블로그 이미지
bedbmsguru

Notice

Recent Comment

Recent Trackback

Archive

calendar

        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30  
  • 32,078total
  • 0today
  • 10yesterday
2018.10.27 22:44 Powershell

#방화벽 ON|OFF -profile 없으면 전체(2012부터 가능) 
Set-NetFirewallProfile -Profile Domain -Enabled True | false

#방화벽 Rule ADD
New-NetFirewallRule -DisplayName "Allow SSR_PORT" -Direction Inbound -LocalPort 135-139 -Protocol TCP -Action Allow 

(2008 netsh 사용)netsh advfirewall firewall add rule name="SQL SERVER TCP 1433" dir=in action=allow protocol=TCP localport=1433

#방화벽 Rule 제거
Remove -NetFirewallRule -DisplayName "Allow SSR_PORT"


#등록된 RULE 켜고 끄기
Set-NetfirewallRule -DisplayName "Allow Inbound OpenVPN Client Requests" -Enabled True | false

$TargetComputer=New-CIMSession -Computername host1, host2
Set-NetfirewallRule -DisplayName "파일 및 프린터 공유(에코 요청 - ICMPv4-In)" -Enabled True -CimSession $TargetComputer

#관리할 remote server 지정
$TargetComputer=New-CIMSession -Computername hhiwp046, hhiwp047, hhiwp048, hhiwp049, hhiwp050, hhiwp051, hhiwp052
#Remove-NetFirewallRule -DisplayName "Allow SSR_PORT" -CimSession $TargetComputer
#New-NetFirewallRule -DisplayName "Allow SSR_PORT" -Direction Inbound -LocalPort 135-139 -Protocol TCP -Action Allow  -CimSession $TargetComputer


posted by bedbmsguru
2018.10.27 22:42 Powershell

 #Socket Server
function listen-port ($port= 7788) {
    $SEND_SMS = "0000"


   
        $endpoint = new-object System.Net.IPEndPoint ([ system.net.ipaddress]::any , $port )
        $listener = new-object System.Net.Sockets.TcpListener $endpoint
        $listener.start()
        $isRunning = $true

        while ($isRunning )
        {
           
                $client = $listener. AcceptTcpClient() # will block here until connection
                $stream = $client. GetStream();
                $reader = New-Object System.IO.StreamReader $stream
           
                  
                #$command = $reader.readLine().Substring(0, 4);
                $command = $reader. readLine() -split "//"
                $command.Length
                #$command = $reader.readLine()
                if ($command -eq $SEND_SMS)
                {
                    sendSMS -serverIP $command[ 2] -phoneArray $command [1]
                }
                else
                {
                    write-host $command -fore cyan
                }
           
                if($command [0] -eq "EXIT")
                {
                    $isRunning = $false
                    $reader.Dispose()
                    $stream.Dispose()
                    $client.Dispose()
                    $listener.stop()
                }
        
        }
        <#
        $reader.Dispose()
        $stream.Dispose()
        $client.Dispose()
        $listener.stop()
        #>
}



function sendSMS ($serverIP, $phoneArray)
{
    $targetArray = $phoneArray -split ","
    foreach($phone in $targetArray)
    {
        Write-Host "SMS SEND"   $phone  "`t`t"  $serverIP
    }
}

listen-port

#client code
<#
function send-msg ($message=$([char]4), $port=7788, $server="10.100.37.79") {
    $client = New-Object System.Net.Sockets.TcpClient $server, $port
    $stream = $client.GetStream()
    $writer = New-Object System.IO.StreamWriter $stream
    $writer.Write($message)
    $writer.Dispose()
    $stream.Dispose()
    $client.Dispose()
}
#>
 

posted by bedbmsguru
2018.10.27 22:36 Powershell

 $ServerArray = "test-dev" , "test"    # place computername here for remote access
$username = '계정'
$password = '암호'
$desc = '백업용'


foreach ($server in $ServerArray)
{
    try
    {
       
        $computer = [ADSI ]"WinNT://$server ,computer"
        $user = $computer. Create("user", $username)
        $user.SetPassword( $password)
        $user.Setinfo()
        $user.description = $desc
        #$user.UserFlags = 65536  #암호사용기간 제한없음
        $user.PasswordExpired = #다음번 로그인시 암호변경해야함
        $user.SetInfo()
        $group = [ADSI ]("WinNT:// $server/administrators,group")
        $group.add( "WinNT://$username,user" )

        Write-Host $server + "\t" + "완료"
    }
    catch
    {
        Write-Host $server + "`t" + $_. Exception.Message;
    }
}

posted by bedbmsguru
2018.05.25 15:39 Powershell

1. AD  등록된 서버

AD 관리자 계정으로 스크립트 실행


Invoke-Command -ComputerName host1, host2 -ScriptBlock {Invoke-Expression 'C:\script.bat'}



2.AD에 등록되지 않은 서버


(1) 로컬 서버의 "신뢰할 수 있는 호스트 목록" 에 원격 서버 추가하기.
    Set-Item WSMan:\localhost\Client\TrustedHosts -Value "원격서버IP 혹은 호스트네임"


    여러개의 원격 서버를 지정해야할 경우

     Set-Item WSMan:\localhost\Client\TrustedHosts -Value "host1, host2"



(2)원격서버에서 스크립트 실행

$password='p@ssword'|convertto-securestring -asplaintext -force;

$cred=new-object -typename system.management.automation.pscredential('Domain\Username',$password);

$s = New-PSSession -computer "127.0.0.1" -credential $cred;

Invoke-Command -Session $s -ScriptBlock { cmd /c "c:\myfile.bat" };

Remove-PSSession $s;



posted by bedbmsguru