31 lines
855 B
Plaintext
31 lines
855 B
Plaintext
|
$groupname = (Get-ADPrincipalGroupMembership -Identity (Get-ADComputer -Identity ($env:computername))).Where({ $_.Name -match 'GMSA' })
|
||
|
$grantAccountsDiskReadAccess = (Get-ADServiceAccount -Filter * -Properties PrincipalsAllowedToRetrieveManagedPassword).Where({ $_.PrincipalsAllowedToRetrieveManagedPassword -eq $groupname }).Name
|
||
|
|
||
|
|
||
|
servers that got turned on for deploys, why do we not clean up the tags after we are done???
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
C:\
|
||
|
Nag\ <-- only happens on primary nag
|
||
|
|
||
|
|
||
|
E:\
|
||
|
ORB\
|
||
|
Nag\ <-- deployed but not registered
|
||
|
|
||
|
|
||
|
|
||
|
Test-IsPrimaryNag {
|
||
|
return (Test-Path C:\Nag)
|
||
|
}
|
||
|
|
||
|
|
||
|
Ask from cody to move the nag config into a structured file so we can be able to recover in case we lose the drive, which has happened in the past
|
||
|
|
||
|
We should be able to reapply this to a new server in the pod on demand (assuming someone ensured there is no active nag there)
|
||
|
|
||
|
|
||
|
|