Tuesday, April 25, 2023

Microsoft Family Safety























What is the Microsoft Family Safety?

It is a free service offered by Microsoft that allows you to manage your family's devices and share information.  Much like the google family link service, but is for use with all of Microsoft's services such as office, xbox game services, screen time tracking, and reporting.

What do you need to use this?  All you need is an email address, it can be from any service.  My wife and I both have Microsoft accounts we are using with the service and the kids have an associated Gmail account (because Chromebooks).



You will send an invite to an already active email; or you will have to create an account.



When you set them up, they will have the option of being setup as a managed user or as a family organizer.  The organizer is an "administrator" and settings for restrictions are not applied to them.  If there is more then one family organizer the only options another organizer has is to remove them from the family group.



Adding a family member as a standard account you have many more features that you can control.




Overview

The overview for the accounts is where you modify a number of the account settings, which is specific to each managed family member.  You can also modify setting though the manage consent settings.





Connecting A Device




The PC Account needs to be a standard user.  XBox, Android and iOS devices are also supported.  If want to setup limits you have to do so for each child there isn't a global setting you can apply to the family users.  Settings have to be applied individually.




You can specify scheduled times, to limit screen time and what games are playable on the devices.



Content Filters

Content filters come in two sections Web and Search then Apps and Games.  You can specifiy specific website to be allowed only or block specific websites.  You can set age limits for games and any apps you don't want your kids to have access to.




The real power in Family Safety is the calendar and one note features for family.  Being able to automatically add everyone to add items for Grocery lists; or having the shared calendars for family to automatically show up for everyone is fantastic.




If you haven't set it up I highly recommend setting this up for your family; keep in mind that all family members will get a basic Microsoft account; which gives them 5GB of one drive space and access to the online versions of Word, PowerPoint and Excel.  The free service is quite comprehensive, and helps me keep an eye on my family.

https://www.microsoft.com/en-us/microsoft-365/family-safety

Monday, April 24, 2023

Using PowerShell to send scheduled emails based on a php generated xml file

Laptop Lending Locker
Laptop Lending Locker
D-Tech International has some vey nice equipment, and it works pretty well.  When these were purchased they were to send out the following email notices.

  1. When a laptop is borrowed with the date and time that it is due back
  2. an email notice 15 minutes before it is due
  3. an email notice if it is overdue
  4. an email notice when it is returned
Unfortunately not all the emails worked.  The 15 minute notice and the overdue notice were not working properly.  Email notices were sent when the laptop was taken out and when it was returned but not at the 15 minutes before it is due or when it is overdue.  Since the system is using a SirsiDynix ILS system it has a server called Horizon Web Services; which is more/less an API connector for the ILS Database.  

A php script generates a XML file which we will use to generate scheduled tasks for each laptop that is borrowed.  Those tasks will run at specific times to send notices out to the user that borrowed it.  The notice times obviously need to be flexible and only generate and send a notice for the laptop that is due within the operating hours of the location.

To do all this we are going to use powershell.  Below is how the XML file is generated and structured.

XML File

<notices>
<laptopCirc>
<displayName>Name</displayName>
<barcode>2222200xxxxxxx</barcode>
<emailAddress>email@domain.com</emailAddress>
<checkOutTime>2023-04-24T10:21:00-06:00</checkOutTime>
<timeDue>2023-04-24T14:21:00-06:00</timeDue>
<laptopName>Laptop 2</laptopName>
</laptopCirc>
</notices>

 

The Process:


The emails for the borrowing and the returning of the laptops work great.  However because this is something I can code and control the following notices will be generated.
  • 15 minute pre-due notice
  • Notice that the laptop is due
  • 15 minute overdue notice
  • 15 minute pre-closing notice
  • Laptop not returned the next day notice

There will be 11 different files.  A powershell script with a bat file for executing the powershell script as to not change the default powershell security model on the system.  Below is a sample of the scripts for generating the task scheduler and email notices.

The Scripts:


Obviously because of the locked down security model we are going to use task scheduler to run bat files to execute our powershell scripts.  Our bat file must contain the $Path that goes to our powershell file.  Below is a sample file.


The Bat Files:


@ECHO OFF
Powershell.exe -executionpolicy remotesigned -File  $PATH\LaptopsDue.ps1

Powershell Files:


Generate Notices (Sample) - This is the biggest and most complex file; as this is the one that makes and removes our scheduled tasks.  Below is a sample of the script which will be provided at the end of the post.

#update the generated xml file from the php script (status.xml)
$WebResponse = Invoke-WebRequest "$URL/generate.php" -UseBasicParsing
$WebResponse

#URL to get the laptops data
$url = "$URL/status.xml"

#store the laptop xml file
$filename = "$PATH\status.xml"

$webClient = new-object System.Net.WebClient
$webClient.DownloadFile( $url, $filename )

#load the xml file we downloaded
[xml]$xml = get-content "$PATH\status.xml"

#check and see if there are any checked out laptops
#if there are laptops checked out laptops
if ($xml.notices.laptopCirc -ne $null){
    Write-Output "there are checked out laptops"
}else{
#if there are no checked out laptops
    Write-Output "There are NO check out laptops"
    exit
}
#Write-Output $xml.notices.laptopCirc

#here is where we sort the xml file
$xml.notices.laptopCirc | ForEach-Object {
###
#Conversions for date and time for creating tasks
###
$DueTime = [datetime]::ParseExact($_.timeDue.substring(0, 19), 'yyyy-MM-ddTHH:mm:ss', $null)
$PreTime = [datetime]::ParseExact($_.timeDue.substring(0, 19), 'yyyy-MM-ddTHH:mm:ss', $null)
$OverTime = [datetime]::ParseExact($_.timeDue.substring(0, 19), 'yyyy-MM-ddTHH:mm:ss', $null)

#Create Timestamps
$PreTS = $PreTime.AddSeconds(-900).ToString('MM/dd/yyyy HH:mm:ss')
$OverTS = $OverTime.AddSeconds(+900).ToString('MM/dd/yyyy HH:mm:ss')
$DueTS = $DueTime.AddSeconds(+0).ToString('MM/dd/yyyy HH:mm:ss')

#get current Date & Time
$nowTime = (Get-Date).ToString('MM/dd/yyyy HH:mm:ss').substring(11,5)
$nowDate = (Get-Date).ToString('MM/dd/yyyy HH:mm:ss').substring(0,8)
$nowTS = Get-Date -Format yyyy-MM-ddTHH:mm:ss


###TIME CHECK###
$whatDay = (get-date).DayOfWeek
if ($whatDay -match 'Monday|Tuesday|Wednesday|Thursday' -and $nowTime -gt "10:00" -and $nowTime -lt "20:45"){
 Write-Output "Today is "+ $DayOfTheWeek
###Notices for Monday - Thursday
###NOTICES###
#Pre-Over Due Notice
$taskName = $_.laptopName+"_PreOverDue"
if(Get-ScheduledTask $taskName -ErrorAction Ignore) { 
Write-Output "Task Found" 
} else { 
$actions = (New-ScheduledTaskAction -Execute '$Path\LaptopPreDue.bat' -WorkingDirectory '$PATH')
$trigger = New-ScheduledTaskTrigger -Once -At $PreTime.substring(11, 5)
$principal = New-ScheduledTaskPrincipal -UserId '$user' -RunLevel Highest 
$settings = New-ScheduledTaskSettingsSet -RunOnlyIfNetworkAvailable -WakeToRun
$task = New-ScheduledTask -Action $actions -Principal $principal -Trigger $trigger -Settings $settings
#taskname
$taskName = $_.laptopName+"_PreOverDue"
Register-ScheduledTask $taskName -InputObject $task
}


    [PSCustomObject]@{
   
    'displayName'   = $_.displayName
    'barcode'       = $_.barcode
    'emailAddress'  = $_.emailAddress
    'checkOutTime'  = $_.checkOutTime
    'timeDue'       = $_.timeDue
    'laptopName'    = $_.laptopName



###

#        'id'        = $_.id
#        'name'      = $_.name
#        'status'    = $_.status
#        'checkout'  = $_.checkout
#        'due'       = $_.due
#        'email'     = $_.email

}


}


Item Due Email Notice (SAMPLE)


#URL to get the laptops data
$url = "$URL/status.xml"

#store the laptop xml file
$filename = "$PATH\status.xml"

$webClient = new-object System.Net.WebClient
$webClient.DownloadFile( $url, $filename )

#load the xml file we downloaded
[xml]$xml = get-content "status.xml"

#here is where we sort the xml file
$xml.notices.laptopCirc | ForEach-Object {

#Conversions for date and time for creating tasks
$TimeDueTS = [datetime]::ParseExact($_.timeDue.substring(0, 19), 'yyyy-MM-ddTHH:mm:ss', $null)


#Timestamps
#$CurrentTimeStamp 
#add time to time due if required
$DueTime = $Due_Conversion.AddSeconds(+0).ToString('MM/dd/yyyy HH:mm:ss')


#get current time
$CurrentTime = (Get-Date).ToString('MM/dd/yyyy HH:mm:ss')
$CurrentTimeStamp = Get-Date -Format yyyy-MM-ddTHH:mm:ss


$removeTask = $_.laptopName+"_Due"
$isDue = $DueTime.substring(11, 5)

#Send an email if the laptop is due
if ($CurrentTime -match $DueTime){
#send an email if the current time matches the time due.  Remove the task once the email is sent
#Write-output $_.laptopName $_.emailAddress
$emailBody = "Hello "+$_.displayName+",
Your laptop is now overdue and needs to be returned to the locker. If you need help with saving your document or the return process, please ask Staff. 

Laptops are loaned for a maximum of 4 hours"
$emailSubject = "Please return "+$_.laptopName+" to the locker"
$emailSubject
Send-MailMessage -Encoding UTF8 -From '$FROM ADDRESS' -To $_.emailAddress -Subject $emailSubject -Body $emailBody -smtpserver '$SMTPSERVER'
Unregister-ScheduledTask -TaskName $removeTask -Confirm:$false
}



    [PSCustomObject]@{
   
    'displayName'   = $_.displayName
    'barcode'       = $_.barcode
    'emailAddress'  = $_.emailAddress
    'checkOutTime'  = $_.checkOutTime
    'timeDue'       = $_.timeDue
    'laptopName'    = $_.laptopName


}
}

I have a scheduled task that runs every 5 minutes checking to see if a laptop is checked out; if it is it creates the notices; if not then it exits the script.  If there is a notice already made it skips creating it again.  It works really well.





How to migrate PFSense Over to KEA DHCP Server from ISC DHCP Server

I am a PFSENSE User and I manage PFSENSE for some other organizations and the time has come to make the switch for the DHCP Server over to K...