Since I’m very busy with deployment and rollouts, I thought I’d write a few basic articles that I could refer to. This sometimes saves you some time in workshops for the more interesting things or gives administrators incentives to automate things.
PowerShell
Creating Users Easily with PowerShell
As most people know, I like to make my life easy at work. That doesn’t mean I’m afraid of work, I just like to automate or simplify it where I can. I like to use PowerShell for this.
Another reason besides the convenience or lack of time why you should solve tasks through scripts is a consistent level of quality. Let’s face it, who doesn’t know this, even if there are checklists, you might forget one step when you get distracted.
Properly secure and document group policies
It’s been some time since I started working on the first basic version of the script in August 2014, and posted about it on CONET’s blog. This first version came to just 6 lines of code without the header. Since then a lot has happened and the script has grown in the TechNet Gallery. Time for a new article about the script and its function.
Windows WinRM over HTTPs
Windows Remote Management is no longer a way to think in today’s world. But why do we do it unencrypted? Normally the authentication is done by Kerberos. That’s secure enough for most people. However, Kerberos also has limitations, for example when using local accounts.
In the standard system, communication is via HTTP via TCP port 5985. Why not HTTPS? This is possible, the port TCP 5986 is intended for this. Unfortunately, this is not only missing in the firewall rule templates but also has a few barriers still in the way. We take care of these barriers today.
New version of get-GPOBackup
It has once again reached me a feature desire, and here is the implementation. With version 1.58 the group policy templates can be saved from the central store. This is especially good when importing new templates that may be buggy. This even happens to Microsoft with the German translations for Windows 10 times quite often. If you don’t know the script yet, I recommend having a look at the article: “Gruppenrichtlinien richtig sichern und dokumentieren“.
Deploy Autopilot with Microsoft Deployment Toolkit
Some questions now, if I was already using the Microsoft Deployment Toolkit (MDT), why should I run Autopilot afterwards? There are several reasons why it can be useful, here are some examples:
Sending files from a directory by mail with the Power Shell
Today there is again a small article according to the motto “If that doesn’t work, then I’ll do it with the Power Shell”. Often there is the request to send individual files from a folder by mail. I have such a case and decided to share it with you.
Unattended Installation of Software – Lookup
In March 2019, I published the first article about unattended installation of software. This article also contains instructions or commands on how to install some programs unattended. Since this article enjoys some popularity, and I was asked for more examples, there is now a “lookup”.
Some of the installations are not very challenging, but I mentioned the software anyway because it is free of charge. I also use all programs on my own systems, even if not on everyone.
Using and Auditing PowerShell Scripts with Microsoft Local Administrator Password Solution (LAPS)
This article was first published in German on June 04, 2019, on Infrastrukturhelden.de. The translation of this article was published on the 25th July 2019 at LinkedIn. Please read the article on LinkedIn.
Clean up Windows Server Update Services
There are many ways to achieve a well-functioning Windows Server Update Services (WSUS) system. Unfortunately, not all of them lead to the final destination, many are rather stages on the way. One of these stages I would like to introduce to you here, solved with some PowerShell.