Just a list of commands and other things I intend to forget. So I know where to look if I forgot them again.
Get your privileges: whomai /priv
Remote Exchange Powershell:
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://server/PowerShell/ -Authentication Kerberos
Import-PSSession $Session
Exchange PowerShell (Management Tools installed)
. c:\ExchangeInstallPath\bin\RemoteExchange.ps1
Connect-ExchangeServer -auto -ClientApplicaiton:ManagmentShell
Exchange Setup Commands
setup /PrepareSchema /IAcceptExchangeServerLicenseTerms
setup /PrepareAD /IAcceptExchangeServerLicenseTerms
setup /PrepareDomain /IAcceptExchangeServerLicenseTerms
Starting with CU22
setup /PrepareSchema /IAcceptExchangeServerLicenseTerms_DiagnosticDataON
setup /PrepareAD /IAcceptExchangeServerLicenseTerms_DiagnosticDataON
setup /PrepareDomain /IAcceptExchangeServerLicenseTerms_DiagnosticDataON
or IAcceptExchangeServerLicenseTerms_DiagnosticDataOFF if you don’t want to share data
Setup.exe /IAcceptExchangeServerLicenseTerms /Mode:Upgrade
Setup.exe /IAcceptExchangeServerLicenseTerms_DiagnosticDataON /Mode:Upgrade
Testing SSL/TLS with OpenSSL:
openssl s_client -connect meinIMAPServer:993
openssl s_client -starttls smtp -connect {Adresse des SMTP-Servers}:587
openssl s_client -starttls pop3 -connect {Adresse des POP-Servers}:995
openssl s_client -starttls imap -connect {Adresse des IMAP-Servers}:143
openssl s_client -starttls ftp -connect {Adresse des FTP-Servers}:22
Clear Memeory in a Powershell Session
[System.GC]::Collect()Using Get-History
(Get-History)[-1].CommandLine | clip
(get-history -id 7).commandline | clipread a large log file (like 1 GB and more), select some keywords, and out-file it to another file (where you have lines, you can read one by one
$biglog = get-content "somebiglogfile.log" -ReadCount 1000 | foreach {$_ -match "Keyword"}
$biglog | out-file someothertextfile.txtCreate the certificate Name to use with Exchange Receive Connectors.
$cert = Get-ExchangeCertificate -Thumbprint
$tlscertificatename = "<i>$($cert.Issuer)<s>$($cert.Subject)"Check for High Privileges:
Write-EventLog -LogName Application -EventId 22777 -EntryType Information -Message "TestMessage: Check Write Access to ApplicationLog" -Source "MSExchangeSetup"
whoami /Priv --> SeSecurityPrivilege muss vorhanden seinPowershell as scheduled Task:
c:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Argutments: Path to PS1 File and ParametersChange Password without Ctrl-Alt-Del
CMD:
C:\Windows\explorer.exe shell:::{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}
or
PowerShell:
(New-Object -ComObject shell.application).windowsSecurity()
Get your Public IP with Powershell
Invoke-WebRequest -uri http://ifconfig.me/ip