Torxsmind’s gists

Torxsmind / get_stale_ad_users.ps1

Created February 10, 2026 17:10

Get Stale AD users

	<#
	.SYNOPSIS
	Exports AD user last-logon data (per-DC) to Excel for stale-account analysis.

	.DESCRIPTION
	Queries all domain controllers for each user’s LastLogon (non-replicated) and LastLogonTimestamp (replicated), then computes
	MostRecentLogon + DaysSinceLastLogin and exports results to a timestamped Excel workbook.

	.PREREQUISITES
	- RSAT ActiveDirectory module available (Get-ADUser / Get-ADDomainController).

Torxsmind / get_unlinked_gpos.ps1

Created January 13, 2026 13:23

AD Unlinked GPOs


	<#
	.SYNOPSIS
	List GPOs in the current domain that are not linked to any OU,
	show a count at the top, and display results sorted by "Date Last Modified" (oldest → newest).

	.OUTPUTS
	Console count + table: GPO Name, Date Created, Date Last Modified, Status, Linked OUs (None)

	.NOTES

Torxsmind / hybrid_on_guest_wifi.txt

Created January 15, 2024 17:36

Hybrid Joined Devices on Known network

	SigninLogs
	\| where parse_json(tostring(parse_json(NetworkLocationDetails)[0].networkNames))[0] == "Guest WiFi"
	\| where DeviceDetail.trustType == "Hybrid Azure AD joined"
	\| extend displayName_ = tostring(DeviceDetail.displayName)
	\| project UserPrincipalName, displayName_
	\| summarize count() by UserPrincipalName, displayName_
	\| sort by count_

Torxsmind / Powershell_Fortinet_FSSO_Collector_inboutd_firewall_rules.ps1

Created December 31, 2023 15:18

Create Windows firewall rules to allow Fortigate FSSO Collector inbound communications.

	<#
	https://community.fortinet.com/t5/FortiGate/Technical-Tip-List-of-TCP-and-UDP-ports-used-by-the-FSSO/ta-p/194130
	UDP/8002 – DC Agent keepalive and push logon info to Collector Agent
	TCP/8001 – FortiGate to FSSO Collector Agent connection (SSL)
	TCP/8000 – FortiGate to FSSO Collector Agent connection
	TCP/8000 – NTLM
	#>

	$fgtIP = '192.168.0.1'
	$DCs = @('192.168.0.51', '192.168.0.52', '192.168.0.61', '192.168.0.62')

Torxsmind / tail_defender_log.ps1

Last active December 29, 2023 00:34

Tail Windows Defender Firewall Logs

 get-content $env:systemroot\system32\LogFiles\Firewall\pfirewall.log | Select-Object -Last 20

Torxsmind / get_nic_ip_info-create_set_script.ps1

Created September 16, 2021 01:11

Script to grab a NIC IP information, then create a secondary script to set the config back

	### Set Common Parameters ###
	$now = Get-Date -UFormat "%Y-%m-%d_%H-%M-%S"
	$extNIC = "Ethernet"
	$extSM = "255.255.255.0"
	$outpath = "c:\temp\"
	$outscriptname = "setIP_postwork.ps1"
	$outfile = $outpath + $outscriptname
	$CheckFilePath = Test-Path $outfile
	## Get the current IPv4 info for external NIC ##
	$NetIPextnic = (Get-NetIPAddress -AddressFamily IPv4 -InterfaceAlias $extnic)

Torxsmind / get-all_ad_user_properties.ps1

Created April 9, 2021 13:49

Get all active directory users properties

	$now = Get-Date -UFormat "%Y-%m-%d_%H-%M-%S"
	$filepath = 'C:\temp\Service_Accounts_' + $now + '.csv'

	Get-ADUser -Filter * -Searchbase "DC=domain,DC=com" -Properties * \| Export-CSV -append -NoTypeInformation $filepath

Torxsmind / random_rename_files

Created August 27, 2020 01:23

Rename all files in a folder to random name

	$files = Get-ChildItem -file -Path "C:temp\"
	ForEach ($file in $files) {
	Rename-Item -Path $file.FullName -NewName ([String]$(Get-Random) + $file.Extension)
	}

Torxsmind / Azure_Config_change

Created August 11, 2020 13:39

Azure log analytics samples for VM Configuration changes

Torxsmind / remove_WSUS_settings.ps1

Created June 18, 2020 14:05

Override GPO to use WSUS

	Remove-Item `
	-Path HKLM:SoftwarePoliciesMicrosoftWindowsWindowsUpdate `
	-Force `
	-Recurse `
	-ErrorAction SilentlyContinue;
	Stop-Service -Name wuauserv;
	Start-Service -Name wuauserv;
	(New-Object -ComObject Microsoft.Update.AutoUpdate).DetectNow()

Keith Templin Torxsmind