Added scripts

2023-05-23 17:02:39 +02:00
parent e6cdde5ad7
commit 6e544a16d2
6 changed files with 181 additions and 0 deletions
--- a/directory/Setup-GroupPolicy.ps1
+++ b/directory/Setup-GroupPolicy.ps1
@@ -0,0 +1,134 @@
+#
+
+#Install needed Administrative tools
+Install-WindowsFeature -Name "GPMC"
+Install-WindowsFeature -Name “RSAT-AD-Tools” -IncludeAllSubFeature
+Install-WindowsFeature -Name "RSAT-DNS-Server"
+
+#Creating needed Active Directory Struckture, (OU, Groups).
+$ADName = (Get-ADDomain).DistinguishedName
+New-ADOrganizationalUnit -Name "Servers" -Path "$ADName"
+$ServersOUPath = (Get-ADOrganizationalUnit -Identity "OU=Servers,$ADName").DistinguishedName
+New-ADOrganizationalUnit -Name "Avd" -Path "$ServersOUPath"
+$AvdOUPath = (Get-ADOrganizationalUnit -Identity "OU=Avd,ServersOUPath").DistinguishedName
+
+New-ADGroup -Name "AVD-Hosts" -DisplayName "AVD-Hosts" -SamAccountName "AVD-Hosts" -GroupCategory Security -GroupScope Global -Path "$AvdOUPath"
+
+
+#
+New-GPO -name "AVD-GPO-C" | New-GPLink -Target "$AvdOUPath" -LinkEnabled
+Set-GPPermission -Name AVD-GPO-C -PermissionLevel GpoApply,GpoRead -TargetName "AVD-Hosts" -TargetType Group
+Set-GPPermission -Name AVD-GPO-C -PermissionLevel GpoRead -TargetName "Authenticated Users" -TargetType Group
+Set-GPPermission -Name AVD-GPO-C -PermissionLevel GpoEditDeleteModifySecurity -TargetName "AAD DC Administrators" -TargetType Group
+Import-GPO -TargetName "AVD-GPO-C" -Path ./AVD-GPO-C/
+
+new-gpo -name "AVD-Customization-C" | New-GPLink -Target "$AvdOUPath" -LinkEnabled
+Set-GPPermission -Name AVD-Customization-C -PermissionLevel GpoApply,GpoRead -TargetName "AVD-Hosts" -TargetType Group
+Set-GPPermission -Name AVD-Customization-C -PermissionLevel GpoRead -TargetName "Authenticated Users" -TargetType Group
+Set-GPPermission -Name AVD-Customization-C -PermissionLevel GpoEditDeleteModifySecurity -TargetName "AAD DC Administrators" -TargetType Group
+Import-GPO -TargetName "AVD-Customization-C" -Path ./
+
+new-gpo -name "AVD-Customization-U" | New-GPLink -Target "$AvdOUPath" -LinkEnabled
+Set-GPPermission -Name AVD-Customization-U -PermissionLevel GpoApply,GpoRead -TargetName "AVD-Hosts" -TargetType Group
+Set-GPPermission -Name AVD-Customization-U -PermissionLevel GpoRead -TargetName "Authenticated Users" -TargetType Group
+Set-GPPermission -Name AVD-Customization-U -PermissionLevel GpoEditDeleteModifySecurity -TargetName "AAD DC Administrators" -TargetType Group
+Import-GPO -TargetName "AVD-Customization-U" -Path ./
+
+new-gpo -name "FSlogix-Profiles-C" | New-GPLink -Target "$AvdOUPath" -LinkEnabled
+Set-GPPermission -Name FSlogix-Profiles-C -PermissionLevel GpoApply,GpoRead -TargetName "AVD-Hosts" -TargetType Group
+Set-GPPermission -Name FSlogix-Profiles-C -PermissionLevel GpoRead -TargetName "Authenticated Users" -TargetType Group
+Set-GPPermission -Name FSlogix-Profiles-C -PermissionLevel GpoEditDeleteModifySecurity -TargetName "AAD DC Administrators" -TargetType Group
+Import-GPO -TargetName "FSlogix-Profiles-C" -Path ./
+
+new-gpo -name "FSlogix-Conteiners-C" | New-GPLink -Target "$AvdOUPath" -LinkEnabled
+Set-GPPermission -Name FSlogix-Conteiners-C -PermissionLevel GpoApply,GpoRead -TargetName "AVD-Hosts" -TargetType Group
+Set-GPPermission -Name FSlogix-Conteiners-C -PermissionLevel GpoRead -TargetName "Authenticated Users" -TargetType Group
+Set-GPPermission -Name FSlogix-Conteiners-C -PermissionLevel GpoEditDeleteModifySecurity -TargetName "AAD DC Administrators" -TargetType Group
+Import-GPO -TargetName "FSlogix-Conteiners-C" -Path ./
+
+new-gpo -name "AVD-Lockdown-C" | New-GPLink -Target "$AvdOUPath" -LinkEnabled
+Set-GPPermission -Name AVD-Lockdown-C -PermissionLevel GpoApply,GpoRead -TargetName "AVD-Hosts" -TargetType Group
+Set-GPPermission -Name AVD-Lockdown-C -PermissionLevel GpoRead -TargetName "Authenticated Users" -TargetType Group
+Set-GPPermission -Name AVD-Lockdown-C -PermissionLevel GpoEditDeleteModifySecurity -TargetName "AAD DC Administrators" -TargetType Group
+Import-GPO -TargetName "AVD-Lockdown-C" -Path ./
+
+new-gpo -name "AVD-Lockdown-U" | New-GPLink -Target "$AvdOUPath" -LinkEnabled
+Set-GPPermission -Name AVD-Lockdown-U -PermissionLevel GpoApply,GpoRead -TargetName "AVD-Hosts" -TargetType Group
+Set-GPPermission -Name AVD-Lockdown-U -PermissionLevel GpoRead -TargetName "Authenticated Users" -TargetType Group
+Set-GPPermission -Name AVD-Lockdown-U -PermissionLevel GpoEditDeleteModifySecurity -TargetName "AAD DC Administrators" -TargetType Group
+Import-GPO -TargetName "AVD-Lockdown-U" -Path ./
+
+new-gpo -name "AVD-Office-C" | New-GPLink -Target "$AvdOUPath" -LinkEnabled
+Set-GPPermission -Name AVD-Office-C -PermissionLevel GpoApply,GpoRead -TargetName "AVD-Hosts" -TargetType Group
+Set-GPPermission -Name AVD-Office-C -PermissionLevel GpoRead -TargetName "Authenticated Users" -TargetType Group
+Set-GPPermission -Name AVD-Office-C -PermissionLevel GpoEditDeleteModifySecurity -TargetName "AAD DC Administrators" -TargetType Group
+Import-GPO -TargetName "AVD-Office-C" -Path ./
+
+new-gpo -name "AVD-Office-U" | New-GPLink -Target "$AvdOUPath" -LinkEnabled
+Set-GPPermission -Name AVD-Office-U -PermissionLevel GpoApply,GpoRead -TargetName "AVD-Hosts" -TargetType Group
+Set-GPPermission -Name AVD-Office-U -PermissionLevel GpoRead -TargetName "Authenticated Users" -TargetType Group
+Set-GPPermission -Name AVD-Office-U -PermissionLevel GpoEditDeleteModifySecurity -TargetName "AAD DC Administrators" -TargetType Group
+Import-GPO -TargetName "AVD-Office-U" -Path ./
+
+new-gpo -name "AVD-Redirect-U" | New-GPLink -Target "$AvdOUPath" -LinkEnabled
+Set-GPPermission -Name AVD-Redirect-U -PermissionLevel GpoApply,GpoRead -TargetName "AVD-Hosts" -TargetType Group
+Set-GPPermission -Name AVD-Redirect-U -PermissionLevel GpoRead -TargetName "Authenticated Users" -TargetType Group
+Set-GPPermission -Name AVD-Redirect-U -PermissionLevel GpoEditDeleteModifySecurity -TargetName "AAD DC Administrators" -TargetType Group
+Import-GPO -TargetName "AVD-Redirect-U" -Path ./
+
+new-gpo -name "AVD-RegionalSettings-U" | New-GPLink -Target "$AvdOUPath" -LinkEnabled
+Set-GPPermission -Name AVD-RegionalSettings-U -PermissionLevel GpoApply,GpoRead -TargetName "AVD-Hosts" -TargetType Group
+Set-GPPermission -Name AVD-RegionalSettings-U -PermissionLevel GpoRead -TargetName "Authenticated Users" -TargetType Group
+Set-GPPermission -Name AVD-RegionalSettings-U -PermissionLevel GpoEditDeleteModifySecurity -TargetName "AAD DC Administrators" -TargetType Group
+Import-GPO -TargetName "AVD-RegionalSettings-U" -Path ./
+
+new-gpo -name "AVD-Sessions-U" | New-GPLink -Target "$AvdOUPath" -LinkEnabled
+Set-GPPermission -Name AVD-Sessions-U -PermissionLevel GpoApply,GpoRead -TargetName "AVD-Hosts" -TargetType Group
+Set-GPPermission -Name AVD-Sessions-U -PermissionLevel GpoRead -TargetName "Authenticated Users" -TargetType Group
+Set-GPPermission -Name AVD-Sessions-U -PermissionLevel GpoEditDeleteModifySecurity -TargetName "AAD DC Administrators" -TargetType Group
+Import-GPO -TargetName "AVD-Sessions-U" -Path ./
+
+new-gpo -name "AVD-Sessions-C" | New-GPLink -Target "$AvdOUPath" -LinkEnabled
+Set-GPPermission -Name AVD-Sessions-C -PermissionLevel GpoApply,GpoRead -TargetName "AVD-Hosts" -TargetType Group
+Set-GPPermission -Name AVD-Sessions-C -PermissionLevel GpoRead -TargetName "Authenticated Users" -TargetType Group
+Set-GPPermission -Name AVD-Sessions-C -PermissionLevel GpoEditDeleteModifySecurity -TargetName "AAD DC Administrators" -TargetType Group
+Import-GPO -TargetName "AVD-Sessions-C" -Path ./
+
+new-gpo -name "AVD-Shadow-C" | New-GPLink -Target "$AvdOUPath" -LinkEnabled
+Set-GPPermission -Name AVD-Shadow-C -PermissionLevel GpoApply,GpoRead -TargetName "AVD-Hosts" -TargetType Group
+Set-GPPermission -Name AVD-Shadow-C -PermissionLevel GpoRead -TargetName "Authenticated Users" -TargetType Group
+Set-GPPermission -Name AVD-Shadow-C -PermissionLevel GpoEditDeleteModifySecurity -TargetName "AAD DC Administrators" -TargetType Group
+Import-GPO -TargetName "AVD-Shadow-C" -Path ./
+
+new-gpo -name "Edge-Settings-C" | New-GPLink -Target "$AvdOUPath" -LinkEnabled
+Set-GPPermission -Name Edge-Settings-C -PermissionLevel GpoApply,GpoRead -TargetName "AVD-Hosts" -TargetType Group
+Set-GPPermission -Name Edge-Settings-C -PermissionLevel GpoRead -TargetName "Authenticated Users" -TargetType Group
+Set-GPPermission -Name Edge-Settings-C -PermissionLevel GpoEditDeleteModifySecurity -TargetName "AAD DC Administrators" -TargetType Group
+Import-GPO -TargetName "Edge-Settings-C" -Path ./
+
+new-gpo -name "Edge-Settings-U" | New-GPLink -Target "$AvdOUPath" -LinkEnabled
+Set-GPPermission -Name Edge-Settings-U -PermissionLevel GpoApply,GpoRead -TargetName "AVD-Hosts" -TargetType Group
+Set-GPPermission -Name Edge-Settings-U -PermissionLevel GpoRead -TargetName "Authenticated Users" -TargetType Group
+Set-GPPermission -Name Edge-Settings-U -PermissionLevel GpoEditDeleteModifySecurity -TargetName "AAD DC Administrators" -TargetType Group
+Import-GPO -TargetName "Edge-Settings-U" -Path ./
+
+new-gpo -name "TenentShortName-Shares-U" | New-GPLink -Target "$AvdOUPath" -LinkEnabled
+Set-GPPermission -Name TenentShortName-Shares-U -PermissionLevel GpoApply,GpoRead -TargetName "AVD-Hosts" -TargetType Group
+Set-GPPermission -Name TenentShortName-Shares-U -PermissionLevel GpoRead -TargetName "Authenticated Users" -TargetType Group
+Set-GPPermission -Name TenentShortName-Shares-U -PermissionLevel GpoEditDeleteModifySecurity -TargetName "AAD DC Administrators" -TargetType Group
+Import-GPO -TargetName "TenentShortName-Shares-U" -Path ./
+
+#Creating folderstructure for drift
+mkdir "Drift"
+mkdir "Drift\Install"
+mkdir "Drift\RDP"
+
+#Creating folderstructure for Customizations
+mkdir "Customizations"
+mkdir "Customizations\Backgrounds"
+mkdir "Customizations\DefaultApps"
+mkdir "Customizations\Layout"
+mkdir "Customizations\Start Menu"
+
+
+
--- a/Azure/Create-AzureADGroups.ps1
+++ b/Azure/Create-AzureADGroups.ps1
@@ -0,0 +1,12 @@
+
+#Importing requierd modules
+#Import-Module Az
+
+$groups = Import-Csv -Path "c:\Users\-GroupStructure-Full.csv" -Delimiter ","
+#Connect-Az
+
+foreach ($group in $groups)
+{
+    $group.groupname
+    New-AzADGroup -DisplayName $group.groupname -Description $group.groupdescription -SecurityEnabled -MailNickName $group.groupname
+}
--- a/365/connect-office-365.ps1
+++ b/365/connect-office-365.ps1
@@ -0,0 +1,3 @@
+$UserCredential = Get-Credential
+$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
+Import-PSSession $Session
--- a/PowerShell/Create-Printers.ps1
+++ b/PowerShell/Create-Printers.ps1
@@ -0,0 +1,9 @@
+$Printers = Import-Csv -Path "C:\temp\PrinterList.csv" -Encoding UTF8 -delimiter "," 
+
+foreach ($Printer in $Printers)
+{
+
+   Add-PrinterPort -Name $Printer.IP -PrinterHostAddress $Printer.IP -Verbose
+   Add-Printer -Name $Printer.PrinterName -DriverName $Printer.Driver -Location $Printer.Location -PortName $Printer.IP -Verbose
+  
+}
--- a/PowerShell/List
+++ b/PowerShell/List
@@ -0,0 +1,11 @@
+get-Acl -Path C:\users\* | out-gridview
+
+$FolderPath = Get-ChildItem -Directory -Path "C:\users\*" 
+
+ForEach ($Folder in $FolderPath) {
+   $Acl = Get-Acl -Path $Folder.FullName
+   ForEach ($Access in $Acl.Access) {
+$Properties = [ordered]@{'Folder Name'=$Folder.FullName;'Group/User'=$Access.IdentityReference;'Permissions'=$Access.FileSystemRights;'Inherited'=$Access.IsInherited}
+New-Object -TypeName PSObject -Property $Properties
+    Out-GridView        }
+} 
--- a/PowerShell/get-eventid.ps1
+++ b/PowerShell/get-eventid.ps1
@@ -0,0 +1,12 @@
+
+$server = 127.0.0.1
+$starttime = get-date -Format yyyy-MM-dd 
+
+Get-EventLog Application -ComputerName $server -After $starttime | 
+    ? { $_.entryType -Match "Error" -and "Critical" } |
+    Group-Object -Property EventID |
+    % { $_.Group[0] | Add-Member -PassThru -NotePropertyName Count -NotePropertyValue $_.Count } |
+    Sort-Object EventID -Unique | 
+    Select-Object Count, TimeGenerated, EventID, Source, Message | 
+    ft -AutoSize -Wrap | 
+    Out-File $file -Append