know-how:windows
Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Beide Seiten der vorigen RevisionVorhergehende ÜberarbeitungNächste Überarbeitung | Vorhergehende Überarbeitung | ||
know-how:windows [2023/10/25 13:41] – [Office 2021 Professinal Plus LTS - MAK/KMS Key Installation] cc | know-how:windows [2024/02/26 10:30] (aktuell) – [reportMalwareDevices.php] cc | ||
---|---|---|---|
Zeile 1: | Zeile 1: | ||
+ | ~~ODT~~ | ||
====== reportMalwareDevices.php ====== | ====== reportMalwareDevices.php ====== | ||
* Analog zu **reportUpdateStates.php** Permissions von deviceManagement read reicht aus | * Analog zu **reportUpdateStates.php** Permissions von deviceManagement read reicht aus | ||
Zeile 694: | Zeile 695: | ||
... | ... | ||
</ | </ | ||
+ | ====== reportMissingNotebooksOwnerBased.php ====== | ||
+ | * Analog zu **reportMissingNotebooks.php** nur um die Schüler der 3. und 4. Klasse ergänzt | ||
+ | * **Achtung** - Da die API bei 500 Devices deckelt muss ab 500 eine andere Lösung gefunden werden / Ermittle alle betroffenen User über LDAP im AD und ermittle für jeden einzelnen User die Zugehörigkeit zu einem registrierten Gerät | ||
+ | * **Update** - es ist doch möglich mehr als 500 Devices zu erhalten mit pagination kann zum nächsten **Link** geblättert werden - danke an Herrn Christoph Pachler | ||
+ | |||
+ | < | ||
+ | <?php | ||
+ | |||
+ | $server = " | ||
+ | //domain user to connect to LDAP | ||
+ | $user = " | ||
+ | //user password | ||
+ | $passwd = " | ||
+ | |||
+ | $dn = array(0=>" | ||
+ | |||
+ | $classesRegex="/ | ||
+ | |||
+ | $search=" | ||
+ | |||
+ | |||
+ | $errUser=0; | ||
+ | $countAll=0; | ||
+ | $okUser=0; | ||
+ | |||
+ | |||
+ | |||
+ | echo "All Users that haven' | ||
+ | |||
+ | for ($j=0; $j< | ||
+ | { | ||
+ | $ds=ldap_connect($server); | ||
+ | | ||
+ | |||
+ | $sr=ldap_search($ds, | ||
+ | |||
+ | $data = ldap_get_entries($ds, | ||
+ | |||
+ | |||
+ | // $countAll+=$data[" | ||
+ | |||
+ | for ($i=0; $i< | ||
+ | { | ||
+ | |||
+ | //echo ($data[$i][" | ||
+ | //echo ($data[$i][" | ||
+ | //echo ($data[$i][" | ||
+ | |||
+ | $distinguishedName=strtolower($data[$i][" | ||
+ | $userPrincipalName=strtolower($data[$i][" | ||
+ | $department=strtolower(@$data[$i][" | ||
+ | |||
+ | |||
+ | $regMatch=preg_match($classesRegex, | ||
+ | |||
+ | if($regMatch !== 0) | ||
+ | { | ||
+ | |||
+ | if(!isset($data[$i][" | ||
+ | { | ||
+ | echo "FAIL - User: " | ||
+ | $errUser++; | ||
+ | } | ||
+ | |||
+ | |||
+ | $countAll++; | ||
+ | // | ||
+ | //echo $distinguishedName." | ||
+ | //echo $department." | ||
+ | |||
+ | $notFound=true; | ||
+ | |||
+ | $intuneDevices=getIntuneDevices($userPrincipalName); | ||
+ | |||
+ | # | ||
+ | sleep(rand(3, | ||
+ | |||
+ | for ($k=0; $k< | ||
+ | { | ||
+ | |||
+ | /* | ||
+ | [deviceOwnership] => Personal | ||
+ | [deviceVersion] => 2 | ||
+ | [displayName] => LAPTOP | ||
+ | [domainName] => | ||
+ | [enrollmentProfileName] => | ||
+ | [enrollmentType] => UserEnrollment | ||
+ | [externalSourceName] => | ||
+ | [isCompliant] => 1 | ||
+ | [isManaged] => 1 | ||
+ | [isRooted] => | ||
+ | [managementType] => MDM | ||
+ | [manufacturer] => LENOVO | ||
+ | |||
+ | |||
+ | */ | ||
+ | |||
+ | if($intuneDevices[$k][" | ||
+ | { | ||
+ | $notFound=false; | ||
+ | |||
+ | } | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | } | ||
+ | |||
+ | |||
+ | if($notFound) | ||
+ | { | ||
+ | |||
+ | echo "FAIL - User: " | ||
+ | $errUser++; | ||
+ | |||
+ | } | ||
+ | else | ||
+ | { | ||
+ | $okUser++; | ||
+ | } | ||
+ | |||
+ | // Device Details: print_r($intuneDevices[--$k]); | ||
+ | } | ||
+ | |||
+ | |||
+ | } | ||
+ | // close connection | ||
+ | | ||
+ | } | ||
+ | |||
+ | echo " | ||
+ | echo "All user objects found: " | ||
+ | echo "All user objects ok: " | ||
+ | echo " | ||
+ | printf(" | ||
+ | echo " | ||
+ | echo "Regex Classroom check: " | ||
+ | echo " | ||
+ | print_r($dn); | ||
+ | |||
+ | echo " | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | function getIntuneDevices($userUPN) | ||
+ | { | ||
+ | |||
+ | $curl_token= curl_init(); | ||
+ | //Azure AD Administration: | ||
+ | // | ||
+ | // Details: https:// | ||
+ | curl_setopt($curl_token, | ||
+ | curl_setopt($curl_token, | ||
+ | curl_setopt($curl_token, | ||
+ | curl_setopt($curl_token, | ||
+ | curl_setopt($curl_token, | ||
+ | |||
+ | |||
+ | |||
+ | $json_response=curl_exec($curl_token) or die(" | ||
+ | |||
+ | curl_close($curl_token); | ||
+ | |||
+ | |||
+ | $access_array=json_decode($json_response, | ||
+ | |||
+ | // | ||
+ | |||
+ | |||
+ | if(!isset($access_array[" | ||
+ | { | ||
+ | die(" | ||
+ | } | ||
+ | |||
+ | |||
+ | |||
+ | $curl_token= curl_init(); | ||
+ | |||
+ | |||
+ | curl_setopt($curl_token, | ||
+ | curl_setopt($curl_token, | ||
+ | curl_setopt($curl_token, | ||
+ | curl_setopt($curl_token, | ||
+ | curl_setopt($curl_token, | ||
+ | |||
+ | $json_response=curl_exec($curl_token) or die(" | ||
+ | |||
+ | curl_close($curl_token); | ||
+ | |||
+ | // | ||
+ | |||
+ | $intune_array=json_decode($json_response, | ||
+ | |||
+ | $intune_array=$intune_array[" | ||
+ | |||
+ | |||
+ | return $intune_array; | ||
+ | |||
+ | |||
+ | |||
+ | } | ||
+ | |||
+ | |||
+ | ?> | ||
+ | |||
+ | </ | ||
+ | |||
====== reportMissingNotebooks.php ====== | ====== reportMissingNotebooks.php ====== | ||
* Analog zu **reportRiskUsers.php** | * Analog zu **reportRiskUsers.php** | ||
* Finde alle Schüler der 1. und 2. Klasse die kein Notebook enrolled haben / zB: als Cron Job | * Finde alle Schüler der 1. und 2. Klasse die kein Notebook enrolled haben / zB: als Cron Job | ||
* Im LDAP Attribut **Department** befindet sich die Klassenbzeichnung zB: 2E | * Im LDAP Attribut **Department** befindet sich die Klassenbzeichnung zB: 2E | ||
+ | * **Achtung** Graph API deckelt bei 500 Devices d.h. ab 500 Notebooks muss eine andere Lösung gefunden werden | ||
+ | * **Update** Es ist doch möglich mehr als 500 Devices zu erhalten - es muss in den Results geblättert werden über den nächsten **Link** -> ** if(isset($intune_array[" | ||
+ | | ||
< | < | ||
Zeile 891: | Zeile 1103: | ||
* Analog zu **reportRiskUsers.php** | * Analog zu **reportRiskUsers.php** | ||
* Auszug aus dem relevanten Code für https:// | * Auszug aus dem relevanten Code für https:// | ||
+ | * **Update** bei mehr als 500 Geräten muss geblättert werden **nextLink** | ||
* Es sollen alle im Intune registrierten Geräte gezogen werden | * Es sollen alle im Intune registrierten Geräte gezogen werden | ||
< | < | ||
Zeile 900: | Zeile 1113: | ||
... | ... | ||
+ | $devicesLink=" | ||
+ | $intune_all=array(); | ||
+ | while(strlen($devicesLink)) | ||
+ | { | ||
- | $curl_token= curl_init(); | + | $curl_token= curl_init(); |
- | // https:// | + | // https:// |
- | // | + | // |
- | curl_setopt($curl_token, | + | curl_setopt($curl_token, |
- | curl_setopt($curl_token, | + | curl_setopt($curl_token, |
- | curl_setopt($curl_token, | + | curl_setopt($curl_token, |
- | curl_setopt($curl_token, | + | curl_setopt($curl_token, |
- | curl_setopt($curl_token, | + | curl_setopt($curl_token, |
- | $json_response=curl_exec($curl_token) or die(" | + | $json_response=curl_exec($curl_token) or die(" |
- | curl_close($curl_token); | + | curl_close($curl_token); |
- | // | + | // |
- | $intune_array=json_decode($json_response, | + | $intune_array=json_decode($json_response, |
+ | |||
+ | if(!isset($intune_array[" | ||
+ | { | ||
+ | $devicesLink="" | ||
- | $intune_array=$intune_array[" | + | } |
+ | else | ||
+ | { | ||
+ | | ||
+ | } | ||
- | print_r($intune_array); | ||
+ | $intune_array=$intune_array[" | ||
+ | |||
+ | $intune_all=array_merge($intune_all, | ||
+ | |||
+ | |||
+ | } | ||
+ | |||
+ | |||
+ | |||
+ | return $intune_all; | ||
+ | |||
+ | } | ||
/* | /* | ||
Zeile 1171: | Zeile 1407: | ||
====== Powershell Skripte ====== | ====== Powershell Skripte ====== | ||
+ | |||
+ | |||
+ | ===== check_last_updates.ps1 ===== | ||
+ | * Kerberos Authentifizierung analog zu unterem Beispiel | ||
+ | * Wann wurde zuletzt erfolgreich nach Updates gesucht oder erfolgreich Updates installiert - ist der Threshold größer als 35 Tage d.h. ist es länger als 35 Tage her möchte ich eine Notifikation erhalten | ||
+ | < | ||
+ | #Thanks: https:// | ||
+ | $threshold=35 | ||
+ | |||
+ | try | ||
+ | { | ||
+ | |||
+ | $lastSuccessSearch= ((New-Object -com " | ||
+ | $lastSuccessInstallation =((New-Object -com " | ||
+ | $today =Date | ||
+ | |||
+ | $daysPassedSearch=($today - $lastSuccessSearch ).Days | ||
+ | $daysPassedInstallation= ($today - $lastSuccessInstallation).Days | ||
+ | |||
+ | if( ($daysPassedSearch -gt $threshold) -or ($daysPassedInstallation -gt $threshold) ) | ||
+ | { | ||
+ | |||
+ | $message= " | ||
+ | |||
+ | write-host $message | ||
+ | |||
+ | #don't hammer the web support service with too much concurrent requests | ||
+ | Start-Sleep -seconds (Get-Random -Minimum 1 -Maximum 5 ) | ||
+ | |||
+ | $postParams = @{room=$env: | ||
+ | |||
+ | Invoke-WebRequest -Uri https:// | ||
+ | |||
+ | } | ||
+ | |||
+ | } | ||
+ | catch | ||
+ | { | ||
+ | write-host "ERROR - cannot get values related to last updates " | ||
+ | } | ||
+ | </ | ||
+ | ===== check_Updates_Notification_GPO_Startup.ps1 ===== | ||
+ | * Unter https:// | ||
+ | * Welche Qualitätsupdates wurden noch nicht installiert und sind ausständig ? Achtung hier gibt es auch eine Variante bei der die optionalen Updates ebenfalls aufscheinen könne (Type 1) | ||
+ | |||
+ | < | ||
+ | # Thank you: https:// | ||
+ | |||
+ | try | ||
+ | { | ||
+ | |||
+ | $UpdateSession = New-Object -ComObject Microsoft.Update.Session | ||
+ | $UpdateSearcher = $UpdateSession.CreateupdateSearcher() | ||
+ | $Updates = @($UpdateSearcher.Search(" | ||
+ | $Updates= $Updates | Where-Object Type -eq 1 | ||
+ | |||
+ | # | ||
+ | $Updates= $Updates | Where-Object Title -NotLike " | ||
+ | $Updates= $Updates | Where-object Title -NotLike " | ||
+ | |||
+ | |||
+ | $message = $Updates | Select Title | Out-String -Width 250 | ||
+ | |||
+ | |||
+ | if ($message.Length ) | ||
+ | { | ||
+ | |||
+ | write-host " | ||
+ | |||
+ | #don't hammer the web support service with too much concurrent requests | ||
+ | Start-Sleep -seconds (Get-Random -Minimum 1 -Maximum 5 ) | ||
+ | |||
+ | |||
+ | $postParams = @{room=$env: | ||
+ | |||
+ | Invoke-WebRequest -Uri https:// | ||
+ | |||
+ | |||
+ | } | ||
+ | } | ||
+ | catch | ||
+ | { | ||
+ | write-host "An Error occured" | ||
+ | } | ||
+ | </ | ||
+ | ===== checkAPC-UPS.ps1 ===== | ||
+ | * APC Management Card über SNMP (v1) checken und System ggf. herunterfahren + E-Mail Verständigung | ||
+ | * Offizielle Software von APC - Power Chute bedingt einsetzbar / nicht erkennbar ob Kommunikation zwischen PowerChute und USV funktioniert FIXME | ||
+ | * FIXME Testen der Thresholds und Werte + Timeouts FIXME | ||
+ | |||
+ | < | ||
+ | #Achtung - Force TLS1.2 [Net.ServicePointManager]:: | ||
+ | # Konfiguration der APC Management-Karte | ||
+ | $apcIPAddress = " | ||
+ | $snmpCommunity = " | ||
+ | $snmpVersion = 1 # SNMP-Version (1 oder 2) | ||
+ | |||
+ | # Schwellenwerte für die USV | ||
+ | $batteryThreshold = 25 | ||
+ | $remainingTimeThreshold = 5 | ||
+ | $timeout= 10 | ||
+ | # E-Mail-Konfiguration | ||
+ | $mailServerIP = " | ||
+ | $mailFrom = " | ||
+ | $mailTo = " | ||
+ | $mailSubject = " | ||
+ | |||
+ | |||
+ | # USV-Status, verbleibende Leistung und verbleibende Zeit abrufen / On Battery seems to be 3 | ||
+ | $statusOID = " | ||
+ | #2023-12-13 cc: Thanks https:// | ||
+ | $batteryCapacityOID = " | ||
+ | $remainingTimeOID = " | ||
+ | try | ||
+ | { | ||
+ | |||
+ | #2023-12-13 cc: Important !!! Convert to INT | ||
+ | [int]$status = (Get-SnmpData -IP $apcIPAddress -OID $statusOID -Community $snmpCommunity -Version $snmpVersion -TimeOut $timeout).Data | ||
+ | [float]$batteryCapacity = (Get-SnmpData -IP $apcIPAddress -OID $batteryCapacityOID -Community $snmpCommunity -Version $snmpVersion -TimeOut $timeout).Data | ||
+ | $remainingTime = (Get-SnmpData -IP $apcIPAddress -OID $remainingTimeOID -Community $snmpCommunity -Version $snmpVersion -TimeOut $timeout).Data | ||
+ | [float]$remainingTime = $remainingTime.Substring(0, | ||
+ | |||
+ | Write-host " | ||
+ | Write-host " | ||
+ | Write-host " | ||
+ | |||
+ | |||
+ | if ( $status -eq 3 -and $batteryCapacity -lt $batteryThreshold -and $remainingTime -lt $remainingTimeThreshold | ||
+ | { | ||
+ | $message = "Die USV läuft auf Batterie, die verbleibende Leistung ist unter $batteryThreshold%, | ||
+ | |||
+ | # E-Mail senden | ||
+ | Send-MailMessage -From $mailFrom -To $mailTo -Subject $mailSubject -Body $message -SmtpServer $mailServerIP | ||
+ | |||
+ | Write-Host " | ||
+ | | ||
+ | # Herunterfahren des Computers | ||
+ | Write-Host "Der Computer wird heruntergefahren." | ||
+ | Stop-Computer -Force | ||
+ | } else { | ||
+ | Write-Host "Die USV befindet sich nicht auf Batterie, die verbleibende Leistung oder Zeit ist ausreichend. Keine Aktion erforderlich." | ||
+ | } | ||
+ | |||
+ | exit 0 | ||
+ | } | ||
+ | catch | ||
+ | { | ||
+ | | ||
+ | exit 1 | ||
+ | } | ||
+ | |||
+ | </ | ||
===== Get-licenseKey.ps1 ===== | ===== Get-licenseKey.ps1 ===== | ||
Zeile 4183: | Zeile 4571: | ||
</ | </ | ||
+ | ====== VHD dynamic in fixed konvertieren | ||
+ | < | ||
+ | https:// | ||
+ | |||
+ | Convert-VHD –Path c: | ||
+ | </ | ||
+ | |||
====== Windows Dienste f. User ===== | ====== Windows Dienste f. User ===== | ||
Zeile 4630: | Zeile 5025: | ||
* https:// | * https:// | ||
{{: | {{: | ||
+ | |||
+ | ===== Whitelist Absender ===== | ||
+ | * **Achtung** Befindet sich aktuell (2024) unter: https:// | ||
+ | * **Antispam-Eingangsrichtlinie** -> dort lassen sich Absendeadressen hinzufügen | ||
+ | |||
+ | {{: | ||
+ | |||
===== Spam in Junk-Mail ===== | ===== Spam in Junk-Mail ===== |
know-how/windows.txt · Zuletzt geändert: 2024/02/26 10:30 von cc