Powershell – Get Computer name

Background

Wanted to highlight a couple of APIs for retrieving the computer name in Powershell.

Platform

Linux/Cent OS.

 

Outline

  1. Environment Variable
    • Get-ChildItem Env:HOSTNAME
  2. system.environment
    • machineName
  3. system.net.Dns
    • GetHostName
  4. Get-WmiObject ( only works on MS Windows )
    • Win32_ComputerSystem
      • Name

 

Environment Variables

Get-ChildItem Env:

Syntax


pwsh -Command "Get-Childitem Env:"

Output

Get-ChildItem.Env.20181112.0729PM

 

Get-ChildItem Env:HOSTNAME

Syntax


pwsh -Command "Write-Host( (Get-ChildItem Env:HOSTNAME).Value )"

Output

Get-ChildItem.Env.HostName.20181112.0723PM

system.environment

machineName

Syntax


pwsh -Command "Write-Host([system.environment]::machineName)"

Output

system.environment.machineName.20181112.0708PM

system.net.Dns

GetHostName

Syntax


pwsh -Command "Write-Host([system.net.Dns]::GetHostName())

Output

system.net.Dns.GetHostName.20181112.0706PM

 

Get-WmiObject.Win32_ComputerSystem.Name.20181113.0159AM.PNG

Win32_ComputerSystem

Syntax


powershell -Command "Write-Host((Get-WmiObject Win32_ComputerSystem).Name)"

Output

OS – MS Windows

Get-WmiObject.Win32_ComputerSystem.Name.20181113.0159AM.PNG

OS – Linux

Image

Get-WmiObject.Win32_ComputerSystem.Name.Linux.20181113.0203AM

Textual


>pwsh -Command "Write-Host( Write-Host((Get-WmiObject Win32_ComputerSystem).Name))"
Get-WmiObject : The term 'Get-WmiObject' is not recognized as the name of a cmdlet, function, script file, or operable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:25
+ Write-Host( Write-Host((Get-WmiObject Win32_ComputerSystem).Name))
+ ~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-WmiObject:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

PowerShell Install On Linux / CentOS

Background

Still preparing our CentOS computer.

Our current step is to Install Microsoft’s PowerShell.

Guide

Our guide is :-

Installing PowerShell Core on Linux
Link

Outline

  1. Install
    • yum
      • Install
        • Install Powershell
      • Registered Repositories – Review
        • yum repolist
        • ls /etc/yum.repos.d
      • Registered Repositories – Update
        • Curl/tee
      • Install
        • Install Powershell
  2. Run Sample Powershell Scripts

Install

Install Powershell

yum install powershell

Syntax


yum install powershell

Output

Output – Image

yum.install.powershell.20181112.1030AM.PNG

Output – Text

>sudo yum install powershell
[sudo] password for dadeniji:
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirror.hostduplex.com
* extras: mirror.keystealth.org
* updates: mirror.keystealth.org
No package powershell available.
Error: Nothing to do
>

Explanation

Microsoft’s repository not registered on machine.

Registered Repositories – Review

Let us review the yum repositories that we have registered.

yum repolist

Syntax


yum repolist

Output

Output – Image

yum.repolist.20181112.1028AM.PNG

Output – Textual

>yum repolist
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirrors.sonic.net
* extras: mirrors.usc.edu
* updates: sjc.edge.kernel.org
repo id repo name status
base/7/x86_64 CentOS-7 - Base 9,911
extras/7/x86_64 CentOS-7 - Extras 434
updates/7/x86_64 CentOS-7 - Updates 1,614
repolist: 11,959

 

/etc/yum.repos.d :- List Files

Syntax


ls -la /etc/yum.repos.d

Output

Output – Image

ls.etc.yum.repos.d.20181112.1033AM.PNG

Explanation

  1. The only repositories registered are CentOS

 

Registered Repositories – Update

Create File /etc/yum.repos.d/Microsoft.repo

Let us add Microsoft’s Redhat repository to the list of registered repositories.

Syntax


curl https://packages.microsoft.com/config/rhel/7/prod.repo | sudo tee /etc/yum.repos.d/microsoft.repo

Output

Output – Image

curl.tee.20181112.1035AM.PNG

Output – Textual

>curl https://packages.microsoft.com/config/rhel/7/prod.repo | sudo tee /etc/yum .repos.d/microsoft.repo
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 193 100 193 0 0 504 0 --:--:-- --:--:-- --:--:-- 505
[packages-microsoft-com-prod]
name=packages-microsoft-com-prod
baseurl=https://packages.microsoft.com/rhel/7/prod/
enabled=1
gpgcheck=1
gpgkey=https://packages.microsoft.com/keys/microsoft.asc
>

 

yum install

Using yum, let us install powershell.

yum install powershell

Syntax


sudo yum install -y powershell

Output

Output – Image
Output – Image – #1

yum.install.powershell.20181112.1037AM.PNG

Output – Image – #2

yum.install.powershell.20181112.1039AM.PNG

Output – Image – #3

yum.install.powershell.20181112.1041AM.PNG

Output – Image – #4

yum.install.powershell.20181112.1043AM.PNG

Output – Image – #5

yum.install.powershell.20181112.1045AM.PNG

 

 

Sample

Run Sample Scripts

Sample #1

Get PowerShell Version Number

Syntax


pwsh -Command "Write-Host((Get-Host).version) "

Output

Output – Image

powerShell.version.20181112.1218PM

Sample #2

Get Username for current user.

Syntax


pwsh -Command "Write-Host( 'Hello ' +  [Environment]::Username) "

Output

Output – Image

helloWorld.20181112.1137AM

 

Summary

Couple of quick points :-

  1. Installation Errors
    • Error :- Repository not available
      • Message
        • No package powershell available.
          Error: Nothing to do
      • Remediation
        • Update Repository – Add Microsoft
  2. In MS Windows, the Powershell executable is powershell.
    In Linux, is is pwsh.

 

 

Lance Lambert of Blessed Memory

Videos

  1. The Cost of Intercession by Lance Lambert
    • Profile
      • Lance Lambert, of blessed memory, speaks at one of The Jerusalem Channel’s conferences on the cost of being an intercessor for Israel and the nations.
    • Videos

 

In-depth

The Cost of Intercession by Lance Lambert

  1. Intercessor
    • The word intercession has been greatly devalued
    • Many people come to me claiming that they are an intercessor
    • Many people are in prayer
  2. Real Intercessor
    • An intercessory is the deepest prayer
    • Journey to the throne of God
  3. World
    • This world is essentially a Spiritual World
    • You can not see Satan, but he exists
  4. Soul Versus Spiritual
    • It is not a spiritual thing
    • It is a soul thing
  5. Real Intercessory
    • Begins when God Reveals his mind
      • Abraham
        • I will destroy this nation, Sodom
      • Moses
        • I will destroy these people
  6. What is the mystery
    • Why
      • Why do we have to pray into it when God has said he will do it
      • We are a load of  Problems
      • Why do we have to be mindful
    • It is a good Question, and I
      • If you do not pray, I will not answer
      • If you do not intercede, I will not fulfill my purpose
    • Reasons
      • God seeks fellowship
      • Come into a place where we can read the mind of God
      • Educated and Trained for Eternal Purpose

AWS – Identity and Access Management ( IAM ) – Switching Roles

Background

To better safe ground the system, it is best not to grant sensitive permissions to user accounts.  And, only grant those permissions to roles.  Users can then be granted membership to the roles.

To perform those sensitive actions, users will have to switch over to the provisioned roles.  Perform the actions. And, revert to their user account.

Administrative Function

The system administrator will have to the following :-

  1. Role
    • Create
      • Create Role
  2. Permissions
    • Grant
      • Grant permissions to Role
  3. Membership
    • Add principals to the Role
  4. Relationship
    • Trust Relationship
      • The role must have a trust relationship with the source profile to allow itself to be assumed.
    • Assume Role
      • Grant Principals permission to assume the role
      • The source profile must have permission to call sts:assume-role against the role

Sample Policies

AWS ( AWS Documentation » AWS Command Line Interface » User Guide » Configuring the AWS CLI » Assuming a Role ) has a good write-up here.

Role – Trust Relationship with User

sts.AssumeRole.20181110.0242PM

User – Permission to Assume Role

sts.AssumeRole.iamUserPermission.20181110.0249PM.PNG

GUI

Outline

  1. Access Switch Role ( Link )
  2. Enter Role’s Information
    • account_id_number–The 12-digit account identifier provided to you by your administrator.
    • role_name–The name of the role that you want to assume.
    • (Optional) text_to_display–The text that you want to appear on the navigation bar in place of your user name when this role is active.
    • Click on the “Switch Role” button
  3. Perform the activities that need the elevated permissions
  4. Revert from role to self

 

Images

Switch Role

role.SwitchRole.20181110.0452PM

Switched Role

role.Switched.20181110.0451PM.PNG

Command Line Interface ( CLI )

Client Preparation

Let us go over what it takes to prepare a client

Outline

  1. Configure Client’s Credential
  2. Configure Role via Profile Registration

Configure Client’s Credential

Upon installing AWS’s Command Line Interface, one needs to register his\her credentials.

This is done via launching a terminal or command console and issuing the register command.

Validate

Please validate whether you have already done so.

One pathway is through looking for the configure file.

Its location is OS Specific:

  1. Windows
    • Syntax :- C:\Users\[username]\.aws\credentials
    • Sample :- C:\Users\dadeniji\.aws\credentials
Syntax

aws configure

Steps

Please fill out the details such as :-

  1. AWS Access Key ID
  2. AWS Secret Access Key
  3. Default Region Name
  4. Default output format
Output

aws.configuration.20181109.1117AM.cleanedup.PNG

Effect

Once done the entries are saved in the credentials file.

  1. OS
    • Windows
      • Syntax :- C:\Users\[username]\.aws\credentials
      • Sample :- C:\Users\dadeniji\.aws\credentials

Configure Role via Profile Registration

Next create \ edit the configure file.

File Location

It’s location is OS Specific:

  1. Windows
    • Syntax :- C:\Users\[username]\.aws\configue
    • Sample :- C:\Users\dadeniji\.aws\configure
Nomenclature
  1. account_id_number
    • The 12-digit account identifier provided to you by your administrator
  2. role_name
    • The name of the role that you want to assume. You can get this from the end of the role’s ARN.
      • If the ARN is arn:aws:iam::403299380220:role/TestRole
        • The role’s name is TestRole
          • As role does not have a path
      • If the ARN is arn:aws:iam::403299380220:role/restaurant/TestRole
        • The role’s name is /restaurant/TestRole
          • As role has a path ( restaurant )
Syntax
[default]

[profile dba]
role_arn = arn:aws:iam::[account-id]:role/[role-name]
source_profile = default
region=[region]

Sample
[default]

[profile dba]
role_arn = arn:aws:iam::0611271771:role/dba
source_profile = default
region=us-west-2

Request

Let us request role processing

Outline

  1. Interactively
  2. Ongoing

Interactive

Overview

We are able to request role switching on each command that needs the designated privileges.

Sample Requests
  1. List IAM Users
    • aws iam list-users –profile adminMarketing
  2. List RDS Instances
    • aws rds describe-db-instances –profile adminMarketing
Actual Request ( as current user )

aws s3 ls

Textual

An error occurred (AccessDenied) when calling the ListBuckets operation: Access Denied

Image

withSwitchRoleRequestedInteractively.20181110.0400PM

Actual Request – Assume Role

aws s3 ls --profile dba

Textual

An error occurred (AccessDenied) when calling the AssumeRole operation: Access denied

Image

withSwitchRoleRequestedInteractively.20181110.0400PM

Textual

Unable to assume role.

Actual Request – Assume Role in debug mode

aws s3 ls --profile dba --debug

Textual

    return self._get_cached_credentials()
  File "C:\Program Files\Amazon\AWSCLI\runtime\lib\site-packages\botocore\credentials.py", line 576, in _get_cached_credentials
    response = self._get_credentials()
  File "C:\Program Files\Amazon\AWSCLI\runtime\lib\site-packages\botocore\credentials.py", line 698, in _get_credentials
    return client.assume_role(**kwargs)
  File "C:\Program Files\Amazon\AWSCLI\runtime\lib\site-packages\botocore\client.py", line 320, in _api_call
    return self._make_api_call(operation_name, kwargs)
  File "C:\Program Files\Amazon\AWSCLI\runtime\lib\site-packages\botocore\client.py", line 623, in _make_api_call
    raise error_class(parsed_response, operation_name)
botocore.exceptions.ClientError: An error occurred (AccessDenied) when calling the AssumeRole operation: Access denied
2018-11-10 14:31:35,342 - MainThread - awscli.clidriver - DEBUG - Exiting with rc 255

An error occurred (AccessDenied) when calling the AssumeRole operation: Access denied
Image

withSwitchRoleRequestedInteractivelyInDebugMode.20181110.0443PM

Textual
  1. Stack Trace that shows the functions called
  2. Return Code ( rc ) is 255

 

Summary

Will have to work with our AWS Administrators and review the permissions we have on the role.

I need to have the ability to assume the role.

Again, the specific areas that need scrutiny are:

  1. The role must have a trust relationship with the source profile to allow itself to be assumed
  2. And, each of us must have permission to call sts:assume-role against the role

AWS/CLI – AWS Identity and Access Management (IAM) – Basic Commands

 

What is ” Identity and Access Management (IAM)” ?

AWS Identity and Access Management (IAM) is a web service that you can use to manage users and user permissions under your AWS account.

Commands

Full

The current list of all IAM Commands is available here.

Covered

Here are the ones we will cover :-

Command Explanation Link
get-account-password-policy Retrieves the password policy for the AWS account. Link
get-group Returns a list of IAM users that are in the specified IAM group Link
get-user Retrieves information about the specified IAM user, including the user’s creation date, path, unique ID, and ARN.

If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID used to sign the request to this API.

Link
list-groups Lists the IAM groups that have the specified path prefix. Link
list-groups-for-user Lists the IAM groups that the specified IAM user belongs to. Link
list-group-policies Lists the names of the inline policies that are embedded in the specified IAM group. Link
list-roles Lists the IAM roles that have the specified path prefix. Link
list-users Lists the IAM users that have the specified path prefix. If no path prefix is specified, the operation returns all users in the AWS account. If there are none, the operation returns an empty list. Link

 

get-account-password-policy

Link

  1. Link
    Link

Syntax

get-account-password-policy

Sample

get-account-password-policy

Output

get-account-password-policy.20181109.0726PM

Explanation

  1. Policy
    • MinimumPasswordLength :- 8
    • RequireSymbols :- true
    • RequireNumbers :- true
    • RequireUppercaseCharacters :- true
    • RequireLowercaseCharacters :- true
    • ExpirePasswords :- true
    • MaxPasswordAge :- 180
      • Passwords have to be changed within 6 months
    • PasswordReusePrevention :- 6
      • Specifies the number of previous passwords that IAM users are prevented from reusing.

get-group

Link

  1. Link
    Link

Syntax

aws iam get-group --group-name [group-name]

Sample

aws iam get-group --group-name dba

Output

get-group.20181109.0739PM

Explanation

  1. Group Members are listed
  2. Group’s full path, Group Name, Group ID, and Arn

get-user

Link

  1. Link
    Link

Syntax

aws iam get-user [username]

Sample

aws iam get-user

Output

get-user.20181110.0713PM.PNG

Explanation

  1. List User’s information

list-groups

Link

  1. Link
    Link

Syntax

aws iam list-groups

Sample

aws iam list-groups

Output

list-groups.20181110.0744AM.PNG

Explanation

  1. List groups

list-groups-for-user

Link

  1. Link
    Link

Syntax

aws iam list-groups-for-user [username]

Sample

aws iam list-groups-for-user --user-name dadeniji

Output

list-groups-for-users.20181110.0719AM.PNG

Explanation

  1. List User’s Group

list-group-policies

Link

  1. Link
    Link

Syntax

aws iam list-group-policies --group-name [group-name]

Sample

aws iam list-group-policies --group-name dba

Output

list-group-policies.20181109.0749PM.PNG

Explanation

  1. List policies granted to the specified group

 

list-roles

Link

  1. Link
    Link

Syntax

aws iam list-roles

Sample

aws iam list-roles --path-prefix /aws

Output

Output – Textual


An error occurred (AccessDenied) when calling the ListRoles operation: User: arn:aws:iam::22:user/awsauth/dadeniji is not authorized to perform: iam:ListRoles on resource: arn:aws:iam::22:role/aws/

Output – Image

list-roles.20181110.1152AM.PNG

 

Explanation

  1. Permission denied
    • In our case we do not have permissions to list roles

 

list-users

Link

  1. Link
    Link

Syntax

aws iam list-users

Sample

aws iam list-users

Output

list-users.20181110.0729AM.PNG

Explanation

  1. List Users
    • Path
    • UserName
    • UserId
    • Arn
    • CreateDate
    • PasswordLastUsed

AWS / Identity Access Management ( IAM ) – List user’s roles

Background

Having problems switching roles.

Let us review the list of roles that my principal has access to.

Command Line Interface ( CLI )

Command

Syntax

aws iam list-roles

Sample

aws iam list-roles

Output

Output – An error occurred (AccessDenied) when calling the ListRoles operation

Text


Unable to locate credentials. You can configure credentials by running "aws configure".

Image

aws.iam.listRoles.20181109.1114AM.PNG

Explanation

Please register your account on current computer.

Issue “aws configure” :-

aws.configuration.20181109.1117AM.cleanedup.PNG

 

Output – An error occurred (AccessDenied) when calling the ListRoles operation

Text


An error occurred (AccessDenied) when calling the ListRoles operation: User: arn:aws:iam::[x1]:user/awsauth/dadeniji is not authorized to perform: iam:ListRoles on resource: arn:aws:iam::x1:role/

Image

aws.iam.listRoles.20181109.1118AM.PNG

Explanation

Insufficient permissions to list roles.

Browser

Please launch a web browser and access the URL https://console.aws.amazon.com/iam/home#/roles.

aws.roles.browser.20181109.1140AM.PNG

 

Summary

Need to work with our Administrators and make sure that I have sufficient permissions to list our roles.

 

Fulton John Sheen – American bishop (later archbishop) of the Catholic Church

 

Videos

  1. Fulton Sheen: The Fourth Great Crisis in the Church
    • Profile
      • This talk by Fulton Sheen relates to what he saw would become the fourth great crisis in the Church, and how a person that wanted to be a Catholic could both be in the world, but not be of it.
    • Videos
      • Video #1
        Channel :- Sensus Fidelium
        Published On :- 2016-Sept-7th
        Link

In-depth

  1. Fulton Sheen: The Fourth Great Crisis in the Church
    • Dead bodies flow downstream.  Only life bodies resist the current.
    • The Good Lord is testing us.
    • That is why the good Lord is testing us.
    • Test
      • He tested the Christian Russians with communism
      • He tested the Christian Germans with Nazism and how many failed
      • He is testing the Christian Westerners with Worldliness and how many are failing
      • He told the Jews I tested you in the wilderness for 40 years
        • And thou shalt remember all the way which the LORD thy God led thee these forty years in the wilderness, to humble thee, and to prove thee, to know what was in thine heart, whether thou wouldest keep his commandments, or no. ( Deuteronomy 8:2 )
    • They did not love us from the beginning and that is why they left us
      • They went out from us, but they were not of us; for if they had been of us, they would no doubt have continued with us: but they went out, that they might be made manifest that they were not all of us. ( 1st John 2:19 )
    • The souls that are leaving just failed the test
    • It only takes three weeks to go from Egypt to Canaan
    • Minority Report
      • And, that is what we are going to have in the Church, the minority report
      • The Minority Report of
        • The Minority Report of Sisters
        • The Minority Report of Priests
        • The Minority Report of Laity
    • Gideon
      • God to said to Gideon “Your Army is too great
        • Judges 7
          • The Lord said to Gideon, “You have too many men. I cannot deliver Midian into their hands, or Israel would boast against me, ‘My own strength has saved me.’
          • There are still too many men. Take them down to the water, and I will thin them out for you there. If I say, ‘This one shall go with you,’ he shall go; but if I say, ‘This one shall not go with you,’ he shall not go.”
          • So Gideon took the men down to the water. There the Lord told him, “Separate those who lap the water with their tongues as a dog laps from those who kneel down to drink.” 6 Three hundred of them drank from cupped hands, lapping like dogs. All the rest got down on their knees to drink.
    • That is what we have in the Church
      • Our numbers are being thinned
    • Satan will sieve you like wheat
    • Why should men love the Church?
    • Live your life in the full consciousness of these testing
    • And, rally close to the heart of Christ
    • Many that will not want to hear, less they be called upon to change
    • if there is anything that needs to change it is Violence
      • The kingdom is
      • One thing that will need to be changed is violence
      • Just as we drop something the World picks it up
        • We drop celibacy, the protestant
        • We drop long garments, the girls start wearing Maxi-coat
        • We drop mysticism, the young pick up pharmaceutical drugs
        • We drop disciple
          • We need more police men
          • More prisons
        • We gave up the sword, someone else picks it up
    • Peace
      • Our Lord said that I have come to bring War and not peace
      • He never said the Word peace until after Easter
      • Peace is never
        • Peace is never corporate
        • Peace is never social
        • Until it is at the Individual level
      • Intersection
        • Social Peace, World Peace is never possible until it is in our hearts
        • When we are not right with God, we can not be right with humans
    • We can not lose
      • We can not lose in fact, as we have already won
    • Come down and we will believe
      • The only enemy we will have is the one that stays come down and we will believe
        • Let him now come down from the cross, and we will believe him. ( Matthew 27:42 )
      • Talk Politics, we will believe
      • Tell us about the Social Order
      • It is human to come down, It is divine to hang there

Quotes

  1. General
    • “The refusal to take sides on great moral issues is itself a decision. It is a silent acquiescence to evil. The Tragedy of our time is that those who still believe in honesty lack fire and conviction, while those who believe in dishonesty are full of passionate conviction.”
    • “Patience is power.
      Patience is not an absence of action;
      rather it is “timing”
      it waits on the right time to act,
      for the right principles
      and in the right way.”
      ― Fulton J. Sheen
    • “If you don’t behave as you believe, you will end by believing as you behave.” ― Fulton J. Sheen
  2. Seven Words of Jesus and Mary: Lessons from Cana and Calvary
    • “Criticism of others is thus an oblique form of self-commendation. We think we make the picture hang straight on our wall by telling our neighbors that all his pictures are crooked.”
      ― Fulton J. Sheen, Seven Words of Jesus and Mary: Lessons from Cana and Calvary
  3. Fulton J. Sheen, Life Is Worth Living
    • “When a man loves a woman, he has to become worthy of her. The higher her virtue, the more noble her character, the more devoted she is to truth, justice, goodness, the more a man has to aspire to be worthy of her. The history of civilization could actually be written in terms of the level of its women.” ― Fulton J. Sheen, Life Is Worth Living
    • “A woman gets angry when a man denies his faults, because she knew them all along. His lying mocks her affection; it is the deceit that angers her more than the faults.” ― Fulton J. Sheen, Life Is Worth Living
    • “The difference between the love of a man and the love of a woman is that a man will always give reasons for loving, but a woman gives no reasons for loving.” ― Fulton J. Sheen, Life Is Worth Living
    • “A teacher who cannot explain any abstract subject to a child does not himself thoroughly understand his subject; if he does not attempt to break down his knowledge to fit the child’s mind, he does not understand teaching.” ― Fulton J. Sheen, Life Is Worth Living