diff --git a/scripts/ToFixAndIntegrate/Mac_Firewall_Enable.sh b/scripts/ToFixAndIntegrate/Mac_Firewall_Enable.sh new file mode 100644 index 00000000..11007ee2 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Mac_Firewall_Enable.sh @@ -0,0 +1,121 @@ +#!/bin/sh +#################################################################################################### +# +# Copyright (c) 2017, JAMF Software, LLC. All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# * Neither the name of the JAMF Software, LLC nor the +# names of its contributors may be used to endorse or promote products +# derived from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY JAMF SOFTWARE, LLC "AS IS" AND ANY +# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +# DISCLAIMED. IN NO EVENT SHALL JAMF SOFTWARE, LLC BE LIABLE FOR ANY +# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +#################################################################################################### +# +# ABOUT THIS PROGRAM +# +# NAME +# enableFilewall.sh -- Enables or Disables the firewall on macOS. +# +# SYNOPSIS +# sudo enableFirewall.sh +# sudo enableFirewall.sh +# +# If there is a hardcoded value specified for in the script, +# or if the parameter is not passed by Jamf Pro, the hardcoded value in the script will +# be used. +# +# The data that is specified for the parameter should be specified in one of +# the following formats. PLEASE NOTE these formats are CASE-SENSITIVE: +# +# "TRUE" or "true" or "YES" or "yes" -> Turn Firewall ON +# "FALSE" or "false" or "NO" or "no" -> Turn Firewall OFF +# +# Example Usage: sudo enableFirewall.sh "mountPoint" "computerName" "currentUsername" "TRUE" +# +# DESCRIPTION +# This script enables or disables the firewall on macOS 10.7 or later. +# It can be used with a hardcoded value in the script, or read in as a parameter. +# Since Jamf Pro defines the first three parameters as (1) Mount Point, (2) Computer +# Name and (3) Username, we are using the fourth parameter ($4) as the passable parameter to +# acquire the status of . In addition, the fourth parameter is utilized to set +# the enableFirewall value. +# +#################################################################################################### +# +# HISTORY +# +# Version: 1.2 +# +# - Created by Nick Amundsen on August 6th, 2008 +# - Updated by Nick Amundsen on January 21, 2010 +# - Updated by Brandon Wenger on November 27th, 2017 +# - Updated by Matthew Mitchell on March 22, 2019 +# +#################################################################################################### +# +# DEFINE VARIABLES & READ IN PARAMETERS +# +#################################################################################################### + +# HARDCODED VALUE FOR "enableFirewall" IS SET HERE +enableFirewall="" + +# CHECK TO SEE IF A VALUE WAS PASSED IN PARAMETER 4 AND, IF SO, ASSIGN TO "enableFirewall" +if [ "$4" != "" ] && [ "$enableFirewall" == "" ]; then + enableFirewall=$4 +fi + +#################################################################################################### +# +# SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE +# +#################################################################################################### + +#Check to make sure enableFirewall is not blank +if [ "$enableFirewall" == "" ]; then + echo "Error: The parameter 'enableFirewall' is blank. Please specify a value for parameter 4." + exit 1 +fi + +#Get the current macOS version (the major release) to check for compatibility +#This will return the 'x' in 10.x +OS=`/usr/bin/defaults read /System/Library/CoreServices/SystemVersion ProductVersion | awk '{print substr($1,1,5)}' | cut -d . -f2` + +#If the macOS version is greater than or equal to 10.7 +if [[ $OS -ge 7 ]]; then + + #Check parameter value, if true or yes, turn the firewall on + case $enableFirewall in "true" | "TRUE" | "yes" | "YES") + echo "Enabling Firewall for macOS 10.$OS ..." + /usr/bin/defaults write /Library/Preferences/com.apple.alf globalstate -int 1;; + + #If false or no, turn the firewall off + "false" | "FALSE" | "no" | "NO") + echo "Disabling Firewall for macOS 10.$OS ..." + /usr/bin/defaults write /Library/Preferences/com.apple.alf globalstate -int 0;; + esac + +else + + #The macOS version is not supported + echo "Unsupported macOS version - 10.7 or later is required." + +fi + +exit 0; \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Mac_Install_All_Updates.sh b/scripts/ToFixAndIntegrate/Mac_Install_All_Updates.sh new file mode 100644 index 00000000..f391bcef --- /dev/null +++ b/scripts/ToFixAndIntegrate/Mac_Install_All_Updates.sh @@ -0,0 +1 @@ +sudo softwareupdate -ia \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Mac_Network_DNS_Set_to_1.1.1.1.ps1 b/scripts/ToFixAndIntegrate/Mac_Network_DNS_Set_to_1.1.1.1.ps1 new file mode 100644 index 00000000..e68bc5dd --- /dev/null +++ b/scripts/ToFixAndIntegrate/Mac_Network_DNS_Set_to_1.1.1.1.ps1 @@ -0,0 +1,4 @@ +networksetup -setdnsservers Wi-Fi 1.1.1.1 +networksetup -setdnsservers Wi-Fi 1.0.0.1 +networksetup -setdnsservers Ethernet 1.1.1.1 +networksetup -setdnsservers Ethernet 1.0.0.1 \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Mac_SMC_and_NVRAM_Reset.sh b/scripts/ToFixAndIntegrate/Mac_SMC_and_NVRAM_Reset.sh new file mode 100644 index 00000000..172bc20d --- /dev/null +++ b/scripts/ToFixAndIntegrate/Mac_SMC_and_NVRAM_Reset.sh @@ -0,0 +1,2 @@ +pmset -a restoredefaults +nvram -c \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_AD_Join_Computer.ps1 b/scripts/ToFixAndIntegrate/Win_AD_Join_Computer.ps1 new file mode 100644 index 00000000..c4030d4e --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_AD_Join_Computer.ps1 @@ -0,0 +1,5 @@ +$domain = "myDomain" +$password = "myPassword!" | ConvertTo-SecureString -asPlainText -Force +$username = "$domain\myUserAccount" +$credential = New-Object System.Management.Automation.PSCredential($username,$password) +Add-Computer -DomainName $domain -OUPath "OU=testOU,DC=domain,DC=Domain,DC=com" -Credential $credential -Restart \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_AD_Transfer_FSMO_Roles.ps1 b/scripts/ToFixAndIntegrate/Win_AD_Transfer_FSMO_Roles.ps1 new file mode 100644 index 00000000..4a40df42 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_AD_Transfer_FSMO_Roles.ps1 @@ -0,0 +1,4 @@ +# Transfer FSMO Roles to server +# Make this machine the FSMO Master role. + +Move-ADDirectoryServerOperationMasterRole -Identity $env:computername -OperationMasterRole pdcemulator,ridmaster,infrastructuremaster,schemamaster,domainnamingmaster -Force \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Bitlocker_Recover_Key.bat b/scripts/ToFixAndIntegrate/Win_Bitlocker_Recover_Key.bat new file mode 100644 index 00000000..e847844a --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Bitlocker_Recover_Key.bat @@ -0,0 +1 @@ +manage-bde -protectors C: -get diff --git a/scripts/ToFixAndIntegrate/Win_Blue_Screen_View_And_Email.bat b/scripts/ToFixAndIntegrate/Win_Blue_Screen_View_And_Email.bat new file mode 100644 index 00000000..0f9ccb58 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Blue_Screen_View_And_Email.bat @@ -0,0 +1,35 @@ +## Update this script for your company, Modify the "mail variables" section +## Also, host BlueScreenView.exe on a website and update the $url variable +## location accordingly +## +## Blue Screen View is available as freeware at +## https://www.nirsoft.net/utils/blue_screen_view.html + + +###script variables + $scriptName = "Blue Screen View" + $computerName = (get-wmiObject win32_computersystem).name + $computerDomain = (get-wmiObject win32_computersystem).domain + if($computerdomain -notlike '*.*'){ #if there's no period in the domain, (workgroup) + $computerDomain = "$computerDomain.local" + } + +###mail variables + $smtpServer = 'mail.server.com' + $smtpPort = '25' + $smtpFrom = "Atera-$computername@$computerdomain" + $smtpTo = 'support@YOURDOMAIN.com' + $messageSubject = "Atera Script: $computerName, $scriptName" + $attachment = "c:\windows\temp\crashes.html" + $messageBody += "----See Attachment----" + +###script start + $messageBody = "----Blue Screen View Results----`r`n" + $url = "https://YOURDOMAIN.com/files/BlueScreenView.exe" + $filename = "BlueScreenView.exe" + $client = New-Object System.Net.WebClient + $client.DownloadFile($url, "$env:temp\$filename") + Start-Process -FilePath "$env:temp\$filename" -ArgumentList "/shtml","c:\Windows\temp\crashes.html","/sort 2","/sort ~1""" + +###send mail + Send-MailMessage -Port $smtpPort -SmtpServer $smtpServer -From $smtpFrom -To $smtpTo -Subject $messageSubject -Body $messageBody -Attachments $attachment \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Chocolatey_Update_Apps.ps1 b/scripts/ToFixAndIntegrate/Win_Chocolatey_Update_Apps.ps1 new file mode 100644 index 00000000..cca7aa2a --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Chocolatey_Update_Apps.ps1 @@ -0,0 +1,61 @@ +function Update-ChocoApps { + <# + .SYNOPSIS + Update choco apps and removes the newly created shortcuts. + + .DESCRIPTION + Update choco apps and removes the newly created shortcuts. + Requires administrator privileges. + + .NOTES + Author: Chris Stafford + Version: 1.0.5 + Created: 2020.06.17 + Modified: 2020.08.06 + #> + + # Require Admin Permissions + $IsAdmin = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator") + + if ($IsAdmin -eq $false) { + Write-Warning 'Admin Rights Required' + break + } + + $StartTime = Get-Date + + # Aborts if Chocolatey is not installed + if (Test-Path 'C:\ProgramData\chocolatey\choco.exe') { + # Locations for shortcuts to remove + $Desktops = "$env:PUBLIC\Desktop", "$env:USERPROFILE\Desktop" + + $Choco = 'C:\ProgramData\chocolatey\choco.exe' + + # Parse outdated app names from choco (leave the space in ' Outdated*') + Write-Output 'Searching for Outdated Apps' + $AppList = & $Choco outdated --limit-output | ForEach-Object { $_.Split('|')[0] } + + # Skips if no apps are outdated + if ($AppList.Count -gt 0) { + foreach ($App in $AppList) { + # upgrade app + & $Choco upgrade $App --confirm --limit-output --no-progress + + if ($App -like '*.install') { + $App = $App.Split('.')[0] + } + # removes shortcut (created by install) based on the app name and time created + Write-Output "Removing Shortcut: $App" + $Desktops | Get-ChildItem -Filter "*.lnk" -ErrorAction SilentlyContinue | Where-Object { $_.LastWriteTime -gt $StartTime } | Remove-Item + } + } + else { + Write-Output 'No Outdated Apps' + } + } + else { + Write-Output 'Chocolatey is not installed' + } +} + +Update-ChocoApps \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Chrome_Cache_Clear.bat b/scripts/ToFixAndIntegrate/Win_Chrome_Cache_Clear.bat new file mode 100644 index 00000000..3cde2229 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Chrome_Cache_Clear.bat @@ -0,0 +1,17 @@ +ECHO -------------------------------------- +ECHO **** Clearing Chrome cache +taskkill /F /IM "chrome.exe">nul 2>&1 + +set ChromeDataDir="C:\Users\%USERNAME%\AppData\Local\Google\Chrome\User Data\Default" +set ChromeCache=%ChromeDataDir%\Cache>nul 2>&1 +del /q /s /f "%ChromeCache%\*.*">nul 2>&1 +del /q /f "%ChromeDataDir%\*Cookies*.*">nul 2>&1 +del /q /f "%ChromeDataDir%\*History*.*">nul 2>&1 + + +set ChromeDataDir="C:\Users\%USERNAME%\Local Settings\Application Data\Google\Chrome\User Data\Default" +set ChromeCache=%ChromeDataDir%\Cache>nul 2>&1 +del /q /s /f "%ChromeCache%\*.*">nul 2>&1 +del /q /f "%ChromeDataDir%\*Cookies*.*">nul 2>&1 +del /q /f "%ChromeDataDir%\*History*.*">nul 2>&1 +ECHO **** Clearing Chrome cache DONE \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Chrome_Clear_Browsing History.bat b/scripts/ToFixAndIntegrate/Win_Chrome_Clear_Browsing History.bat new file mode 100644 index 00000000..f018914c --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Chrome_Clear_Browsing History.bat @@ -0,0 +1,12 @@ +taskkill /F /IM "chrome.exe">nul 2>&1 +set ChromeDataDir=C:\Users\%USERNAME%\AppData\Local\Google\Chrome\User Data\Default +set ChromeCache=%ChromeDataDir%\Cache>nul 2>&1 +del /q /s /f "%ChromeCache%\*.*">nul 2>&1 +del /q /f "%ChromeDataDir%\*Cookies*.*">nul 2>&1 +del /q /f "%ChromeDataDir%\*History*.*">nul 2>&1 + +set ChromeDataDir=C:\Users\%USERNAME%\Local Settings\Application Data\Google\Chrome\User Data\Default +set ChromeCache=%ChromeDataDir%\Cache>nul 2>&1 +del /q /s /f "%ChromeCache%\*.*">nul 2>&1 +del /q /f "%ChromeDataDir%\*Cookies*.*">nul 2>&1 +del /q /f "%ChromeDataDir%\*History*.*">nul 2>&1 \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Collect_System_Report_And_Email.ps1 b/scripts/ToFixAndIntegrate/Win_Collect_System_Report_And_Email.ps1 new file mode 100644 index 00000000..df458576 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Collect_System_Report_And_Email.ps1 @@ -0,0 +1,73 @@ +#The following variables should be changed: +#$file ? should be named with a .htm ending +#$fromaddress +#$toaddress +#$smtpserver +#$Password +#$port + +$file = "C:\Temp\Report.htm" + +#HTML Styling + +$a = "" + +#Heading + +"

System Report For Agent

" | Out-File $file -Append + +#Network Information + +Get-WmiObject win32_networkadapterconfiguration -filter "ipenabled = 'True'"| +Select PSComputername, DNSHostName, Description, +@{Name = "IPAddress";Expression = +{[regex]$rx = "(\d{1,3}(\.?)){4}" +$rx.matches($_.IPAddress).Value}},MACAddress | ConvertTo-HTML -Head "

Network Information

" -body $a | Out-file $file -Append + +#Get Event logs + +Get-EventLog -LogName Application -Newest 10 -EntryType Error | Select TimeGenerated, EventID, Source, Message | ConvertTo-HTML -Head "

Application Error Event Logs

" -body $a | Out-file $file -Append +Get-EventLog -LogName Application -Newest 10 -EntryType Warning | Select TimeGenerated, EventID, Source, Message | ConvertTo-HTML -Head "

Application Warning Event Logs

" -body $a | Out-file $file -Append +Get-EventLog -LogName System -Newest 10 -EntryType Error | Select TimeGenerated, EventID, Source, Message | ConvertTo-HTML -Head "

System Error Event Logs

" -body $a | Out-file $file -Append +Get-EventLog -LogName System -Newest 10 -EntryType Warning | Select TimeGenerated, EventID, Source, Message | ConvertTo-HTML -Head "

System Warning Event Logs

" -body $a | Out-file $file -Append + +#Get Stopped Services + +Get-Service | Where {($_.Status) -eq "Stopped"} | Select Status, Name, DisplayName | ConvertTo-HTML -Head "

Stopped Services

" -body $a | Out-File $file -Append + +#Get Processes and CPU + +Get-Process | Select Id, ProcessName, CPU | ConvertTo-HTML -Head "

Processes & CPU

" -body $a | Out-File $file -Append + +#Get Mapped Drives + +Get-PSDrive | Where {$_.Used -ne $null} | Select Name, @{n='Used';e={[float]($_.Used/1GB)}}, @{n='Free';e={[float]($_.Free/1GB)}}, Root| ConvertTo-HTML -Head "

Mapped Drives

" -body $a | Out-File $file -Append + +#Get Printers + +Get-Printer | Select Name, Type, PortName | ConvertTo-HTML -Head "

Printers

" -body $a | Out-file $file -append + +#Send Email + +$fromaddress = "" +$toaddress = "" +$Subject = "System Report for Agent" +$body = Get-Content $file +$smtpserver = "" #for example, smtp.office365.com +$Password = "" +$port = #for example, 587 + +$message = new-object System.Net.Mail.MailMessage +$message.IsBodyHTML = $true +$message.From = $fromaddress +$message.To.Add($toaddress) +$message.Subject = $Subject +$message.body = $body +$smtp = new-object Net.Mail.SmtpClient($smtpserver, $port) +$smtp.EnableSsl = $true +$smtp.Credentials = New-Object System.Net.NetworkCredential($fromaddress, $Password) +$smtp.Send($message) \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_DNS_Get_Domain_MX_Records(fixme).bat b/scripts/ToFixAndIntegrate/Win_DNS_Get_Domain_MX_Records(fixme).bat new file mode 100644 index 00000000..db7b6921 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_DNS_Get_Domain_MX_Records(fixme).bat @@ -0,0 +1,8 @@ +@echo off +rem Get's the MX records for a domain +rem To use a variable instaed of having to put the domain into the script +rem change line 6 to `set domain="\{[DOMAIN]\}" (remove backslashes) + +set domain="PUT DOMAIN TO CHECK HERE" + +nslookup -type=mx %doamin% \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Defender_Enable_ApplicationGuard.ps1 b/scripts/ToFixAndIntegrate/Win_Defender_Enable_ApplicationGuard.ps1 new file mode 100644 index 00000000..2ea45183 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Defender_Enable_ApplicationGuard.ps1 @@ -0,0 +1,20 @@ +# Script to Install Windows Defender Application Guard. +# Created by TechCentre with the help and assistance of the internet. +# Restart Required to complete install. + +# Sets Variable for feature to be installed. +$FeatureName = "Windows-Defender-ApplicationGuard" + +# If Feature Installed already then skips otherwise installs. +if((Get-WindowsOptionalFeature -FeatureName $FeatureName -Online).State -eq "Enabled") { + + write-host "Installed" + + } else { + + write-host "not Installed" + +Enable-WindowsOptionalFeature -online -FeatureName $FeatureName -NoRestart + + } + \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Disk_Auto_Cleaner.bat b/scripts/ToFixAndIntegrate/Win_Disk_Auto_Cleaner.bat new file mode 100644 index 00000000..3010522c --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Disk_Auto_Cleaner.bat @@ -0,0 +1 @@ +cleanmgr.exe /AUTOCLEAN \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Disk_Cleanup.ps1 b/scripts/ToFixAndIntegrate/Win_Disk_Cleanup.ps1 new file mode 100644 index 00000000..bf8f4ad9 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Disk_Cleanup.ps1 @@ -0,0 +1,16 @@ +# Create reg keys +$volumeCaches = Get-ChildItem "HKLM:\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches" +foreach($key in $volumeCaches) +{ +New-ItemProperty -Path "$($key.PSPath)" -Name StateFlags0099 -Value 2 -Type DWORD -Force | Out-Null +} + +# Run Disk Cleanup +Start-Process -Wait "$env:SystemRoot\System32\cleanmgr.exe" -ArgumentList "/sagerun:99" + +# Delete the keys +$volumeCaches = Get-ChildItem "HKLM:\Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches" +foreach($key in $volumeCaches) +{ +Remove-ItemProperty -Path "$($key.PSPath)" -Name StateFlags0099 -Force | Out-Null +} \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Disk_Delete_Temp_Files.bat b/scripts/ToFixAndIntegrate/Win_Disk_Delete_Temp_Files.bat new file mode 100644 index 00000000..13e58836 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Disk_Delete_Temp_Files.bat @@ -0,0 +1,5 @@ +DEL /S /Q "%TMP%\*.*" +DEL /S /Q "%TEMP%\*.*" +DEL /S /Q "%WINDIR%\Temp\*.*" +DEL /S /Q "%USERPROFILE%\Local Settings\Temp\*.*" +DEL /S /Q "%LOCALAPPDATA%\Temp\*.*" \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Drive_Files_List_Biggest_Files_From_C.ps1 b/scripts/ToFixAndIntegrate/Win_Drive_Files_List_Biggest_Files_From_C.ps1 new file mode 100644 index 00000000..156b6765 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Drive_Files_List_Biggest_Files_From_C.ps1 @@ -0,0 +1,4 @@ +#Update with command parameters + + +get-ChildItem C:\ -recurse -erroraction silentlycontinue | sort length -descending | select -first 10 \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Drive_Info_Get.ps1 b/scripts/ToFixAndIntegrate/Win_Drive_Info_Get.ps1 new file mode 100644 index 00000000..b72da70b --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Drive_Info_Get.ps1 @@ -0,0 +1,25 @@ +### +# Author: Dave Long +# Gets a list of all mount points and what type of drive the +# mount point is stored on +### + +# Get all of the physical disks attached to system +$Partitions = Get-Partition | Where-Object { [string]($_.DriveLetter) -ne "" } + +$Output = @() + +$Partitions | ForEach-Object { + $Disk = Get-PhysicalDisk -DeviceNumber $_.DiskNumber + $Output += [PSCustomObject]@{ + MountPoint = $_.DriveLetter + DiskType = $Disk.MediaType + DriveName = $Disk.FriendlyName + DriveSerialNumber = $Disk.SerialNumber + SizeInGigabytes = $Disk.Size/1GB + Health = $Disk.HealthStatus + SystemDrive = $env:SystemDrive[0] -eq $_.DriveLetter ? $true : $false + } +} + +$Output | Format-Table \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Event_Logs_Clear_All.bat b/scripts/ToFixAndIntegrate/Win_Event_Logs_Clear_All.bat new file mode 100644 index 00000000..6400d610 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Event_Logs_Clear_All.bat @@ -0,0 +1,15 @@ +@echo off +for /F %%a IN (?wevtutil el?) DO (wevtutil.exe cl %%a >nul 2>&1) +IF (%adminTest%)==(Access) goto noAdmin +for /F "tokens=*" %%G in ('wevtutil.exe el') DO (call :do_clear "%%G") +echo. +echo Event Logs have been cleared! +goto theEnd +:do_clear +echo clearing %1 +wevtutil.exe cl %1 +goto :eof +:noAdmin +echo You must run this script as an Administrator! +echo. +:theEnd diff --git a/scripts/ToFixAndIntegrate/Win_Event_Logs_Clear_Application.bat b/scripts/ToFixAndIntegrate/Win_Event_Logs_Clear_Application.bat new file mode 100644 index 00000000..3d05c7c5 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Event_Logs_Clear_Application.bat @@ -0,0 +1 @@ +Wevtutil.exe cl Application \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Event_Logs_Clear_System.bat b/scripts/ToFixAndIntegrate/Win_Event_Logs_Clear_System.bat new file mode 100644 index 00000000..c19398a5 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Event_Logs_Clear_System.bat @@ -0,0 +1 @@ +Wevtutil.exe cl System \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Firewall_Disable_All.bat b/scripts/ToFixAndIntegrate/Win_Firewall_Disable_All.bat new file mode 100644 index 00000000..ae921916 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Firewall_Disable_All.bat @@ -0,0 +1 @@ +netsh advfirewall set allprofiles state off \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Folder_Downloads_Clear.ps1 b/scripts/ToFixAndIntegrate/Win_Folder_Downloads_Clear.ps1 new file mode 100644 index 00000000..c872b76f --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Folder_Downloads_Clear.ps1 @@ -0,0 +1,7 @@ +$root="c:\users" +$users=get-childitem -path $root -exclude administrator, public +foreach ($user in $users) + { + $folder= join-path -path $user -childpath "downloads\*" + Get-childitem $folder -recurse | remove-item -force + } \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Info_Last_Password_Change_Date.bat b/scripts/ToFixAndIntegrate/Win_Info_Last_Password_Change_Date.bat new file mode 100644 index 00000000..836b5d94 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Info_Last_Password_Change_Date.bat @@ -0,0 +1 @@ +NET USER %username% /DOMAIN | FIND /I "Password last set" \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Info_Last_Reboot_Info.ps1 b/scripts/ToFixAndIntegrate/Win_Info_Last_Reboot_Info.ps1 new file mode 100644 index 00000000..c8978502 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Info_Last_Reboot_Info.ps1 @@ -0,0 +1,6 @@ + +#Find last reboot information + +gwmi win32_ntlogevent -filter "LogFile='System' and EventCode='1074' and Message like '%restart%'" | + select User,@{n="Time";e={$_.ConvertToDateTime($_.TimeGenerated)}} + diff --git a/scripts/ToFixAndIntegrate/Win_Laptop_Battery_Create_Detailed_Report.bat b/scripts/ToFixAndIntegrate/Win_Laptop_Battery_Create_Detailed_Report.bat new file mode 100644 index 00000000..07471b1e --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Laptop_Battery_Create_Detailed_Report.bat @@ -0,0 +1 @@ +powercfg /batteryreport /output "C:\battery-report.html" \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Lockscreen_Background_Set.ps1 b/scripts/ToFixAndIntegrate/Win_Lockscreen_Background_Set.ps1 new file mode 100644 index 00000000..caca8857 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Lockscreen_Background_Set.ps1 @@ -0,0 +1,37 @@ +$RegKeyPath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\PersonalizationCSP" + +$DesktopPath = "DesktopImagePath" +$DesktopStatus = "DesktopImageStatus" +$DesktopUrl = "DesktopImageUrl" +$LockScreenPath = "LockScreenImagePath" +$LockScreenStatus = "LockScreenImageStatus" +$LockScreenUrl = "LockScreenImageUrl" + +$StatusValue = "1" +$DesktopImageValue = "C:\Lakes\Desktop.jpg" #Change as per your needs +$LockScreenImageValue = "C:\Lakes\LockScreen.jpg" #Change as per your needs + +IF(!(Test-Path $RegKeyPath)) + + { + + New-Item -Path $RegKeyPath -Force | Out-Null + + New-ItemProperty -Path $RegKeyPath -Name $DesktopStatus -Value $StatusValue -PropertyType DWORD -Force | Out-Null + New-ItemProperty -Path $RegKeyPath -Name $LockScreenStatus -Value $StatusValue -PropertyType DWORD -Force | Out-Null + New-ItemProperty -Path $RegKeyPath -Name $DesktopPath -Value $DesktopImageValue -PropertyType STRING -Force | Out-Null + New-ItemProperty -Path $RegKeyPath -Name $DesktopUrl -Value $DesktopImageValue -PropertyType STRING -Force | Out-Null + New-ItemProperty -Path $RegKeyPath -Name $LockScreenPath -Value $LockScreenImageValue -PropertyType STRING -Force | Out-Null + New-ItemProperty -Path $RegKeyPath -Name $LockScreenUrl -Value $LockScreenImageValue -PropertyType STRING -Force | Out-Null + + } + + ELSE { + + New-ItemProperty -Path $RegKeyPath -Name $DesktopStatus -Value $Statusvalue -PropertyType DWORD -Force | Out-Null + New-ItemProperty -Path $RegKeyPath -Name $LockScreenStatus -Value $value -PropertyType DWORD -Force | Out-Null + New-ItemProperty -Path $RegKeyPath -Name $DesktopPath -Value $DesktopImageValue -PropertyType STRING -Force | Out-Null + New-ItemProperty -Path $RegKeyPath -Name $DesktopUrl -Value $DesktopImageValue -PropertyType STRING -Force | Out-Null + New-ItemProperty -Path $RegKeyPath -Name $LockScreenPath -Value $LockScreenImageValue -PropertyType STRING -Force | Out-Null + New-ItemProperty -Path $RegKeyPath -Name $LockScreenUrl -Value $LockScreenImageValue -PropertyType STRING -Force | Out-Null + } \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Login_Audit.ps1 b/scripts/ToFixAndIntegrate/Win_Login_Audit.ps1 new file mode 100644 index 00000000..c7255e11 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Login_Audit.ps1 @@ -0,0 +1,71 @@ +# Define the Variables 1-3 + +# 1. Enter the beginning of the time range being reviewed. Use the same time format as configured in the endpoint's time & date settings (for example, for USA date&time: MM-DD-YYY hh:mm:ss). + +$StartTime = "12-01-2017 17:00:00" + +# 2. Enter the end of the time range being reviewed. Use the same time format as configured in the endpoint's time & date settings (for example, for USA date&time: MM-DD-YYY hh:mm:ss). + +$EndTime = "12-14-2017 17:00:00" + +# 3. Location of the result file. Make sure the file type is csv. + +$ResultFile = "C:\Temp\LoginAttemptsResultFile.csv" + +# Create the output file and define the column headers. + +"Time Created, Domain\Username, Login Attempt" | Add-Content $ResultFile + +# Query the server for the login events. + +$colEvents = Get-WinEvent -FilterHashtable @{logname='Security'; StartTime="$StartTime"; EndTime="$EndTime"} + +# Iterate through the collection of login events. + +Foreach ($Entry in $colEvents) + +{ + +If (($Entry.Id -eq "4624") -and ($Entry.Properties[8].value -eq "2")) + +{ + +$TimeCreated = $Entry.TimeCreated + +$Domain = $Entry.Properties[6].Value + +$Username = $Entry.Properties[5].Value + +$Result = "$TimeCreated,$Domain\$Username,Interactive Login Success" | Add-Content $ResultFile + +} + +If (($Entry.Id -eq "4624") -and ($Entry.Properties[8].value -eq "10")) + +{ + +$TimeCreated = $Entry.TimeCreated + +$Domain = $Entry.Properties[6].Value + +$Username = $Entry.Properties[5].Value + +$Result = "$TimeCreated,$Domain\$Username,Remote Login Success" | Add-Content $ResultFile + +} + +If ($Entry.Id -eq "4625") + +{ + +$TimeCreated = $Entry.TimeCreated + +$Domain = $Entry.Properties[6].Value + +$Username = $Entry.Properties[5].Value + +$Result = "$TimeCreated,$Domain\$Username,Login Failure" | Add-Content $ResultFile + +} + +} diff --git a/scripts/ToFixAndIntegrate/Win_MSOffice_Disable_SaveToOneDrive.bat b/scripts/ToFixAndIntegrate/Win_MSOffice_Disable_SaveToOneDrive.bat new file mode 100644 index 00000000..728974cd --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_MSOffice_Disable_SaveToOneDrive.bat @@ -0,0 +1,2 @@ +REG ADD "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\General" /f /v PreferCloudSaveLocations /t REG_DWORD /d 0 +REG ADD "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Internet" /f /v OnlineStorage /t REG_DWORD /d 3 diff --git a/scripts/ToFixAndIntegrate/Win_MSSQL_Server_Show_Installed_Release_Number.bat b/scripts/ToFixAndIntegrate/Win_MSSQL_Server_Show_Installed_Release_Number.bat new file mode 100644 index 00000000..a7a07153 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_MSSQL_Server_Show_Installed_Release_Number.bat @@ -0,0 +1,93 @@ +echo OFF +cls + +:: Check for MS SQL Server Versions + +set CURRENT_VERSION=nul +echo. +FOR /F "tokens=3 skip=2" %%i IN ('REG QUERY "HKLM\SOFTWARE\Microsoft\MSSQLServer\MSSQLServer\CurrentVersion" /v CurrentVersion 2^>nul') DO set CURRENT_VERSION=%%i + +if defined CURRENT_VERSION ( + :: MS SQL Server 2019 Versions + if %CURRENT_VERSION% equ 15.0.2000.5 set SQL_NAME=Microsoft SQL Server 2019 + :: MS SQL Server 2017 Versions + if %CURRENT_VERSION% equ 14.0.1000.169 set SQL_NAME=Microsoft SQL Server 2017 + :: MS SQL Server 2016 Versions + if %CURRENT_VERSION% equ 13.0.5026.0 set SQL_NAME=Microsoft SQL Server 2016 SP2 + if %CURRENT_VERSION% equ 13.0.4001.0 set SQL_NAME=Microsoft SQL Server 2016 SP1 + if %CURRENT_VERSION% equ 13.0.1601.5 set SQL_NAME=Microsoft SQL Server 2016 + :: MS SQL Server 2014 Versions + if %CURRENT_VERSION% equ 12.0.6024.1 set SQL_NAME=Microsoft SQL Server 2014 SP3 + if %CURRENT_VERSION% equ 12.0.5000.0 set SQL_NAME=Microsoft SQL Server 2014 SP2 + if %CURRENT_VERSION% equ 12.0.4100.1 set SQL_NAME=Microsoft SQL Server 2014 SP1 + if %CURRENT_VERSION% equ 12.0.2000.8 set SQL_NAME=Microsoft SQL Server 2014 + :: MS SQL Server 2012 Versions + if %CURRENT_VERSION% equ 11.0.7001.0 set SQL_NAME=Microsoft SQL Server 2012 SP4 + if %CURRENT_VERSION% equ 11.0.6020.0 set SQL_NAME=Microsoft SQL Server 2012 SP3 + if %CURRENT_VERSION% equ 11.0.5058.0 set SQL_NAME=Microsoft SQL Server 2012 SP2 + if %CURRENT_VERSION% equ 11.0.3000.0 set SQL_NAME=Microsoft SQL Server 2012 SP1 + if %CURRENT_VERSION% equ 11.0.2100.60 set SQL_NAME=Microsoft SQL Server 2012 + :: MS SQL Server 2008 R2 Versions + if %CURRENT_VERSION% equ 10.50.6000.34 set SQL_NAME=Microsoft SQL Server 2008 R2 SP3 + if %CURRENT_VERSION% equ 10.50.4000.0 set SQL_NAME=Microsoft SQL Server 2008 R2 SP2 + if %CURRENT_VERSION% equ 10.50.2500.0 set SQL_NAME=Microsoft SQL Server 2008 R2 SP1 + if %CURRENT_VERSION% equ 10.50.1600.1 set SQL_NAME=Microsoft SQL Server 2008 R2 + :: MS SQL Server 2008 Versions + if %CURRENT_VERSION% equ 10.0.6000.29 set SQL_NAME=Microsoft SQL Server 2008 SP4 + if %CURRENT_VERSION% equ 10.0.5000.0 set SQL_NAME=Microsoft SQL Server 2008 SP3 + if %CURRENT_VERSION% equ 10.0.4000.0 set SQL_NAME=Microsoft SQL Server 2008 SP2 + if %CURRENT_VERSION% equ 10.0.2531.0 set SQL_NAME=Microsoft SQL Server 2008 SP1 + if %CURRENT_VERSION% equ 10.0.1600.22 set SQL_NAME=Microsoft SQL Server 2008 +) + +if %CURRENT_VERSION% equ nul ( + echo No Microsoft SQL Server found/installed! +) else ( + echo Installed Microsoft SQL Server Release: + echo %SQL_NAME% [%CURRENT_VERSION%] +) + +:: Check for MS SQL Server Express Versions + +set CURRENT_VERSION=nul +echo. +FOR /F "tokens=3 skip=2" %%i IN ('REG QUERY "HKLM\SOFTWARE\Microsoft\Microsoft SQL Server\SQLEXPRESS\MSSQLServer\CurrentVersion" /v CurrentVersion 2^>nul') DO set CURRENT_VERSION=%%i + +if defined CURRENT_VERSION ( + :: MS SQL Server 2017 Express Versions + if %CURRENT_VERSION% equ 14.0.1000.169 set SQL_NAME=Microsoft SQL Server 2017 Express + :: MS SQL Server 2016 Express Versions + if %CURRENT_VERSION% equ 13.0.5026.0 set SQL_NAME=Microsoft SQL Server 2016 Express SP2 + if %CURRENT_VERSION% equ 13.0.4001.0 set SQL_NAME=Microsoft SQL Server 2016 Express SP1 + if %CURRENT_VERSION% equ 13.0.1601.5 set SQL_NAME=Microsoft SQL Server 2016 Express + :: MS SQL Server 2014 Express Versions + if %CURRENT_VERSION% equ 12.0.6024.1 set SQL_NAME=Microsoft SQL Server 2014 Express SP3 + if %CURRENT_VERSION% equ 12.0.5000.0 set SQL_NAME=Microsoft SQL Server 2014 Express SP2 + if %CURRENT_VERSION% equ 12.0.4100.1 set SQL_NAME=Microsoft SQL Server 2014 Express SP1 + if %CURRENT_VERSION% equ 12.0.2000.8 set SQL_NAME=Microsoft SQL Server 2014 Express + :: MS SQL Server 2012 Express Versions + if %CURRENT_VERSION% equ 11.0.7001.0 set SQL_NAME=Microsoft SQL Server 2012 Express SP4 + if %CURRENT_VERSION% equ 11.0.6020.0 set SQL_NAME=Microsoft SQL Server 2012 Express SP3 + if %CURRENT_VERSION% equ 11.0.5058.0 set SQL_NAME=Microsoft SQL Server 2012 Express SP2 + if %CURRENT_VERSION% equ 11.0.3000.0 set SQL_NAME=Microsoft SQL Server 2012 Express SP1 + if %CURRENT_VERSION% equ 11.0.2100.60 set SQL_NAME=Microsoft SQL Server 2012 Express + :: MS SQL Server 2008 R2 Express Versions + if %CURRENT_VERSION% equ 10.50.6000.34 set SQL_NAME=Microsoft SQL Server 2008 R2 Express SP3 + if %CURRENT_VERSION% equ 10.50.4000.0 set SQL_NAME=Microsoft SQL Server 2008 R2 Express SP2 + if %CURRENT_VERSION% equ 10.50.2500.0 set SQL_NAME=Microsoft SQL Server 2008 R2 Express SP1 + if %CURRENT_VERSION% equ 10.50.1600.1 set SQL_NAME=Microsoft SQL Server 2008 R2 Express + :: MS SQL Server 2008 Express Versions + if %CURRENT_VERSION% equ 10.0.6000.29 set SQL_NAME=Microsoft SQL Server 2008 Express SP4 + if %CURRENT_VERSION% equ 10.0.5000.0 set SQL_NAME=Microsoft SQL Server 2008 Express SP3 + if %CURRENT_VERSION% equ 10.0.4000.0 set SQL_NAME=Microsoft SQL Server 2008 Express SP2 + if %CURRENT_VERSION% equ 10.0.2531.0 set SQL_NAME=Microsoft SQL Server 2008 Express SP1 + if %CURRENT_VERSION% equ 10.0.1600.22 set SQL_NAME=Microsoft SQL Server 2008 Express +) + +if %CURRENT_VERSION% equ nul ( + echo No Microsoft SQL Server Express found/installed! +) else ( + echo Installed Microsoft SQL Server Express Release: + echo %SQL_NAME% [%CURRENT_VERSION%] +) +echo. \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Network_TCP_FlushDNS.bat b/scripts/ToFixAndIntegrate/Win_Network_TCP_FlushDNS.bat new file mode 100644 index 00000000..e51e3fd9 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Network_TCP_FlushDNS.bat @@ -0,0 +1 @@ +IPCONFIG /FLUSHDNS diff --git a/scripts/ToFixAndIntegrate/Win_Network_TCP_Reset_Stack.bat b/scripts/ToFixAndIntegrate/Win_Network_TCP_Reset_Stack.bat new file mode 100644 index 00000000..6bc85987 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Network_TCP_Reset_Stack.bat @@ -0,0 +1 @@ +netsh int ip reset \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_OEM_Information_Set.ps1 b/scripts/ToFixAndIntegrate/Win_OEM_Information_Set.ps1 new file mode 100644 index 00000000..dec90794 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_OEM_Information_Set.ps1 @@ -0,0 +1,9 @@ +Invoke-WebRequest -Uri 'http:///Downloads/Assets/CompanyLogo.bmp' -OutFile 'C:\windows\system32\CompanyLogo.bmp' + +# New-Item ?Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\" ?Name "OEMInformation" +Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\OEMInformation" -Name "Logo" -Value "C:\windows\system32\CompanyLogo.bmp" +Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\OEMInformation" -Name "Manufacturer" -Value "Company name" +Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\OEMInformation" -Name "SupportAppURL" -Value "http://" +Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\OEMInformation" -Name "SupportURL" -Value "http://" +Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\OEMInformation" -Name "SupportHours" -Value "ma - vr | 08:00 - 17:00" +Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\OEMInformation" -Name "SupportPhone" -Value "" \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_OneDrive_Reset_Cache.ps1 b/scripts/ToFixAndIntegrate/Win_OneDrive_Reset_Cache.ps1 new file mode 100644 index 00000000..d6bfa249 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_OneDrive_Reset_Cache.ps1 @@ -0,0 +1,17 @@ +# Path for the workdir +if ( Test-Path -Path "$env:LOCALAPPDATA\Microsoft\OneDrive\OneDrive.exe" -PathType Leaf ) { + $workdir = "$env:LOCALAPPDATA\Microsoft\OneDrive" +} elseif ( Test-Path -Path "C:\Program Files (x86)\Microsoft\OneDrive\OneDrive.exe" -PathType Leaf ) { + $workdir = "C:\Program Files (x86)\Microsoft\OneDrive" +} else { + Write-Host "OneDrive is not installed" +} + +# Start-Process of clearing OneDrive cache +$p = Start-Process -FilePath $workdir'\OneDrive.exe' -ArgumentList '/reset' -NoNewWindow -Wait -PassThru +$p.ExitCode +Write-Host "OneDrive Cache has been cleared." + +# Restart OneDrive +$p = Start-Process -FilePath $workdir'\OneDrive.exe' -NoNewWindow -Wait -PassThru +$p.ExitCode \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Outlook_Get_Addins.ps1 b/scripts/ToFixAndIntegrate/Win_Outlook_Get_Addins.ps1 new file mode 100644 index 00000000..c29cee6c --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Outlook_Get_Addins.ps1 @@ -0,0 +1,2 @@ +$searchScopes = "HKCU:\SOFTWARE\Microsoft\Office\Outlook\Addins","HKLM:\SOFTWARE\Wow6432Node\Microsoft\Office\Outlook\Addins" +$searchScopes | % {Get-ChildItem -Path $_ | % {Get-ItemProperty -Path $_.PSPath} | Select-Object @{n="Name";e={Split-Path $_.PSPath -leaf}},FriendlyName,Description} | Sort-Object -Unique -Property name \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Outlook_Increase_PST_MaxSize.bat b/scripts/ToFixAndIntegrate/Win_Outlook_Increase_PST_MaxSize.bat new file mode 100644 index 00000000..35c1e789 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Outlook_Increase_PST_MaxSize.bat @@ -0,0 +1,4 @@ +rem Changes the default of 50GB of Outlook data files (PST/OST) storage to 100GB + +REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\PST" /v WarnLargeFileSize /f /t REG_DWORD /d 95000 +REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\PST" /v MaxLargeFileSize /f /t REG_DWORD /d 100000 diff --git a/scripts/ToFixAndIntegrate/Win_Outlook_New_Profile.ps1 b/scripts/ToFixAndIntegrate/Win_Outlook_New_Profile.ps1 new file mode 100644 index 00000000..afc97eb1 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Outlook_New_Profile.ps1 @@ -0,0 +1,15 @@ +# Script to create a new empty Outlook profile +# http://powershell-tools.com/exchange-outlook/create-new-outlook-profile-using-powershell/ + +$ofc = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall" +$OfficeInstall = Get-ChildItem -Path $ofc -Recurse | Where-Object { + $_.GetValue('DisplayName') -like "Microsoft Office*" -or $_.GetValue('DisplayName') -like "Microsoft 365 Apps*" +} + +# We only care about the major and minor version for the next part +$Version = $OfficeInstall.GetValue('DisplayVersion')[0..3] -join "" +$RegPath = "HKCU:\SOFTWARE\Microsoft\Office\$Version\Outlook" + +New-Item -Path "$RegPath\Profiles" -Name "NewProfile" +Set-ItemProperty -Path $RegPath -Name "DefaultProfile" -Value "NewProfile" +Write-Host "Restart Outlook to setup new profile" \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Password_Policy_Modify.ps1 b/scripts/ToFixAndIntegrate/Win_Password_Policy_Modify.ps1 new file mode 100644 index 00000000..039c6a23 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Password_Policy_Modify.ps1 @@ -0,0 +1,8 @@ +secedit /export /cfg c:\secpol.cfg +(gc C:\secpol.cfg).replace("PasswordComplexity = 0", "PasswordComplexity = 1") | Out-File C:\secpol.cfg +(gc C:\secpol.cfg).replace("MaximumPasswordAge = 42", "MaximumPasswordAge = 180") | Out-File C:\secpol.cfg +(gc C:\secpol.cfg).replace("PasswordHistorySize = 0", "PasswordHistorySize = 4") | Out-File C:\secpol.cfg +(gc C:\secpol.cfg).replace("MinimumPasswordLength = 0", "MinimumPasswordLength = 8") | Out-File C:\secpol.cfg +secedit /configure /db C:\windows\security\database\mycustomsecdb.sdb /cfg c:\secpol.cfg /areas SECURITYPOLICY +gpupdate +rm -force c:\secpol.cfg -confirm:$false \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Power_And_Sleep_Changer.bat b/scripts/ToFixAndIntegrate/Win_Power_And_Sleep_Changer.bat new file mode 100644 index 00000000..ac828eff --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Power_And_Sleep_Changer.bat @@ -0,0 +1,19 @@ +@echo off + +REM Power and Sleep Settings Script + +REM ac = Plugged in +REM dc = Running on battery +REM Number at the end of each command is in minutes, 0 means never + +REM Standby = Sleep +powercfg /change standby-timeout-ac 0 +powercfg /change standby-timeout-dc 0 + +REM Monitor = Monitor +powercfg /change monitor-timeout-ac 0 +powercfg /change monitor-timeout-dc 0 + +REM Hibernate = Hibernate, only used on machines that have hibernate enabled, most use sleep now +powercfg /change hibernate-timeout-ac 0 +powercfg /change hibernate-timeout-dc 0 \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Power_Fastboot_Disable_Win10.ps1 b/scripts/ToFixAndIntegrate/Win_Power_Fastboot_Disable_Win10.ps1 new file mode 100644 index 00000000..4c5f8b7f --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Power_Fastboot_Disable_Win10.ps1 @@ -0,0 +1 @@ +REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power" /V HiberbootEnabled /T REG_dWORD /D 1 /F \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Power_Mgmt_Disable_Lid_Sleep.bat b/scripts/ToFixAndIntegrate/Win_Power_Mgmt_Disable_Lid_Sleep.bat new file mode 100644 index 00000000..7ad10a75 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Power_Mgmt_Disable_Lid_Sleep.bat @@ -0,0 +1,2 @@ +powercfg -setacvalueindex SCHEME_CURRENT 4f971e89-eebd-4455-a8de-9e59040e7347 5ca83367-6e45-459f-a27b-476b1d01c936 0 +powercfg -SetActive SCHEME_CURRENT \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Print_Spooler_Restart.bat b/scripts/ToFixAndIntegrate/Win_Print_Spooler_Restart.bat new file mode 100644 index 00000000..1ec76303 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Print_Spooler_Restart.bat @@ -0,0 +1,2 @@ +net stop "Print Spooler" +net start "Print Spooler" \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Printers_Delete_Old_Jobs.ps1 b/scripts/ToFixAndIntegrate/Win_Printers_Delete_Old_Jobs.ps1 new file mode 100644 index 00000000..c99c4253 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Printers_Delete_Old_Jobs.ps1 @@ -0,0 +1,8 @@ +#Update with command parameters + +$PrintJobs = get-wmiobject -class "Win32_PrintJob" -namespace "root\CIMV2" -computername . | Where-Object {[System.Management.ManagementDateTimeConverter]::ToDateTime($_.TimeSubmitted) -lt (Get-Date).AddDays(-2)} +foreach ($job in $PrintJobs) +{ +# Write-Host "Canceling job $($job.JobId)" + $job.Delete() +} diff --git a/scripts/ToFixAndIntegrate/Win_Printers_Map_Network (needs fixing).bat b/scripts/ToFixAndIntegrate/Win_Printers_Map_Network (needs fixing).bat new file mode 100644 index 00000000..816c8efe --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Printers_Map_Network (needs fixing).bat @@ -0,0 +1,7 @@ +rundll32 printui.dll,PrintUIEntry /ga /n \\CAC-FILE-02\CAC-LAF-TXROOM +rundll32 printui.dll,PrintUIEntry /ga /n \\CAC-FILE-02\CAC-WLF-PTR-01 +TIMEOUT 10 +net stop spooler +TIMEOUT 10 +net start spooler +exit /B \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Processes_Retrieve_Top.ps1 b/scripts/ToFixAndIntegrate/Win_Processes_Retrieve_Top.ps1 new file mode 100644 index 00000000..a474491d --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Processes_Retrieve_Top.ps1 @@ -0,0 +1,4 @@ +#Needs Command parameter updates + + +Get-WmiObject Win32_PerfFormattedData_PerfProc_Process | ` where-object{ $_.Name -ne "_Total" -and $_.Name -ne "Idle"} | ` Sort-Object PercentProcessorTime -Descending | ` select -First 5 | ` Format-Table Name,IDProcess,PercentProcessorTime -AutoSize \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Reboot_Device_Upon_Users_Preferences.ps1 b/scripts/ToFixAndIntegrate/Win_Reboot_Device_Upon_Users_Preferences.ps1 new file mode 100644 index 00000000..c671a89b --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Reboot_Device_Upon_Users_Preferences.ps1 @@ -0,0 +1,351 @@ +#Reboot Device Upon The User’s Preferences: Wait, reboot at 18:00 or reboot now. The prompt mesage and colors can be changed upon your choice + + +$days = 7 +$system = Get-WmiObject win32_operatingsystem + +if($system.ConvertToDateTime($system.LastBootUpTime) -lt (Get-Date).AddDays(-$days)){ + #---------------------------------------------- +#region Import Assemblies +#---------------------------------------------- +[void][Reflection.Assembly]::Load('System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089') +[void][Reflection.Assembly]::Load('System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089') +[void][Reflection.Assembly]::Load('System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a') +#endregion Import Assemblies + + +#Define a Param block to use custom parameters in the project +#Param ($CustomParameter) + +function Main { +<# + .SYNOPSIS + The Main function starts the project application. + + .PARAMETER Commandline + $Commandline contains the complete argument string passed to the script packager executable. + + .NOTES + Use this function to initialize your script and to call GUI forms. + + .NOTES + To get the console output in the Packager (Forms Engine) use: + $ConsoleOutput (Type: System.Collections.ArrayList) +#> + Param ([String]$Commandline) + + #-------------------------------------------------------------------------- + #TODO: Add initialization script here (Load modules and check requirements) + + + #-------------------------------------------------------------------------- + + if((Call-MainForm_psf) -eq 'OK') + { + + } + + $global:ExitCode = 0 #Set the exit code for the Packager +} + + + + + + + +#endregion Source: Startup.pss + +#region Source: MainForm.psf +function Call-MainForm_psf +{ + + #---------------------------------------------- + #region Import the Assemblies + #---------------------------------------------- + [void][reflection.assembly]::Load('System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089') + [void][reflection.assembly]::Load('System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089') + [void][reflection.assembly]::Load('System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a') + #endregion Import Assemblies + + #---------------------------------------------- + #region Generated Form Objects + #---------------------------------------------- + [System.Windows.Forms.Application]::EnableVisualStyles() + $MainForm = New-Object 'System.Windows.Forms.Form' + $panel2 = New-Object 'System.Windows.Forms.Panel' + $ButtonCancel = New-Object 'System.Windows.Forms.Button' + $ButtonSchedule = New-Object 'System.Windows.Forms.Button' + $ButtonRestartNow = New-Object 'System.Windows.Forms.Button' + $panel1 = New-Object 'System.Windows.Forms.Panel' + $labelITSystemsMaintenance = New-Object 'System.Windows.Forms.Label' + $labelSecondsLeftToRestart = New-Object 'System.Windows.Forms.Label' + $labelTime = New-Object 'System.Windows.Forms.Label' + $labelInOrderToApplySecuri = New-Object 'System.Windows.Forms.Label' + $timerUpdate = New-Object 'System.Windows.Forms.Timer' + $InitialFormWindowState = New-Object 'System.Windows.Forms.FormWindowState' + #endregion Generated Form Objects + + #---------------------------------------------- + # User Generated Script + #---------------------------------------------- + $TotalTime = 1500 #in seconds + + $MainForm_Load={ + #TODO: Initialize Form Controls here + $labelTime.Text = "{0:D2}" -f $TotalTime #$TotalTime + #Add TotalTime to current time + $script:StartTime = (Get-Date).AddSeconds($TotalTime) + #Start the timer + $timerUpdate.Start() + } + + + $timerUpdate_Tick={ + # Define countdown timer + [TimeSpan]$span = $script:StartTime - (Get-Date) + #Update the display + $labelTime.Text = "{0:N0}" -f $span.TotalSeconds + $timerUpdate.Start() + if ($span.TotalSeconds -le 0) + { + $timerUpdate.Stop() + Restart-Computer -Force + } + + } + + $ButtonRestartNow_Click = { + # Restart the computer immediately + Restart-Computer -Force + } + + $ButtonSchedule_Click={ + # Schedule restart for 6pm + if(Get-ScheduledTask -TaskName "auto shutdown my computer" -ErrorAction SilentlyContinue){Get-ScheduledTask -TaskName "auto shutdown my computer" | Unregister-ScheduledTask -Confirm:$false} + if((schtasks /create /sc once /tn "auto shutdown my computer" /tr "shutdown /r /d p:1:1 /c 'Initiating reboot since the device has not been rebooted for 7 days'" /st 18:00) -like "*Success*"){ + $SetT=Get-ScheduledTask -TaskName "auto shutdown my computer" + $SetT.Triggers[0].EndBoundary=[DateTime]::Now.Date.ToString("yyyy-MM-dd")+"T"+"19:00:00" + $SetT.Settings.DeleteExpiredTaskAfter ='PT0S' + Set-ScheduledTask -InputObject $SetT + } + $MainForm.Close() + } + + $ButtonCancel_Click={ + #TODO: Place custom script here + $MainForm.Close() + } + + $labelITSystemsMaintenance_Click={ + #TODO: Place custom script here + + } + + $panel2_Paint=[System.Windows.Forms.PaintEventHandler]{ + #Event Argument: $_ = [System.Windows.Forms.PaintEventArgs] + #TODO: Place custom script here + + } + + $labelTime_Click={ + #TODO: Place custom script here + + } + # --End User Generated Script-- + #---------------------------------------------- + #region Generated Events + #---------------------------------------------- + + $Form_StateCorrection_Load= + { + #Correct the initial state of the form to prevent the .Net maximized form issue + $MainForm.WindowState = $InitialFormWindowState + } + + $Form_StoreValues_Closing= + { + #Store the control values + } + + + $Form_Cleanup_FormClosed= + { + #Remove all event handlers from the controls + try + { + $ButtonCancel.remove_Click($buttonCancel_Click) + $ButtonSchedule.remove_Click($ButtonSchedule_Click) + $ButtonRestartNow.remove_Click($ButtonRestartNow_Click) + $panel2.remove_Paint($panel2_Paint) + $labelITSystemsMaintenance.remove_Click($labelITSystemsMaintenance_Click) + $labelTime.remove_Click($labelTime_Click) + $MainForm.remove_Load($MainForm_Load) + $timerUpdate.remove_Tick($timerUpdate_Tick) + $MainForm.remove_Load($Form_StateCorrection_Load) + $MainForm.remove_Closing($Form_StoreValues_Closing) + $MainForm.remove_FormClosed($Form_Cleanup_FormClosed) + } + catch [Exception] + { } + } + #endregion Generated Events + + #---------------------------------------------- + #region Generated Form Code + #---------------------------------------------- + $MainForm.SuspendLayout() + $panel2.SuspendLayout() + $panel1.SuspendLayout() + # + # MainForm + # + $MainForm.Controls.Add($panel2) + $MainForm.Controls.Add($panel1) + $MainForm.Controls.Add($labelSecondsLeftToRestart) + $MainForm.Controls.Add($labelTime) + $MainForm.Controls.Add($labelInOrderToApplySecuri) + $MainForm.AutoScaleDimensions = '6, 13' + $MainForm.AutoScaleMode = 'Font' + $MainForm.BackColor = 'White' + $MainForm.ClientSize = '373, 279' + $MainForm.MaximizeBox = $False + $MainForm.MinimizeBox = $False + $MainForm.Name = 'MainForm' + $MainForm.ShowIcon = $False + $MainForm.ShowInTaskbar = $False + $MainForm.StartPosition = 'CenterScreen' + $MainForm.Text = 'MSP Name' + $MainForm.TopMost = $True + $MainForm.add_Load($MainForm_Load) + # + # panel2 + # + $panel2.Controls.Add($ButtonCancel) + $panel2.Controls.Add($ButtonSchedule) + $panel2.Controls.Add($ButtonRestartNow) + $panel2.BackColor = 'ScrollBar' + $panel2.Location = '0, 205' + $panel2.Name = 'panel2' + $panel2.Size = '378, 80' + $panel2.TabIndex = 9 + $panel2.add_Paint($panel2_Paint) + # + # ButtonCancel + # + $ButtonCancel.Location = '250, 17' + $ButtonCancel.Name = 'ButtonCancel' + $ButtonCancel.Size = '77, 45' + $ButtonCancel.TabIndex = 7 + $ButtonCancel.Text = 'Wait' + $ButtonCancel.UseVisualStyleBackColor = $True + $ButtonCancel.add_Click($buttonCancel_Click) + # + # ButtonSchedule + # + $ButtonSchedule.Font = 'Microsoft Sans Serif, 8.25pt, style=Bold' + $ButtonSchedule.Location = '139, 17' + $ButtonSchedule.Name = 'ButtonSchedule' + $ButtonSchedule.Size = '105, 45' + $ButtonSchedule.TabIndex = 6 + $ButtonSchedule.Text = 'Reboot at 18:00' + $ButtonSchedule.UseVisualStyleBackColor = $True + $ButtonSchedule.add_Click($ButtonSchedule_Click) + # + # ButtonRestartNow + # + $ButtonRestartNow.Font = 'Microsoft Sans Serif, 8.25pt, style=Bold' + $ButtonRestartNow.ForeColor = 'DarkRed' + $ButtonRestartNow.Location = '42, 17' + $ButtonRestartNow.Name = 'ButtonRestartNow' + $ButtonRestartNow.Size = '91, 45' + $ButtonRestartNow.TabIndex = 0 + $ButtonRestartNow.Text = 'Reboot' + $ButtonRestartNow.UseVisualStyleBackColor = $True + $ButtonRestartNow.add_Click($ButtonRestartNow_Click) + # + # panel1 + # + $panel1.Controls.Add($labelITSystemsMaintenance) + $panel1.BackColor = '22, 54, 36' + $panel1.Location = '0, 0' + $panel1.Name = 'panel1' + $panel1.Size = '375, 67' + $panel1.TabIndex = 8 + # + # labelITSystemsMaintenance + # + $labelITSystemsMaintenance.Font = 'Microsoft Sans Serif, 14.25pt' + $labelITSystemsMaintenance.ForeColor = 'White' + $labelITSystemsMaintenance.Location = '11, 18' + $labelITSystemsMaintenance.Name = 'labelITSystemsMaintenance' + $labelITSystemsMaintenance.Size = '269, 23' + $labelITSystemsMaintenance.TabIndex = 1 + $labelITSystemsMaintenance.Text = 'MSP Name' + $labelITSystemsMaintenance.TextAlign = 'MiddleLeft' + $labelITSystemsMaintenance.add_Click($labelITSystemsMaintenance_Click) + # + # labelSecondsLeftToRestart + # + $labelSecondsLeftToRestart.AutoSize = $True + $labelSecondsLeftToRestart.Font = 'Microsoft Sans Serif, 9pt, style=Bold' + $labelSecondsLeftToRestart.Location = '87, 176' + $labelSecondsLeftToRestart.Name = 'labelSecondsLeftToRestart' + $labelSecondsLeftToRestart.Size = '155, 15' + $labelSecondsLeftToRestart.TabIndex = 5 + $labelSecondsLeftToRestart.Text = 'Seconds to reboot :' + # + # labelTime + # + $labelTime.AutoSize = $True + $labelTime.Font = 'Microsoft Sans Serif, 9pt, style=Bold' + $labelTime.ForeColor = '192, 0, 0' + $labelTime.Location = '237, 176' + $labelTime.Name = 'labelTime' + $labelTime.Size = '43, 15' + $labelTime.TabIndex = 3 + $labelTime.Text = '00:60' + $labelTime.TextAlign = 'MiddleCenter' + $labelTime.add_Click($labelTime_Click) + # + # labelInOrderToApplySecuri + # + $labelInOrderToApplySecuri.Font = 'Microsoft Sans Serif, 9pt' + $labelInOrderToApplySecuri.Location = '12, 84' + $labelInOrderToApplySecuri.Name = 'labelInOrderToApplySecuri' + $labelInOrderToApplySecuri.Size = '350, 83' + $labelInOrderToApplySecuri.TabIndex = 2 + $labelInOrderToApplySecuri.Text = 'Every 7 days your PC should be restarted for maintenance and updates. + +If this does not fit, you can press wait or restart at. 6:00 p.m.' + # + # timerUpdate + # + $timerUpdate.add_Tick($timerUpdate_Tick) + $panel1.ResumeLayout() + $panel2.ResumeLayout() + $MainForm.ResumeLayout() + #endregion Generated Form Code + + #---------------------------------------------- + + #Save the initial state of the form + $InitialFormWindowState = $MainForm.WindowState + #Init the OnLoad event to correct the initial state of the form + $MainForm.add_Load($Form_StateCorrection_Load) + #Clean up the control events + $MainForm.add_FormClosed($Form_Cleanup_FormClosed) + #Store the control values when form is closing + $MainForm.add_Closing($Form_StoreValues_Closing) + #Show the Form + return $MainForm.ShowDialog() + +} +#endregion Source: MainForm.psf + +#Start the application +Main ($CommandLine) +}else{ + Write-Host "Machine was rebooted less than $days days ago" + +} \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Repair_DomainTrust.ps1 b/scripts/ToFixAndIntegrate/Win_Repair_DomainTrust.ps1 new file mode 100644 index 00000000..b15dc436 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Repair_DomainTrust.ps1 @@ -0,0 +1,7 @@ +### +# Author: Dave Long +# Tests and attempts to repair the domain trust relationship between a domain +# joined computer and the domain. +### + +Test-ComputerSecureChannel -Repair \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Retrieve_Backup_Windows_Logs.bat b/scripts/ToFixAndIntegrate/Win_Retrieve_Backup_Windows_Logs.bat new file mode 100644 index 00000000..3732a73b --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Retrieve_Backup_Windows_Logs.bat @@ -0,0 +1,30 @@ +rem Script starts here +rem Timestamp Generator +rem Needs parameter support + +set BACKUP_PATH=D:\logs + +rem Parse the date (e.g., Thu 02/28/2013) +set cur_yyyy=%date:~10,4% +set cur_mm=%date:~4,2% +set cur_dd=%date:~7,2% + +rem Parse the time (e.g., 11:20:56.39) +set cur_hh=%time:~0,2% +if %cur_hh% lss 10 (set cur_hh=0%time:~1,1%) +set cur_nn=%time:~3,2% +set cur_ss=%time:~6,2% +set cur_ms=%time:~9,2% + +rem Set the timestamp format +set timestamp=%cur_yyyy%%cur_mm%%cur_dd%-%cur_hh%%cur_nn%%cur_ss%%cur_ms% + +wevtutil epl System %BACKUP_PATH%\system_%timestamp%.evtx +wevtutil epl Application %BACKUP_PATH%\application_%timestamp%.evtx +wevtutil epl Security %BACKUP_PATH%\security_%timestamp%.evtx +wevtutil epl Setup %BACKUP_PATH%\system_%timestamp%.evtx +wevtutil epl Forwarded Events %BACKUP_PATH%\system_%timestamp%.evtx +wevtutil epl Active Directory Web Services %BACKUP_PATH%\system_%timestamp%.evtx +wevtutil epl Hardware Events %BACKUP_PATH%\system_%timestamp%.evtx + +rem End of Script \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Retrieve_Startup_Apps_List.ps1 b/scripts/ToFixAndIntegrate/Win_Retrieve_Startup_Apps_List.ps1 new file mode 100644 index 00000000..edd027dd --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Retrieve_Startup_Apps_List.ps1 @@ -0,0 +1 @@ +Get-CimInstance Win32_StartupCommand | Select-Object Name, command, Location, User | Format-List \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Software_Autoruns_Get.ps1 b/scripts/ToFixAndIntegrate/Win_Software_Autoruns_Get.ps1 new file mode 100644 index 00000000..44628faa --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Software_Autoruns_Get.ps1 @@ -0,0 +1,23 @@ +### +# Author: Dave Long +# Uses Autoruns from Sysinternals to get all automatically running programs on PCs. +# Also tests autoruns against Virtus Total and shows how many AV programs detect +# each autorun as a virus. +# +# Running assumes acceptance of the Sysinternals and Virus Total licenses. +### + +$AutorunsUrl = "https://download.sysinternals.com/files/Autoruns.zip" +$AutorunsOut = Join-Path $env:TEMP "Autoruns.zip" +$Autoruns = Join-Path $env:TEMP "Autoruns" +$OutputFile = Join-Path $Autoruns "autoruns.csv" + +Invoke-WebRequest -Uri $AutorunsUrl -OutFile $AutorunsOut + +Expand-Archive -Path $AutorunsOut -DestinationPath $Autoruns + +Start-Process -Wait -FilePath $Autoruns/autorunsc.exe -NoNewWindow -PassThru -ArgumentList @("-v", "-vt", "-c", "-o $OutputFile") + +Import-Csv -Path $OutputFile + +Write-Host "Complete Autoruns output stored at $OutputFile" \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Software_Installed_List.ps1 b/scripts/ToFixAndIntegrate/Win_Software_Installed_List.ps1 new file mode 100644 index 00000000..b527e4ac --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Software_Installed_List.ps1 @@ -0,0 +1,3 @@ +Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | Format-Table PSChildName, DisplayName, Publisher, DisplayVersion, Version, UninstallString + +Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Format-Table PSChildName, DisplayName, Publisher, DisplayVersion, Version, UninstallString \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Store_Uninstall_Builtin_Apps.ps1 b/scripts/ToFixAndIntegrate/Win_Store_Uninstall_Builtin_Apps.ps1 new file mode 100644 index 00000000..44f91c7e --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Store_Uninstall_Builtin_Apps.ps1 @@ -0,0 +1,36 @@ +# Uninstall 3D Builder: +Get-AppxPackage *3dbuilder* | Remove-AppxPackage +# Uninstall Alarms and Clock: +Get-AppxPackage *windowsalarms* | Remove-AppxPackage +# Uninstall Camera: +Get-AppxPackage *windowscamera* | Remove-AppxPackage +# Uninstall Get Office: +Get-AppxPackage *officehub* | Remove-AppxPackage +# Uninstall Get Skype: +Get-AppxPackage *skypeapp* | Remove-AppxPackage +# Uninstall Get Started: +Get-AppxPackage *getstarted* | Remove-AppxPackage +# Uninstall Groove Music: +Get-AppxPackage *zunemusic* | Remove-AppxPackage +# Uninstall Maps: +Get-AppxPackage *windowsmaps* | Remove-AppxPackage +#Uninstall Microsoft Solitaire Collection: +Get-AppxPackage *solitairecollection* | Remove-AppxPackage +# Uninstall Money: +Get-AppxPackage *bingfinance* | Remove-AppxPackage +# Uninstall Movies & TV: +Get-AppxPackage *zunevideo* | Remove-AppxPackage +# Uninstall News: +Get-AppxPackage *bingnews* | Remove-AppxPackage +# Uninstall People: +Get-AppxPackage *people* | Remove-AppxPackage +# Uninstall Phone Companion: +Get-AppxPackage *windowsphone* | Remove-AppxPackage +# Uninstall Store: +Get-AppxPackage *windowsstore* | Remove-AppxPackage +# Uninstall Sports: +Get-AppxPackage *bingsports* | Remove-AppxPackage +# Uninstall Voice Recorder: +Get-AppxPackage *soundrecorder* | Remove-AppxPackage +# Uninstall Weather: +Get-AppxPackage *bingweather* | Remove-AppxPackage \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Suggested_Apps_Disable.ps1 b/scripts/ToFixAndIntegrate/Win_Suggested_Apps_Disable.ps1 new file mode 100644 index 00000000..9baece2c --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Suggested_Apps_Disable.ps1 @@ -0,0 +1,12 @@ +$registryPath = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\CloudContent" +$Name = "DisableWindowsConsumerFeatures " +$value = "1" + +IF(!(Test-Path $registryPath)) + { + New-Item -Path $registryPath -Force | Out-Null + New-ItemProperty -Path $registryPath -Name $name -Value $value -PropertyType DWORD -Force | Out-Null + } + ELSE { + New-ItemProperty -Path $registryPath -Name $name -Value $value -PropertyType DWORD -Force | Out-Null + } \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_System_Restore_Enable.bat b/scripts/ToFixAndIntegrate/Win_System_Restore_Enable.bat new file mode 100644 index 00000000..178d5609 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_System_Restore_Enable.bat @@ -0,0 +1 @@ +reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore" /v SystemRestorePointCreationFrequency /t REG_DWORD /d 0 \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_System_Restore_Point_Create.ps1 b/scripts/ToFixAndIntegrate/Win_System_Restore_Point_Create.ps1 new file mode 100644 index 00000000..31bf7be9 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_System_Restore_Point_Create.ps1 @@ -0,0 +1,6 @@ +#Needs updating to include date +#Needs System Restore Size adjusting (50GB or 20% disk space) + + +Checkpoint-Computer -Description "Weekly Maintanence" -RestorePointType "MODIFY_SETTINGS" +Write-Host "System Restore Point created successfully" \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Teams_Uninstall.ps1 b/scripts/ToFixAndIntegrate/Win_Teams_Uninstall.ps1 new file mode 100644 index 00000000..c22a7e20 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Teams_Uninstall.ps1 @@ -0,0 +1,31 @@ +<# +From https://www.reddit.com/r/sysadmin/comments/aq72e4/microsoft_teams_wont_stay_uninstalled/ +.SYNOPSIS +This script allows you to uninstall the Microsoft Teams app and remove Teams directory for a user. +.DESCRIPTION +Use this script to clear the installed Microsoft Teams application. Run this PowerShell script for each user profile for which the Teams App was installed on a machine. After the PowerShell has executed on all user profiles, Teams can be redeployed. +#> + +$TeamsPath = [System.IO.Path]::Combine($env:LOCALAPPDATA, 'Microsoft', 'Teams') +$TeamsUpdateExePath = [System.IO.Path]::Combine($env:LOCALAPPDATA, 'Microsoft', 'Teams', 'Update.exe') + +try +{ + if (Test-Path -Path $TeamsUpdateExePath) { + Write-Host "Uninstalling Teams process" + + # Uninstall app + $proc = Start-Process -FilePath $TeamsUpdateExePath -ArgumentList "-uninstall -s" -PassThru + $proc.WaitForExit() + } + if (Test-Path -Path $TeamsPath) { + Write-Host "Deleting Teams directory" + Remove-Item -Path $TeamsPath -Recurse + + } +} +catch +{ + Write-Error -ErrorRecord $_ + exit /b 1 +} \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Teamviewer_Get_ID.ps1 b/scripts/ToFixAndIntegrate/Win_Teamviewer_Get_ID.ps1 new file mode 100644 index 00000000..bff9e408 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Teamviewer_Get_ID.ps1 @@ -0,0 +1 @@ +(Get-ItemProperty "HKLM:\SOFTWARE\Wow6432Node\TeamViewer").ClientID \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Teamviewer_Uninstall.bat b/scripts/ToFixAndIntegrate/Win_Teamviewer_Uninstall.bat new file mode 100644 index 00000000..faac5341 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Teamviewer_Uninstall.bat @@ -0,0 +1,2 @@ +net stop TeamViewer +"%programfiles(x86)%\TeamViewer\uninstall.exe" /S \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Upgrade_Win7_to_Win10.ps1 b/scripts/ToFixAndIntegrate/Win_Upgrade_Win7_to_Win10.ps1 new file mode 100644 index 00000000..c0956ee6 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Upgrade_Win7_to_Win10.ps1 @@ -0,0 +1,7 @@ +$dir = "c:\temp" +mkdir $dir +$webClient = New-Object System.Net.WebClient +$url = "https://go.microsoft.com/fwlink/?LinkID=799445" +$file = "$($dir)\Win10Upgrade.exe" +$webClient.DownloadFile($url,$file) +Start-Process -FilePath $file -ArgumentList "/quietinstall /skipeula /auto upgrade /copylogs $dir" -verb runas \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Users_Admin_Account_Rename.ps1 b/scripts/ToFixAndIntegrate/Win_Users_Admin_Account_Rename.ps1 new file mode 100644 index 00000000..2c3b4236 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Users_Admin_Account_Rename.ps1 @@ -0,0 +1,5 @@ +#Needs random name +#Needs parameter support + + +Rename-LocalUser -Name "Administrator" -NewName "LocalAdmin" diff --git a/scripts/ToFixAndIntegrate/Win_Users_Admins_List_Local.ps1 b/scripts/ToFixAndIntegrate/Win_Users_Admins_List_Local.ps1 new file mode 100644 index 00000000..55039d81 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Users_Admins_List_Local.ps1 @@ -0,0 +1,22 @@ +Write-Output ("Members of Administrators on " + (hostname) + ":") + +try { + # the Get-LocalGroupMember cmdlet will get a list of local admins for us, but, there are some bugs in the code and so in some cases, like if there are AzureAD accounts in the local admins group, it will fail, thus we can fall back to using net localgroup + $admins = Get-LocalGroupMember -Group "Administrators" -ErrorAction Stop # erroraction stop so that we can break out of this try and go to catch in case the cmdlet fails + ForEach ($admin in $admins) { + if ($admin.PrincipalSource.ToString() -eq "Local") { # if it's a local account, we can check if the account is enabled + $enabled = (Get-LocalUser -Name ($admin.Name -Split "\\")[1]).Enabled # split the computername, etc off the front of the username and use Get-LocalUser to check if enabled + Write-Output ($admin.Name + " (Account Enabled: " + $enabled + ")") + } else { + Write-Output ($admin.Name + " (Unable to check if enabled, source is " + $admin.PrincipalSource + ")") # if it isn't a local account, just like the source along with it + } + } +} catch { # fall back to listing with net localgroup if Get-LocalGroupMember fails + write-output ("Get-LocalGroupMember failed, falling back to net localgroup Administrators") + $admins = net localgroup "Administrators" + $length = $admins.length + $admins = $admins[6..($length - 3)] + ForEach ($admin in $admins) { + Get-LocalUser -Name $admin + } +} \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Users_Logoff_Disconnected_Users.ps1 b/scripts/ToFixAndIntegrate/Win_Users_Logoff_Disconnected_Users.ps1 new file mode 100644 index 00000000..a000b552 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Users_Logoff_Disconnected_Users.ps1 @@ -0,0 +1 @@ +quser | Select-String "Disc" | ForEach {logoff ($_.tostring() -split ' +')[2]} \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_VPN_L2TP_Win10_Fix.bat b/scripts/ToFixAndIntegrate/Win_VPN_L2TP_Win10_Fix.bat new file mode 100644 index 00000000..412501e4 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_VPN_L2TP_Win10_Fix.bat @@ -0,0 +1 @@ +REG ADD HKLM\SYSTEM\CurrentControlSet\Services\PolicyAgent /v AssumeUDPEncapsulationContextOnSendRule /t REG_DWORD /d 0x2 /f \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_VSS_Delete_ShadowCopies.ps1 b/scripts/ToFixAndIntegrate/Win_VSS_Delete_ShadowCopies.ps1 new file mode 100644 index 00000000..1faf1bd8 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_VSS_Delete_ShadowCopies.ps1 @@ -0,0 +1,2 @@ +Vssadmin delete shadows +#Deletes volume shadow copies \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_VSS_List_Providers.ps1 b/scripts/ToFixAndIntegrate/Win_VSS_List_Providers.ps1 new file mode 100644 index 00000000..c14b9a28 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_VSS_List_Providers.ps1 @@ -0,0 +1,2 @@ +Vssadmin list providers +#List registered volume shadow copy providers \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_VSS_List_ShadowCopy_Writers.ps1 b/scripts/ToFixAndIntegrate/Win_VSS_List_ShadowCopy_Writers.ps1 new file mode 100644 index 00000000..c00c32f1 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_VSS_List_ShadowCopy_Writers.ps1 @@ -0,0 +1,2 @@ +Vssadmin list writers +#List subscribed volume shadow copy writers \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_VSS_List_Shadow_Copies.ps1 b/scripts/ToFixAndIntegrate/Win_VSS_List_Shadow_Copies.ps1 new file mode 100644 index 00000000..b87731cf --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_VSS_List_Shadow_Copies.ps1 @@ -0,0 +1,2 @@ +Vssadmin list shadows +#List existing volume shadow copies \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Veeam_Backup_Script_Notification.ps1 b/scripts/ToFixAndIntegrate/Win_Veeam_Backup_Script_Notification.ps1 new file mode 100644 index 00000000..de658482 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Veeam_Backup_Script_Notification.ps1 @@ -0,0 +1,13 @@ +Import-Module $env:SyncroModule + +# Create RMMAlerts when a backup fails + +$event = Get-EventLog "Veeam Backup" -newest 1 -After (Get-Date).AddDays(-1)| Where-Object {$_.EventID -eq 0} + +if($event.entrytype -eq "Error") { + write-host "We got an event that is an error from Veeam Backup!" + Rmm-Alert -Category "veeam_backup_failed" -Body "Veeam Backup Failed on $(%computername%) - message: $($event.message)" +} else { + write-host "No errors here" +} + diff --git a/scripts/ToFixAndIntegrate/Win_WSUS_Clear_And_Restart.bat b/scripts/ToFixAndIntegrate/Win_WSUS_Clear_And_Restart.bat new file mode 100644 index 00000000..f6f39d65 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_WSUS_Clear_And_Restart.bat @@ -0,0 +1,12 @@ +net stop wuauserv +net stop cryptSvc +net stop bits +net stop msiserver +timeout 1 +Ren C:\Windows\SoftwareDistribution SoftwareDistribution.old +Ren C:\Windows\System32\catroot2 Catroot2.old +timeout 1 +net start wuauserv +net start cryptSvc +net start bits +net start msiserver \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Wifi_SSID_and_Password_Retrieval.ps1 b/scripts/ToFixAndIntegrate/Win_Wifi_SSID_and_Password_Retrieval.ps1 new file mode 100644 index 00000000..d59f1251 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Wifi_SSID_and_Password_Retrieval.ps1 @@ -0,0 +1,3 @@ +# Query Windows 10 Saved SSID details outputs the WIFI name and password. +# Created by TechCentre with the help and assistance of the internet +(netsh wlan show profiles) | Select-String "\:(.+)$" | %{$name=$_.Matches.Groups[1].Value.Trim(); $_} | %{(netsh wlan show profile name="$name" key=clear)} | Select-String "Key Content\W+\:(.+)$" | %{$pass=$_.Matches.Groups[1].Value.Trim(); $_} | %{[PSCustomObject]@{ PROFILE_NAME=$name;PASSWORD=$pass }} | Format-Table -AutoSize \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_Wifi_SSID_and_Password_Retrievalv2.ps1 b/scripts/ToFixAndIntegrate/Win_Wifi_SSID_and_Password_Retrievalv2.ps1 new file mode 100644 index 00000000..52ce9fb8 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Wifi_SSID_and_Password_Retrievalv2.ps1 @@ -0,0 +1 @@ +(netsh wlan show profiles) | Select-String "\:(.+)$" | %{$name=$_.Matches.Groups[1].Value.Trim(); $_} | %{(netsh wlan show profile name="$name" key=clear)} | Select-String "Key Content\W+\:(.+)$" | %{$pass=$_.Matches.Groups[1].Value.Trim(); $_} | %{[PSCustomObject]@{ PROFILE_NAME=$name;PASSWORD=$pass }} | Format-Table -AutoSize \ No newline at end of file diff --git a/scripts/ToFixAndIntegrate/Win_WinRM_Enable_Remote.ps1 b/scripts/ToFixAndIntegrate/Win_WinRM_Enable_Remote.ps1 new file mode 100644 index 00000000..1f6e677a --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_WinRM_Enable_Remote.ps1 @@ -0,0 +1,9 @@ +# enabling WINrm ( usually needed for windows admin centre) +# recent update disable or stops Winrm in services +#Add's firewall event for Winrm + +Enable-PSRemoting -Force + +Set-NetFirewallRule -Name WINRM-HTTP-In-TCP -RemoteAddress Any + + diff --git a/scripts/ToFixAndIntegrate/Win_Windows_Tools_Optimize.bat b/scripts/ToFixAndIntegrate/Win_Windows_Tools_Optimize.bat new file mode 100644 index 00000000..16abea03 --- /dev/null +++ b/scripts/ToFixAndIntegrate/Win_Windows_Tools_Optimize.bat @@ -0,0 +1,36 @@ +rem https://github.com/jebofponderworthy/windows-tools +@echo off + +echo -------------------------------------------- +echo Download and Run All Optimize Script Applets +echo -------------------------------------------- + +echo: +echo Verifying appropriate Powershell is present ... +echo --- +@"%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe" -Command "[string]$PSVersionTable.PSVersion.Major + '.' + [string]$PSVersionTable.PSVersion.Minor" > psversion.txt +