Difference between revisions of "Azure"
| Line 1: | Line 1: | ||
| − | + | = Install= | |
#Install-Module AzureADPreview | #Install-Module AzureADPreview | ||
| − | + | = Update= | |
#Update-Module AzureADPreview | #Update-Module AzureADPreview | ||
| − | + | =Connect to Azure AD= | |
# Connect-AzureAD | # Connect-AzureAD | ||
# Run the following commands: | # Run the following commands: | ||
| Line 36: | Line 36: | ||
| − | Steps from Start azure scripting | + | =Steps from Start azure scripting= |
Run powershell as administrator | Run powershell as administrator | ||
Latest revision as of 13:39, 3 November 2021
Contents
Install
- Install-Module AzureADPreview
Update
- Update-Module AzureADPreview
Connect to Azure AD
- Connect-AzureAD
- Run the following commands:
- $setting=(Get-AzureADDirectorySetting | where -Property DisplayName -Value "Group.Unified" -EQ)
- if ($setting -eq $null)
- {
- $template = Get-AzureADDirectorySettingTemplate -Id 62375ab9-6b52-47ed-826b-58e47e0e304b
- $setting = $template.CreateDirectorySetting()
- $setting["EnableMIPLabels"] = "True"
- New-AzureADDirectorySetting -DirectorySetting $setting
- }else{
- $setting["EnableMIPLabels"] = "True"
- Set-AzureADDirectorySetting -Id $setting.Id -DirectorySetting $setting
- }
If you already have the ClassificationList item, this will be automatedly disabled. Even the DefaultLabel if that is configured. When public preview is enabled you need to do a sync with following commands. First connect to the SSC portal.
- Set-ExecutionPolicy RemoteSigned
- $UserCredential = Get-Credential
- $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.compliance.protection.outlook.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
- Import-PSSession $Session -DisableNameChecking
- Execute-AzureAdLabelSync
Steps from Start azure scripting
Run powershell as administrator
Then enter Install-Module -Name AzureRM -AllowClobber
Say Y to install modules (it may ask to install NuGet also)
This will install the Azure module, which only needs to be done once
Then enter Set-ExecutionPolicy -ExecutionPolicy ByPass
This will allow you to run your own scripts from your PC
- Warning ! It will allow you to run ANY script which can be dangerous. You take full responsibility for this. ***
Now switch to a normal powershell session
Enter Import-Module -Name AzureRM Now run Azure commands and scripts (this can be in the script)
Disks must be unmanaged to allow them to be in a storage account & container.
Create a VM Machine :-
Click the >_ to open the powershell window
For a new account it will say no storage, you will need to choose the Free Trial Subscription Choose Advanced Settings to choose the Cloud Shell Region
New-AzureRmVm ` -ResourceGroupName "wgresourcegroup" ` -Name "WG-AD-Server" ` -Location "North Europe" ` -VirtualNetworkName "WG-VNet" ` -SubnetName "WG-Subnet" ` -SecurityGroupName "WG-Security-Group" ` -PublicIpAddressName "WG-AD-Server-IPName" ` -OpenPorts 80,3389
(administrator not allowed) For User enter : wgadmin For Password enter a created Password : ….
Once created
Get-AzureRmPublicIpAddress -ResourceGroupName "wgresourcegroup" | Select "IpAddress"
- For exchange powershell get mailboxes
- Run Powershell as administrator
Set-ExecutionPolicy RemoteSigned winrm get winrm/config/client/auth $UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection Import-PSSession $Session -DisableNameChecking
- Get last login times to licensed mailboxes that have logged in since 18/4/2020 20:00:00
get-mailbox -RecipientTypeDetails UserMailbox | Where-Object {$_.skuassigned -eq $true} | Get-MailboxStatistics | Where-Object {$_.LastLogonTime -gt '2020-04-18 20:00:00'} | Select DisplayName, LastLogonTime | fl
- Get last login times to licensed mailboxes that have not logged in since 18/4/2020 20:00:00
get-mailbox -RecipientTypeDetails UserMailbox | Where-Object {$_.skuassigned -eq $true} | Get-MailboxStatistics | Where-Object {$_.LastLogonTime -lt '2020-04-18 20:00:00'} | Select DisplayName, LastLogonTime | fl
- Get licensed mailboxes where user has not logged in
get-mailbox -RecipientTypeDetails UserMailbox | Where-Object {$_.skuassigned -eq $true} | Get-MailboxStatistics | Where-Object {$_.LastLogonTime -eq $null} |Select DisplayName, LastLogonTime | fl
- Get unlicensed mailboxes where user has not logged in
get-mailbox -RecipientTypeDetails UserMailbox | Where-Object {$_.skuassigned -ne $true} | Get-MailboxStatistics | Where-Object {$_.LastLogonTime -eq $null} |Select DisplayName, LastLogonTime | fl
- Logout of the session
Remove-PSSession $Session
Azure
Get Resources Info
Get-AzureRmResource|Sort-Object ResourceGroupName,ResourceType | Format-Table -AutoSize ResourceGroupName,ResourceType,Name,Location |Out-String -Width 4096 |Out-File AzureInfo.csv
Get Network Security Group Info
Get-AzureRmResource -ResourceType Microsoft.Network/networkSecurityGroups | ForEach- Object -Process { Get-AzureRmNetworkSecurityGroup -Name $_.Name -ResourceGroupName $_.ResourceGroupName | Get-AzureRmNet workSecurityRuleConfig | Select * | Format-Table -AutoSize Name,Priority,SourceAddressPrefix,DestinationAddressPrefix,P rotocol,DestinationPortRange,$_.Name,$_.ResourceGroupName } | Out-String -Width 4096 |Out-File NSGInfo.csv
Get Hardware Info
Get-AzureRmVM |ForEach-Object -Process { ` $vmname=$_.Name;` $rgn=$_.ResourceGroupName;` $size=(Get-AzureRmVM -ResourceGroupName $rgn -Name $vmname).HardwareProfile.VmSize ;` $vms=( Get-AzureRmVMSize -location $_.Location | ?{ $_.Name -eq $size } ) ; ` $outvar=@{ ResGroup = $rgn ; VMName = $vmname ; VMImage = $vms.Name ; Cores = $vms.NumberOfCores ; Memory=$vms.MemoryInMb }; ` New-Object PSObject -Property $outvar|Export-CSV -Append -Path "HardwareInfo.csv" -NoTypeInformation }
Get disk info
$diskinfo=@() ; Get-AzureRmVM |ForEach-Object -Process { $di= $_.StorageProfile.DataDisks ;` $di|Add-Member VMName $_.Name ;` $diskinfo += $di;` $di = $_.StorageProfile.OSDisk ;` $di|Add-Member VMName $_.Name ;` $diskinfo += $di };$diskinfo |Export-CSV -Path DiskInfo
Get IP Info
Get-AzureRmNetworkInterface |ForEach-Object { $name=$_.Name;$outpup="None";$privip= $_.IpConfigurations.PrivateIPAddress ; $resId=$_.IpConfigurations.PublicIpAddress.Id; if ($resid){$respub=Get-AzureRmResource -ResourceId $resId ; $rpubip=Get-AzureRmPublicIpAddress -Name $respub.Name -ResourceGroupName $respub.ResourceGroupName; $outpup= $rpubip.IpAddress } ; echo "$name,$privip,$outpup" ;} > IPInfo.csv
Get Windows Versions
Get-AzureRmVM | ForEach-Object { $nm=$_.Name;$pub=$_.StorageProfile.ImageReference.Publisher;$offer=$_.StorageProfile.ImageReference.Offer;$os=$_.StorageProfile.ImageReference.Sku;Write-Output "$nm,$pub,$offer,$os" } |Out-File OSVersions.csv
$vms = Get-AzureRmVM; $nics = Get-AzureRmNetworkInterface | where VirtualMachine -NE $null ; foreach($nic in $nics){`
$vm = $vms | where-object -Property Id -EQ $nic.VirtualMachine.id` $prv = $nic.IpConfigurations | select-object -ExpandProperty PrivateIpAddress` $alloc = $nic.IpConfigurations | select-object -ExpandProperty PrivateIpAllocationMethod` Write-Output "$($vm.Name) : $prv , $alloc"`
}`
