How to enable Bitlocker for C drive or any drive? - bitlocker

I am using following PowerShell script to enable BitLocker on C drive,
$SecureString = ConvertTo-SecureString "ABC123" -AsPlainText -Force
Enable-BitLocker -MountPoint "C:" -EncryptionMethod Aes256 -Password $SecureString
And getting the output,
cmdlet Enable-BitLocker at command pipeline position 1
Supply values for the following parameters:
PasswordProtector:
I tried to pass parameters
Enable-BitLocker -MountPoint "C:" -EncryptionMethod Aes256 Add-BitLockerKeyProtector -Password $SecureString -RecoveryKeyPath "\fileserver\keys" -RecoveryKeyProtector
but still, it's showing errors.
Can anyone have a running script to enable BitLocker?

Find the solution for my question, script to configure BitLocker with password,
$SecureString = ConvertTo-SecureString "123456789" -AsPlainText -Force
Enable-BitLocker -MountPoint "D:" -EncryptionMethod Aes256 -PasswordProtector -Password $SecureString

Related

open certmgr from command line and save cert to c:directory

I'am trying to export certificates from my personal store to c:drive location using certmgr in script
Does someone know what the command is, or can send me to some website. Thanks alot..
CertMgr /s /r CurrentUser my /put cert1.cer /s /r C:\
The following command saves a certificate with the common name myCert in the my system store to a file called newCert.cer. (certmgr command is certmgr.exe instead of certmgr.msc)
certmgr /add /c /n myCert /s my newCert.cer
Please refer to the below link.
https://learn.microsoft.com/en-us/dotnet/framework/tools/certmgr-exe-certificate-manager-tool
Besides, we could refer to the below Powershell cmdlet, which can export a certificate to a file, the difference between these commands is whether the private key and some other extended properties are exported.
https://learn.microsoft.com/en-us/powershell/module/pkiclient/export-certificate?view=win10-ps
https://learn.microsoft.com/en-us/powershell/module/pkiclient/export-pfxcertificate?view=win10-ps
Here is an example of exporting a certificate to a PFX file.
$mypwd = ConvertTo-SecureString -String "1234" -Force -AsPlainText
Get-ChildItem -Path cert:\localMachine\my\5F98EBBFE735CDDAE00E33E0FD69050EF9220254 | Export-PfxCertificate -FilePath C:\mypfx.pfx -Password $mypwd

Add-AzTableRow command is not available in Azure Cloud Shell

I'm trying to insert new row in my table storage by using Azure Cloud Shell but I'm facing below exception. So let me know any other command that we need to use to insert.
Blockquote
Add-AzTableRow: The term 'Add-AzTableRow' is not recognized as the name of a cmdlet, function, script file, or operable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
Blockquote
Below are the command:
$partitionKey1 = "partition1"
$partitionKey2 = "partition2"
Add-AzTableRow `
-table $cloudTable `
-partitionKey $partitionKey1 `
-rowKey ("CA") -property #{"username"="Chris";"userid"=1}
According to the error, it seems that you do not install the module AzTable. Please run the command Get-InstalledModule to check if you have installed the module.
If you have not installed the module, please run the command Install-Module -Name AzTable -Force to install it.
For example
Install-Module -Name AzTable -Force
Import-Module AzTable
$resourceGroup = "<your group name>"
$storageAccountName ="<your account name>"
$storageAccount=Get-AzStorageAccount -ResourceGroupName $resourceGroup -Name $storageAccountName
$ctx = $storageAccount.Context
$tableName = "<table name>"
$cloudTable = (Get-AzStorageTable –Name $tableName –Context $ctx).CloudTable
$partitionKey1 = "partition1"
Add-AzTableRow -table $cloudTable -partitionKey $partitionKey1 -rowKey ("CA") -property #{"username"="Chris";"userid"=1}

Automatic extract zipped files with passwords in the file name

I analyse data from being sent multiple ZIP files.
They are always in this format:
service_SC30COM_####_20191130_1834.zip
#### is a random number generated by the computer.
Password is SC30COM_####, which is always part of the file name.
Any suggestions on an automation to unzip in bulk?
There is no way to do it on the command prompt without any application.
You can check this
If your remove the password, the code you need, as explain in that microsoft article should be:
$shell=new-object -com shell.application
$CurrentLocation=get-location
$CurrentPath=$CurrentLocation.path
$Location=$shell.namespace($CurrentPath)
$ZipFiles = get-childitem *.zip
$ZipFiles.count | out-default
foreach ($ZipFile in $ZipFiles)
{
$ZipFile.fullname | out-default
$ZipFolder = $shell.namespace($ZipFile.fullname)
$Location.Copyhere($ZipFolder.items())
}
If you install any application that can run on command prompt, you can extract with password. As example, for a individual file, the maximum you will get on Windows 10 is:
PowerShell Expand-Archive -Path "C:\Users\Tuffy\Desktop\PowerShell
Expand-Archive -Path "C:\Users\Whatever\Desktop\service_SC30COM_####_20191130_1834.zip"
-DestinationPath "C:\Users\Whatever\Desktop"p" -DestinationPath "C:\Whatever\Tuffy\Desktop"
Hope it helps!
You can run the following code as a bash script:
#!/bin/bash
for FILE in *.zip
do
echo "Unzipping $FILE ..."
PASSWORD=$(echo $FILE | grep -o -P '(?<=service_)[A-Za-z0-9]*_[0-9]*(?=_)')
unzip -P $PASSWORD $FILE
done
Copy the code
Paste it into FILENAME.sh
Make it executable (chmod +x FILENAME.sh)
Put it besides the zip files
Run it (./FILENAME.sh)

gwmi win32_service -ComputerName IP –credential userName returns Access denied but Enter-PSSession -ComputerName IP -Credential Personal works

Running this powershell command
Enter-PSSession -ComputerName 192.168.1.184 -Credential Personal
command works fine. The username and password is accepted.
Again, running this command:
Invoke-Command -ComputerName 192.168.1.184 -ScriptBlock { Get-ChildItem C:\ } -credential Personal
Also works fine and it displays the folders in drive C. It also implies that i can login. When i run this command:
gwmi win32_service –credential Personal –computer 192.168.1.184
I get "gwmi : Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))"
So does this:
Copy-Item -Path c:\d\test.txt -Destination \\192.168.1.184\c$\dep\test.txt
I've tried everything i could think of and i still fail. My goal is to copy files to target computers and execute these files. I have about 52 machines and i need to be able to install these programs.
Anyone knows why this isn't working?

How to enable SQL Filestream using Powershell

I'm spinning up a SQL server ready for deployment. Using AWS userdata, everything is being configured to this stage using PowerShell. However, the database needs to have Filestream enabled at level 2, but I can't find a way to do this using PowerShell or any other command-line utility.
The script I've written for this part is this:
Import-Module SQLPS -DisableNameChecking
$instanceName = $env:COMPUTERNAME
$server = New-Object -TypeName Microsoft.SqlServer.Management.Smo.Server -ArgumentList $instanceName
$server.Configuration.FilestreamAccessLevel.ConfigValue = 2
$server.Alter()
Set-ExecutionPolicy RemoteSigned -force
Invoke-Sqlcmd "EXEC sp_configure filestream_access_level, 2"
Invoke-Sqlcmd "RECONFIGURE"
Get-Service -Name MSSQLSERVER | Restart-Service -force
$server.Properties | clip
$server.Configuration | clip
import-module SQLPS -DisableNameChecking
But it's not enabling Filestream.
Does anyone have any ideas on how I can get this working?
Posting this as an answer in case the blog goes offline.
This worked for me for SQL Server 2019:
# Enable FILESTREAM
$instance = "MSSQLSERVER"
$wmi = Get-WmiObject -Namespace "ROOT\Microsoft\SqlServer\ComputerManagement15" -Class FilestreamSettings | where {$_.InstanceName -eq $instance}
$wmi.EnableFilestream(3, $instance)
Get-Service -Name $instance | Restart-Service
Set-ExecutionPolicy RemoteSigned
Import-Module "sqlps" -DisableNameChecking
Invoke-Sqlcmd "EXEC sp_configure filestream_access_level, 2"
Invoke-Sqlcmd "RECONFIGURE"
Easiest way is to use DBATOOLS.
Install-Module dbatools -Scope CurrentUser
Enable-DbaFilestream -SqlInstance $env:COMPUTERNAME