 | $Type = "String",
13 | $Value = "asd.net",
14 | [bool]$Remediate = $false
15 | )
16 |
17 | Try {
18 | $Registry = Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue | Select-Object -ExpandProperty $Name -ErrorAction SilentlyContinue
19 | If ($Registry -eq $Value){
20 | Write-Output "Compliant"
21 | Exit 0
22 | }
23 | Else {
24 | If ($Remediate -eq $true) {
25 | $NewKey = New-Item -Path $Path -Force | New-ItemProperty -Name $Name -Value $Value -Force -PropertyType $Type
26 | If($NewKey.$Name -eq $Value) {
27 | Write-Output "New Key Created"
28 | Exit 0
29 | }
30 | Else {
31 | Write-Warning "The new key is invalid."
32 | Exit 1
33 | }
34 | }
35 | Else {
36 | Write-Warning "Not Compliant"
37 | Exit 1
38 | }
39 | }
40 | }
41 | Catch {
42 | Write-Warning $_
43 | Exit 1
44 | }
--------------------------------------------------------------------------------
/Intune/Proactive Remediations/RegistryKeys/Remediate Registry Keys.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 | param (
9 |
10 | $Path = "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient",
11 | $Name = "SearchList",
12 | $Type = "String",
13 | $Value = "asd.net",
14 | [bool]$Remediate = $True
15 | )
16 |
17 | Try {
18 | $Registry = Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue | Select-Object -ExpandProperty $Name -ErrorAction SilentlyContinue
19 | If ($Registry -eq $Value){
20 | Write-Output "Compliant"
21 | Exit 0
22 | }
23 | Else {
24 | If ($Remediate -eq $true) {
25 | $NewKey = New-Item -Path $Path -Force | New-ItemProperty -Name $Name -Value $Value -Force -PropertyType $Type
26 | If($NewKey.$Name -eq $Value) {
27 | Write-Output "New Key Created"
28 | Exit 0
29 | }
30 | Else {
31 | Write-Warning "The new key is invalid."
32 | Exit 1
33 | }
34 | }
35 | Else {
36 | Write-Warning "Not Compliant"
37 | Exit 1
38 | }
39 | }
40 | }
41 | Catch {
42 | Write-Warning $_
43 | Exit 1
44 | }
--------------------------------------------------------------------------------
/Intune/Proactive Remediations/TeamViewer/Remediate-TeamViewer.ps1:
--------------------------------------------------------------------------------
1 | param (
2 | $id,
3 | [bool]$Remediate = $True
4 | )
5 | try{
6 | # registry keys to look for
7 | $RegKeys = @("registry::HKEY_LOCAL_MACHINE\SOFTWARE\TeamViewer\DeviceManagementV2", "registry::HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\TeamViewer\DeviceManagementV2")
8 | $Name = "Unmanaged"
9 | $FoundKeys = Get-ItemProperty -Path $RegKeys -Name $Name -ErrorAction SilentlyContinue
10 | if ($FoundKeys.Unmanaged) { # is either reg entry there?
11 | if($remediate -eq $True) { # please remediate it
12 | if ($FoundKeys.PSPath -like '*WOW6432Node*') {
13 | #run 32 bit
14 | $FilePath = "C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
15 | }
16 | else {
17 | #run 64 bit
18 | $FilePath = "C:\Program Files\TeamViewer\TeamViewer.exe"
19 | }
20 | # assignment ID for account
21 | $ArgumentList = @("assignment --id $($id)")
22 |
23 | # run it
24 | start-process -wait -FilePath $FilePath -ArgumentList $ArgumentList
25 | write-output "TeamViewer assignment executed"
26 | Exit 0
27 | } else { # no remediation requested
28 | write-output "Not Compliant"
29 | exit 1
30 | }
31 | }
32 | else {
33 | #not found
34 | write-output "Compliant"
35 | exit 0
36 | }
37 | }
38 |
39 | Catch {
40 | Write-Warning $_
41 | Exit 1
42 | }
43 |
--------------------------------------------------------------------------------
/Intune/Proactive Remediations/TeamViewer/TeamViewer.ps1:
--------------------------------------------------------------------------------
1 | param (
2 | $id,
3 | [bool]$Remediate = $True
4 | )
5 | try{
6 | # registry keys to look for
7 | $RegKeys = @("registry::HKEY_LOCAL_MACHINE\SOFTWARE\TeamViewer\DeviceManagementV2", "registry::HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\TeamViewer\DeviceManagementV2")
8 | $Name = "Unmanaged"
9 | $FoundKeys = Get-ItemProperty -Path $RegKeys -Name $Name -ErrorAction SilentlyContinue
10 | if ($FoundKeys.Unmanaged) { # is either reg entry there?
11 | if($remediate -eq $True) { # please remediate it
12 | if ($FoundKeys.PSPath -like '*WOW6432Node*') {
13 | #run 32 bit
14 | $FilePath = "C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
15 | }
16 | else {
17 | #run 64 bit
18 | $FilePath = "C:\Program Files\TeamViewer\TeamViewer.exe"
19 | }
20 | # assignment ID for account
21 | $ArgumentList = @("assignment --id $($id)")
22 |
23 | # run it
24 | start-process -wait -FilePath $FilePath -ArgumentList $ArgumentList
25 | write-output "TeamViewer assignment executed"
26 | Exit 0
27 | } else { # no remediation requested
28 | write-output "Not Compliant"
29 | exit 1
30 | }
31 | }
32 | else {
33 | #not found
34 | write-output "Compliant"
35 | exit 0
36 | }
37 | }
38 |
39 | Catch {
40 | throw $_
41 | }
42 |
--------------------------------------------------------------------------------
/Intune/Proactive Remediations/TeamsHomeClient/Detect-TeamsHomeClient.ps1:
--------------------------------------------------------------------------------
1 | param (
2 | [switch]$remediate = $false
3 | )
4 |
5 | try {
6 | # check if the teams app is installed
7 | if ($null -eq (Get-AppxPackage -Name MicrosoftTeams) ) { $AppCompliance = $true }
8 | else { $AppCompliance = $false }
9 |
10 | # evaluate the compliance
11 | if ($AppCompliance -eq $true) {
12 |
13 | Write-Host "Success, no app detected"
14 | exit 0
15 | }
16 | else {
17 | if($Remediate.IsPresent) {
18 | Get-AppxPackage -Name MicrosoftTeams | Remove-AppxPackage -ErrorAction stop
19 | Write-Host "Success, regkey set and app uninstalled"
20 | exit 0
21 | }
22 | else {
23 | Write-Host "Failure, app detected"
24 | exit 1
25 | }
26 | }
27 | }
28 | catch {
29 | $errMsg = _.Exception.Message
30 | Write-Host $errMsg
31 | exit 1
32 | }
--------------------------------------------------------------------------------
/Intune/Proactive Remediations/TeamsHomeClient/Remediate-TeamsHomeClient.ps1:
--------------------------------------------------------------------------------
1 | param (
2 | [switch]$remediate = $True
3 | )
4 |
5 | try {
6 | # check if the teams app is installed
7 | if ($null -eq (Get-AppxPackage -Name MicrosoftTeams) ) { $AppCompliance = $true }
8 | else { $AppCompliance = $false }
9 |
10 | # evaluate the compliance
11 | if ($AppCompliance -eq $true) {
12 |
13 | Write-Host "Success, no app detected"
14 | exit 0
15 | }
16 | else {
17 | if($Remediate.IsPresent) {
18 | Get-AppxPackage -Name MicrosoftTeams | Remove-AppxPackage -ErrorAction stop
19 | Write-Host "Success, regkey set and app uninstalled"
20 | exit 0
21 | }
22 | else {
23 | Write-Host "Failure, app detected"
24 | exit 1
25 | }
26 | }
27 | }
28 | catch {
29 | $errMsg = _.Exception.Message
30 | Write-Host $errMsg
31 | exit 1
32 | }
--------------------------------------------------------------------------------
/Intune/Proactive Remediations/WindowsUpdatePolicyKey/Detect-WindowsUpdatePolicyKey.ps1:
--------------------------------------------------------------------------------
1 | param (
2 | $RegPath = "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate",
3 | [switch]$Remediate
4 | )
5 |
6 | try {
7 | if (Test-Path Registry::$RegPath -ErrorAction SilentlyContinue) {
8 | if ($remediate) {
9 | Remove-Item Registry::$RegPath -Recurse
10 | }
11 | else {
12 | Write-Host "Reg Key Found. Remediation Needed."
13 | Exit 1
14 | }
15 | }
16 | }
17 | catch {
18 | throw $_
19 | }
20 |
--------------------------------------------------------------------------------
/Intune/Proactive Remediations/WindowsUpdatePolicyKey/Remediate-WindowsUpdatePolicyKey.ps1:
--------------------------------------------------------------------------------
1 | param (
2 | $RegPath = "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate",
3 | [switch]$Remediate = $true
4 | )
5 |
6 | try {
7 | if (Test-Path Registry::$RegPath -ErrorAction SilentlyContinue) {
8 | if ($remediate) {
9 | Remove-Item Registry::$RegPath -Recurse
10 | }
11 | else {
12 | Write-Host "Reg Key Found. Remediation Needed."
13 | Exit 1
14 | }
15 | }
16 | }
17 | catch {
18 | throw $_
19 | }
20 |
--------------------------------------------------------------------------------
/Intune/TimeZoneStuff/Add-Type -AssemblyName System.Device.ps1:
--------------------------------------------------------------------------------
1 | Add-Type -AssemblyName System.Device
2 | $gw = New-Object System.Device.Location.GeoCoordinateWatcher
3 | $gw.Start()
4 | $gw.Permission
5 |
6 | $gw.stop()
--------------------------------------------------------------------------------
/MicrosoftDefender/README.md:
--------------------------------------------------------------------------------
1 | # Microsoft-Defender
--------------------------------------------------------------------------------
/MicrosoftDefender/USBControl/GPOFileBuilder.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 | $GroupsPath = ".\Intune\Groups"
9 | $RulesPath = ".\Intune\Rules"
10 | $OutputPath = ".\GPO"
11 | $DFSPath = "\\DFS01\DeviceControl"
12 |
13 | $AllRules = @{
14 | "Silently Block All Mobile Phone Devices" = "492a1994-8e0d-426e-8800-e717d5badc97"
15 | "Allow All Removable Devices" = "5f1dfdc6-05f8-43b7-828b-39b76b74b347"
16 | "Allow Read Access for Cameras" = "b395c7ac-5fbf-41e9-a5fd-52e23167b143"
17 | "Block All Removable Devices" = "bddfbc76-7f03-490e-9433-67774831c770"
18 | }
19 |
20 | $AllGroups = @{
21 | "CDROM Devices" = "2994483d-64d6-44f2-a95c-63b905298dae"
22 | "Cameras" = "2a93d745-7ff4-4667-a384-a57b84344ff0"
23 | "Mobile Phone Devices" = "3551c70b-349b-4e2a-bd3e-a5687d94a22c"
24 | "Peripherals" = "3cb15697-09a3-4f0d-872c-691b6b377e71"
25 | "All Removable Devices" = "6f34e099-573d-4fd9-b6ac-eb8650d7d99b"
26 | "WPD Devices" = "ad32c4e8-981a-43e1-bf2c-496fa176256c"
27 | "Removable Media Devices" = "cad1615e-e5d6-4c11-94aa-2df05861a372"
28 | }
29 |
30 | $ProdRules = @(
31 | "Block All Removable Devices",
32 | "Allow Read Access for Cameras",
33 | "Silently Block All Mobile Phone Devices"
34 | )
35 |
36 | $RulesFile = New-Item -Path "$($OutputPath)\DeviceControlRules.XML" -Force
37 | $RulesFile | Add-Content -Value ""
38 | foreach($Rule in $ProdRules) {
39 | $RulesFile | Add-Content -Value (Get-Content -Path "$($RulesPath)\$($AllRules[$Rule]).xml" -Raw).ToString()
40 | }
41 | $RulesFile | Add-Content -Value ""
42 |
43 | $GroupsFile = New-Item -Path "$($OutputPath)\DeviceControlGroups.XML" -Force
44 | $GroupsFile | Add-Content -Value ""
45 | foreach($Group in $AllGroups.Keys) {
46 | $GroupsFile | Add-Content -Value (Get-Content -Path "$($GroupsPath)\$($AllGroups[$Group]).xml" -Raw).ToString()
47 | }
48 | $GroupsFile | Add-Content -Value ""
49 |
50 | Get-ChildItem -Path $OutputPath | Copy-Item -Destination $DFSPath -Force
--------------------------------------------------------------------------------
/MicrosoftDefender/USBControl/Intune/Groups/2994483d-64d6-44f2-a95c-63b905298dae.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | MatchAny
5 |
6 | CdRomDevices
7 |
8 |
--------------------------------------------------------------------------------
/MicrosoftDefender/USBControl/Intune/Groups/2a93d745-7ff4-4667-a384-a57b84344ff0.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | MatchAny
5 |
6 | 04B0_
7 | 04A9_
8 | 2672_
9 | 0BDA_
10 |
11 |
--------------------------------------------------------------------------------
/MicrosoftDefender/USBControl/Intune/Groups/3551c70b-349b-4e2a-bd3e-a5687d94a22c.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | MatchAny
5 |
6 | 05AC_
7 | 04e8_
8 | 18d1_
9 |
10 |
--------------------------------------------------------------------------------
/MicrosoftDefender/USBControl/Intune/Groups/3cb15697-09a3-4f0d-872c-691b6b377e71.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | MatchAny
5 |
6 | 046d_
7 | 03f0_
8 | 045e_
9 |
10 |
--------------------------------------------------------------------------------
/MicrosoftDefender/USBControl/Intune/Groups/6f34e099-573d-4fd9-b6ac-eb8650d7d99b.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | MatchAny
5 |
6 | RemovableMediaDevices
7 | CdRomDevices
8 | WpdDevices
9 |
10 |
--------------------------------------------------------------------------------
/MicrosoftDefender/USBControl/Intune/Groups/ad32c4e8-981a-43e1-bf2c-496fa176256c.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | MatchAny
5 |
6 | WpdDevices
7 |
8 |
--------------------------------------------------------------------------------
/MicrosoftDefender/USBControl/Intune/Groups/cad1615e-e5d6-4c11-94aa-2df05861a372.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | MatchAny
5 |
6 | RemovableMediaDevices
7 |
8 |
--------------------------------------------------------------------------------
/MicrosoftDefender/USBControl/Intune/Rules/492a1994-8e0d-426e-8800-e717d5badc97.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Silently Block All Mobile Phone Devices
5 |
6 | {3551c70b-349b-4e2a-bd3e-a5687d94a22c}
7 |
8 |
9 | {2a93d745-7ff4-4667-a384-a57b84344ff0}
10 |
11 |
12 | Allow
13 | 0
14 | 7
15 | S-1-5-21-000000000-0000000000-0000000000-000000
16 |
17 |
18 | AuditAllowed
19 | 0
20 | 7
21 | S-1-5-21-000000000-0000000000-0000000000-000000
22 |
23 |
24 | Allow
25 | 0
26 | 7
27 | S-1-5-21-000000000-0000000000-0000000000-000000
28 |
29 |
30 | AuditAllowed
31 | 0
32 | 7
33 | S-1-5-21-00000000-0000000000-0000000000-000000
34 |
35 |
36 | Deny
37 | 0
38 | 7
39 |
40 |
41 | AuditDenied
42 | 2
43 | 7
44 |
45 |
--------------------------------------------------------------------------------
/MicrosoftDefender/USBControl/Intune/Rules/5f1dfdc6-05f8-43b7-828b-39b76b74b347.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Allow All Removable Devices
5 |
6 | {6f34e099-573d-4fd9-b6ac-eb8650d7d99b}
7 |
8 |
9 |
10 |
11 |
12 | Allow
13 | 0
14 | 7
15 |
16 |
17 | AuditAllowed
18 | 2
19 | 7
20 |
21 |
--------------------------------------------------------------------------------
/MicrosoftDefender/USBControl/Intune/Rules/b395c7ac-5fbf-41e9-a5fd-52e23167b143.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Allow Read Access for Cameras
5 |
6 | {2a93d745-7ff4-4667-a384-a57b84344ff0}
7 |
8 |
9 |
10 |
11 |
12 | Allow
13 | 0
14 | 1
15 |
16 |
17 | AuditAllowed
18 | 2
19 | 1
20 |
21 |
--------------------------------------------------------------------------------
/MicrosoftDefender/USBControl/Intune/Rules/bddfbc76-7f03-490e-9433-67774831c770.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Block All Removable Devices
5 |
6 | {6f34e099-573d-4fd9-b6ac-eb8650d7d99b}
7 |
8 |
9 | {2a93d745-7ff4-4667-a384-a57b84344ff0}
10 | {3551c70b-349b-4e2a-bd3e-a5687d94a22c}
11 |
12 |
13 | Allow
14 | 0
15 | 7
16 | S-1-5-21-000000000-0000000000-0000000000-000000
17 |
18 |
19 | AuditAllowed
20 | 0
21 | 7
22 | S-1-5-21-000000000-0000000000-0000000000-000000
23 |
24 |
25 | Allow
26 | 0
27 | 7
28 | S-1-5-21-000000000-0000000000-0000000000-000000
29 |
30 |
31 | AuditAllowed
32 | 0
33 | 7
34 | S-1-5-21-000000000-0000000000-0000000000-000000
35 |
36 |
37 |
38 | Deny
39 | 0
40 | 7
41 |
42 |
43 | AuditDenied
44 | 3
45 | 2
46 |
47 |
48 | AuditDenied
49 | 2
50 | 5
51 |
52 |
--------------------------------------------------------------------------------
/PartnerPortal/Add Device To Partner Portal.ps1:
--------------------------------------------------------------------------------
1 | <#
2 | .NOTES
3 | Author: Adam Gross - @AdamGrossTX
4 | GitHub: https://www.github.com/AdamGrossTX
5 | WebSite: https://www.asquaredozen.com
6 |
7 | #>
8 |
9 | Install-Module -Name PartnerCenter -AllowClobber
10 |
11 | #Connect-PartnerCenter
12 |
13 | $Customers = Get-PartnerCustomer
14 |
15 | $device = New-Object -TypeName Microsoft.Store.PartnerCenter.PowerShell.Models.DevicesDeployment.PSDevice
16 | $device.ModelName = "20UES0EM00"
17 | $device.OemManufacturerName = "LENOVO"
18 | $device.SerialNumber = "XXXXXXX"
19 | $device.DeviceId = "MyTestPO"
20 |
21 | $result = New-PartnerCustomerDeviceBatch -BatchId "Test" -CustomerId $Customers[0].CustomerId -Devices $device
22 |
23 | $result.DevicesStatus
24 |
25 |
26 | $Device | select *
--------------------------------------------------------------------------------
/PowerBI/PowerBI App List.md:
--------------------------------------------------------------------------------
1 | # Power BI Service Apps
2 | - [**Microsoft Power BI Desktop (MS Store App)**](https://www.microsoft.com/p/power-bi-desktop/9ntxr16hnw1t?activetab=pivot:overviewtab)
3 | - [**Microsoft Power BI Desktop (MSI)**](https://www.microsoft.com/download/details.aspx?id=58494 (Same as Power BI Desktop Store App above))
4 | - [**Microsoft® Power BI Report Builder**](https://www.microsoft.com/download/details.aspx?id=58158)
5 | - Use Service Apps with [**powerbi.com**](powerbi.com)
6 |
7 |
8 | # Power BI Server Apps
9 | - [**Power BI Desktop for Power BI Report Server**](https://www.microsoft.com/download/details.aspx?id=57271)
10 | - [**Microsoft® Report Builder**](https://www.microsoft.com/download/details.aspx?id=53613)
11 | - Use Server Apps for Power BI Report Server on-premises
12 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | The files contained in this Repo go along with blog posts. Please refer to the blog for full information.
2 | http://www.asquaredozen.com
3 |
--------------------------------------------------------------------------------
/Unified Write Filter/Detect-UWF.ps1:
--------------------------------------------------------------------------------
1 | try {
2 | $UWFNameSpace = "root\standardcimv2\embedded"
3 | $UWF = Get-CIMInstance -Namespace $UWFNameSpace -ClassName UWF_Filter -ErrorAction SilentlyContinue
4 |
5 | if ($UWF.CurrentEnabled -eq $true) {
6 | Write-Host "UWF Enabled"
7 | Exit 0
8 | }
9 | else {
10 | Write-Warning "UWF Not Enabled"
11 | Exit 1
12 | }
13 | }
14 | catch {
15 | throw $_
16 | }
--------------------------------------------------------------------------------
/Unified Write Filter/Detect-UWFFeature.ps1:
--------------------------------------------------------------------------------
1 | param(
2 | [switch]$remediate = $false
3 | )
4 | try {
5 | $UWFFeatureState = (Get-WindowsOptionalFeature -FeatureName "Client-UnifiedWriteFilter" -Online -ErrorAction SilentlyContinue).State
6 | if ($UWFFeatureState -eq "Disabled") {
7 | if ($Remediate.IsPresent) {
8 | $Return = Enable-WindowsOptionalFeature -Online -FeatureName "Client-UnifiedWriteFilter" -NoRestart -All -ErrorAction Continue
9 | Write-Host "Enabled UWF Feature"
10 | }
11 | else {
12 | Write-Warning "The Unified Write Filter Feature is currently disabled. Use Enable-UWFFeature to enable it before useing this module."
13 | exit 1
14 | }
15 | }
16 | else {
17 | Write-Host "Unified Write Filter Already Enabled."
18 | }
19 | }
20 | catch {
21 | throw $_
22 | }
--------------------------------------------------------------------------------
/Unified Write Filter/Remediate-UWFFeature.ps1:
--------------------------------------------------------------------------------
1 | param(
2 | [switch]$remediate = $true
3 | )
4 | try {
5 | $UWFFeatureState = (Get-WindowsOptionalFeature -FeatureName "Client-UnifiedWriteFilter" -Online -ErrorAction SilentlyContinue).State
6 | if ($UWFFeatureState -eq "Disabled") {
7 | if ($Remediate.IsPresent) {
8 | $Return = Enable-WindowsOptionalFeature -Online -FeatureName "Client-UnifiedWriteFilter" -NoRestart -All -ErrorAction Continue
9 | Write-Host "Enabled UWF Feature"
10 | }
11 | else {
12 | Write-Warning "The Unified Write Filter Feature is currently disabled. Use Enable-UWFFeature to enable it before useing this module."
13 | exit 1
14 | }
15 | }
16 | else {
17 | Write-Host "Unified Write Filter Already Enabled."
18 | }
19 | }
20 | catch {
21 | throw $_
22 | }
--------------------------------------------------------------------------------
/Unified Write Filter/readme.md:
--------------------------------------------------------------------------------
1 |
2 | Setup for UWF Machines
3 |
4 | - Deploy Proactive Remediation to enable Unified Write Filter using Detect-UWFFeature.ps1 and Remediate-UWFFeature.ps1
5 | - Deploy policy to revent PreferredAzureADTenant from being set. If this gets set, the UWFServicing user can't log in and the machine will get stuck in a loop.
6 | - Log into the machine and install all Windows updates that may be pending. Reboot to ensure they are all installed. This will speed up servicing later on.
7 | - If any updates are attempting to install when you attempt to install the UWF Windows Feature, the feature install will hang until the Windows updates are finished.
8 | - Install any required applications
9 | - Add device to any groups needed to configure Kiosk lockdown
10 | - Sync Intune policies and ensure all settings have applied properly
11 | - Run UWF Enablement PowerShell script - deploy scripts in Win32 app if desired.
12 | - Reboot
13 | - Verify that UWF is working by running "uwfmgr get-config" in an admin cmd prompt Window.
14 | - Ensure that the device has a defined maintenance window - this can be done in the kiosk policy. The device will automatically go into servicing mode during this window and apply any updates.
15 | - Manually disable UWF from admin cmd prompt "uwfmgr filter disable" "uwfmgr volume unprotect c:" then reboot.
16 | - Manually re-enable UWF from admin cmd prompt "uwfmgr filter enable" "uwfmgr volume protect c:" then reboot.
17 | - Any changes made while UWF is disabled will be applied to the OS.
18 | - UWF servicing won't work if any local account doesn't have a password set.
19 |
--------------------------------------------------------------------------------
/Windows/Kiosk/Kiosk Workstation.htm:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/AdamGrossTX/Toolbox/28e1a3e2e389ed2bf62966b558854597055fdc76/Windows/Kiosk/Kiosk Workstation.htm
--------------------------------------------------------------------------------
/Windows/OfflineServicing/Readme.md:
--------------------------------------------------------------------------------
1 | ## Quick Start Guide
2 |
3 | Download the contents of this folder to a local driver such as c:\ImageServicing.
4 |
5 | Launch the script and enter parameters as needed. At a minimum you will need to enter your servername and site code. On first launch, the script will look for all of the files and folders needed for servicing. It will create the required folder structure. You will need to add your ISO to the appropriate folder under the ISO folder.
6 |
7 |
8 | * Mount_Image = The DISM mount folder for the OS Image
9 | * Mount_BootImage = The DISM mount folder for the Boot Image
10 | * Mount_WinREImage = The DISM mount folder for the WinRE Image
11 | * WIM_OutPut = a temp directory for WIM files
12 | * OriginalBaseMedia = the ISO is extracted here
13 | * ISO = Windows ISO Source Media
14 | * LCU = Latest Cumilative Update
15 | * SSU = Servicing Stack Update (check the LCU KB for the KB number of the required SSU)
16 | * Flash = Adobe Flash Player
17 | * DotNet = .NET Framework Cumulative Update (New for 1809)
18 | * SetupUpdate = Dynamic Update Setup Update
19 | * ComponentUpdate = Dynamic Update Component Update
20 |
21 | Launch the script again with the desired command lines. If all files and folders are present, it will begin working. In the end, you will end up with a CompletedMedia folder which will have the completed media with updated wims.
22 |
23 | ### Note
24 | Beginning in Windows 10 1809, the servicing model has improved. At the moment, dynamic updates are no longer delivered from WSUS and can't be downloaded by the script. I have reached out to the product group to ask for assistance on offline servicing options. They said that this is being worked on, but there's no solution yet. The best option I've found is to run the Feature Update on a device and it will download the CAB files into the c:\$Windows.~BT folder where you can grab them and add to the script.
25 |
26 | Originally created for this blog post. https://www.asquaredozen.com/2018/08/20/adding-dynamic-updates-to-windows-10-in-place-upgrade-media-during-offline-servicing/
27 |
28 |
29 |
--------------------------------------------------------------------------------
/Windows/OfflineServicing/Run-ServiceWIMandImportImage.ps1:
--------------------------------------------------------------------------------
1 | $ServerName = "CM01.ASD.NET"
2 | $SiteCode = "PS1"
3 | $OSVersion = "20H2"
4 | $Month = "2021-01"
5 | $OSArch = "x64"
6 | $IgnoreTheseUpdates = @("")
7 |
8 | $ServiceWIMSplat = @{
9 | ServerName = $ServerName
10 | SiteCode = $SiteCode
11 | OSVersion = $OSVersion
12 | Month = $Month
13 | Optimize = $False
14 | Cleanup = $False
15 | KillAV = [switch]::Present
16 | AutoDLUpdates = $True
17 | IgnoreTheseUpdates = $IgnoreTheseUpdates
18 | }
19 |
20 | .\Service-WIM.ps1 @ServiceWIMSplat
21 | #>
22 |
23 | #<#
24 | ##Import-WindowsImage
25 | $ImportWindowsImageSplat = @{
26 | ServerName = $ServerName
27 | SiteCode = $SiteCode
28 | SourceMediaRootPath = "C:\ImageServicing\CompletedMedia"
29 | DestinationRootPath = "\\cm01.asd.net\sources$\OSInstallFiles\Windows 10"
30 | OSVersion = $OSVersion
31 | OSArch = $OSArch
32 | Month = $Month
33 | ImageType = "Install"
34 | ConsoleFolderPath = "\Windows 10"
35 | DPGroupName = "All DPs"
36 | }
37 |
38 | .\Import-WindowsImage.ps1 @ImportWindowsImageSplat
39 | #>
--------------------------------------------------------------------------------