Merge pull request #240 from silversword411/main

Update user template, adding WIP scripts
amidaware · Jul 17, 2024 · 6e314ce · 6e314ce
2 parents 8ee1fe4 + b81e750
commit 6e314ce
Show file tree

Hide file tree

Showing 4 changed files with 120 additions and 17 deletions.
diff --git a/scripts/Win_RunAsUser_Example.ps1 b/scripts/Win_RunAsUser_Example.ps1
@@ -8,11 +8,12 @@
 .NOTES
     Change Log
     V1.0 6/25/2022 Initial release by silversword411
+    v1.1 6/14/2024 silversword411 Adding -CaptureOutput
 #>
 
 # Make sure RunAsUser is installed
 if (Get-Module -ListAvailable -Name RunAsUser) {
-    # Write-Output "RunAsUser Already Installed"
+    Write-Output "RunAsUser Already Installed"
 } 
 else {
     Write-Output "Installing RunAsUser"
@@ -29,25 +30,18 @@ Write-Output "Hello from Systemland"
 
 Invoke-AsCurrentUser -ScriptBlock {
     # Put all Userland code here
-    $raulogPath = "c:\ProgramData\TacticalRMM\temp\raulog.txt"
     $exit1Path = "c:\ProgramData\TacticalRMM\temp\exit1.txt"
 
-    Write-Output "Hello from Userland" | Out-File -append -FilePath $raulogPath 
+    Write-Output "Hello from Userland"
     If (test-path "c:\temp\") {
-        Write-Output "Test for c:\temp\ folder passed which is Exit 0" | Out-File -append -FilePath $raulogPath 
+        Write-Output "Test for c:\temp\ folder passed which is Exit 0"
     }
     else {
-        Write-Output "Test for c:\temp\ folder failed which is Exit 1" | Out-File -append -FilePath $raulogPath 
+        Write-Output "Test for c:\temp\ folder failed which is Exit 1"
         # Writing exit1.txt for Userland Exit 1 passing to Systemland for returning to Tactical
         Write-Output "Exit 1" | Out-File -append -FilePath $exit1Path
     }
-}
-
-# Get userland return info for Tactical Script History
-$exitdata = Get-Content -Path "c:\ProgramData\TacticalRMM\temp\raulog.txt" -ErrorAction SilentlyContinue
-Write-Output $exitdata
-# Cleanup raulog.txt File
-Remove-Item -Path "c:\ProgramData\TacticalRMM\temp\raulog.txt" -ErrorAction SilentlyContinue
+} -CaptureOutput
 
 # Checking for Userland Exit 1
 If (Test-Path -Path "c:\ProgramData\TacticalRMM\temp\exit1.txt" -PathType Leaf) {

diff --git a/scripts_wip/Win_3rdparty_Urbackup_Monitor.ps1 b/scripts_wip/Win_3rdparty_Urbackup_Monitor.ps1
@@ -0,0 +1,110 @@
+<#
+.SYNOPSIS
+   Script to check the status of Urbackup file backup and log events.
+
+.DESCRIPTION
+   This script checks the status of Urbackup file backup and logs events in the Windows Event Log. It performs the following steps:
+   - Checks if the UrbackupCheck parameter is enabled. If enabled, the script exits.
+   - Checks if the UrBackup client is installed. If not installed, the script exits.
+   - Checks if the Urbackup postfile exists. If not, it creates the file.
+   - Checks if the "Write event to Event Log" line already exists in the file. If not, it adds the line.
+   - Retrieves Urbackup events from the Application event log that match a specific description.
+   - Determines the days elapsed since the latest event and compares it with the NumberOfDaysBeforeError parameter.
+   - Displays the relevant event log information if the event is found and within the specified number of days.
+   - Exits with a status code of 1 if the event is older than the specified number of days.
+
+.PARAMETER UrbackupCheck
+   Specifies whether Urbackup check is enabled or disabled. Use Custom Fields to enable or disable as needed
+
+.PARAMETER NumberOfDaysBeforeError
+   Specifies the number of days before considering an event as an error.
+
+.EXAMPLE
+   -UrbackupCheck {{agent.UrbackupDisableCheck}} -NumberOfDaysBeforeError 30
+
+.NOTES
+   Version: 1.5 6/20/2024 silversword411
+#>
+
+param (
+    [Int]$UrbackupCheck,
+    [Int]$NumberOfDaysBeforeError
+)
+
+
+
+#Write-Output "NumberOfDaysBeforeError: $NumberOfDaysBeforeError"
+
+# See if Custom Field has disabled VeeamCheck
+#Write-Output "VeeamCheck: $VeeamCheck"
+if ($UrbackupCheck) {
+    Write-Output "Urbackup check disabled."
+    Exit 0
+}
+
+# Stop if Urbackup is not installed
+$clientExecutable = 'C:\Program Files\UrBackup\UrBackupClient.exe'
+if (-not (Test-Path -Path $clientExecutable)) {
+    Write-Output "UrBackup client is not installed. Quitting"
+    exit 0
+}
+
+function UpdateUrbackupPostFile {
+    $file = 'C:\Program Files\UrBackup\postfilebackup.bat'
+    $lineToAdd = 'EVENTCREATE /T SUCCESS /L APPLICATION /SO URBACKUP /ID 100 /D "File backup succeeded."'
+
+    # Check if the Urbackup postfile exists
+    if (-not (Test-Path -Path $file)) {
+        # Create the file if it doesn't exist
+        New-Item -Path $file -ItemType File | Out-Null
+        Write-Output "Post backup .bat file has been created."
+    }
+
+    # Check if the line already exists in the file
+    $lineExists = Get-Content -Path $file | Select-String -Pattern $lineToAdd
+
+    if ($lineExists) {
+        Write-Output "Write event to Event Log already exists in the file."
+    }
+    else {
+        # Add the line to the file
+        Add-Content -Path $file -Value $lineToAdd
+        Write-Output "Write event to Event Log line has been added to the file."
+    }
+}
+
+UpdateUrbackupPostFile
+
+#########################################################################
+Write-Output "------------ CHECK FOR LOG ------------"
+$source = "URBACKUP"
+$logName = "Application"
+$eventID = 100
+$description = "File backup succeeded."
+
+$UrbackupEvents = Get-WinEvent -FilterHashtable @{
+    LogName      = $logName
+    ProviderName = $source
+    ID           = $eventID
+} | Where-Object { $_.Message -like "*$description*" } | Sort-Object TimeCreated -Descending
+
+if ($UrbackupEvents -ne $null) {
+    $latestEvent = $UrbackupEvents[0]
+    $daysSinceEvent = (Get-Date) - $latestEvent.TimeCreated
+    if ($daysSinceEvent.Days -gt $NumberOfDaysBeforeError) {
+        Write-Output "WARNING: The last event is older than $NumberOfDaysBeforeError days."
+        Write-Output "Last Backup: $($latestEvent.TimeCreated)"
+        exit 1
+    }
+    else {
+        Write-Output "ALL GOOD: The last event is newer than $NumberOfDaysBeforeError days."
+        #Write-Output "Event Log found:"
+        #Write-Output "Source: $($latestEvent.ProviderName)"
+        #Write-Output "Event ID: $($latestEvent.Id)"
+        #Write-Output "Message: $($latestEvent.Message)"
+        Write-Output "Last Backup: $($latestEvent.TimeCreated)"
+    }
+}
+else {
+    Write-Output "Event Log not found."
+}
diff --git a/scripts_wip/Win_3rdparty_Urbackup_Uninstall.bat b/scripts_wip/Win_3rdparty_Urbackup_Uninstall.bat
@@ -0,0 +1 @@
+"C:\Program Files\UrBackup\Uninstall.exe" /S
diff --git a/scripts_wip/Win_WipeviaMDM.ps1 → scripts_wip/Win_ResetviaMDM.ps1 b/scripts_wip/Win_WipeviaMDM.ps1 → scripts_wip/Win_ResetviaMDM.ps1
@@ -1,4 +1,4 @@
-#Uses MDM features of windows to perform a Windows Reset clearing all data
+# Uses MDM features of windows to perform a Windows Reset clearing all data
 
 $namespaceName = "root\cimv2\mdm\dmmap"
 $className = "MDM_RemoteWipe"
@@ -10,12 +10,10 @@ $params = New-Object Microsoft.Management.Infrastructure.CimMethodParametersColl
 $param = [Microsoft.Management.Infrastructure.CimMethodParameter]::Create("param", "", "String", "In")
 $params.Add($param)
 
-try
-{
+try {
     $instance = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT' and InstanceID='RemoteWipe'"
     $session.InvokeMethod($namespaceName, $instance, $methodName, $params)
 }
-catch [Exception]
-{
+catch [Exception] {
     write-host $_ | out-string
 }