Run powershell when windows is locked? - powershell-2.0

Is it possible to run power shell while windows is locked?
while (Get-Process | Where-Object { $_.Name -eq 'LogonUI' }) {
Write-Host "Windows locked out"
}

Related

Change hostname from within a windows container

I have to create windows container image with our application installed. Our application is a legacy one and it uses hostname in several places during installation. The docker build command doesnot have an option to pass the hostname. So, we are currently stuck at a point where when we run a container with the image created, our application fails to run as its expecting the hostname to be the generated name during the image creation time and not the one we pass with docker run command.
I tried to change the hostname within the container before installing our application using suggestions in this query.But,it did not work.
I wanted to understand if there is a way we can change the hostname from within the windows container?
The following worked for me -
rename-computer.ps1:
$ComputerName = "New Name"
Remove-ItemProperty -path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" -name "Hostname"
Remove-ItemProperty -path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" -name "NV Hostname"
Set-ItemProperty -path "HKLM:\SYSTEM\CurrentControlSet\Control\Computername\Computername" -name "Computername" -value $ComputerName
Set-ItemProperty -path "HKLM:\SYSTEM\CurrentControlSet\Control\Computername\ActiveComputername" -name "Computername" -value $ComputerName
Set-ItemProperty -path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" -name "Hostname" -value $ComputerName
Set-ItemProperty -path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" -name "NV Hostname" -value $ComputerName
Set-ItemProperty -path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" -name "AltDefaultDomainName" -value $ComputerName
Set-ItemProperty -path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" -name "DefaultDomainName" -value $ComputerName
Dockerfile:
COPY "rename-computer.ps1" "C:/"
RUN powershell -command "Set-ExecutionPolicy RemoteSigned" \
&& powershell -command "C:/rename-computer.ps1 ; hostname" \
&& powershell -command "Set-ExecutionPolicy Restricted" \
&& <your installer runs here>
Sources -
https://serverfault.com/a/731832/845133
https://gist.github.com/timnew/2373475

No such file found in jenkis pipeline

Here is my groovy file
timestamps{
node('cf_slave'){
checkout scm
stage('Read the file') {
def PWD = pwd()
withEnv(["prj_option=${params.project}"]) {
def response =sh(returnStdout: true, script: 'sh \'jenkins/security/get_values.sh\'')
}
}
This is my get_values.sh file
echo "The project option is:" $prj_option
prj_name=$(echo "$prj_option" | tr '[:upper:]' '[:lower:]')
file_name="va_input_file_$prj_name.txt"
echo "The project option is:" $file_name
ls -la
chmod 775 jenkins/security/$file_name
ls -la
get_input_values() {
file=$1
IFS=''
while read line
do
if [ `echo ${line} | grep -E -c -w "NAME_SPACE" ` -gt 0 ]; then
NAME_SPACE=$(echo " ${line}" | cut -d'=' -f2)
echo "The name space value is $NAME_SPACE"
elif [ `echo ${line} | grep -E -c -w "IMAGE_NAMES" ` -gt 0 ]; then
values=$(echo " ${line}" | cut -d'=' -f2)
echo "THE DOCKERIMAGES are $DOCKER_IMAGES_NAMES"
else
echo "Please provide input for namespace and docker images to be scanned by VA_TOOl"
fi
done < ${file}
}
images=$(get_input_values ${file_name})
so here my text file is under jenkins/security folder of gitrepo but unfortunately I am getting this error:
16:05:28 + sh jenkins/security/get_values.sh
16:05:28 jenkins/security/get_values.sh: 16: jenkins/security/get_values.sh: cannot open va_input_file_icp.txt: No such file```
Unfortunately, there is a ticket for this in Jenkins (https://issues.jenkins-ci.org/browse/JENKINS-51245) which was closed as a duplicate of this ticket: (https://issues.jenkins-ci.org/browse/JENKINS-27413)
JENKINS-27413 was raised in 2015, and is still open. The File Parameter appears not to work in Jenkins Pipeline. It does however work when used in a Freestyle project. While not ideal, I would recommend changing your job to be a Freestyle project if that's feasible.

ASPNET Docker image: Updating authentication using powershell stops W3SVC

Trying to update IIS authentication settings using Powershell.
Here's the dockerfile:
FROM microsoft/aspnet
SHELL ["powershell"]
WORKDIR C:\MyWebApp
RUN Import-Module WebAdministration; `
New-WebApplication -Name 'MyWebApp' -Site 'Default Web Site' -PhysicalPath C:\MyWebApp -ApplicationPool DefaultAppPool; `
Set-WebConfigurationProperty -Filter "/system.webServer/security/authentication/anonymousAuthentication" -Name Enabled -Value False -PSPath IIS:\ -Location "'Default Web Site/MyWebApp'"; `
Set-WebConfigurationProperty -Filter "/system.webServer/security/authentication/basicAuthentication" -Name Enabled -Value False -PSPath IIS:\ -Location "'Default Web Site/MyWebApp'"; `
Set-WebConfigurationProperty -Filter "/system.webServer/security/authentication/windowsAuthentication" -Name Enabled -Value True -PSPath IIS:\ -Location "'Default Web Site/MyWebApp'"; `
Set-WebConfigurationProperty -Filter "/system.web/identity" -Name impersonate -Value True -PSPath IIS:\ -Location "'Default Web Site/MyWebApp'"; `
Set-ItemProperty -Path IIS:\AppPools\DefaultAppPool\ -Name managedPipelineMode -Value 0; `
Set-ItemProperty -Path IIS:\AppPools\DefaultAppPool\ -Name enable32BitAppOnWin64 -Value True;
Set-WebConfigurationProperty is causing W3SVC to get stopped and container exits.
PS C:\Projects\docker_workspace\app> docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS
96bc3c60e9df wcpapp:v1 "C:\\ServiceMonitor.e…" About a minute ago Exited (2147500037) 12 seconds ago
PS C:\Projects\docker_workspace\app> docker logs 96
Service 'w3svc' has been stopped
ERROR: Failed to start or query status of service 'w3svc' error [80004005]
Service 'w3svc' has been stopped
If I remove Set-WebConfigurationProperty statements, Container stays up and running. What am I missing here?

PJL status readback commands

How to receive respond on Windows from printer after send PJL command?
I tried to spy network printer with WireShark and read printer socket directly but nothing work.
On windows is only possible with network printers with Paraphernalia. There is no bidirectional printer drivers for common models. So i have installed linux on virtualmachine.
I used the bidirectional USB driver on linux (the same drivers is on mint, *buntu distro) and execeute a pjl command from cmd.txt with this bash script below.
But i still cannot recognize when to read PJL Respond. Using fuser command to recognize /dev/usb/lp0 busy state does not work so i try to read in a loop with dd and check size of readback. It works but sometimes has to send PJL few times before got response.
#!/bin/bash
PRINTER=/dev/usb/lp0
ESCAPE=$(echo -e "\e")
FF=$(echo -e "\x0C")
char=
IFS=""
SSKIP=0
echo "" > a.txt
echo "" > b.txt
echo "" > temp.txt
while read p; do
echo -e "#######BEGIN$p-\r\n" >> a.txt
echo $p
while true
do
#WAIT FOR NOT BUSY
while true
do
fuser -s $PRINTER
if [ $? -ne 0 ]
then
break
fi
done
#send PJL to printer
echo -e "\e%-12345X#PJL\r\n#PJL INQUIRE $p \r\n\e%-12345X" > $PRINTER
#TRY TO READ IMMEDIATELY
char=$(dd if=$PRINTER of=temp.txt 2>&1)
#send escape after read
echo -e "\e" > "$PRINTER"
#CHECK THAT dd READ ANY BYTES
echo "$char" | grep "bytes copied" > /dev/null
if [ $? -ne 0 ]
then
printf "."
else
echo "$char" | grep "^0 bytes copied" > /dev/null
if [ $? -ne 0 ]
then
cat temp.txt >> b.txt
echo "" > temp.txt
break
else
printf "."
fi
fi
char=""
done
echo
echo -e "#######END$p-\r\n" >> a.txt
done <cmd.txt

Powershell script to reset TPMLockout

We have Windows 7 Enterprise laptops with TPM chips. We have deployed Bitlocker to these laptops. What I'm trying to accomplish is to write a PowerShell script to look up the msTPM-OwnerInformation value for a specific computer in AD. I want it to then take that value and reset the TPMLockout.
Right now we have to go into the TPM console and click reset and specify the XML file that contains that value.
I have started on a script, but it's not doing what I want it to do as I'm very new to PowerShell.
Create a new file named "Get_msTPM-OwnerInformation.ps1"
and paste the following text to it.
Change the Part 'DOMAIN/OU' to your needs.
This should read you all the Information you need out of the AD
#----------------------Start----------------------------------------------------------------
#Custom variables
$CsvFilePath = "C:\Temp\BitLockerComputerReport.csv"
#Create array to hold computer information
$export = #()
#Export computers not Bitlocker-enabled to a CSV-file
#$BitLockerEnabled = Get-QADObject -SizeLimit 0 -IncludedProperties cn,Name,ParentContainer,msFVE-RecoveryPassword | Where-Object {$_.type -eq “msFVE-RecoveryInformation”} | Foreach-Object {
$BitLockerEnabled = Get-QADObject -SearchRoot 'DOMAIN/OU' -SizeLimit 0 -IncludedProperties cn,Name,ParentContainer,msFVE-RecoveryPassword | Where-Object {$_.type -eq “msFVE-RecoveryInformation”} | Foreach-Object {
#Get PasswordID
$_.cn -match “(?<={).*(?=})"
#Create custom object for each computer
$computerobj = New-Object -TypeName psobject
#Add information to custom object
$computerobj | Add-Member -MemberType NoteProperty -Name Name -Value (Split-Path -Path $_.ParentContainer -Leaf)
$computerobj | Add-Member -MemberType NoteProperty -Name PasswordID -Value $matches[0]
$computerobj | Add-Member -MemberType NoteProperty -Name "msFVE-RecoveryPassword" -Value $_."msFVE-RecoveryPassword"
$computerobj | Add-Member -MemberType NoteProperty -Name "msTPM-OwnerInformation" -Value (Get-QADComputer -IncludedProperties "msTPM-OwnerInformation" -Name (Split-Path -Path $_.ParentContainer -Leaf))."msTPM-OwnerInformation"
$export += $computerobj
}
#Export the array with computerinformation to the user-specified path
$export | Export-Csv -Path $CsvFilePath -NoTypeInformation
#------------------------End--------------------------------------------------------------

Resources