machv’s gists

machv / Create-AllUsersTask.ps1

Last active September 25, 2020 10:23

	$ps1Content = @'
	$vpnProfiles = "Litware VPN Auto"

	function Set-VpnStrategy {
	[cmdletbinding()]
	param(
	[Parameter(Mandatory = $true, ParameterSetName = "Connection", ValueFromPipeline = $true)]
	$VpnConnection,
	[Parameter(Mandatory = $true, ParameterSetName = "Name")]
	[string]$ProfileName,

machv / Sync-RrasRoutes.ps1

Created November 6, 2020 13:58

	function Get-RrasRoutes {
	$config = netsh routing dump
	$config \| ? { $_.StartsWith("add persistentroute") } \| ForEach-Object {
	$line = $config \| ? { $_.StartsWith("add persistentroute") } \| Select -First 1
	$line = $_
	$fields = $line -split " "
	$route = @{}
	foreach($item in $fields) {
	#$item = $fields \| Select -First 1 -Skip 2
	$f = $item -split "="

machv / audit-ddos-protection.json

Created January 4, 2021 10:01

	{
	"properties": {
	"displayName": "Enabled DDoS protection",
	"policyType": "Custom",
	"mode": "All",
	"metadata": {
	"category": "Network"
	},
	"parameters": {},
	"policyRule": {

machv / Get-NonCompliantNetworks.ps1

Created February 18, 2021 15:10


	$policyName = "DDoS"
	$roleToNotify = "Owner"

	$policy = Get-AzPolicyDefinition \| Where-Object { $_.Properties.displayname -eq $policyName }
	$nonCompliantNetworks = Get-AzPolicyState \| Where-Object { $_.ComplianceState -eq "NonCompliant" -and $_.PolicyDefinitionName -eq $policy.Name } \| Group-Object SubscriptionId

	foreach($group in $nonCompliantNetworks) {
	$subscriptionId = $group.Name
	$networks = $group.Group

machv / sync-ad-aad.ps1

Last active February 24, 2021 15:56

	param (
	[Parameter(Mandatory = $true)]
	[string]$sourceAadGroupName,
	[Parameter(Mandatory = $true)]
	[string]$destinationAdGRoupName,
	[Parameter(Mandatory = $false)]
	[bool]$RemoveUnmatched = $true
	)

	#region Azure Automations connect as RunAs

machv / Sync-GroupMembers.ps1

Created August 16, 2021 19:53

	Connect-AzAccount

	[void][Reflection.Assembly]::LoadWithPartialName('Microsoft.VisualBasic')

	#region Source group
	$sourceGroupName = [Microsoft.VisualBasic.Interaction]::InputBox('Zadejte název zdrojové Azure AD skupiny pro načtení členů:', 'Zdrojová skupina')
	if(-not $sourceGroupName) {
	Write-Host -ForegroundColor Yellow "Je potřeba zadat jméno skupiny"
	return
	}

machv / Update-NsgExchangeOnlineSmtp.ps1

Created October 15, 2021 08:43

Update NSG with Exchange Online SMTP endpoints

	$nsgName = "litware-sccm012021-05-10T04-44-28-34"
	$nsgResourceGroup = "litware-infra"
	$priority = 200
	$sourceAddressPrefix = "*" # zdrojový server/prefix pro odesílání SMTP přes ExO

	#region Helper functions
	function Set-NsgRule {
	param(
	$nsg,
	$smtpEndpoint,

machv / Export-AuthenticationMethodsReport.ps1

Created October 20, 2021 14:50

	$configFilePath = "$($env:USERPROFILE)\aad.cnf"
	$data = Get-Content $configFilePath
	$config = [System.Text.Encoding]::Unicode.GetString([Convert]::FromBase64String($data)) \| ConvertFrom-Json

	$token = Invoke-ClientCredentialsFlow -Tenant $config.TenantId -ClientId $config.ClientId -ClientSecret $config.ClientSecret
	$headers = @{
	"Authorization" = "Bearer $($token.AccessToken)"
	}

	# Get AAD Users.

machv / Terraform monitoring

Created February 23, 2022 15:41

Terraform monitoring

preview

machv / photo-sync.ps1

Created March 28, 2022 08:02

	<# setup

	Connect-AzureAD
	$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile
	$PasswordProfile.Password = "<SecretPassword>"
	$PasswordProfile.ForceChangePasswordNextLogin = $false
	$user = New-AzureADUser `
	-DisplayName "Photo Syncer" `
	-PasswordProfile $PasswordProfile `
	-UserPrincipalName "<UserName>" `

Vladimír machv