Ad3t0

Useful scripts and notes for system administration and engineering

View on GitHub

Scripts and Notes

PowerShell Scripts

MSOfficeInstall

Installs Microsoft Office using the Office Deployment Tool with automatic architecture detection (x86/x64).

MSOfficeInstall.ps1

Set-ExecutionPolicy Bypass -Scope Process -Force; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/Ad3t0/Ad3t0/master/powershell/MSOfficeInstall.ps1'))

ProfileMigrate

Migrates user profile data (Documents, Desktop, Pictures) to a specified location for backup or migration.

ProfileMigrate.ps1

Set-ExecutionPolicy Bypass -Scope Process -Force; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/Ad3t0/Ad3t0/master/powershell/ProfileMigrate.ps1'))

ChocoInstall

Installs https://chocolatey.org/ package manager for Windows.

ChocoInstall.ps1

Set-ExecutionPolicy Bypass -Scope Process -Force; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/Ad3t0/Ad3t0/master/powershell/ChocoInstall.ps1'))

InstallAllUpdates

Installs all available Windows updates. (Unattended option exists and can be set manually within the script at the top by setting $unattended to $true)

InstallAllUpdates.ps1

Set-ExecutionPolicy Bypass -Scope Process -Force; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/Ad3t0/Ad3t0/master/powershell/InstallAllUpdates.ps1'))

RemoveOldProfiles

Removes old user profiles with interactive confirmation.

RemoveOldProfiles.ps1

Set-ExecutionPolicy Bypass -Scope Process -Force; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/Ad3t0/Ad3t0/master/powershell/RemoveOldProfiles.ps1'))

LogonStartUpTask

Creates a scheduled task to run a script at logon or startup.

LogonStartUpTask.ps1

Set-ExecutionPolicy Bypass -Scope Process -Force; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/Ad3t0/Ad3t0/master/powershell/LogonStartUpTask.ps1'))

EnableRDP

Enables RDP, configures firewall rules, and interactively prompts to add non-admin users to the Remote Desktop Users group.

EnableRDP.ps1

Set-ExecutionPolicy Bypass -Scope Process -Force; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/Ad3t0/Ad3t0/master/powershell/EnableRDP.ps1'))

CleanWindows11

Customizes Windows 11 UI/UX: taskbar, theme, startup apps, and icons.

CleanWindows11.ps1

Set-ExecutionPolicy Bypass -Scope Process -Force; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/Ad3t0/Ad3t0/master/powershell/CleanWindows11.ps1'))

AutoLogin

Configures and displays Windows auto-login settings.

AutoLogin.ps1

Set-ExecutionPolicy Bypass -Scope Process -Force; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/Ad3t0/Ad3t0/master/powershell/AutoLogin.ps1'))

ZabbixAgentSetup

Installs and configures the Windows Zabbix agent with PSK authentication.

ZabbixAgentSetup.ps1

Set-ExecutionPolicy Bypass -Scope Process -Force; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/Ad3t0/Ad3t0/master/powershell/ZabbixAgentSetup.ps1'))

CreateLocalUser

Creates a local user, with options to generate a password or set one manually. Prompts to add the user to the Administrators and/or Remote Desktop Users groups.

CreateLocalUser.ps1

Set-ExecutionPolicy Bypass -Scope Process -Force; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/Ad3t0/Ad3t0/master/powershell/CreateLocalUser.ps1'))
Bash Scripts

Initializes an Ubuntu server template with common packages, system configurations, and security hardening.

sudo bash -c "$(wget -qLO - https://raw.githubusercontent.com/Ad3t0/Ad3t0/master/bash/serverTemplateSetup.sh)"

Installs Zabbix Agent 2 with PSK auth, Proxmox SMART, and ZFS monitoring support.

sudo bash -c "$(wget -qLO - https://raw.githubusercontent.com/Ad3t0/Ad3t0/master/bash/zabbixAgentSetup.sh)"

Expands LVM partitions to utilize all available disk space on Ubuntu.

sudo bash -c "$(wget -qLO - https://raw.githubusercontent.com/Ad3t0/Ad3t0/master/bash/autoExpandLVM.sh)"

Installs and enables the QEMU Guest Agent for improved Proxmox guest interaction.

sudo bash -c "$(wget -qLO - https://raw.githubusercontent.com/Ad3t0/Ad3t0/master/bash/qemuAgentSetup.sh)"

Installs Docker and Docker Compose.

sudo bash -c "$(wget -qLO - https://raw.githubusercontent.com/Ad3t0/Ad3t0/master/bash/installDocker.sh)"

Automates secure SSH configuration: key generation, permissions, authorized_keys, and sshd_config hardening.

sudo bash -c "$(wget -qLO - https://raw.githubusercontent.com/Ad3t0/Ad3t0/master/bash/SshAuthConfigurator.sh)"
Windows Notes

Convert Windows Server 2019 Evaluation to Standard

DISM /online /Set-Edition:ServerStandard /ProductKey:N69G4-B89J2-4G8F4-WWYCC-J464C /AcceptEula

Convert Windows Server 2019 Evaluation to Datacenter

DISM /online /Set-Edition:ServerDatacenter /ProductKey:WMDGN-G9PQG-XVVXX-R3X43-63DFG /AcceptEula

Convert Windows Server 2022 Evaluation to Datacenter

DISM /online /Set-Edition:ServerDatacenter /ProductKey:WX4NM-KYWYW-QJJR4-XV3QB-6VM33 /AcceptEula

Transfer all FSMO Roles

Move-ADDirectoryServerOperationMasterRole "DC1" -OperationMasterRole 0,1,2,3,4

Seize all FSMO Roles

Move-ADDirectoryServerOperationMasterRole "DC1" -OperationMasterRole 0,1,2,3,4 -Force

Reset Domain Admin Password Error 4000, 4007

netdom resetpwd /server:PDC.domain.com /userd:Domain\domain_admin /passwordd:*

Restore Deleted AD Object

Get-ADObject -Filter {displayName -eq 'Full Name'} -IncludeDeletedObjects | Restore-ADObject

Set time server to domain hierarchy

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\w32time\TimeProviders\VMICTimeProvider" -Name "Enabled" -Value 0
w32tm /query /source
w32tm /config /syncfromflags:DOMHIER /update
w32tm /resync

Set time server

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\w32time\TimeProviders\VMICTimeProvider" -Name "Enabled" -Value 0
w32tm /config /manualpeerlist:time.nist.gov,0x1 /syncfromflags:manual /reliable:yes /update
net stop w32time
net start w32time
w32tm /resync /force
w32tm /query /configuration

Generate and export .pfx cert

$notafter = (Get-date).AddYears(10)
$cert = New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname test.com -NotAfter $notafter
$pwd = ConvertTo-SecureString -String '12345678' -Force -AsPlainText
$path = 'cert:\localMachine\my\' + $cert.thumbprint
Export-PfxCertificate -cert $path -FilePath c:\cert.pfx -Password $pwd
Ubuntu/Debian Notes

Set Timezone

sudo timedatectl set-timezone America/Denver

Edit Crontab

sudo crontab -e
sudo service cron reload

Sysbench Benchmark

#Install if needed
apt install sysbench
#Run Benchmarks
sysbench cpu run
sysbench memory run
sysbench fileio --file-test-mode=seqwr run
sysbench fileio cleanup

Expand Disk Size

df -h
sudo lvextend -l +100%FREE /dev/ubuntu-vg/ubuntu-lv
sudo resize2fs /dev/mapper/ubuntu--vg-ubuntu--lv

Montor network interface bandwidth

tcptrack -i eno1

Disk Speed Test

hdparm -Tt /dev/sda
Proxmox Notes

Awesome Proxmox Community Scripts (Proxmox Helper Scripts VE 7 Post Install https://community-scripts.github.io/ProxmoxVE/scripts

Change IP in

nano /etc/network/interfaces
nano /etc/hosts

Remove Node From Cluster

#Set to new number of nodes
pvecm expected 1
#Remove node2
pvecm delnode node2

ZFS Set Volsize

zfs set volsize=120G rpool/data/vm-<VM ID>-disk-<DISK ID>

Set dedicated network interface for replication

echo "migration: insecure,network=172.17.93.0/24" >> /etc/pve/datacenter.cfg

Manually Remove Snapshot

nano /etc/pve/qemu-server/<vmid>.conf
zfs list
zfs destroy