ps/Modules/Cole.PowerShell.Developer/Scratch/2022-11-28.txt

$groupname = (Get-ADPrincipalGroupMembership -Identity (Get-ADComputer -Identity ($env:computername))).Where({ $_.Name -match 'GMSA' })
$grantAccountsDiskReadAccess = (Get-ADServiceAccount -Filter * -Properties PrincipalsAllowedToRetrieveManagedPassword).Where({ $_.PrincipalsAllowedToRetrieveManagedPassword -eq $groupname }).Name


servers that got turned on for deploys, why do we not clean up the tags after we are done???


C:\
Nag\ <-- only happens on primary nag


E:\
ORB\
Nag\ <-- deployed but not registered


Test-IsPrimaryNag {
    return (Test-Path C:\Nag)
}


Ask from cody to move the nag config into a structured file so we can be able to recover in case we lose the drive, which has happened in the past

We should be able to reapply this to a new server in the pod on demand (assuming someone ensured there is no active nag there)
First full commit 2023-05-30 22:51:22 -07:00			`$groupname = (Get-ADPrincipalGroupMembership -Identity (Get-ADComputer -Identity ($env:computername))).Where({ $_.Name -match 'GMSA' })`
			`$grantAccountsDiskReadAccess = (Get-ADServiceAccount -Filter * -Properties PrincipalsAllowedToRetrieveManagedPassword).Where({ $_.PrincipalsAllowedToRetrieveManagedPassword -eq $groupname }).Name`


			`servers that got turned on for deploys, why do we not clean up the tags after we are done???`




			`C:\`
			`Nag\ <-- only happens on primary nag`


			`E:\`
			`ORB\`
			`Nag\ <-- deployed but not registered`



			`Test-IsPrimaryNag {`
			`return (Test-Path C:\Nag)`
			`}`


			`Ask from cody to move the nag config into a structured file so we can be able to recover in case we lose the drive, which has happened in the past`

			`We should be able to reapply this to a new server in the pod on demand (assuming someone ensured there is no active nag there)`