Powershell Replace all child object permission entries with inheritable permission entries from this object

How could would it be if in Powershell there’d be an option to Replace all child object permission entries with inheritable permission entries from this object, like we have in the GUI when applying permissions?

Well, there isn’t :), at least not for now (20181003), but I found a workaround that seems to be working pretty good.

When would we need this?

This is really handy to reset NTFS permissions from a certain level. Imagine this folder structure:

-Folder1 (inheritance disabled, John in Read Only and Albert in Read/Write)
–SubFolder1 (inherited from Folder1)
—-File1.txt (inherited from SubFolder1 plus Mark in Read Only)
—-File2.txt (inherited from SubFolder1)
–SubFolder2 (inherited from Folder1 plus Simon in Read/Write)
—-Sub-SubFolder1 (inherited from SubFolder2 plus Michael in Read Only)
—-Sub-SubFolder2 (inheritnace disabled, John in Read and Write)
–File1.txt (inherited from Folder1 – This is located under Folder1)

I hope you don’t actually have such a permission mess, as this would be bad, however this is just to generalize the example. Let’s also say that Folder1’s permissions are ok and we want to make sure they get replicated under every item recursively. So we want to remove Mark from accessing File1.txt, Simon from SubFolder2, Michael from Sub-SubFolder1 and also, we want to re-enable the inheritance from Sub-SubFolder2 (removing John as well). This is something you can force through with the GUI by flagging Replace all child object permission entries with inheritable permission entries from this object in the Advanced Security Settings.

So, this is fairly simple, but it’s really not cool when you’re trying to automate a permission setup process.

The logic behind the workaround

Let’s first talk about the example we have above, so we’re happy with Folder 1, how do I go and make sure every sub-folder/file will inherit the same permissions and will also remove any addition and reset the inheritance from the parent? (more…)

Read More

Run a command as a different user in Powershell

There are three main ways to run a command as a different user in Powershell, besides the classing Right click shift. This article will show you how to do that, within the same Powershell session.
By the same Powershell session, I mean something like this:

  • You’re logged on as ITDroplets\UserA.
  • You have a powershell script/console running as UserA.
  • Within that powershell script/console, you want to run a command as ITDroplets\UserB.

In the Options below, I will consider the above example and I will run “Get-Process Explorer” as UserB. This is very handy when running elevated commands, for instance when UserA is a standard user account and UserB has local admin rights. Of course, Get-Process Explorer doesn’t really need elevation 🙂
Remember that the examples are super concentrated, which means I didn’t add any check to see if the command ran successfully etc. They’re there as pure examples, you can then shape them to fit your needs.

Option 1 – System.Diagnostics.ProcessStartInfo

(more…)

Read More

Add output to PVOutput with Powershell

In this article, we will see how to setup your PVOutput account in order to add output to PVOutput with Powershell.

I found a ton of info on how to add Ouput to PVOutput with curl, but nearly nothing (as I needed it) for Powershell. No wonder why I received a couple of questions on this.

If you’re the owner of a GoodWe inverter, take a look at Get GoodWe data with Powershell.

I don’t want to go too deep, so in this article I will just explain how to send data to your own system on PVOutput and how to set up the account to be able to do so.

Set your PVOutput account

In order to make API calls to PVOutput, against your system, you’ll need to enable API Access and generate a new API Key. You will also need the System Id you want to manage.

This is super easy as it’s all located in the same area of the account settings.

  • Login to PVOutput
  • Click Settings
  • Scroll at the bottom and:
    • Enable API Access
    • Click New Key to generate a new Key
    • Write down your system ID
    • Save

That’s it! We’re ready to send data to our system.

Note: Before proceeding, make sure your system is correctly set up. You need to ensure you’ve added the right amount of solar panels as well as the correct Watt hour or else you may end up receiving errors.

A very simple script

So, this script is very simple and will just show you how to send your system’s outputs to PVOutput. I strongly recommend adding a Try/Catch to make sure you Catch any error (so that you can also set up an alert, perhaps with Telegram: Automating Telegram Messages with Powershell) and, most importantly, you want to automatically get the date, time etc automatically (look at Get GoodWe data with Powershell to see how I grabbed these info from my inverter).

Super easy! You can add more functionalities, like I said above. One of them could also be checking for the Content (or Status/Description) that will be held in $PVOutputInvokeResult:

Have fun 🙂

Read More

Create a Powershell Web Application

How to create a Powershell Web Application? This article will give you some guidelines on how to deploy a very simple web application that leverages Powershell and if you follow it completely, you’ll be able to have a fully functional web application.

This is a very important instrument, especially when our goal is to automate as much as possible the environment and repetitive tasks or offload a 2nd or 3rd level task to a 1st level representative. You could build a web application to check permissions for a specific shared folder (I’ve done that successfully) or you could deploy an app that would check the current top 10 RAM processes being used on a remote server (super handy to hand off to a 1st level support team who many have no access to the server) and so on.

Please see the final notes at the end of this article.

Prerequisites

You will need Visual Studio to follow this.

Creating a new Project

  • Click on File > New > Project
    • visual-studio_create-new-project
  • Select Installed > Templates > Visual C# > Web and click ASP .NET Web Application (.NET Framework). Give it a name (ITDropletsPowershell in the example).
    • visual-studio_create-new-asp.net-web-application
  • Since we want to start with a clean solution, let’s select “Empty” and click OK.
    • visual-studio_create-new-asp.net-web-application-EMPTY

(more…)

Read More

Automating Telegram Messages with Powershell

In this post I will go through automating Telegram Messages with Powershell, including a full script as an example.

Truth to be told, I’ve installed, and first used, Telegram about 3 hours before writing this post, but I saw so much potentials that I couldn’t wait to publish this. Consider also that I was actually after something similar for WhatsApp, but there’s no official API from them yet.

So because I’m such a noob here, I will actually go through the steps I’ve followed to get a Bot configured to work. Note that a Bot is an easier way to handle this sort automation, but if you’re an advanced user, you could look directly into Telegram’s API which will be way more flexible.

What can I actually use this for?

Well, of course you can just do it for fun and be able to send a message via powershell. But that’d be wasting this great potential. If I look out of the box, I see a possibility to build a (cheap) notification system and/or a (cheap) runbook system.

For example, imagine that you’ve got a script running that right now sends you an email once done just to tell you that the script has finished in 30 minutes. Why an email? Isn’t it handier having an actual push-notification on your phone telling you that?

Let’s think bigger, you’re deploying a new Virtual Machine with an automated script and, besides sending you a report via email, you want to know when it’s done so that you perhaps can go and work on the VM you just deployed, without continuously checking the status of the deployment. Or imagine adding a simple Message after an SCCM Task Sequence has been completed or even just use it to alert in case of a low disk space etc.

Now, what I like the most, what if Powershell can read what we’re writing into that conversation and based on that take actions? Like a runbook. Example: you write “Restart-Computer”. The PS script  could have a part of the code that checks every X amount of time if somebody wrote something and if they did, it checks the message. If the message equals to “Restart-Computer” then go and restart the computer. This is a very basic example, but it contain the core of what this can be used for.

Based on this idea, I actually build a very simple runbook automation script to leverage a Telegram message. Check it out here: Building a runbook with Powershell and Telegram

In the example at the end of this article I will be showing you how to send a message to a Telegram group and a possible action take after somebody replies with a specific keyword.

Set a Bot up

I suggest you to use a computer after step 1 as it’s going to be a bit faster in my opinion. This first bit is super simple.

  1. The first thing you want to do is register with Telegram if you haven’t done it yet. To do that, just go and download the app from the store (depending on what smartphone you’ve got).
  2. Launch the BotFather by opening this link: https://telegram.me/botfather
    • Start a conversation with the BotFather by typing /newbot – This will start the Bot creation wizard.
    • At this point, you will be asked to provide a Friendly name and a username. Once that is done, you will be provided with the token to be used in our scripts.
    • Telegram_botfather_create-bot

Time to intercept the Chat ID and run a quick test

So, in order for us to leverage the Bot to send a message, we will need to get the Chat ID of the conversation we want the Bot to talk/listen in. (more…)

Read More