Tuesday, November 22, 2016

Splunk | Never Expire | Table Filter

Splunk search

"'Don't Expire Password' - Enabled"  | eval Administrator=mvindex(Account_Name, 0), User=mvindex(Account_Name, -1) | table _time,Administrator,User

indexes the Account Name field then maps out for easy viewing.

<search here>  | eval Administrator=mvindex(Account_Name, 0), User=mvindex(Account_Name, -1) | table _time,Administrator,User

Posted by at No comments:

Wednesday, October 19, 2016

GPO Registry Values with recursive array

Sorry using a global array, in function, just needed to get it done. no time today.
Read a GPO, locate the keys need then
Then clone the settings to another GPO

http://pastebin.com/ipDjYMds

Posted by at No comments:

Friday, October 14, 2016

Powershell | GPO Link report

[array]$Report = @()

 $GPOs = Get-GPO -all | Sort-Object Displayname

 foreach ($GPO in $GPOs) {
    Write-Host "Processing GPO $($GPO.DisplayName)"
    $XMLReport = Get-GPOReport -GUID $($GPO.id) -ReportType xml
    $XML = [xml]$XMLReport

     foreach ($gpolink in $xml.GPO.LinksTo.SomPath) {
        $Report += New-Object PSObject -Property @{
       'GPOName' = $xml.gpo.name
            'gpoLink' = $gpolink }
       }

     if ($xml.GPO.LinksTo.SomPath -eq $null) {
       $Report += New-Object PSObject -Property @{
       'GPOName' = $xml.gpo.name
            'gpoLink' = "Nolink" }
            }
       
}

 $Report | Export-CSv C:\reporting\GPOLinks.csv
Posted by at No comments:
Subscribe to: Posts (Atom)