Get SEMS/GoodWe data with Powershell

Get SEMS/GoodWe data with Powershell: GoodWe has transferred everything over to the SEMS Portal, which finally comes with an API! In this article we’ll see how to grab data directly from SEMS’ API.

This is basically an update to Get GoodWe data with Powershell which is no longer working for some users (mainly people with a brand new Inverter that was never registered with the old portal).

Let me start by saying that even though there’s finally an API, with some documentation (in Chinese as far as I could find it), it’s still a bit messy, I noticed that this works with different URLs, but I tried to stick to what I normally use to login to the portal (https://www.semsportal.com).

The API works based on tokens, which means it requires two web requests, one to authenticate and grab the token data and another one to grab the actual output we’re after. It’s fairly simple and I’ll go through what I think it’s most important.

At the time of testing (20190613) the Inverter was pushing data to the SEMS Portal every 2.5 minutes circa, which it’s better than the old version of the script that could only see data every 5 minutes. It takes about 30 seconds to see the data: what I mean is, if it’s 9:00:00AM next refresh will occur at around 9:02:30AM, but the portal will have this data processed by around 9:03:00AM (sometimes earlier). An example for the last 4 entries I tried:

  • 06/13/2019 14:08:58
  • 06/13/2019 14:11:28
  • 06/13/2019 14:13:59
  • 06/13/2019 14:16:29

This is a basic script, please implement some error handling! (more…)

Read More

Change a folder icon with Powershell

In this post we’ll see how to change a folder icon with Powershell, this method will work on shared folders too, as long as the filesystem of the shared network folder allows it.

The script is very simple, but first I want to go through it with an example, you can scroll down to the end of this article to checkout the script.

Let’s have a look at the difference between a local folder’s properties and a shared network folder’s properties.

A trick to allow us to change icon on a shared network folder, would be to move it on the desktop, change the icon and move it back. Totally ugly and useless if you have a large folder or multiple folders to customize.

If you change the icon of a local folder, you’ll notice that a Desktop.ini hidden file is created. When you copy that file to another folder though, nothing happens. The reason is because the folder attributes must be changed as well in order for Windows to read the Desktop.ini file.

Let’s work with an example and go through it. Say we have Folder1 and Folder2 in our local environment.

  • We change the icon for Folder1 manually.
  • This is how Folder1 and Folder2 will look like now.
  • Under \Folder1, there’ll be a desktop.ini file as well. Remember that it’s hidden. Let’s check its content out:
  • Let’s change the icon for Folder2, using the same desktop.ini file. You can just copy it from Folder1 and paste it in Folder2. Once done you’ll see that nothing happens as already explained above.
  • Let’s compare the attributes of both Folder1 and Folder2 and see what’s the difference.
    • (Get-Item “C:\Users\itdroplets\Desktop\tmp\Folder1“).attributes
    • (Get-Item “C:\Users\itdroplets\Desktop\tmp\Folder2“).attributes

By going through the above, we’ve identified the reason why the folder, even with a Desktop.ini file, isn’t changing its icon. We need to set its attributes to ReadOnly, Directory.

Right after running the above command, you’ll see Folder2 changing icon almost instantly.

The Script

I don’t like having files laying around in my script directories, unless I really have to. So, the script below is a quick way to get the icon changed, without needing to copy any Desktop.ini file. Instead, we’ll just create it based on a static content ($DesktopIni).

 

Read More

Run a Powershell script from PHP

Running a Powershell script from PHP is easier than I expected. I was pretty new to this as well, but after a while I manage to build some pretty nice automatized tasks that help a lot with small processes.

Of course, if you’re using Windows Powershell, you’ll need to run these script from a Windows Server/Client.

If you’re in a Windows environment, the best way to go is installing PHP in IIS. I recommend using the latest PHP version (at the time of writing, we’re at 7.2), you can grab it from https://php.iis.net, or you can launch the Web Platform Installer if you’ve already got it in IIS.

Possibilities

Many! You really have a huge playground here to develop whatever you need. Here’s a few examples:

  • Automate the creation of an AD account and allow access to the web end to just the Help Desk team.
    • What does this mean? You’ll no longer need to delegate permissions to the entire Help Desk team, you’ll just need to delegate permissions to the service account running the Application Pool in IIS. Also, because nobody else has permissions, you can choose the way you want this AD Account to be created (base OU, syntax, password length, settings etc).
  • Allow users to change a specific setting in their AD Account.
    • Imagine a large organization, you may want to delegate as many tasks as possible. For example, say we’re ok to trust the users to change their own Phone Numbers in AD. You can build a script that will allow to do that, at your own conditions and expose a small web interface to allow the user to see the current phone number and change it.
  • Allow the Help Desk and Desktop Teams to view a share’s NTFS permissions.
    • Once again, no need to provide access to the share, just the service account will need access. You’ll build a script that will grab the ACL from a share and return just that, based on the User’s input.

These are very basic examples of course. For instance, I’ve also built a tool that will allow Group’s managers to add/remove users to these groups. Super handy. (more…)

Read More

Powershell Replace all child object permission entries with inheritable permission entries from this object

How could would it be if in Powershell there’d be an option to Replace all child object permission entries with inheritable permission entries from this object, like we have in the GUI when applying permissions?

Well, there isn’t :), at least not for now (20181003), but I found a workaround that seems to be working pretty good.

When would we need this?

This is really handy to reset NTFS permissions from a certain level. Imagine this folder structure:

-Folder1 (inheritance disabled, John in Read Only and Albert in Read/Write)
–SubFolder1 (inherited from Folder1)
—-File1.txt (inherited from SubFolder1 plus Mark in Read Only)
—-File2.txt (inherited from SubFolder1)
–SubFolder2 (inherited from Folder1 plus Simon in Read/Write)
—-Sub-SubFolder1 (inherited from SubFolder2 plus Michael in Read Only)
—-Sub-SubFolder2 (inheritnace disabled, John in Read and Write)
–File1.txt (inherited from Folder1 – This is located under Folder1)

I hope you don’t actually have such a permission mess, as this would be bad, however this is just to generalize the example. Let’s also say that Folder1’s permissions are ok and we want to make sure they get replicated under every item recursively. So we want to remove Mark from accessing File1.txt, Simon from SubFolder2, Michael from Sub-SubFolder1 and also, we want to re-enable the inheritance from Sub-SubFolder2 (removing John as well). This is something you can force through with the GUI by flagging Replace all child object permission entries with inheritable permission entries from this object in the Advanced Security Settings.

So, this is fairly simple, but it’s really not cool when you’re trying to automate a permission setup process.

The logic behind the workaround

Let’s first talk about the example we have above, so we’re happy with Folder 1, how do I go and make sure every sub-folder/file will inherit the same permissions and will also remove any addition and reset the inheritance from the parent? (more…)

Read More

Run a command as a different user in Powershell

There are three main ways to run a command as a different user in Powershell, besides the classing Right click shift. This article will show you how to do that, within the same Powershell session.
By the same Powershell session, I mean something like this:

  • You’re logged on as ITDroplets\UserA.
  • You have a powershell script/console running as UserA.
  • Within that powershell script/console, you want to run a command as ITDroplets\UserB.

In the Options below, I will consider the above example and I will run “Get-Process Explorer” as UserB. This is very handy when running elevated commands, for instance when UserA is a standard user account and UserB has local admin rights. Of course, Get-Process Explorer doesn’t really need elevation 🙂
Remember that the examples are super concentrated, which means I didn’t add any check to see if the command ran successfully etc. They’re there as pure examples, you can then shape them to fit your needs.

Option 1 – System.Diagnostics.ProcessStartInfo

(more…)

Read More