Jere's Techblog

Compare AD-GroupMember

Example:

JKCompare-ADGroupMemeber -Group1 GROUPNAME1 -Group2 GROUPNAME2

Optional Parameter:

-IncludeEqual yes

#13.11.2018 Jeremias Kühnis

Function JKCompare-ADGroupMemeber{
[CmdletBinding()]
Param(
    [Parameter(Mandatory=$true)]
    [string]$Group1,
    
    [Parameter(Mandatory=$true)]
    [string]$Group2,

    [Parameter(Mandatory=$false)]
    [ValidateSet("yes", "no")]
    [string]$IncludeEqual
)

IF($IncludeEqual -eq "Yes"){
    diff (Get-ADGroupMember $Group1) (Get-ADGroupMember $Group2) -Property 'SamAccountName' -IncludeEqual
}Else{
    diff (Get-ADGroupMember $Group1) (Get-ADGroupMember $Group2) -Property 'SamAccountName'
}

Write-Host "#############################################" -ForegroundColor Cyan
Write-Host "== This user is in both groups (If option is enabled)."
Write-Host "=> This user is in the second group ($group2)."
Write-Host "<= This user is in the first group ($group1)."
Write-Host "#############################################" -ForegroundColor Cyan
}
Continue reading...

Remove AD-Group on certain Users

This script is very handy in dayli business, when you need to remove multiple users from an AD-Group.

In the userlist the users can be specified with the samAccountName.

Of course there is the possibility to fill “$UserList” variable with a list e.g. a CSV-File. In this case you can Use the function “Import-Csv” which is an out of the Box Powershell feature.

#13.11.2018 by Jeremias Kühnis
#Remove AD-Groupmemership

$ADGroup = "someAdGroupName"

$Userlist = @(
"SamAccountName1"
"SamAccountName2"
"SamAccountName3"
)

$Userlist | % {Remove-ADGroupMember -Identity $ADGroup -Members $_ -Confirm:$false}
Continue reading...

Bulk reboot Server with PowerCLI

Tested with PowerClI Version 6.5

This script allows you to restart an array of servers trough PowerCLI.
You will be prompted to specify your ESXi-Host /vCenter Environment. Ensure that you enther the FQDN.

The script will reboot your servers without confirmation.

#13.11.2018 Restart a list/array of Servers through vCenter/Powercli
 
IF(!(Get-Module vm* | where { $_.Name -eq 'VMware.VimAutomation.Core'})){
       (Get-Module –ListAvailable VMware.VimAutomation.Core | Import-Module)
         if (-not (Get-Module -Name 'VMware.VimAutomation.Core')){
               Write-Warning "Could not find/load 'PowerCLI Module.  Ensure that you are running this Script on Server with PowerCLI."
               return
         }
}

 
Write-Host "####################################" -ForegroundColor Yellow
$vCenter = Read-Host -prompt "Please enter the Name of your ESXi Host or vCenter" 

Connect-VIServer $vCenter
$server = @(
# Enter Servernames here -> Equivalent to the Name of the VM-Target                   
"Hostname-Server1"
"Hostname-Server2"
"Hostname-Server3"
)
 
 
foreach ($server in $server){
    try{
        Restart-VM -VM $server -Confirm:$false
        write-host "Reboot OK $server" -ForegroundColor Green
    }catch{
        write-host "Reboot NOT OK $server" -ForegroundColor yellow
          }
}

Disconnect-VIServer -Server $vCenter -Confirm:$false
Continue reading...

Bulk reboot Server

With this variant, the servers from a list or an array will be restarted sequentially. If a server is not reachable or has problems with the Windows-Remoting-Service, this can lead to long runtimes. It gives you a nice overview where the reboot job worked or not.

With the parameter “-force” the servers will be rebooted even if there is still an active user session.

#13.11.2018 Restart a list/array of Servers through Windows Remoting

$server = @(
"Hostname-Server1"
"Hostname-Server2"
"Hostname-Server3"
)


foreach ($server in $server){
    try{
        Restart-Computer -ComputerName $Server -force
        write-host "Reboot OK $server" -ForegroundColor Green
    }catch{
        write-host "Reboot NOT OK $server" -ForegroundColor yellow
          }

}

This is the parallel way to reboote servers from a list/array as a job using the “Invoke” function.

#13.11.2018 Restart a Liste/Array of Servers through Windows Remoting

$server = @(
"Hostname-Server1"
"Hostname-Server2"
"Hostname-Server3"
)


foreach ($server in $server){
Invoke-Command -ComputerName $Server -ScriptBlock {shutdown -r -f -t 1} -AsJob  
}

With this function you can check if the servers have been restarted. You can also Check the last boot time.

#13.11.2018 Restart a Liste/Array of Servers through Windows Remoting

$array = @()
$server = @(
"HostnameServer-1"
"HostnameServer-2"
"HostnameServer-3"
)

foreach ($server in $server){

    IF($s= New-CimSession -ComputerName $server -ErrorAction SilentlyContinue){
        $array += (Get-CimInstance -ClassName win32_operatingsystem -CimSession $s ) #| select csname, lastbootuptime
    }Else{
        $myObject = [PSCustomObject]@{
            PSComputerName     = $server
            csname     = $server
            lastbootuptime = 'no data retrieved'
            }
        $array += $myObject
    }
}

Function Checkreboottime{

Param(
  [Parameter(Mandatory=$true)]
   [int]$time
)


$TimeNow = Get-Date

$array | % {
    IF(!($_.lastbootuptime -eq "no data retrieved")){
        IF ([dateTime]$_.lastbootuptime.AddMinutes($time) -ge $TimeNow){
            write-host $_.csname $_.lastbootuptime -ForegroundColor Green
        }Else{
            write-host $_.csname $_.lastbootuptime -ForegroundColor yellow
        }
    }Else{
        write-host $_.csname $_.lastbootuptime -ForegroundColor Cyan
        }
    }

}

After calling the script, the function “Checkreboottime” can be used to check which servers have been restarted within a certain time.

Example: Checkreboottime -time 1000

The value 1000 indicates the minutes.

Yellow = Computer has not been restarted for more than 1000 minutes (since the time the script was executed)

Blue= No values could be determined

Green= computer restarted within 1000 minutes (since the script was executed)

Continue reading...

GPUpdate on all Worker Machines

This Script will invoke an “GPupdate /force”  command on all CitrixWorker Machines.

#12.03.2018 Jeremias Kühnis Updates GPO on all Workermachines
#Ensure that you are running this Script on a Citrix DeliveryController, otherwise you have to enter an Adminadress like '(Get-BrokerMachine -AdminAddress "FQDN of your DeliveryController").DNSName'  (modify Line 13)


IF(!(Get-PSSnapin -Name "Citrix.Broker.Admin.V2" -ErrorAction SilentlyContinue)){
    Add-PSSnapin *
        IF(!(Get-Command -Name "Get-BrokerMachine" -ErrorAction SilentlyContinue)){
         Write-Warning "Could not find/load CitrixPSSnapin 'Citrix.Broker.Admin.V2' or the Cmdlet 'Get-BrokerMachine' is not available. Ensure that you are running this Script on a DeliveryController Server."
         return
        }
    }

(Get-BrokerMachine).DNSName | % {
      Invoke-Command -ComputerName $_ -ScriptBlock {gpupdate /force} -AsJob  
}

Get-Job
Continue reading...