Sample Full Scripts

Displaying Directory Permissions

        <# 
        .SYNOPSIS 
        This Script lists the ACE's from a given URL or Drive letter. 
        .DESCRIPTION 
        This Script lists the Access Control Entries from a given URL or Drive letter. 
        When you provide the script a file location it recurses through that file structure finding directories. 
        It then displays the permissions granted to each directory. 
        This informationion is caputered an a text document called c:\temp\permissions.txt 
        You can specify a depth by default the depth is 1 which is the folders under the folders in the specified directory. 
        A depth of zero is the folders on the current level. 
        .EXAMPLE 
        Get-PDTFolderPermission -UNCPath "\\internal\Users\Central\" -Depth 0 
        This writes the permissions of the directories below central to 
        c:\temp\permissions.txt .EXAMPLE Get-PDTFolderPermission -UNCPath c:\temp -TargetDirectoryOnly 
        This displays only the permissions to the temp directory to the shell. 
        #>
        Function Get-PDTFolderPermission {
            [CmdLetbinding()]
            param(
                [parameter(mandatory=$true)]
                [string]$UNCPath,
                [int]$Depth = 1,
                $Directory,
                $Directories,
                [switch]$TargetDirectoryOnly
            )
    
            if($TargetDirectoryOnly){
                $UNCPath
                (get-acl $UNCPath ).Access | Format-Table IdentityReference,FileSystemRights
            }Else{
                if(Test-Path c:\temp\Permissions.txt){
                    Remove-Item c:\temp\Permissions.txt -Force -Confirm:$false -Verbose
                }
                New-Item -Path c:\temp\Permissions.txt -ItemType File
                Write-Verbose "Collecting a list of directories"
                $Directories = (Get-ChildItem $UNCPath -Depth $Depth -Directory -ErrorAction SilentlyContinue -Verbose).FullName
                Write-Verbose "Processing each Directory in Directories"
                foreach($Directory in $Directories){
                Write-Verbose "Working on Directory $Directory"
                $Directory | out-file c:\temp\Permissions.txt -Append
                (get-acl $Directory -ErrorAction SilentlyContinue -Verbose).Access |
                Format-Table IdentityReference,FileSystemRights -ErrorAction SilentlyContinue | 
                out-file c:\temp\Permissions.txt -Append
    
                }
            }#End else
    
        }
    
        Get-PDTFolderPermission -UNCPath "P:\PublicInfo\DirectoryIamInterestedIn"  -Verbose
    

Script to add an Office 365 license with custom licensing options

    <# 
    .SYNOPSIS 
    Adds Office 365 Licenses to selected users 
    .DESCRIPTION 
    Adds Office 365 Licenses to selected users This script can be executed on any machine that has the MSOnline module installed. 
    .EXAMPLE 
    Add-PDT365License -EmailAddress Joe.User@company.com -licenses PDT:STANDARDPACK 
    .EXAMPLE 
    Add-PDT365License -EmailAddress Joe.User@company.com -licenses PDT:ATP_ENTERPRISE,PDT:FLOW_FREE 
    #>
    Function Add-PDT365License {
    
        [cmdletbinding()]
        param(
            [Parameter(mandatory=$true)]
            [string]$emailaddress,
            [string]$licenses = "PDT:STANDARDPACK"
            
        )
    
        Begin{    
        Import-Module MSonline    
        }
        Process{    
        Write-Verbose "$licenses"
        Write-Verbose $emailaddress    
        if((Get-MsolUser -UserPrincipalName $emailaddress).islicensed){
            Set-MsolUserLicense -UserPrincipalName $emailaddress -RemoveLicenses $licenses
        }
        if($licenses = "PDT:STANDARDPACK" ){
            $LO = New-MsolLicenseOptions -AccountSkuId $licenses -DisabledPlans  "YAMMER_ENTERPRISE" , "MCOSTANDARD" , "SHAREPOINTSTANDARD" , "SHAREPOINTWAC"
            Set-MsolUser -UsageLocation 'AU' -UserPrincipalName $emailaddress
            Set-MsolUserLicense -UserPrincipalName $emailaddress -LicenseOptions $LO -AddLicenses $licenses -Verbose
            }
        
        else{
            Set-MsolUser -UsageLocation 'AU' -UserPrincipalName $emailaddress
            Set-MsolUserLicense -UserPrincipalName $emailaddress -AddLicenses $licenses -Verbose
            }
    
        
        }
        End{}
    }
    $EmailAddress = "sample.user@company.com"
    Connect-MsolService
    Add-PDT365License -EmailAddress $emailaddress 
    

Function to find Enabled users and export them to a CSV

    <# 
    .SYNOPSIS This script finds users that are enabled 
    .DESCRIPTION This script finds users that are enabled 
    and have a user principal name that matches first name dot last name @ domain name 
    This should exclude disabled users, service accounts and built in security principals. 
    .EXAMPLE 
    Get-PDTEnabledUsers .EXAMPLE Get-PDTEnabledUsers -limit 10 
    Returns Fist 10 Enabled Users 
    .EXAMPLE 
    (Get-PDTEnabledUsers -limit 10).UserPrincipalName 
    Returns Just the UserPrincipalNames of the first 10 users. 
    #>
    Function Get-PDTEnabledUsers {
        [cmdletbinding()]
        param(
            $limit = 1000000,
            $server = "DC1.company.pri"
        )
        Write-Verbose "Creating C:\temp if it does not already exist"
        if(Test-Path c:\Temp){
            Write-verbose "C:\temp exists"
        }
        else{Mkdir c:\Temp}
        Write-Verbose "Finding users who have a upn that is in the format name.name@ who are enabled."
        Get-ADUser -filter {enabled -eq $true -and UserPrincipalName -like "*.*@*"} -ResultSetSize $limit
    }
    
    Get-PDTEnabledUsers -Verbose | Export-csv c:\temp\EnabledUsers.csv  -NoTypeInformation