LoginSignup
1
0
この記事誰得? 私しか得しないニッチな技術で記事投稿!
Qiita Engineer Festa20242024年7月17日まで開催中!
@ripple_naip

使い道があるか不明なPowershellスクリプト

Posted at

使い道があるか不明なPowershellスクリプト

なぜか作った、powershellスクリプトの紹介

ACLをコピーする

aclcopy.ps1
Param( [String]$OriginalPath,[String]$TargetPath)

$OriginalAcl = Get-Acl $OriginalPath
Set-Acl -Path $TargetPath -AclObject $OriginalAcl

.\aclcopy.ps1 <コピー元> <コピー先>

コード署名を付与する。

秘密鍵付き証明書は証明書マネージャーに入れておく。

codesing.ps1
$arg_cnt=0
foreach($arg_opt in $args){
    switch($arg_opt){
        '-certsn'{
            $arg_cnt++
            $certSn = $args[$arg_cnt]
        }
        '-signfile'{
            $arg_cnt++
            $singFile = $args[$arg_cnt]
        }
        '-tsserver'{
            $arg_cnt++
            $TSServer = $args[$arg_cnt]
        }
        default{
            $arg_cnt++
        }
    }
}
if(-! $singFile){
    Write-Error "Sign target file not found"
    exit 1
}
if(-! (Test-Path $singFile)){
    Write-Error "Sign target file not found"
    exit 1
}
if(-! $certSn){
    Write-Error "Cert-SN undefined"
    exit 1
}
$cert = (Get-ChildItem cert:\CurrentUser\My) | Where-Object{$_.SerialNumber -eq $certSn}
if($cert.Length -ne 1){
    Write-Error "Cert not found"
    exit 1
}

$result = Set-AuthenticodeSignature -FilePath $singFile -Certificate $cert[0] -HashAlgorithm "SHA256" -TimestampServer $TSServer

Write-Host "---Status---"
Write-Host $result.SignatureType
Write-Host $result.Status
Write-Host $result.StatusMessage
Write-Host "===SignerCertificate==="
Write-Host $result.SignerCertificate
Write-Host "===TimeStamperCertificate==="
Write-Host $result.TimeStamperCertificate

.\codesign.ps1 -certsn <証明書のSN> -signfile <対象ファイル>

Windowsの機能の有効化または無効化

コードはSMB1関連を全て無効化する場合

disableSMB1.ps1
$targets = @(
    @{
        name='SMB1Protocol-Client'
        flag=$false
    },
    @{
        name='SMB1Protocol-Deprecation'
        flag=$false
    },
    @{
        name='SMB1Protocol-Server'
        flag=$false
    },
    @{
        name='SMB1Protocol'
        flag=$false
    }    
)
foreach($target in $targets){
    $feature = Get-WindowsOptionalFeature -Online -FeatureName $target.name
    if($feature){
        if($target.flag -eq $true -and $feature.State -eq 'Disabled'){
            Write-Host ('Enable:'+$feature.FeatureName)
            Enable-WindowsOptionalFeature -Online -NoRestart -FeatureName $feature.FeatureName
        }
        if($target.flag -eq $false -and $feature.State -eq 'Enabled'){
            Write-Host ('Disable:'+$feature.FeatureName)
            Disable-WindowsOptionalFeature -Online -NoRestart -FeatureName $feature.FeatureName
        }
    }
}

WindowsUpdateによる再起動が必要かチェックする

update_rebbokchk.ps1
Add-Type -AssemblyName System.Windows.Forms
$WindowsUpdateSearch=(New-Object -ComObject Microsoft.Update.Session).CreateUpdateSearcher();
$update=$WindowsUpdateSearch.Search("IsInstalled=0").updates
$reboot = 0
foreach($_update in $update){
    if($_update.RebootRequired){
        $reboot = 1
    }
}
if($reboot){
    $f = New-Object Windows.Forms.Form
    $f.TopMost = $True
    [System.Windows.Forms.MessageBox]::Show($f,"再起動が必要です。","WindowsUpdate",[System.Windows.Forms.MessageBoxButtons]::OK)  | Out-Null
}
1
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
1
0