Powershell script to generate and email a DFS Health Report.

Purpose:
This script was used to generate a DFS Health Report and email it to the admin team on a daily basis.

Comments:
I attempted to push the report into the body of the email but Outlook did not like the formatting so instead it was added as an attachment.
This is on a Windows 2008 R2 Server using the old commandline version of DFS and its reporting. The Report does not work in some of the newer version of IE.
To view the report you have to hit F12 and then change the Document Mode: IE quirks to IE5 Quirks

#=====================================================================================================#
#    Copyright 2011 Robert Stacks
#
#    This program is free software: you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation, either version 3 of the License, or
#    (at your option) any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#    You should have received a copy of the GNU General Public License
#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
#
#=====================================================================================================#
# Author: Robert Stacks
# URL: RandomTechMinutia.wordpress.com
# Date: 11/30/2012
# Updated: 11/30/2012
# Version: 0.1
#
# Purpose:
# Generate a DFS Admin Report and Email it to the admin team it must be viewed with IE due to HTML/Java formatting
#=====================================================================================================#

#Get todays Date
$date = Get-Date

#===========================#
#User Adjustable Variables  #
#===========================#

#Mail Server Variables
$SMTPserver = "mail.domain.com"
$from = "DFSReplicationReport@domain.com"
$to = "Youremail@domain.com"
$subject = "DFS Replication Health Report " + $date
$emailbody = "Attached is the Report"

#DFS Info
#Note: $ReplicationGroup=`"Corp Office to Phoenix`", if your group name has no spaces you can remove the `"
#the dfsadmin command can be a little unforgiving about quotes you may have to adjust your values accordingly.

$ReplicationGroup=`"Your Replication Group`"
$MemeberServer="ServerName"
$SaveReportLocation="C:\DFSReports"

#===========================#
#Main Script                #
#===========================#

#Generate DFS Report

dfsradmin health new /RgName:$ReplicationGroup /RefMemName:$MemeberServer /repname:$SaveReportLocation

# Send email
Send-MailMessage -From $from -To $to -SmtpServer $SMTPserver -Subject $subject -Body "Attached is the DFS Health Report. It must be viewed in IE" -Attachments ("C:\DFSReports\Health-Corp Office to Phoenix.html")

Advertisements

Tweak registry to make Windows always prefer IPv4 over IPv6

One of those basic things that Microsoft changed for us, when logged into a Windows 7 or Server 2008 R2 server and you ping itself you get a IP6 address.  Few shops have converted to IP6 yet so this is how you change that address back to IP4.  I do this in my Windows Templates in VMware.

  • Open RegEdit, navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tcpip6\Parameters
  • Create DisabledComponents DWORD registry value, set its value to 20 (Hexadecimal).
  • Reboot.

See Microsoft KB 929852 for more info.

Powershell Script to Report on Drive Space Usage in another domain.

This is something I worked up to scan a list of servers, determine their drive space usage, and then calculate a cost to charge a customer.  The script obviously was written with a client-customer, hosted solution in mind.  All that said I scrubbed the code of anything that was actually used by the client/customer but the script has some pretty interesting features that took me a while to put together using hints from others on the web.

The most interesting aspect of this script is the ability to remote into a remote domain and then function as if you were a member of that domain.

This script has a specific purpose where I used it but it could be modified to do something else, so I’m posing it here if nothing else as a reference/example.  Also keep in mind this script was chopped up a good bit to publish to the web so it might be a little buggy now.

Purpose:
Report on remote server hard drive usage when said server is in another domain and alert when usage hits a ceiling in GB.

Requirements:
Quest.ActiveRoles.ADManagement on the system running the script
Domain admin or at least rights to log onto the servers to be scanned
The PC or Server running the script must be able to resolve the foreign domains DNS and Servers FQDN

Other:
The script can also be used with some minor modifications to generate a cost based on Storage usage, this is how I used it.
Line 183 “Some Cost” is the line I used to input a bit of math to determine a cost.  That line along with 133 could be removed if so desired.
The script is designed to log into a remote domain or work group, if this wasn’t the case it could be converted into a much simpler/smaller script.


#=====================================================================================================#
#    Copyright 2011 Robert Stacks
#
#    This program is free software: you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation, either version 3 of the License, or
#    (at your option) any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#    You should have received a copy of the GNU General Public License
#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
#
#=====================================================================================================#
# Author: Robert Stacks
# URL: RandomTechMinutia.wordpress.com
# Date: 7/31/2012
# Updated: 7/31/2011
# Version: 0.1
#
# Purpose:
# Scan and report on storage used on a list of servers.  Can also be used to calculate costs if the
# Drive usage goes over a given amount.  I used 20GB in this example.
#=====================================================================================================#

#Add Snapins
Add-PSSnapin "Quest.ActiveRoles.ADManagement" -ErrorAction SilentlyContinue

#Get todays Date
$date = Get-Date

#===========================#
#User Adjustable Variables  #
#===========================#

#Mail Server Variables
$SMTPserver = "mail.yourdomain.com"
$from = "ScriptReporter@Yourdomain.com"
$to = "adminteam@yourdomain.com"
$EmailSubject = "Drive Space Report"

#Account with rights to remotely log into domain
$AdminAcct = 'domain\admin'
$Adminpwd = 'password'

#Domain to Log into
$domain = 'Remotedomain'

#OU container to get list of Servers to check
$OUStoSearch= 'Yourremotedomain/OU'

#Alert if Drive Space Goes over this amount figured in GB
$DriveCeiling = 20

#===========================#
#Main Script                #
#===========================#

#Set User account to be used to log into cross site domain without AD Trust
$username = $AdminAcct
$password = ConvertTo-SecureString $Adminpwd -AsPlainText -Force
$livecrd = New-Object System.Management.Automation.PSCredential $username, $password

# Format html report
$htmlReport = @"
<style type='text/css'>
.heading {
color:#0B1ABF;
font-size:14.0pt;
font-weight:700;
font-family:Verdana, sans-serif;
text-align:left;
vertical-align:middle;
height:20.0pt;
width:416pt;
}
.colnames {
color:white;
font-size:10.0pt;
font-weight:700;
font-family:Tahoma, sans-serif;
text-align:center;
vertical-align:middle;
border:.5pt solid windowtext;
background:#730000;
}
.lblueback {
color:windowtext;
font-size:10.0pt;
font-family:Arial;
text-align:center;
vertical-align:middle;
border:.5pt solid windowtext;
background:#B2E6FF;
}
.greyback {
color:windowtext;
font-size:10.0pt;
font-family:Arial;
text-align:center;
vertical-align:middle;
border:.5pt solid windowtext;
background:#EAEAEA;
}
.charge {
color:#730000;
font-size:10.0pt;
font-family:Arial;
font-weight:bold;
text-align:center;
vertical-align:middle;
border:.5pt solid windowtext;
background:#FFFF00;
}

</style>
<table border=.5 cellpadding=.5 cellspacing=.5 width=556
style='border-collapse:collapse;table-layout:auto;width:600pt'>
<tr style='height:15.0pt'>
<th colspan=6 height=40 width=600>
<center>Drive Space Report</center></th>
</tr>
<tr>
<th>Server Name</th>
<th>Drive</th>
<th>Size(GB)</th>
<th>Used(GB)</th>
<th>Freespace(GB)</th>
<th>Over Amount (15GB)</th>
<th>Amount to Charge</th>
</tr>
"@

#Connect to the specific domain
Connect-QADService -Service $domain -Credential $livecrd

#Get a LIst of Servers from a OU
$servers=get-qadcomputer -SearchRoot $OUStoSearch | foreach { $_.Name} | Sort

#counter to manage alternating row color
$colorcounter = 0

foreach ($server in $servers)
{

#If loop to determine color of Rows related each system.
if ($colorcounter%2 -eq 0){
$tablecell = @"
<td class='lblueback'>
"@
}
else {
$tablecell = @"
<td class='greyback'>
"@
}
#format the server name with its FQDN
$server=$server + '.' + $domain
# Get a list of Hard Drives
$DISKS=Get-WmiObject Win32_LogicalDisk -computerName $server -Credential $livecrd -Filter "DriveType = 3"

# For each disk print out its stats
foreach ($DISK in $DISKS)
{
$htmlReport=$htmlReport +
"<tr>" + $tablecell + $server + "</td>" +
$tablecell + ($DISK.DeviceID) + "</td>" +
$tablecell + [Math]::round(($DISK.size/1gb),2) + "</td>" +
$tablecell + [Math]::round((($DISK.size-$DISK.freespace)/1gb),2) + "</td>" +
$tablecell + [Math]::round(($DISK.freespace/1gb),2) + "</td>"

#Determine if more that X GB is being used.
$GBOver = (($DISK.size-$DISK.freespace)/1gb) - $DriveCeiling

#If more than X GB is being used we change the color of the table and calulate the cost
if($GBOver -gt 0 )
{
#You can change the item "Some Cost" to a actual formual to determine a cost if you so desire.
$htmlReport=$htmlReport +
"<td class='charge'>" + [Math]::round($GBOver,2) + "</td>" +
"<td class='charge'>" + "$" + "Some Cost" + "</td></tr>"
}

#If they are not using more than X GB then we just report a zero and no charge
else
{
$htmlReport=$htmlReport +
$tablecell + "0" + "</td>" +
$tablecell + "No Charge" + "</td></tr>"

}

}
# value used in conjuction with if loop to rotate color in table
$colorcounter = $colorcounter + 1
}

$htmlReport = $htmlReport + "</table>"

# Send email
$subject = $EmailSubject + $date
$emailbody = $htmlReport
$mailer = New-Object Net.Mail.SMTPclient($SMTPserver)
$msg = New-Object Net.Mail.MailMessage($from, $to, $subject, $emailbody)
$msg.IsBodyHTML = $true
$mailer.send($msg)

Powershell / Powercli script to report on VMs and their VMDKs

Here is a report I put together to quickly view all VMs their VMDKs and the Datastores those VMDKs are sitting on. This is not meant to be a report to view total storage or free space on either the VMs or their Datastores, nor are we looking for orphaned vmdk files. Although I may add those features to this report later on.

Update 3/13/2014: Script now reports on Size and how the data is presented has been improved.

Issue: Review VMDK files for any that don’t have the same name as the VM names in VCenter.

Purpose: Scan and report on VMware VM’s VMDKs and what Datastores they are tied to.

Side Notes:

  • You must have Powercli installed on the machine this report runs off of.
  • The admin account used must have enough permissions to run the given commands.
  • It is possible to have two VMs in vCenter with the same name. So in the report you may see a single server when in fact it is two separate servers.
  • If that happens you’ll see a single instance of that VM’s name with more than the expected number of disk.
#=====================================================================================================#
# Author: Robert Stacks
# Date: 7/18/2012
# Updated: 3/13/2012
# Verson: 1.1
#
# Purpose: 
# Scan and report on Datastores, and related VM's VMDK visible to vCenter
# 
# Updates:
# 3/12/2012
# - Added a column to show the current host ESXi server, Split Folder from VMDK info, and also added size
# - Fixed some spelling and updated comments
# - Fixed some flow logic and adjusted table row color, table padding, and sizing.
#=====================================================================================================#

#Add Snapins
Add-PSSnapin VMware.VimAutomation.Core

#===========================#
#User Adjustable Variables  #
#===========================#

#Vcenter Logon Info
$ESXserver = "vcenterserver.domain.com"
$ESXuser = "username"
$ESXpassword = "password"

#Mail Server Variables
$SMTPserver = "mail.domain.com"
$from = "VMwareReporter@domain.com"
$to = "sysadmins@domain.com"

#===========================#
#Main Script                #
#===========================#

#Determine if already connected to VCenter and if not connect
if ( $DefaultVIServers.Length -lt 1 )
{
  Connect-VIServer -Server $ESXserver -User $ESXuser -Password $ESXpassword -WarningAction SilentlyContinue | Out-Null
}

# Format html report
$htmlReport = @"
<style type='text/css'>
.heading {
 	color:#0B1ABF;
	font-size:14.0pt;
	font-weight:700;
	font-family:Verdana, sans-serif;
	text-align:left;
	vertical-align:middle;
	height:20.0pt;
	width:416pt;
}
.colnames {
 	color:white;
	font-size:11.0pt;
	font-weight:700;
	font-family:Tahoma, sans-serif;
	text-align:center;
	vertical-align:middle;
	border:.5pt solid windowtext;
	background:#730000;
}
.lblueback {
	color:windowtext;
	font-size:10.0pt;
	font-family:Arial;
	text-align:left;
	vertical-align:middle;
	border:.5pt solid windowtext;
	background:#B8CCE4;
}
.greyback {
	color:windowtext;
	font-size:10.0pt;
	font-family:Arial;
	text-align:left;
	vertical-align:middle;
	border:.5pt solid windowtext;
    #background:#D8D8D8;
}

</style>
<table style='border-collapse:collapse;table-layout:auto;width:auto;padding:5px'>
 <tr style='height:15.0pt'>
   <th colspan=6 height=40 width=auto class="heading">
	<center> VM Datastore Report </center></th>
 </tr>
 <tr>
  <th class="colnames">VM Name</th>
  <th class="colnames">Host</th>
  <th class="colnames">DataStore</th>
  <th class="colnames">Folder</th>
  <th class="colnames">FileName</th>
  <th class="colnames">Size/GB</th>
 </tr>
"@

#get a list of VMs
$vmlist = Get-VM -Server $ESXserver | Sort

#counter to manage alternating row color
$colorcounter = 0

#Master part of the script, loops through each VM and creates table with data
ForEach ($vm in $vmlist)
{	
  #If loop to determine color of Rows related to given VM
  if ($colorcounter%2 -eq 0)
	{
		$tablecell = @"
		<td class='lblueback'>
"@
}
  else 
	{ 
		$tablecell = @"
		<td class='greyback'>
"@
}
  
  # Grab VMDK information and the Datastores tied to them.
  $vmdisk = Get-VM $vm | Get-harddisk
  
  # Split out disks where a VM has more than a single disk, also split out the name of the Datastore
  # from the name/path of the vmdk file, then split the Folder Name from the VMDK name.
  $vmdiskDatastore=($vmdisk | %{$_.Filename.Split('[]')[1]})
  $vmdiskfilename=($vmdisk | %{$_.Filename.Split('[]')[2]})
  $vmdiskFolder=($vmdiskfilename | %{$_.Split('/')[0]})
  $vmdiskVMDK=($vmdiskfilename | %{$_.Split('/')[1]})
  $vmdisksize=($vmdisk | %{$_.CapacityKB})
  
  # determine the length of the array so we know if there was more than one hard drive for a given VM.
  $count = $vmdiskfilename.count - 1
  
  # Begin building the html report, inserting the name of the VM in the 1st Column and Host Name into the 2nd 
  $htmlReport = $htmlReport + 
  "<tr>" + $tablecell + $vm.Name + "</td>" +
  $tablecell + $vm.host.Name + "</td>"
  
  # Based on the number of hard drives in the count value the report is generated in one of two ways
  if($count -le 0)
  {
  	# There is only one hard drive so the values will not be in an array we just need to build the table row with data
  	$htmlReport = $htmlReport + 
	$tablecell + $vmdiskDatastore + "</td>" + 
    $tablecell + $vmdiskFolder + "</td>" +
	$tablecell + $vmdiskVMDK + "</td>" +
	$tablecell + $vmdisksize / 1MB + "</tr>"
  }
  else
  {
  	# There is more than one hard drive, because of table formatting we handle the 1st row different from the 2nd row.  Data is in an array.
  	$htmlReport = $htmlReport +
    $tablecell + $vmdiskDatastore[0] + "</td>" + 
    $tablecell + $vmdiskFolder[0] + "</td>" +
	$tablecell + $vmdiskVMDK[0] + "</td>" +
	$tablecell + $vmdisksize[0] / 1MB + "</tr>"
  
  # There is more than one hard drive so we will loop through the array and and place them in the report
 	$x=1
    While($x -le $count)
	{
    	$htmlReport = $htmlReport +
     	"<tr>" + $tablecell + "" + "</td>" + 
		$tablecell + "" + "</td>" +
    	$tablecell + $vmdiskDatastore[$x] + "</td>" + 
    	$tablecell + $vmdiskFolder[$x] + "</td>" +
		$tablecell + $vmdiskVMDK[$x] + "</td>" +
		$tablecell + $vmdisksize[$x] / 1MB + "</tr>"
		$x= $x+1
  	}
   }
   # value used in conjunction with Foreach and if loop to rotate color in table
   $colorcounter = $colorcounter + 1
 }
 
 # We are done gathering data from vCenter so we disconnect
 Disconnect-VIServer -Server $ESXserver -Force:$true -Confirm:$false

# Send email
$subject = "VMware VM Datastore Report"
$emailbody = $htmlReport
$mailer = New-Object Net.Mail.SMTPclient($SMTPserver)
$msg = New-Object Net.Mail.MailMessage($from, $to, $subject, $emailbody)
$msg.IsBodyHTML = $true
$mailer.send($msg)

Example of output:
datastorereportexample

Monitor VMware for SnapShots

Here is something I recently put together to monitor VMware Snapshots. 

The issue: The backup solution creates snapshots daily but if something goes wrong it doesn’t clean up a snap.

The solution: Using this simple powercli script, we monitor and check to see if any VM’s have snapshots over 1 day old. If so we highlight them in the report, other snapshots are simply in the report.

Side Note: Not sure if I’m happy with the colors I used in the report but it does grab ones attention.


#=====================================================================================================#
# Author: Robert Stacks
# URL: RandomTechMinutia.wordpress.com
# Date: 6/18/2012
# Updated: 7/2/2012
# Version: 0.4
#
# Purpose:
# Scan and report on Snapshots that are older than 1 day in VCenter
#=====================================================================================================#

#Add Snapins
Add-PSSnapin VMware.VimAutomation.Core

#Get todays Date
$date = Get-Date

#===========================#
#User Adjustable Variables  #
#===========================#

#Name of your Company for Report Title
$CompanyName="CompanyName"

#Vcenter Logon Info
$ESXserver = "vcenterserver.yourdomain.com"
$ESXuser = "vmwareuser"
$ESXpassword = "password"

#Adjust report +/- age of Snap Shots in days
$TimeinDays = 1

#Mail Server Variables
$SMTPserver = "mail.yourdomain.com"
$from = "VMwareReporter@yourdomain.com"
$to = "admin@yourdomain.com"

#===========================#
#Main Script                #
#===========================#

#Determine if already connected to VCenter and if not connect
if ( $DefaultVIServers.Length -lt 1 )
{
Connect-VIServer -Server $ESXserver -User $ESXuser -Password $ESXpassword -WarningAction SilentlyContinue | Out-Null
}

# Format html report
$htmlReport = @"
<style type='text/css'>
.heading {
color:#0B1ABF;
font-size:14.0pt;
font-weight:700;
font-family:Verdana, sans-serif;
text-align:left;
vertical-align:middle;
height:20.0pt;
width:416pt;
}
.colnames {
color:white;
font-size:10.0pt;
font-weight:700;
font-family:Tahoma, sans-serif;
text-align:center;
vertical-align:middle;
border:.5pt solid windowtext;
background:#730000;
}
.text {
color:windowtext;
font-size:10.0pt;
font-family:Arial;
text-align:center;
vertical-align:middle;
border:.5pt solid windowtext;
background:#EAEAEA;
}
.textlate {
color:#730000;
font-size:10.0pt;
font-family:Arial;
font-weight:bold;
text-align:center;
vertical-align:middle;
border:.5pt solid windowtext;
background:#FFFF00;
}
</style>
<table border=0 cellpadding=.5 cellspacing=0 width=556
style='border-collapse:collapse;table-layout:auto;width:600pt'>
<tr style='height:15.0pt'>
<th colspan=6 height=40 width=555>
<center>- $CompanyName - </center></th>
</tr>
<th colspan=6 height=40 width=555>
<center> vSphere Snapshots Daily Report </center></th>
</tr>
<tr>
<th>Name</th>
<th>Note</th>
<th>Size (MB)</th>
<th>VM</th>
<th>VM State</th>
<th>Date Created</th>
</tr>
"@

$vmlist = Get-VM -Server $ESXserver
$snapshotCount = 0

ForEach ($vm in $vmlist)
{
# List snaphosts
$snapshots = Get-Snapshot -VM (Get-VM -Name $vm.Name) -WarningAction SilentlyContinue

if ($snapshots -ne $null)
{

ForEach ($snapshot in $snapshots)
{
if( $snapshot -ne $null)
{
$snapshotCount = $snapshotCount + 1

if ($snapshot.created -lt (Get-Date).AddDays(-$TimeinDays))
{
$htmlReport = $htmlReport +
"<tr><td class='textlate'>" + $snapshot.Name + "</td>" +
"<td class='textlate'>" + "Snapshot Over 24 Hours Old" + "</td>" +
"<td class='textlate'>" + $snapshot.SizeMB + "</td>" +
"<td class='textlate'>"+ $vm.Name + "</td>" +
"<td class='textlate'>" + $vm.PowerState + "</td>" +
"<td class='textlate'>" + $snapshot.Created + "</td></tr>"
}
else
{
$htmlReport = $htmlReport +
"<tr><td class='text'>" + $snapshot.Name + "</td>" +
"<td class='text'>" + "Snapshot Less Than 24 Hours Old" + "</td>" +
"<td class='text'>" + $snapshot.SizeMB + "</td>" +
"<td class='text'>"+ $vm.Name + "</td>" +
"<td class='text'>" + $vm.PowerState + "</td>" +
"<td class='text'>" + $snapshot.Created + "</td></tr>"
}
}
}
}
}

$htmlReport = $htmlReport + "</table>"

Disconnect-VIServer -Server $ESXserver -Force:$true -Confirm:$false

# Send email
$subject = "vSphere Snapshots Daily Report: " + $snapshotCount + " snapshots"
$emailbody = "No snapshot was found."
if( $snapshotCount -gt 0 )
{
$emailbody = $htmlReport
}
$mailer = New-Object Net.Mail.SMTPclient($SMTPserver)
$msg = New-Object Net.Mail.MailMessage($from, $to, $subject, $emailbody)
$msg.IsBodyHTML = $true
$mailer.send($msg)

Here is what it will look like in a email.

Taking Ownership of a Registry Key using Powershell

A while back we setup and installed QRadar as syslog server for our IT Infrastructure.  The system works pretty well, Linux and Unix hosts send syslogs to it.  Routers and Switches and other such devices are checked via snmp.  The real challenge was to get Microsoft 2008 R2 servers working with it.

The way it works with Microsoft, is that QRadar logs into a server with Admin rights, and creates a DCOM object that then fetches logs via WMI and sends them back to the QRadar Server.  This requires a very specific set of rights including the taking ownership of two registry keys that by default have the TrustedInstaller account as the owner.  Seeing as I need to do this as I setup new servers, as part of a auto install process I wanted to script the whole thing.

The big challenge was scripting a ownership change of the registry.  I ended up having to revert to some VB to make it happen.  However it all runs as a powershell script.  So here are the highlights and that part of the script.

Problem

  • Need to grant special permissions on a Registry Key via Script
  • Need to take ownership of a Registry Key via Script

Key Points

  • You must run this script as the user that is taking ownership
  • You can’t give ownership it must be taken thus the 1st bullet
  • Make sure to take a backup of your registry before you change it or permissions

Special thank you to Tome Tanasovski on the technet forms who wrote this originally, I just added comments and figured out how to make it work with a hive key I was interested in that had a special character in it.


function enable-privilege {
 param(
 ## The privilege to adjust. This set is taken from
 ## http://msdn.microsoft.com/en-us/library/bb530716(VS.85).aspx
 [ValidateSet(
 "SeAssignPrimaryTokenPrivilege", "SeAuditPrivilege", "SeBackupPrivilege",
 "SeChangeNotifyPrivilege", "SeCreateGlobalPrivilege", "SeCreatePagefilePrivilege",
 "SeCreatePermanentPrivilege", "SeCreateSymbolicLinkPrivilege", "SeCreateTokenPrivilege",
 "SeDebugPrivilege", "SeEnableDelegationPrivilege", "SeImpersonatePrivilege", "SeIncreaseBasePriorityPrivilege",
 "SeIncreaseQuotaPrivilege", "SeIncreaseWorkingSetPrivilege", "SeLoadDriverPrivilege",
 "SeLockMemoryPrivilege", "SeMachineAccountPrivilege", "SeManageVolumePrivilege",
 "SeProfileSingleProcessPrivilege", "SeRelabelPrivilege", "SeRemoteShutdownPrivilege",
 "SeRestorePrivilege", "SeSecurityPrivilege", "SeShutdownPrivilege", "SeSyncAgentPrivilege",
 "SeSystemEnvironmentPrivilege", "SeSystemProfilePrivilege", "SeSystemtimePrivilege",
 "SeTakeOwnershipPrivilege", "SeTcbPrivilege", "SeTimeZonePrivilege", "SeTrustedCredManAccessPrivilege",
 "SeUndockPrivilege", "SeUnsolicitedInputPrivilege")]
 $Privilege,
 ## The process on which to adjust the privilege. Defaults to the current process.
 $ProcessId = $pid,
 ## Switch to disable the privilege, rather than enable it.
 [Switch] $Disable
 )

## Taken from P/Invoke.NET with minor adjustments.
 $definition = @'
 using System;
 using System.Runtime.InteropServices;

public class AdjPriv
{
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall,
ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr relen);

[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok);
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid);
[StructLayout(LayoutKind.Sequential, Pack = 1)]
internal struct TokPriv1Luid
{
public int Count;
public long Luid;
public int Attr;
}

internal const int SE_PRIVILEGE_ENABLED = 0x00000002;
internal const int SE_PRIVILEGE_DISABLED = 0x00000000;
internal const int TOKEN_QUERY = 0x00000008;
internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020;
public static bool EnablePrivilege(long processHandle, string privilege, bool disable)
{
bool retVal;
TokPriv1Luid tp;
IntPtr hproc = new IntPtr(processHandle);
IntPtr htok = IntPtr.Zero;
retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok);
tp.Count = 1;
tp.Luid = 0;
if(disable)
{
tp.Attr = SE_PRIVILEGE_DISABLED;
}
else
{
tp.Attr = SE_PRIVILEGE_ENABLED;
}
retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid);
retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero);
return retVal;
}
}
'@

$processHandle = (Get-Process -id $ProcessId).Handle
$type = Add-Type $definition -PassThru
$type[0]::EnablePrivilege($processHandle, $Privilege, $Disable)
}

enable-privilege SeTakeOwnershipPrivilege
#This is the Key to take ownership of, I left this in here as an example.  Note I had to change "ChangePermission" to "Take Ownership"
$key = [Microsoft.Win32.Registry]::ClassesRoot.OpenSubKey('CLSID\{76A64158-CB41-11D1-8B02-00600806D9B6}',[Microsoft.Win32.RegistryKeyPermissionCheck]::ReadWriteSubTree,[System.Security.AccessControl.RegistryRights]::TakeOwnership)

#You must get a blank acl for the key b/c you do not currently have access
$acl = $key.GetAccessControl([System.Security.AccessControl.AccessControlSections]::None)

#domain\user is the user that is going to take ownership
$me = [System.Security.Principal.NTAccount]"domain\user"
$acl.SetOwner($me)
$key.SetAccessControl($acl)

#After you have set owner you need to get the acl with the perms so you can modify it.
$acl = $key.GetAccessControl()

#Domain\user here is the one you are going to give permissions to
$rule = New-Object System.Security.AccessControl.RegistryAccessRule ("domain\user","FullControl","Allow")
$acl.SetAccessRule($rule)
$key.SetAccessControl($acl)

$key.Close()

How to Sync Samsung Galaxy Note with Exchange

(Pre-ICS)

Again another How To using Android on my newly acquired Samsung Galaxy Note, just because I love this phone so much!

How to sync Android with Exchange:

Open the settings menu and select “Accounts and Sync:

AndroidExch1

On the next screen select Add Account:

AndroidExch2

Next Select “Microsoft Exchange ActiveSync”:

AndroidExch3

Next Enter your Exchange email address and Password after you are done select Next in the bottom right:

AndroidExch4

Next you will see a status bar, unless you’ve typed a bad password:

AndroidExch5

Next you are going to see a warning about the fact that the Exchange Server now owns all kinds of security control over the phone.  This is normal, the long and short, the Exchange Admin now has the ability to remote wipe your device.  This is pretty standard especially for business that worry about security.  So just click ok.

AndroidExch6

Next you have the option to adjust settings on account behavior.  Things like How many days of email to keep on the phone “Period to sync email” or how many days to sync the Calendar “Period to sync Calendar”.  You also have the options to disable syncing contacts, calendar etc.  Marked in Green below.  You also have the option to send all email from this account which you may or may not want to do.  It all depends on if you have other email accounts setup on the phone (think gmail) and where you want most of your email to come from ie, gmail or exchange.  Make your choice and mark or don’t mark the item with the yellow arrow.  Then click Next.

AndroidExch7

Next you can give the account a name, this is simply a label you will use on your phone to recognize the account. The name of the business or school etc is a good choice here.

AndroidExch8

Once you are done you should see a list of accounts, typically Gmail and then the Exchange Account.  If you want to get back to the account settings to change something, Open the account so you are looking at the list of current emails.

Select the options button
Select “More”
Select “Account Settings”

From here you can now set custom sounds, signatures, etc for this specific account.

Good Luck!