Ghetto GPO Change-Audit Powershell Emailing script

Ghetto GPO Change-Audit Powershell Emailing script

Problem:

What AD GPO’s changed yesterday?

Solution:

Ultra ghetto. May or may not need special Security policy Audit rights enabled on DC’s, i don’t remember 2021.

Modify $testing = true to $testing = false for production.

	#########################################################################
	############ Ghetto GPO Change Audit ##############
	############ DRAFT / WIP in-progress ##############
	############ Lists/Emails modified GPO's only, not linking ##############
	#########################################################################
	############ script by NJD 2021-03-08, edited Oct 2024 ##############
	#########################################################################
	############# Programmatically set variables ################
	$MyDomain = (Get-ADDomain).DNSRoot # AD Domain root in plain-text format
	$MyDomainDN = (Get-ADDomain).DistinguishedName # AD Domain root distinguishedName
	$today = Get-Date '0:00' # today at minute 0
	$yesterday = $Today.AddDays(-1) # yesterday
	$hostname=$Env:COMPUTERNAME
	########### End Programmatically set variables ##############
	########## REQUIRED USER VARIABLES ###################
	$adminEmailAddr = "email1$MyDomain"#,"email2@$MyDomain","email3@$MyDomain"
	$hostname=$Env:COMPUTERNAME
	$smtpServer="mgate.$MyDomain"
	$from = "$hostname <noreply@$MyDomain>"
	$subject = "Automated script: GPO Change Audit"
	########### END REQUIRED USER VARIABLES ##############
	########### TESTING VARIABLES ############
	$testing = $true
	if ($testing) {
	$today = Get-Date #change this for testing some other day/time
	$yesterday = $Today.AddDays(-8) #change this for testing some other time period
	$subject+=" (TESTING)"
	}
	########## END TESTING VARIABLES #########
	############ sendEmail ###############
	function sendEmail {
	param($body)
	if ($body) {
	Write-host -NoNewline "Emailing $adminEmailAddr : "
	$textEncoding = [System.Text.Encoding]::UTF8
	try {
	Send-Mailmessage -smtpServer $smtpServer -from $from -to $adminEmailAddr -subject $subject -body $body -bodyashtml -priority High -Encoding $textEncoding -ErrorAction Stop
	if (!($SendErr)) {
	write-host "Successfully emailed $adminEmailAddr"
	}
	} catch {
	write-host "FAILED to email $adminEmailAddr via $smtpServer"
	throw $_
	}
	} else {
	Write-Host "Nothing to email."
	}
	}
	########## end sendEmail ###############
	############# MAIN ##############
	$body = '' # init
	$count = 0 # init
	$summary = '' # init
	Try {
	Write-Host "Gathering GPO Policy Changes ...`r`n"
	### Get all the required Security Events ###
	$List = Get-ADObject -SearchBase "CN=Policies,CN=System,$MyDomainDN" -Filter 'WhenChanged -ge $yesterday' -Properties * -ErrorAction stop -ErrorVariable Err
	} catch {
	write-host -fore Red "GPO Policy Changes not found for $yesterday"
	throw $_
	} finally { ### email the GPO/results
	ForEach ($object in $List) {
	if ($object.Displayname) {
	$count++
	$changedTime = ($object.whenChanged).ToString()
	$changedGPO = ($object.Displayname).ToString()
	# I wish to print [$object.] AddedProperties, RemovedProperties and ModifiedProperties , but continuously fail at such.
	foreach ($h in ($object.AddedProperties)) {
	Write-Host "${h}: $($object.AddedProperties.$h)"
	}
	$summary += "GPO Changed: $changedTime $changedGPO`r`n"
	$body += "GPO Changed: $changedTime $changedGPO<br><br>"
	$body += '<b>Details</b>'
	$body += ($object | convertto-html -as list)
	$body += '<br><b>Report</b>'
	$body += (Get-GPOReport -Name $object.DisplayName -ReportType Html)
	}
	$body += "<br><br>"
	}
	$summary = "$count GPO's changed.`r`n" + $summary
	}
	write-host $summary
	if ($body) { sendEmail($body) }
	############ END MAIN #############

view raw gistfile1.txt hosted with ❤ by GitHub

Veeam database size approaching limit

Problem:

My Veeam configuration was over 10,000mb approaching the MS-SQL express 10gb hard-limit.

Veeam: Configuration Database Issue The configuration database size
is approaching the limit. if this limit is exceeded, the backup server
will stop functioning.

Tentative Solution:

This worked for me, but may not be an official solution. I shrunk and rebuilt the indexes, no less than twice. I was able to shrink it half the size.

1. Backup the database manually, even if you have scheduled backups. “Hamburger” Menu>Configuration Backup>Backup Now.
2. Install and run SQL Server Management Server Studio.
3. Connect to the local Veeam database
4. Find and right click the “VeeamBackup” database, choose Tasks>Shrink>Database. Enable “Reorganize files before releasing…”>OK.
5. Copy and paste the rebuild-indexes SQL script from: https://www.mssqltips.com/sqlservertip/4470/script-to-manage-sql-server-rebuilds-and-reorganize-for-index-fragmentation/ to a new local script.
6. Edit the script’s SET parameters to suit your needs: SET @reportOnly = 0; & SET @fragmentationThreshold = 5; . Execute the script. This may grow your database too large, so…
7. Perform #4 again!
8. Perform #6 again!
9. Check the size of the database (This can be done by the shrink database menu or by viewing the database properties)

Documentation:

• Official KB: https://www.veeam.com/kb4024
• Forum Thread: https://forums.veeam.com/vmware-vsphere-f24/shrinking-the-veeambackup-database-t20276.html
• Community Thread: https://community.veeam.com/discussion-boards-66/procedure-to-shrink-the-vbr-database-2547

cannot paste clipbpard images into github

Problem

Cannot paste clipboard images into GitHub.com comments / editor using Firefox.

Solution

about:config > dom.event.clipboardevents.enabled = true .

---

How to set auto-power for iDrac 9

How to set auto-power for iDrac 9.

Problem:

iDrac 9 default Power Recovery is Last; However, APC UPS may shutdown a server externally, therefore power-up may not occur as expected.

Option 1 Solution:

BIOS (F2) > System Security > AC Power Recovery > On

Option 2 Solution:

ssh root@<IP-of-iDrac>
racadm get BIOS.SysSecurity.AcPwrRcvry
racadm set BIOS.SysSecurity.AcPwrRcvry On

Which will report:

RAC1017: Successfully modified the object value and the change is in 
     pending state.
     To apply modified value, create a configuration job and reboot 
     the system. To create the commit and reboot jobs, use "jobqueue" 
     command. For more information about the "jobqueue" command, see RACADM 
     help.

Therfore, to apply the new setting:

racadm jobqueue create BIOS.Setup.1-1

But it also requires a reboot. (Warning: Choose 2-stage graceshutdown + powerup, because any other seem to hard “reset”. )

racadm serveraction graceshutdown
racadm serveraction powerup

Expect a BIOS update and a reboot (slow).

Afterward, it may be verified via:

racadm get BIOS.SysSecurity.AcPwrRcvry

---

~ Good Luck! ~

---

SEO: Dell iDrac iDrac9 auto-power auto-start auto-power-on auto-power-up auto power powerup

Cannot type in Windows 2022 PowerShell from Remmina FreeRDP

Problem:

Cannot type in Windows 2022 PowerShell from Linux Remmina/FreeRDP (RDP)

Solution:

Disable "Use client keyboard mapping" in Remmina Preferences.

---

Written with StackEdit.

KB5034441 failing to install with "Retry" 0x80070643

Windows 10 2024-01 Security Update for Windows 10 Version 22H2 for x64-based Systems (KB5034441) failing to install with “Retry” 0x80070643

 

 

Problem:

The January 2024 update is known to fail on a widespread basis. Currently as of Feb 21 2024, this is still unmitigated in any automatic fashion via Windows Updates; however, it can be simply fixes with a Powershell script as provided directly from Microsoft.

Solution:

Copy/Paste the script provided in this link into a file named something like patch.ps1.
https://learn.microsoft.com/en-us/windows-hardware/manufacture/desktop/add-update-to-winre?view=windows-11#extend-the-windows-re-partition
Execute the script for an elevated cmd.exe shell (Run as Administrator) using the commandline PowerShell.exe -ExecutionPolicy Bypass -File patch.ps1. (Either spefify the full file-path or make sure to cd into the folder where you have saved the script).
When asked for a BackupFolder, c:\temp will suffice. When asked if you wish to proceed, answer Y (Yes).
Upon completion, reboot with shutdown /r /f /t 5.

Rejoice.

Pipewire no sound after Debian 12 upgrade

I’ve been performing in-place upgrades of Debian for years. Always some new problem to fix afterward. Debian 12 was no different.

Off-subject i was forced to apt purge, deborphan , dpkg --purge --force-depends on quite a few items before being able to fully perform upgrade/updates.

Problem: No audio after automated upgrade to Pipewire systems.

Solution:
Reference: https://gitlab.freedesktop.org/pipewire/pipewire/-/issues/2255

cd  /etc/alsa/conf.d/
sudo mv 50-pulseaudio.conf{,.bak}
sudo mv 50-oss.conf{,.bak}
sudo mv 50-pipewire.conf{,.bak}
sudo mv 50-jack.conf{,.bak}
sudo mkdir backup
sudo mv ./*.bak ./backup/

sudo apt reinstall pipewire pipewire-pulse pipewire-alsa pipewire-jack wireplumber
## internets recommended 'wireplumber' over 'pipewire-media-session'

history -a
reboot

# rejoice

You may choose to do it differently, but essentially, remove all 50-*.conf that deal specifically with sound, then reinstall the packages to recreate a proper 50-pipewire.conf.

Written with StackEdit.