Powershell Force TLS 1.2

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Posted in Uncategorized | Comments Off on Powershell Force TLS 1.2

Install WSUS Updates with Powershell

$Computers = Get-ADComputer -SearchBase "OU=Servrar,DC=contoso,DC=com" -Properties operatingSystem,dnshostname -Filter * | Select -ExpandProperty dnshostName 

#Ta bort de som redan har körts
$ExceptServers = (Import-Csv $LogFile -Delimiter "," -Header ComputerName,Status).ComputerName 
$Computers = $Computers | Where {$ExceptServers -notcontains $_}
$LogFile = "C:\Temp\WsusForce.txt"

Foreach ($Computer in $Computers)
{

Try 
{
$InstallScript = @'
####
$Criteria = "IsInstalled=0 and Type='Software'"

    #Search for relevant updates.
    $Searcher = New-Object -ComObject Microsoft.Update.Searcher
    $SearchResult = $Searcher.Search($Criteria).Updates
    #Download updates.
    $Session = New-Object -ComObject Microsoft.Update.Session
    $Downloader = $Session.CreateUpdateDownloader()
    $Downloader.Updates = $SearchResult
    $Downloader.Download()

    #Install updates.
    $Installer = New-Object -ComObject Microsoft.Update.Installer
    $Installer.Updates = $SearchResult
    $Result = $Installer.Install()

#####
$TS = New-Object -ComObject Schedule.Service
$TS.Connect($env:COMPUTERNAME)
$TaskFolder = $TS.GetFolder("\")
$Tasks = $TaskFolder.GetTasks(1)
$TaskToDelete = "WsusForce"
foreach($Task in $Tasks)
    {
    If($Task.Name -eq $TaskToDelete)
        {$TaskFolder.DeleteTask($Task.Name,0)}
    }
#Ta bort sig själv
Remove-Item -LiteralPath $MyInvocation.MyCommand.Path -Force
'@
			Set-Content -Path "\\$Computer\C$\Windows\Temp\WsusForce.ps1" -Value $InstallScript -ErrorAction SilentlyContinue
						
			
			Invoke-Command -ScriptBlock {
				# The name of the scheduled task
				$TaskName = "WsusForce"
				# The description of the task
				$TaskDescr = "WsusForce"
				# The Task Action command
				$TaskCommand = "powershell.exe"
				# The PowerShell script to be executed
				$TaskScript = "C:\Windows\Temp\WsusForce.ps1"
				# The Task Action command argument
				$TaskArg = "-WindowStyle Hidden -NonInteractive -Executionpolicy unrestricted -file $TaskScript"
				
				# The time when the task starts
				$TaskStartTime = [datetime]::Now.AddSeconds(10)
				# Attach the Task Scheduler com object
				$service = new-object -ComObject ("Schedule.Service")
				# connect to the local machine. 
				# http://msdn.microsoft.com/en-us/library/windows/desktop/aa381833(v=vs.85).aspx
				$Service.Connect()
				$RootFolder = $service.GetFolder("\")
				
				$TaskDefinition = $service.NewTask(0)
				$TaskDefinition.RegistrationInfo.Description = "$TaskDescr"
				$TaskDefinition.Settings.Enabled = $true
				$TaskDefinition.Settings.AllowDemandStart = $true
				
				$Triggers = $TaskDefinition.Triggers
				#http://msdn.microsoft.com/en-us/library/windows/desktop/aa383915(v=vs.85).aspx
				$Trigger = $Triggers.Create(1) # Creates a "One time" trigger
				$Trigger.StartBoundary = $TaskStartTime.ToString("yyyy-MM-dd'T'HH:mm:ss")
				$Trigger.Enabled = $true
				
				# http://msdn.microsoft.com/en-us/library/windows/desktop/aa381841(v=vs.85).aspx
				$Action = $TaskDefinition.Actions.Create(0)
				$Action.Path = "$TaskCommand"
				$Action.Arguments = "$TaskArg"
				
				#http://msdn.microsoft.com/en-us/library/windows/desktop/aa381365(v=vs.85).aspx
				$RootFolder.RegisterTaskDefinition("$TaskName", $TaskDefinition, 6, "System", $null, 5)
				
				
				
			} -ComputerName $Computer -ErrorAction Stop

    Add-Content $LogFile "$Computer,OK"
}
Catch
    {
    Add-Content $LogFile "$Computer,$($_.Exception.Message)"
    }
}
Posted in Uncategorized | Comments Off on Install WSUS Updates with Powershell

Homebridge example file, Home Assistant and ffmpeg

[codesyntax lang=”php”]

{
   "bridge":{
      "name":"HomebridgeDocker",
      "username":"CC:22:3D:E3:CE:30",
      "port":51826,
      "pin":"031-45-154"
   },
   "description":"This is an example configuration file. You can use this as a template for creating your own configuration file containing devices you actually own.",
   "accessories":[

   ],
   "platforms":[{
		"platform": "HomeAssistant",
		"name": "HomeAssistant",
		"host": "http://ha.domain.com:8123",
		"supported_types": ["automation", "binary_sensor", "climate", "cover", "device_tracker", "fan", "group", "input_boolean", "light", "lock", "media_player", "remote", "scene", "sensor", "switch"],
		"default_visibility": "hidden",
		"logging": false
	},
      {
         "platform":"Camera-IP",
         "cameras":[
            {
               "name":"Kamera1",
               "videoConfig":{
                  "source":"-re -i rtsp://Username:Password@192.168.10.23:554/Streaming/channels/102/",
                  "stillImageSource":"-i http://Username:Password13@192.168.10.23/Streaming/channels/1/picture",
                  "maxStreams":2,
                  "maxWidth":1280,
                  "maxHeight":720,
                  "maxFPS":30
               }
            },{
               "name":"Kamera2",
               "videoConfig":{
                  "source":"-re -i rtsp://Username:Password13@192.168.10.24:554/Streaming/channels/102/",
                  "stillImageSource":"-i http://Username:Password13@192.168.10.24/Streaming/channels/1/picture",
                  "maxStreams":2,
                  "maxWidth":1280,
                  "maxHeight":720,
                  "maxFPS":30
               }
            }
         ]
      }
   ]
}

[/codesyntax]

Posted in Uncategorized | Comments Off on Homebridge example file, Home Assistant and ffmpeg

Windows Live Photo Gallery database location

%userprofile%\AppData\Local\Microsoft\Windows Live Photo Gallery

To clear the database, close the program and remove all files under here.

Posted in Windows | Comments Off on Windows Live Photo Gallery database location

Active Directory performance counters, Security System-Wide Statistics

Problem:
You cannot see the counterset “Security System-Wide Statistics” with powershell when you run the command Get-Counter -ListSet “Security System-Wide Statistics”

Or when you run the “Get-Counter “\Security System-Wide Statistics\Kerberos Authentications” you get “Internal performance counter API call failed. Error: c0000bb8”

Soloution:
Start powershell.exe with Run asAdministrator. The UAC prevents the ListSet from being displayed.

Posted in Active Directory, Performance | Comments Off on Active Directory performance counters, Security System-Wide Statistics

Autoenrollment is not working.

Problem:
Group Policy says that autoenrollment is switched on but the autoenrollment function is not working. None of your Root, Issuing or Machine certificates are enrolled.

If you try to trigger the autoenrollment process you get an error.
certutil -pulse
CertUtil: -pulse command FAILED: 0x80070002 (WIN32: 2)
CertUtil: The system cannot find the file specified.

Problem:
In som cases this is due to a folder missing. Check if the folder C:\Windows\System32\Logfiles\Scm exists. If not create it and restart the computer

 

Posted in PKI, Windows | Comments Off on Autoenrollment is not working.

Set proxy for machine account

netsh winhttp set proxy proxy.domain.com:8080 “*.domain.com;*.domain2.com”

Posted in Windows | Comments Off on Set proxy for machine account

Test network ports with Powershell

[codesyntax lang=”powershell”]

#Create socket object
$Socket = New-Object Net.Sockets.TcpClient

#Connect
$Socket.Connect("172.22.2.10", "8888")

#Check if connected
$Socket.Connected

#Close connection
$Socket.Dispose()

[/codesyntax]

Posted in Network | Comments Off on Test network ports with Powershell

Base64 encoding with certutil

Encode
certutil -encode inputFileName encodedOutputFileName

Decode
certutil -decode encodedInputFileName OutputFileName

Posted in PKI | Comments Off on Base64 encoding with certutil

Smartcard – Force reading all certificates on smartcard

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\SmartCardCredentialProvider]
“ForceReadingAllCertificates”=dword:00000001 

Posted in PKI, Windows | Comments Off on Smartcard – Force reading all certificates on smartcard