Powershell scripts you created for your day to days use and duties

[-]

MacTwistee@reddit

Colour HTML formatted email showing any new, expiring, disabled or moved ad accounts from our ou. Sometimes it's the only way we find out someone new is starting or leaving.

AbTutor groups auto updated from timetable on a daily basis.

Asset report linked to our asset system and crosslinked with intune to help track devices and pc names.

[-]

smilaise@reddit

I have a bunch of them at https://killertools.net/killer-scripts

[-]

digsmann@reddit

I have bookmarked your website,mate and used couple of tools,it's amazing.. Thank you

[-]

smilaise@reddit

glad to help. I was too scared of the haters to try to show off my site in this subreddit lol.

but check out my new Windows app, I think it's a decent replacement for advanced IP scanner.

[-]

smilaise@reddit

thanks, feels good to be appreciated lol

[-]

Jormungandr_Monsoon@reddit

Oh my god DEBLOAT is amazing, i hate all of that extra shit on my ASUS. Pinning this to run later! Idk if you're the creator but kick ass job if you are

[-]

citizen0100@reddit

Something is wrong with me, I read asus as something else. Weirdly the sentence still works.

[-]

smilaise@reddit

oh I am the creator. please let me know if you encounter any issues.

[-]

Jormungandr_Monsoon@reddit

Wilco. Would there be any issues running this on a computer a few years old, or is it meant to be run more as a first thing?

[-]

smilaise@reddit

debloat can be run anytime. it should help get rid all all that OEM bloat and it fixes a bunch of privacy settings and stuff to make the machines lean.

I will try to get a markdown file description for every single one of the scripts that lists EXACTLY every command that is run. I realize I probably should have done that already lol.

[-]

smilaise@reddit

thanks, it's good to share this with people who appreciate it. I've been a field tech for so long now and I've automated a lot of things.

[-]

Key-Level-4072@reddit

Outstanding acronym naming system you got there.

[-]

spittlbm@reddit

Claude does everything I need in at least 17,000 lines of code.

[-]

Fuzzy_Paul@reddit

Would not trust code from claude: https://www.theregister.com/2026/04/06/anthropic_claude_code_dumber_lazier_amd_ai_director/

[-]

I need to automate the deletion of backups older than 5 days by running them on a schedule after a Veeam task has completed. I had to tinker with this since the Veeam server is located on a different DC.

[-]

archiekane@reddit

It tries to code correctly using try-catch for everything so all errors are dealt with.

My original scripts were really short and basic, but mostly functional. AI scripts, even basic ones, are huge.

[-]

corruptboomerang@reddit

I wrote a small script to automate our device deployment, installs apps, provisions wifi, AD joins, removes local accounts, and a few other things. But it's a pain in the ass, but less painful than installing it all by hand.

[-]

digsmann@reddit

Could you please share it.

[-]

corruptboomerang@reddit

No. Unfortunately, under my employment contract, anything I develop on company time or for the company is company property.

[-]

digsmann@reddit

Alright..

[-]

AxelLucro@reddit

I think assessing pain points, things you have to do commonly that are very manual, and/or something that lends itself to automation. If you start off on something with a lot of touch points or depenencies you can't control, the script can start turning into an app or be too complex and may be difficult to finish

An approach I take is that, given constraints of daily emergency and regular requests work, you may not be able to work on the scripts in large time chunks, use source control to save your progress.

My recommendation on the actual script development is to play the long game, start developing a library of basic functions every future script will need. Things like logging to the console, event viewer, to a log file, you are building up your own api so that you dont have recreate the formatting every time. File operations, most scripts will need some manner of checking if a file exists, deleting files folders, etc. Make a classes and functions file to store these common items. Then as you develop the top-level scripts, they can leverage your library of functions and classes by dot sourcing or through modules.

Learn how to leverage .net classes and objects and creating your own custom powershell classes (constructors, overloads, methods, etc). .net it is barely more difficult than say the powershell active directory modules, you will learn more core concepts along the way, and avoid a external dependency.

It will take a bit to get started and be up and functional, but you will gain so much more programming/system knowledge along the way.

Happy coding!

[-]

ickarous@reddit

I've made one with a simple gui to help create new m365 accounts. It will create the account and auto generate the email based off our naming conventions, it will add the new account to specific sharepoint sites and exchange groups automatically based off what department they are in.

[-]

KavyaJune@reddit

Here is around 200 PowerShell scripts to manage, report, audit your Microsoft 365 environment: https://github.com/admindroid-community/powershell-scripts

[-]

Adimentus@reddit

I was just about to post the same thing XD

[-]

NeverDocument@reddit

i really like their software for reporting

[-]

Frothyleet@reddit

So many of my most useful tools are so specific to our LOB apps and our workflows. I'm proud of them but they'd be totally useless outside of our org... and honestly even beyond my specific team.

But every now and then I have a specific problem that other people might have, that I resolve. Have you ever needed the IMEI of a cellular-enabled Meraki device (like a MX67C)? No longer have the box? Don't have convenient access to the device to look at the bottom of it?

Well, you can't get it from the Meraki dashboard, but you can from the API, so I plopped a little script together:

https://github.com/MSPscripts/Meraki-Device-IMEI-Retriever

[-]

Hofftopic@reddit

AI has changed my automation outlook entirely. Claude AI it really good and GitHub Copilot with visual studio!

[-]

Middle_Boot7573@reddit

PS personal $profile with some useful modules out there is the 🔑 😁

[-]

narcissisadmin@reddit

The most valuable line in mine is

Set-PSReadlineKeyHandler -Key Tab -Function Complete

[-]

Frothyleet@reddit

Barf. I just don't get it. menu-complete is where it's at. That goes in my .inputrc everywhere I can, along with completion-ignore-case.

[-]

Middle_Boot7573@reddit

Mine are:

New-EntraAppRegistration $name -AddEntraRroles -AddCert -AddClientSecret Set-PsConnections MsGraph Set-PsConnections EXO -SuppressMFA Set-PsConnections Purview -SuppressMFA Set-PsConnections Entra Set-PsConnections Az Set-PsConnections MsTeams -SuppressMFA Set-PsConnections SPO -SuppressMFA #Pnp.Powershell Get-ExoRolePermissions $roleName Get-ExoRolePermissions $cmdlet $params etc... all tied to my $profile😂

[-]

KidKoshua@reddit

I used PowerShell studio to develop a user creation tool for our environment. It fully automates the user creation process. I also built a termination tool that fully automates terminations and the off boarding process.

[-]

BusinessNigel@reddit

Very simple, very basic, super helpful (in my experience):

Get-Content C:\Windows\Logs\CBS\CBS.log -tail 10 -wait

Ever run SFC or DISM and want to know if it's actually stuck at 62.3% or if it's just taking a long time? While you've got sfc or dism already running in CMD, open a separate PowerShell window and run the above command. It will give you a real-time display of what it's doing in the background.

[-]

rutsh95@reddit

Here’s a fun one for practice. Create a module you can use to generate passwords. Just specify the length for a basic version. Or you can add options on if it should include special characters or not, or if it should follow Microsoft’s complexity in AD.

I have over a decade of scripts I’ve written ranging from one liners for AD to complex deployment scenarios, and I probably still use this more than anything else.

[-]

jbala28@reddit (OP)

Hi thanks for your input. Im currently just starting work with function. Is module of advanced topic?

[-]

rutsh95@reddit

It’s not really advanced, just a few things you need to know to make it work. Buy you should look into this a bit, since this part is really what makes it reusable for your purposes and it include the super important topic of functions. A module (in this case) is your script turned into a function and placed with other functions into the same file. Instead of a .ps1 file, you just rename it .psm1 and then you can put it into a directory that will allow it to be auto loaded with your PowerShell sessions. Then you can call your new Get-FancyPassword script as a function whenever you want.

[-]

Xesttub-Esirprus@reddit

Last year I build a little powershell script that would reset a given AD users password, then using the onetimesecret.com API to generate a safe/secret link for onetimesecret.com with the new password and e-mail it to the users registered e-mailadres in AD.

Servicedesk employees now use this as it's easy to use for them and they finally stopped resetting passwords to wellknown/default passwords like welcome01!.

Currently it just generates a password of random characters, checks if the password matches the password policy (just try to reset the password, if it fails generate a new password and try again).
But these passwords are hard to remember for users, so I'm thinking about letting AI generate a huge list of non-sexual and non-violent nouns and let the script generate passwords out of this list. Should be way easier to remember for users.

[-]

accidentlife@reddit

EFF has a long wordlist that is mostly clean:

https://www.eff.org/dice

[-]

Xesttub-Esirprus@reddit

I know these lists, but the issue with them is that you can still get some weird combinations that at best are funny but at worst are plain inappropriate. As far as I'm concerned you're supposed to combine words to create a passphrase.

AbnormalUrogolist
ChewbleDwarf
DiabeticReporter
UprisingAutism
RepressedCaucasian

just some examples from this word list that it could actually create
You would have to let some LMM rate every generated combination to decide wether or not it is inappropiate, which would add a lot of complexity, delay and costs to a password reset script.

[-]

Jassokissa@reddit

Yeah, that's a good one to create as a script, and make a module out of. I have the same thing. And copies the password to clipboard. The same module also has a parameter to only use specific specials characters, if they need to be copy pasted to VMware console which need to be converted (as someone using a Finnish keyboard the VMware console copy paste to a virtual machine password prompt is a mess)...

Password/secret scripts do get to be used quite a lot.

[-]

Tsusai@reddit

https://gist.github.com/Tsusai/94665f67678c2bb4299363b09aa39c00

Profile cleanup tool that uses real login and logoff times. Enter pc/ip on domain, tells you last login time per profile and removes

[-]

andyr354@reddit

Most used one is a script that checks for any Hyper-V replication issues or left over checkpoints, tests all AD servers status and replication, and DHCP server status.

[-]

slayermcb@reddit

I use AD and feed into Google Workspace (school environment) so I have scripts that work with AD and GAM for on boarding and offloading employees and students. Its not daily as much as its seasonal.

[-]

MFKDGAF@reddit

RemindMe! 2 Days

[-]

gixo89@reddit

Get UID from username

Get Username from UID

[-]

TipIll3652@reddit

I have one to automate the configuration of new endpoints, including the deployment of zabbix, sentinelone, misc printer drivers, etc.

[-]

shimoheihei2@reddit

Compiling data from cloud usage into a handy report.

[-]

DudeOnWork@reddit

That's my list:
1. Rights assignment for Exchange mailboxes.
2. GPO that assigns MS365 resources (via Powershell ofc), based on CustomAttributes values.
3. Scripts to create prefilled emails.
4. Phone number assignment.
x. Any other standardized work, that has not much changes over the time.

[-]

bobdobalina@reddit

I manage a windows autopilot/intune/entra/azure/teams/exchange/sharepoint/ondrive/project/etc tenant

Between the changes and differences I cannot keep up with the different parameters and login needs of each. So I've been converting my workflows int to a module and submodules to administer the tenant from pwsh instead of the web console or each ones random set of cmdlets. I hope one day I can generalize it to share with other admins but right now it's company data.

[-]

Windows-Helper@reddit

I have automated some for our remote connection tool to servers (Guacamole)

I create the connections in Guacamole, create a list of them -> Create the Entra groups via Powershell and assign them based on the prefix to the application.

[-]

sryan2k1@reddit

Our entire employee MACD process is automated with Adaxes and about 1000 lines of custom powershell.

Find problems that are manual and shouldn't be and start making them not manual.

[-]

Gron_Tron@reddit

+1 for Adaxes. Inspired me to learn more Powershell.

[-]

libben@reddit

Instead of using ADUC for some basic information gathering. Accounts enabled, security groups etc etc.

I built a function that gives me all relevant information for us instead of clicking through alot of fields etc I just have powershell open on the jumpserver and run my function that also has steppable with arrows in case of multiple users is found on the name. It's like 800 lines of code and fast and lose coding :)

[-]

vgullotta@reddit

I wrote a SharePoint migration tool in Powerball back in the day. Also wrote one using chatgpt that will take some inputs and then spit out a yaml file to be input into our routers that contains all the ACL rules etc. Personal scripting is fun and all, but I heavily recommend you use chatgpt or Claude to write them. It's significantly faster than anything you can write yourself and doesn't need much editing to get it right usually.

[-]

tkst3llar@reddit

This thread has gold in it

You guys are the best

[-]

Zozorak@reddit

I have one to find a folders in a shared mailbox where users keep accidently clicking and dragging folders somewhere random without realizing it.

The 3rd time It happened I made it into a function. Searches the team mailbox and all users that have permissions to that mailbox to find the culprit.

[-]

Master-IT-All@reddit

I have two I use often to get folder information on Windows devices via remote powershell in our RMM.

Get-FolderSize.ps1 is one I made that will do what it says, has a switch to tell you the size as advertised and size on disk. So you can see that OneDrive folder says it is 20GB but only 2GB is locally synced. I use it often to get folder sizes on systems with low disk space or during file migrations.

Get-FolderPermissions.ps1 is one I made that will do what it says, gets folder permissions. It's got some switches and controls to filter out SYSTEM and other accounts to give two CSV files that are pretty clean, a root file that gives you the folder you selected with the -path switch and a subfolder CSV with only the significant differences in subfolders listed. So it ignores garbage like a CREATOR/OWNER being listed as having Full Control.

I also have a number of scripts I craft for specific purpose, so I have a script I can run to get the secure boot certificate status on a system. That way I'm not copy/pasting in an ugly liner from search or Copilot. (It's a pretty wrapper for the ugly one liners)

I then often also have scripts I've made to do specific tasks, that I then bring over to the RMM for use in automations. I believe I have one running weekly on systems to check that OneDrive is configured to leave a set amount of disk space. This reduced a ton of L1 alerts for low disk space errors.