Stu Mace kewalaka

Technologist and Microsoft MVP for Azure, focused on platform engineering, DevOps, and infrastructure as code.

44 followers · 3 following

New Zealand
13:45 (UTC +12:00)

View GitHub Profile

Recently created

Least recently created

Recently updated

Least recently updated

kewalaka / Get-EventID4769.ps1

Created October 10, 2021 00:44

Filter event ID 4760 - Kerberos se

	<#

	This gist illustrates collecting event ID 4769 (auditing of Kerberos service tickets),
	placing these into a PSobject so they can be further analysed and filtered.

	Advanced auditing policies needs to be enabled for this event ID to be recorded in the security,
	specifically: Account Logon->Audit Kerberos Service Ticket Operations

	#>

kewalaka / Get-SQLAliasesRemote.ps1

Created May 30, 2021 03:54

This will fetch the SQL aliases from remote machines, using Invoke-Command, could make it into a cmdlet too...

	#
	# simple script that gets the SQL Alias info from remote machines
	#
	[scriptblock]$GetSQLAliases = {

	$aliasRegistryPath = 'HKLM:\SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo'

	If (Test-Path($aliasRegistryPath)) {

	$aliases = @()

kewalaka / Get-SQLAliases.ps1

Last active May 29, 2021 22:27

This will write out the SQL aliases on the local machine in a human readable form

	$aliasRegistryPath = 'HKLM:\SOFTWARE\Microsoft\MSSQLServer\Client\ConnectTo'
	(Get-Item $aliasRegistryPath).Property \| ForEach-Object {
	$aliasName = $_
	$aliasTarget = Get-ItemPropertyValue $aliasRegistryPath -Name $aliasName

	$aliasTargetType = switch ($aliasTarget.split(',')[0])
	{
	'DBNMPNTW' {'a named pipe'}
	'DBMSSOCN' {'a tcp port'}
	Default { ("an unknown target: '{0}'" -f $aliasTarget.split(',')[0]) }

kewalaka / Set-SQLServiceDependenciesforGMSA.ps1

Last active June 18, 2021 02:12

This will set the service dependency of the SQL Service database engine to include netlogon and w32tm, this can help when a GMSA is used to make sure AD is available from the machine before the service is started.

	$dependencies = @('netlogon', 'w32time')
	# to remove:
	#$dependencies = @('')

	Get-CimInstance –Query 'select * from Win32_Service where name like "mssql%"' \| foreach {

	$serviceCimInstance = $_
	$serviceName = $_.name

	write-host "Apply service dependencies '$dependencies' to: $serviceName"

kewalaka / Add-ExtraDiskPartition.ps1

Last active April 2, 2021 00:06

This will modify the C: disk volume, halving it to create space for another partition D:, and enable BitLocker

	<#
	.Synopsis
	Divides the Partition hosting C: into two partitions

	.DESCRIPTION
	This script;
	- moves the optical drive to Z:
	- divides c: into two partitions
	- creates partition & formats D: with the label 'Local Data'
	- enables BitLocker for D: (assumes that the recovery key is stored in AD)

kewalaka / CreateGMSAandKerberosDelegation.ps1

Last active March 21, 2021 22:31

This demo creates a GMSA and illustrates how to set up resource based constrained delegation

	# this stuff corresponds to my lab, I don't care that the info is public :)

	# this group contains the service accounts that can read the gMSA password
	# creating a group is optional.
	$GroupToReadPassword = (Get-ADGroup g-labsql03)

	$params = @{
	Name = 'gmsaSQL03'
	DNSHostName = 'gmsaSQL03.kewalaka.nz'
	Description = 'this is not an awesome description'

kewalaka / Update-BitlockerRecoveryPasswordinAD.ps1

Created March 15, 2021 22:05

Bitlocker - Update the password stored in AD for the local C: drive

	$id = (manage-bde -protectors -get c: \| select-string 'Numerical Password' -context 1 \|select -expandproperty context).Postcontext
	if ($id.Length -eq 1)
	{
	$trimmedId = $id[0].Substring($id[0].IndexOf("{"))
	Write-Host "Setting ID $trimmedId for computer $($env:COMPUTERNAME)"
	manage-bde -protectors -adbackup c: -id $trimmedId
	}

kewalaka / how-to-add-image-to-gist.md

Created January 10, 2021 00:29 — forked from remarkablemark/how-to-add-image-to-gist.md

How to add an image to a gist: https://remarkablemark.org/blog/2016/06/16/how-to-add-image-to-gist/

How to add an image to a gist

Create or find a gist that you own.

Clone your gist (replace <hash> with your gist's hash):

# with ssh
git clone [email protected]:<hash>.git mygist

# with https

git clone https://gist.github.com/.git mygist

kewalaka / chocolatey-server-tests.png

Last active January 9, 2021 01:23

kewalaka / powershell-uac-always-notify-bypass.ps1

Last active May 25, 2025 00:47 — forked from chryzsh/powershell-uac-always-notify-bypass.ps1

uac bypass for always notify (still works on 20H2)

	$assemblies=(
	"System"
	)

	$source=@"
	using System;
	using Microsoft.Win32;
	using System.Diagnostics;

	namespace Helloworld

Newer Older