Detecting the Administrative Context in PowerShell

I was writing a PowerShell script and it needed to know whether or not it was running in the administrative context. It’s a bit fiddly but here’s a short bit of PowerShell that sets a boolean variable for it: $currentIdentity = New-Object System.Security.Principal.WindowsPrincipal([System.Security.Principal.WindowsIdentity]::GetCurrent()) $adminContext = $currentIdentity.IsInRole([System.Security.Principal.WindowsBuiltInRole]::Administrator) Run that and $adminContext will be True if the… Read More »

Copy/Pasteable Client Antivirus Exclusions

Here’s a quick block of text that can be used to copy and paste into the excluded file locations dialog of the Microsoft Endpoint Protection client, compiled using KB822158. It is suitable for Windows client machines of any version up to Windows 8.1 C:\Windows\SoftwareDistribution\Datastore\Datastore.edb; C:\Windows\SoftwareDistribution\Datastore\Logs\Res*.log; C:\Windows\SoftwareDistribution\Datastore\Logs\Res*.jrs; C:\Windows\SoftwareDistribution\Datastore\Logs\Edb.chk; C:\Windows\SoftwareDistribution\Datastore\Logs\Tmp.edb; C:\Windows\Security\Database\*.edb; C:\Windows\Security\Database\*.sdb; C:\Windows\Security\Database\*.log; C:\Windows\Security\Database\*.chk; C:\Windows\Security\Database\*.jrs; C:\ProgramData\NTUser.pol; C:\Windows\System32\GroupPolicy\Machine\Registry.pol;… Read More »

Reporting Web Service for Office 365

There’s an interesting web service that could be used to pull reporting data from Office 365, assuming you can authenticate using your tenancy’s service admin. Here’s the URL for the service: https://reports.office365.com/ecp/reportingwebservice/reporting.svc/ Microsoft provide a plug-in to Excel that uses this service and it can be used to pull mail protection statistics from your Office… Read More »