Powershell reference - Oliver-Mustoe/Oliver-Mustoe-Tech-Journal GitHub Wiki
Page has many references to useful powershell commands/workflows
Active Directory install
# Setup AD named "oliver.local"
Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools
Install-ADDSForest -DomainName “oliver.local”
Then I waited for the system to reboot, after it did I made a new Domain Admin user called 'oliver.mustoe-adm' with the following commands:
# Wait for reboot, make adm user
$password = Read-Host -AsSecureString
New-ADUser -Name oliver.mustoe-adm -AccountPassword $password -Passwordneverexpires $true -Enabled $true
# Stop here for normal user, continue for domain admin
Add-ADGroupMember -Identity "Domain Admins" -Members oliver.mustoe-adm
Add-ADGroupMember -Identity "Enterprise Admins" -Members oliver.mustoe-adm
# Setup DNS and make records (example for 10.0.17.0/24)
Install-WindowsFeature DNS -IncludeManagementTools
Add-DnsServerPrimaryZone -NetworkID 10.0.17.0/24 -ReplicationScope "Domain"
Get-DnsServerZone
# Some example A records
Add-DnsServerResourceRecordA -CreatePtr -Name "vcenter" -ZoneName "oliver.local" -AllowUpdateAny -IPv4Address "10.0.17.3"
Add-DnsServerResourceRecordA -CreatePtr -Name "pf" -ZoneName "oliver.local" -AllowUpdateAny -IPv4Address "10.0.17.2"
Add-DnsServerResourceRecordA -CreatePtr -Name "mgmt1" -ZoneName "oliver.local" -AllowUpdateAny -IPv4Address "10.0.17.100"
# Some example Ptr records
Add-DnsServerResourceRecordPtr -Name "4" -ZoneName "17.0.10.in-addr.arpa" -AllowUpdateAny -AgeRecord -PtrDomainName "ad350-oliver"
# Make regular user
$password = Read-Host -AsSecureString
New-ADUser -Name oliver.mustoe -AccountPassword $password -Passwordneverexpires $true -Enabled $true
DHCP setup
Install-WindowsFeature DHCP -IncludeManagementTools
netsh dhcp add securitygroups
Restart-Service dhcpserver
# Example scope and options
Add-DHCPServerv4Scope -Name "oliver-scope" -StartRange 10.0.17.101 -EndRange 10.0.17.150 -SubnetMask 255.255.255.0 -State Active -LeaseDuration 1.00:00:00
Set-DHCPServerv4OptionValue -ScopeID 10.0.17.0 -DnsDomain oliver.local -DnsServer 10.0.17.4 -Router 10.0.17.2
Add-DhcpServerInDC -DnsName "ad350-oliver.oliver.local" -IpAddress 10.0.17.4
Restart-service dhcpserver
Creating OU
New-ADOrganizationalUnit -Name "350" -Path "DC=oliver,DC=local"
Creating Security Group (in OU)
New-ADGroup -Name "sys350-power-user" -SamAccountName sys350-power-user -GroupCategory Security -GroupScope Global -DisplayName "sys350-power-user" -Path "OU=Accounts,OU=350,DC=oliver,DC=local" -Description "sys350-power-user"
Creating AD user (in an OU)
$password = Read-Host -AsSecureString
New-ADUser -Name bob -AccountPassword $password -Passwordneverexpires $true -Enabled $true -Path "OU=Accounts,OU=350,DC=oliver,DC=local"
Add user to security group
$restricted = @("bob","charlie")
Add-ADGroupMember -Identity "sys350-power-user" -Members alice
Add-ADGroupMember -Identity "sys350-restricted-user" -Members $restricted
Add computer to domain with new name
Add-Computer -DomainName oliver.local -NewName wks01-oliver -Credential oliver.mustoe-adm -Restart
Download and run file
Example is for Google chrome, Especially good for server 2019
(New-Object System.Net.WebClient).DownloadFile('https://dl.google.com/dl/chrome/install/googlechromestandaloneenterprise64.msi','chrome.msi')
.\chrome.msi
Fast way to extract files
"C:\Users\Administrator\Downloads\WinDev2311Eval.HyperV.zip" is the file to be extracted, "F:\VM_FILES\WinDev2311Eval" is where it should be extracted to (can either be a folder that already exists or a new folder where the contents will be placed)
Add-Type -Assembly "System.IO.Compression.Filesystem"
[System.IO.Compression.ZipFile]::ExtractToDirectory("C:\Users\Administrator\Downloads\WinDev2311Eval.HyperV.zip","F:\VM_FILES\WinDev2311Eval")
Hyper-V commands
Create a VM named "fw-super10" with a custom VHD path
New-VM -Name "fw-super10" -MemoryStartupBytes 2GB -Path "F:\VM_FILES\fw-super10" -NewVHDPath "F:\VM_FILES\fw-super10\fw-super10.vhdx" -NewVHDSizeBytes 16GB -Generation 2 -SwitchName "HyperV-WAN"
Create a VM named WinDev2311Eval from a premade VHD
New-VM -Name "WinDev2311Eval" -MemoryStartupBytes 8GB -Path "F:\VM_FILES\WinDev2311Eval" -VHDPath "F:\VM_FILES\WinDev2311Eval\WinDev2311Eval.vhdx" -Generation 2 -SwitchName "LAN-INTERNAL"
Set the processor count for a a VM named "fw-super10"
Set-VMProcessor "fw-super10" -Count 2
Add a network adapter named "LAN-INTERNAL" and connect it to a switch named "LAN-INTERNAL" for a VM named "fw-super10"
Add-VMNetworkAdapter -VMName "fw-super10" -Name "LAN-INTERNAL"
Connect-VMNetworkAdapter -VMName "fw-super10" -Name "LAN-INTERNAL" -SwitchName "LAN-INTERNAL"
Add a pfsense ISO to a VM named "fw-super10"
Add-VMDvdDrive -VMName "fw-super10" -Path "F:\ISO\pfsense.iso"
Turn off secure boot for a VM named "ubuntu-22.04-base"
Set-VMFirmware -VMName "ubuntu-22.04-base" -EnableSecureBoot Off