All Systems Operational SOC Monitoring: 24/7 Active Coverage: On-Prem · Cloud · Hybrid --:--:-- UTC

Support &
How-To Guides

Step-by-step walkthroughs for getting the most out of our free scripts and tools — from first-time PowerShell setup to advanced module installs. Click any guide to expand it.

Running a Downloaded PowerShell Script for the First Time BASIC

▼ EXPAND

Windows blocks downloaded scripts by default. Here's the safe way to run any .ps1 from our library.

1

Unblock the file

Downloaded files carry a "Mark of the Web." Right-click the .ps1 → Properties → check Unblock → OK. Or via PowerShell:

Unblock-File -Path .\vmware-vm-inventory.ps1
2

Open PowerShell in the script's folder

In File Explorer, navigate to the folder, then type powershell in the address bar and press Enter. For admin tasks, right-click Start → Terminal (Admin).

3

Allow script execution for this session only

Rather than changing the machine-wide policy, scope it to the current session:

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope Process
⚠ -Scope Process resets when you close the window — the safest option for one-off runs.
4

Review, then run

Always read a script before running it — every script on this site is plain text and commented. Then:

.\vmware-vm-inventory.ps1 -vCenter vcenter.yourdomain.com

Installing VMware PowerCLI (for vSphere 7 & 8 Scripts) BASIC

▼ EXPAND

All of our VMware scripts require the official PowerCLI module. One-time setup:

1

Install the module from PSGallery

Install-Module VMware.PowerCLI -Scope CurrentUser
⚠ If prompted about an untrusted repository, answer Y — PSGallery is Microsoft's official module repository.
2

Handle self-signed vCenter certificates

Most internal vCenters use self-signed certs. Either pass -SkipCertCheck to our scripts, or set it globally:

Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -Confirm:$false
3

Test the connection

Connect-VIServer -Server vcenter.yourdomain.com Get-VM | Select-Object -First 5 Disconnect-VIServer -Confirm:$false
4

Keep it updated

Update-Module VMware.PowerCLI

PowerCLI 13.x supports both vSphere 7 and vSphere 8 environments.

Connecting to Microsoft Graph for M365 Scripts INTERMEDIATE

▼ EXPAND

Our M365/O365 scripts use the modern Microsoft.Graph module — MSOnline and AzureAD are deprecated. Setup:

1

Install Microsoft Graph PowerShell

Install-Module Microsoft.Graph -Scope CurrentUser
⚠ This is a large module — installation can take several minutes. For Exchange-specific scripts also run: Install-Module ExchangeOnlineManagement
2

Connect with only the scopes you need

Each script header lists its required scopes. Example for the license inventory script:

Connect-MgGraph -Scopes "User.Read.All","Directory.Read.All"
3

Grant admin consent if prompted

First-time scope use opens a browser sign-in. A Global Admin may need to approve the permission for the tenant. Read-only scopes (Read.All) cannot modify anything.

4

Disconnect when finished

Disconnect-MgGraph

Running AIX & Linux Scripts from Our Library BASIC

▼ EXPAND

Our .ksh and .sh scripts run on AIX 7.x, RHEL, and most modern Linux distributions.

1

Transfer the script to the server

scp aix-lvm-report.ksh user@aixhost:/tmp/
⚠ If you downloaded on Windows, line endings may be CRLF. Fix on the target with: sed -i 's/\r$//' /tmp/aix-lvm-report.ksh (Linux) or use dos2unix.
2

Make it executable

chmod +x /tmp/aix-lvm-report.ksh
3

Run it

/tmp/aix-lvm-report.ksh

Scripts that need root (LVM, errpt, filesystem operations) will say so in their header comments — run those with sudo or as root.

Troubleshooting an AD Account Lockout — Quick Workflow INTERMEDIATE

▼ EXPAND

The fast path from "user is locked out" to root cause, using our free AD scripts.

1

Confirm the lockout and find the source DC

Run our AD Locked Accounts script (or query directly) to find the lockout origin:

Get-ADUser jsmith -Properties LockedOut,badPwdCount,lockoutTime | Format-List
2

Check the PDC emulator's Security log

Lockout events are always forwarded to the PDCe. Look for Event ID 4740 — the "Caller Computer Name" field reveals which machine sent the bad passwords:

Get-WinEvent -ComputerName (Get-ADDomain).PDCEmulator -FilterHashtable @{LogName='Security';Id=4740} -MaxEvents 20 | Where-Object { $_.Message -match 'jsmith' } | Format-List TimeCreated, Message
3

Hunt down the stale credential

On the offending machine, the usual suspects: saved credentials in Credential Manager, mapped drives, scheduled tasks, services running as the user, mobile devices with old Wi-Fi/email passwords, and disconnected RDP sessions.

cmdkey /list qwinsta /server:OFFENDING-PC
4

Unlock and verify

Unlock-ADAccount -Identity jsmith

Watch badPwdCount for the next hour — if it climbs again, the stale credential is still active somewhere.

Need Hands-On Help?

If a script isn't behaving, you've hit an infrastructure problem these guides don't cover, or you'd rather have a professional handle it — that's literally what we do. Managed IT, server administration, and one-off projects across Windows, VMware, Azure, AIX, and Linux.

GET SUPPORT →