Add an existing RDS deployment to the MyCloudIT platform to utilize its features This guide will...
Run scripts to assist with automation, data collection or admin tasks
You can use a VM powershell script to perform actions or gather data.
Some examples of operations you may with to use this feature for:
- Create or modify AD users and groups
- Configure or install various apps such as RMM tools
- Set windows settings or registry entries
- Perform automated tasks such as reboots
- Email system information and statuses to admins
- Run a script to gather support / help desk data
- Standardize images pre/post deployment
The sky is the limit as you can automate almost anything with powershell.
Note: This feature is in beta and is currently being upgraded to allow scripts to be run on a schedule and to one or more VM's.
We do not support Linux shell scripting in the beta version of this feature.
To Save and manage scripts with this feature navigate to Configuration > Scripts > +ADD
Type a script name in the description field. Paste your powershell code into the Script textbox.
Add any parameters and their values that you wish to the script. Parameters can be used to tell the script to behave in different ways as well as not needing to hard code variables in the script. Note that all parameters are strings and may need to be converted to other data types if required by the script.
To Execute a script with this feature navigate to Manage > Virtual Machines > Open > RUN SCRIPT
It is also possible under Configuration > Scripts > Credentials > +ADD to add other credentials for the script to run under if the Windows 'system' context has too low or high access for the scripts needs.
Caution: Scripts should be tested before using in production to confirm they perform as intended and meet security policies. Scripts can be dangerous if not implemented correctly.
Below is an example script, showing parameter usage, logging and creating an AD user:
# Warning script has no error checking, try/catch, etc not for production, example only
# Example powershell script for use with MyCloudIT (MCIT) scripting feature
# v1.00
param($jsonParameters)
# Load Parameters from MCIT UI
$logFile = "C:\MCIT-TestLogFile.log"
$jsonObject = $jsonParameters | ConvertFrom-Json
# These parameters should have been set in the MCIT UI
$mode = [int]$jsonObject.mode # 1 for create user
$username = $jsonObject.username
$tempPass = $jsonObject.tempPass
$group = $jsonObject.group
if( Test-Path -Path $logFile ){ Remove-Item $logFile -Force; Start-Sleep -Seconds 1 } # Delete the log file if it exists
$dte = (Get-Date -Format G)
Add-content $logFile -value "-- Log file started at: $dte --"
If( $mode -eq 1 ){
Add-content $logFile -value "The mode is set to: $mode so we will new-aduser"
Add-content $logFile -value "Attempting to create AD user named: $username"
Import-Module activedirectory
New-ADUser -Name $username -AccountPassword (ConvertTo-SecureString -String $tempPass -AsPlainText -Force) -Enabled $true -ChangePasswordAtLogon $false
$theUser = Get-ADUser -Filter "Name -eq '$username'"
Add-content $logFile -value "The new users SID is: $($theUser.SID.value)"
Add-ADGroupMember -Identity $group -Members $theUser
}
ElseIf( $mode -ne 1 ){
$dte = (Get-Date -Format G)
Add-content $logFile -value "The mode is set to: $mode , so will will not do any operations."
}
Add-content $logFile -value "-- End log File --"
We can then see on the Domain Controller we ran this on has this in MCIT-TestLogFile.log:
-- Log file started at: 1/1/2022 4:00:00 PM --
The mode is set to: 1 so we will new-aduser
Attempting to create AD user named: Belinda
The new users SID is: S-1-5-21-1041452880-653220260-2180131924-11612
-- End log File --
Tip: If running the same script across different operating systems you may need to note the different Powershell versions on those machines and code accordingly.