Find Membership Count of all AD Groups in OU

I was working on an application migration recently, and wanted to see how many users/computers were in each application Active Directory (AD) group in a specified Organisational Unit (OU):

 

Charting with PowerShell

This post is heavily plagiarised from here.  But sometimes I see an interesting nugget of code and like to make sure I never lose it!

I’ve made a few tweaks from the aforementioned article, but I could see me using this one day to run reports on a scheduled task (connecting to SQL server etc) and emailing some pretty charts to management teams.  Here’s the code:

 

PowerShell, Selenium and Browser Automation

Selenium is a portable software-testing framework for web applications.  It’s pretty cool (in a geeky way).  It’s primarily used to test web applications, but in this instance we’re using it to launch Internet Explorer, load a web-based helpdesk dashboard on the intranet, log into it and click a few buttons to customise the view.

You’ll need to download IEDriverServer.exe.  Go to this location:

http://selenium-release.storage.googleapis.com/index.html

Choose the folder for the most recent version, and download IEDriverServer_Win32_[version].zip

Then download Selenium.WebDriver Nuget package from here: https://www.nuget.org/packages/Selenium.WebDriver/

and Selenium.Support Nuget package from here: https://www.nuget.org/packages/Selenium.Support/

Rename the extensions of each file from .nupkg to .zip, and extract them as you would normally.  If you then look in the Lib folder of each archive you will find:

WebDriver.dll and WebDriver.Support.dll.

An Example of Browser Automation

Thi example demonstrates Internet Explorer browser automation since it’s probably the most prevalent browser in corporate environments.  However Selenium does have libraries for Firefox and Chrome too.

So for this example, put IEDriverServer.exe, WebDriver.dll, WebDriver.Support.dll and this PS1 file all in the same folder.  Read the inline comments in the script for an explanation.  To get the website element IDs you’ll need to use the DOM explorer of the browser, but I won’t go into detail of how to do that here.

 

Invoke-Sqlcmd returning unwanted columns such as RowError, HasErrors

I’ve been performing some SQL queries recently using PowerShell and Invoke-SqlCmd.  Here is a simple example of returning a list of devices (a single column of data) from a database:

Of course I pipe this into Export-CSV like so:

When we read the exported data in the CSV we expect one column of data called ‘Device’.  However, instead we can also see columns called RowError, HasErrors and others!  And whilst I’m not sure why these appear, we can omit them like so:

and of course if we wanted to pipe this into a CSV we can do so like this:

And voila.  We only get the columns of data that we asked for!

Manipulate Column Data with Select-Object and PowerShell

A couple of days ago I wanted to check which products were installed on a computer using PowerShell.  And throughout my journey I discovered how we can dynamically maniuplate column data and format the output.  Take this basic example where we query the ‘Uninstall’ registry key and output the registry data for displayname, displayversion, installdate:

But what if we wanted to join/concatenate the displayname and displayversion columns into one column?  Or what if we wanted to give the column a custom name?  We can do so like his:

So we’ve joined the displayname and displayversion columns into one column called ‘Name and Version’.  Great.  Now by default the installdate registry data is stored in the yyyyMMdd format, or,  as an example 20180807.

This isn’t very readable.  So we can also manipulate this format (ok, we don’t do any casting as a date in this example – just basic string manipulation) and call the column ‘Formatted Date’ like so:

This was quite a crude example, but hopefully it demonstrates how we can manipulate column data dynamically using PowerShell.

Move or Copy AD users

This is a simple PowerShell script to either copy AD users or move AD users from one AD group to another:

Move AD Users

Copy AD Users

 

Install and Uninstall an MSI using PowerShell

This is an example of how to install and uninstall an MSI using PowerShell.

It passes in a string array as the msiexec arguments. So you can add more arguments as you see fit. Pay close attention to the quotes around the file paths (in case they contain spaces).

 

Using a Hashtable for Key/Value pairs

This is a simple example of how we can use a hashtable to store and update key/value pairs:

 

Detect if a Computer is a Member of a Specified AD Group

Detect if the Current User is a Member of a Specified AD Group

This script will detect if the current user is a member of a specified AD Group using the [adsiSearcher] type accelerator:

 

Checking if System.Object[] contains a value

This isn’t the most interesting of blog posts admittedly.  But I was using the SQL Server Management Objects in my PowerShell script to return a result set from a stored procedure in SQL server.  The data set returned from the Invoke-sqlcmd command was a System.Object[] type.  I wanted to see if a column (the Department column) in the result set contained a specific value. So firstly I obtained the result set like so:

In PowerShell 3 it was a trivial exercise:

however in PowerShell 2 it required slightly more legwork, and was a little slower to run: