Azure

From
Revision as of 13:39, 3 November 2021 by Williamgray ywa14u61 (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Install

  1. Install-Module AzureADPreview

Update

  1. Update-Module AzureADPreview

Connect to Azure AD

  1. Connect-AzureAD
  2. Run the following commands:
  3. $setting=(Get-AzureADDirectorySetting | where -Property DisplayName -Value "Group.Unified" -EQ)
  4. if ($setting -eq $null)
  5. {
  6. $template = Get-AzureADDirectorySettingTemplate -Id 62375ab9-6b52-47ed-826b-58e47e0e304b
  7. $setting = $template.CreateDirectorySetting()
  8. $setting["EnableMIPLabels"] = "True"
  9. New-AzureADDirectorySetting -DirectorySetting $setting
  10. }else{
  11. $setting["EnableMIPLabels"] = "True"
  12. Set-AzureADDirectorySetting -Id $setting.Id -DirectorySetting $setting
  13. }

If you already have the ClassificationList item, this will be automatedly disabled. Even the DefaultLabel if that is configured. When public preview is enabled you need to do a sync with following commands. First connect to the SSC portal.

  1. Set-ExecutionPolicy RemoteSigned
  2. $UserCredential = Get-Credential
  3. $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.compliance.protection.outlook.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
  4. Import-PSSession $Session -DisableNameChecking
  5. Execute-AzureAdLabelSync





Steps from Start azure scripting

Run powershell as administrator

Then enter Install-Module -Name AzureRM -AllowClobber

Say Y to install modules (it may ask to install NuGet also)

This will install the Azure module, which only needs to be done once

Then enter Set-ExecutionPolicy -ExecutionPolicy ByPass

This will allow you to run your own scripts from your PC

      • Warning ! It will allow you to run ANY script which can be dangerous. You take full responsibility for this. ***

Now switch to a normal powershell session

Enter Import-Module -Name AzureRM Now run Azure commands and scripts (this can be in the script)

Disks must be unmanaged to allow them to be in a storage account & container.

Create a VM Machine :-


Click the >_ to open the powershell window

For a new account it will say no storage, you will need to choose the Free Trial Subscription Choose Advanced Settings to choose the Cloud Shell Region

New-AzureRmVm ` -ResourceGroupName "wgresourcegroup" ` -Name "WG-AD-Server" ` -Location "North Europe" ` -VirtualNetworkName "WG-VNet" ` -SubnetName "WG-Subnet" ` -SecurityGroupName "WG-Security-Group" ` -PublicIpAddressName "WG-AD-Server-IPName" ` -OpenPorts 80,3389

(administrator not allowed) For User enter : wgadmin For Password enter a created Password : ….

Once created

Get-AzureRmPublicIpAddress -ResourceGroupName "wgresourcegroup" | Select "IpAddress"

  1. For exchange powershell get mailboxes
  1. Run Powershell as administrator

Set-ExecutionPolicy RemoteSigned winrm get winrm/config/client/auth $UserCredential = Get-Credential

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection Import-PSSession $Session -DisableNameChecking

  1. Get last login times to licensed mailboxes that have logged in since 18/4/2020 20:00:00

get-mailbox -RecipientTypeDetails UserMailbox | Where-Object {$_.skuassigned -eq $true} | Get-MailboxStatistics | Where-Object {$_.LastLogonTime -gt '2020-04-18 20:00:00'} | Select DisplayName, LastLogonTime | fl

  1. Get last login times to licensed mailboxes that have not logged in since 18/4/2020 20:00:00

get-mailbox -RecipientTypeDetails UserMailbox | Where-Object {$_.skuassigned -eq $true} | Get-MailboxStatistics | Where-Object {$_.LastLogonTime -lt '2020-04-18 20:00:00'} | Select DisplayName, LastLogonTime | fl

  1. Get licensed mailboxes where user has not logged in

get-mailbox -RecipientTypeDetails UserMailbox | Where-Object {$_.skuassigned -eq $true} | Get-MailboxStatistics | Where-Object {$_.LastLogonTime -eq $null} |Select DisplayName, LastLogonTime | fl

  1. Get unlicensed mailboxes where user has not logged in

get-mailbox -RecipientTypeDetails UserMailbox | Where-Object {$_.skuassigned -ne $true} | Get-MailboxStatistics | Where-Object {$_.LastLogonTime -eq $null} |Select DisplayName, LastLogonTime | fl


  1. Logout of the session

Remove-PSSession $Session



Azure

Get Resources Info

Get-AzureRmResource|Sort-Object ResourceGroupName,ResourceType | Format-Table -AutoSize ResourceGroupName,ResourceType,Name,Location |Out-String -Width 4096 |Out-File AzureInfo.csv

Get Network Security Group Info

Get-AzureRmResource -ResourceType Microsoft.Network/networkSecurityGroups | ForEach- Object -Process { Get-AzureRmNetworkSecurityGroup -Name $_.Name -ResourceGroupName $_.ResourceGroupName | Get-AzureRmNet workSecurityRuleConfig | Select * | Format-Table -AutoSize Name,Priority,SourceAddressPrefix,DestinationAddressPrefix,P rotocol,DestinationPortRange,$_.Name,$_.ResourceGroupName } | Out-String -Width 4096 |Out-File NSGInfo.csv

Get Hardware Info

Get-AzureRmVM |ForEach-Object -Process { ` $vmname=$_.Name;` $rgn=$_.ResourceGroupName;` $size=(Get-AzureRmVM -ResourceGroupName $rgn -Name $vmname).HardwareProfile.VmSize ;` $vms=( Get-AzureRmVMSize -location $_.Location | ?{ $_.Name -eq $size } ) ; ` $outvar=@{ ResGroup = $rgn ; VMName = $vmname ; VMImage = $vms.Name ; Cores = $vms.NumberOfCores ; Memory=$vms.MemoryInMb }; ` New-Object PSObject -Property $outvar|Export-CSV -Append -Path "HardwareInfo.csv" -NoTypeInformation }

Get disk info

$diskinfo=@() ; Get-AzureRmVM |ForEach-Object -Process { $di= $_.StorageProfile.DataDisks ;` $di|Add-Member VMName $_.Name ;` $diskinfo += $di;` $di = $_.StorageProfile.OSDisk ;` $di|Add-Member VMName $_.Name ;` $diskinfo += $di };$diskinfo |Export-CSV -Path DiskInfo

Get IP Info

Get-AzureRmNetworkInterface |ForEach-Object { $name=$_.Name;$outpup="None";$privip= $_.IpConfigurations.PrivateIPAddress ; $resId=$_.IpConfigurations.PublicIpAddress.Id; if ($resid){$respub=Get-AzureRmResource -ResourceId $resId ; $rpubip=Get-AzureRmPublicIpAddress -Name $respub.Name -ResourceGroupName $respub.ResourceGroupName; $outpup= $rpubip.IpAddress } ; echo "$name,$privip,$outpup" ;} > IPInfo.csv


Get Windows Versions

Get-AzureRmVM | ForEach-Object { $nm=$_.Name;$pub=$_.StorageProfile.ImageReference.Publisher;$offer=$_.StorageProfile.ImageReference.Offer;$os=$_.StorageProfile.ImageReference.Sku;Write-Output "$nm,$pub,$offer,$os" } |Out-File OSVersions.csv


$vms = Get-AzureRmVM; $nics = Get-AzureRmNetworkInterface | where VirtualMachine -NE $null ; foreach($nic in $nics){`

   $vm = $vms | where-object -Property Id -EQ $nic.VirtualMachine.id`
   $prv = $nic.IpConfigurations | select-object -ExpandProperty PrivateIpAddress`
   $alloc = $nic.IpConfigurations | select-object -ExpandProperty PrivateIpAllocationMethod`
   Write-Output "$($vm.Name) : $prv , $alloc"`

}`