ORGANISATIONAL CONTEXT:
I work for a relatively small MSP, so our environments are quite diverse.
I am a sysadmin, co-functioning as “tech lead / escalation filter” for our helpdesk/tier 1 support. If one of them have technical questions, they should generally come to me first.
If I can’t help, I make sure they escalate the issue to the correct tech/department/contact.
PSU has resparked my interest in PowerShell, and throughout the past couple of months I’ve built various tools with it for a multitude of reasons. Such as:
- To automate recurring tasks, as well as easing the “learning curve” for our helpdesk i.e. helping them understanding troubleshooting steps through a simplified interface.
- To avoid mistakes
- Example: On/offboarding processes vary greatly among our clients. Hybrid (Exchange) environments were particulary prone to human errors. Automating these tasks avoids errors as well as improving client satisfaction.
- These scripts/dashboards are not included in this post, but if anybody is interested I’ll try to post them as soon as I find them satisfactory.
- To avoid recurring questions (for both myself and my colleague’s)
- To save time
- This goes a couple of ways. Our company generally bills by the quarter of an hour at minimum;
- We can still bill the time spent as we did before, but now the task takes us only a couple of clicks. (Business is business)
- Some of our clients are billed a fixed price per user per month, so the time saved still benefits us.
- To improve my own PowerShell skills / to teach myself / to teach others
- I gotta be honest… I thought I was pretty proficient with PowerShell/automation, but PSU has humbled me in the best of ways. The last couple of months, I’ve learned more by slowly expanding PSU than any other PowerShell-related project so far.
TECHNICAL CONTEXT:
- Client-specific credentials are managed through the PSU Secret store.
- Client-specific parameters/information that’s more ambiguous is managed through the PSU API with JSON files.
- Authentication is all done through Azure AD/OIDC with DUO MFA, and AppTokens.
Anyways, here’s the current main dashboard for our helpdesk. I’ll summarize all the tools:
1. PassGen / Send SMS
- Custom password-generator for multiple languages
- Custom syntax to make the passwords user friendly yet complex enough for most systems / password requirements
- (OPTIONAL) Send the generated password to the user by SMS after verification by phone
2. Custom SMS
- Send a SMS with a custom multiline message
3. VM Host lookup
- Oftentimes our tier 2 needs to expand VM resources when our monitoring notifies. This form finds the required VM, and associated host.
- Back in the day we manually clicked through the list of hosts, but we have too many hosts to do that now…
4. DNS Lookup
- Basically a form around Resolve-DnsName. Pops up a modal with some options such as SPF syntax validation. This is mainly used for SPF records.
- Going to add some features to this such as a check for max. DNS lookups (RFC7208)
5. DNS Lookup for our main domain/DNS registrar
- Uses the API of our registrar. Working on some tools to make direct changes without using their control panel.
- Also working on a module to easily copy/transfer DNS zones between this provider and Azure… For failover reasons…
6. ASB/PBX Lookup
- We manage hosted VOIP servers and admin panels. This is to find which server/panel a client is hosted on. (Our provider is working on their own tool, which will be better)
7. RIPE/ARIN/RIR Lookup
- Basically a WHOIS wrapper for IP address lookups at multiple RIR’s. This is mainly used to see if an IP address is managed by us, or to see where a visiting IP address is from.
8. SSL-Certs
- Multiple custom tools/options for SSL-Certificate management through our main registrar’s API
- Has some custom options for ease-of-use; mainly for certificate management on our webservers
Some of the forms/code are mixed language-wise (NL/EN). I know.
I’ll post some of the code later, as I’m sure there are a lot of improvements to be made in my code, as well as in my (general) way of doing things.
So if anybody has any pointers or questions, I’d be happy to hear them.
Special thanks to Adam and the rest of Ironman Software for building this “suite”, and building/improving the (PowerShell/Windows/Sysadmin) community.
I’d love it for you guys to teach me some things on a more personal basis sometime.
Thanks so far.
Tom