Importing SCOM management packs after update rollup installation

So you installed new SCOM Update rollup. As you know procedure is to install new versions of management packs from folder “Management Packs for Update Rollups”. You can check procedure on this post. This is usually repeating task and sometimes we install management packs we don’t need. to make it easier I wrote script that will firstly check for installed MPs on local server and than look for new versions in  “Management Packs for Update Rollups” folders. If there is a new version it will install management packs. You can modify script easily and change to make it more suitable for you. It is maybe not SCOM friendly script but usually there is no much changes in management packs for update rollup besides new versions of files.

To download it visit TechNet Gallery link

Enjoy time you gain and use it wisely

Getting IP addresses from DNS debugging logs

I am now in process of migrating old AD/DNS integrated servers and promoting new ones. In complex/big environments you can not control everything. That is why before shutting down old ones I turn on DNS debugging to check which clients/servers still use them.

But logs are big and confusing. I turned to Powershell for help to get list of unique IP values. Logs look like this.

To keep things short I need to get IP string from txt file. This is my short script how to do it using regular expression, which is not correct, but work in this case. First thought was to do csv, but I managed to found Select-string  cmdlet

$inputfile='C:\users\ipuhalo\desktop\dnslogovi.txt'
$outputfile='C:\users\ipuhalo\desktop\dnsipadress.txt'
$regex=‘\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b’
Select-String -Path $inputfile -Pattern "$regex" -AllMatches | % { $_.Matches } | % { $_.Value } |Sort-Object | Get-Unique > $outputfile 

I am waiting for my working buddy to give me peace of code to transfer ip adresses to host name if available. I will update it then. You can contact me if you need explanation. Maybe then I will think more about how this works Smile

Getting to know SCOM agent patch version

This week I started again my SCOM lab, and wondered how to find out which patch version of SCOM I am running. I want  simple and clean solution. First I found build numbers on this link https://buildnumbers.wordpress.com/scom/ . Later  I also found in my scripts SQL query from some time ago. It query Operations Manager database to get patch version of agents.

select bme.path AS 'Agent Name', hs.patchlist AS 'Patch List' from MT_HealthService hs 
inner join BaseManagedEntity bme on hs.BaseManagedEntityId = bme.BaseManagedEntityId 
order by path

You will get list in this format

image

But we have Powershell now. Why bother with SQL. It is very easy to get to the command. I added some extras and this is outcome

get-scomagent | select HealthState, displayName, Version, Patchlist | sort-object -Property Displayname | ft Healthstate, displayName, Version, Patchlist -AutoSize

After you run it you will get nice list of scom agent list sorted by DisplayName

image

To get to know version of management server patch level procedure is a little bit more complicate. Please refer to this script example for UR7.  https://jurelab.wordpress.com/2015/09/18/check-if-scom-2012-r2-infrastructure-was-upgraded-to-ur7-ps-script/ 

Jure is checking file versions, so script is different for every update rollup. I don’t like this script. If I write my own it will be better Smile

How to install Putty with PowerShell?

Lately I am very keen on learning DSC and I am using Microsoft Virtual Academy tutorial Getting Started with PowerShell Desired State Configuration (DSC). In last lesson there is Linux DSC configuration task, and application I needed to install was Putty. OK I said! Lets do it with PowerShell.

What is OneGet? It is package installer that give you ability to browse, install, update and uninstall software packages from online or local provider. It is what Linux have long time ago (APT-Get –Debian, yum – CentOS ….) I already had installed WMF 5.0 (aka PowerShell 5.0) and OneGet module . You can find all instruction and downloads on links I provided.

How it works. I stole this part from this blog just to show workflow but you can read it all if you like.

 

Workflow

From my understanding this is how the OneGet module interact with the package manager like Chocolatey.

  1. Load OneGet module in PowerShell. OneGet is the common interface for interacting with any Package Manager (Plugins).
  2. Then use a Provider for each Package Manager that plugs into OneGet. (Providers do all of the actual work, fetching content from the repositories and doing the actual installation.)
  3. The package manager will then query its software repository to retrieve the package. In this example Chocolatey use it’s own set of Cmdlets (see below in this post)
  4. The package manager then download a configuration file OR get the URI where it will find the instruction to install the package. In the case of Chocolatey, a configuration file is downloaded from the repository and saved locally in C:\Chocolatey\lib\<APPNAME>\Tools,
  5. The Provider will then execute the configuration file and download the actual software (+ its dependencies) from a repository, and obviously install it…. silently 🙂

OneGet_Workfow_v8

 

Lets do it. If you have all set up run this line

find-package *putty*

image

As you can see there is a list of all putty software packages available. we will jus simple use

install-package putty

image

image

It will install automatically putty and putty portable like software dependency. I was already installing putty so folders already existed, but first time install it will be created. So where it is. You can find all package installations under c:\chocolatey\lib by default. If you want to install software under different folder you can use –Destination parameter  in install-package command

Lets go find putty

image

Run it and V’oila . Putty is there

image

Local user managament Powershell module

I had  task another day to create 30+ local users on two different servers that provide Remote App to external users. Logical path would be to federate with our external users, but  they don’t have AD infrastructure.  We choose (I to be exact) to create local users and to give them access to RDP servers with application they need. I was thinking  “OK, now I create csv file import it, and create users easily with PS cmdlet for creating users!” I was so naive. PoweShell doesn’t have module to work with local users. I don’t know what they are doing in Microsoft but it is so basic. Maybe I didn’t search good enough on Internet  but I found two self made PoweShell modules that help. One is  Local Account Management Module 2.1 that I tried but what ever I do I get this error

image

I gave up. In comments I found out that something is wrong in project and should be changed. It will work on stand alone computers, but if you changed local Account policy it will not work.

I chosen next one Local User Management Module and bingo. This one work. For more help on this module go  to this link1 & link2. How to do it. Save the script like localuser.psm1 file and put in  folder by name for example localusermodule. Then put folder in your personal or default module path. You will find that location like this by power of PS:

 

get-item env:\PSModulepath | fl

You will get next result. Copy folder to any of these folders

image

After that to be certain that you can list module type next command and import module:

get-module -listavailable
import-module localusermodule

image

You will get these cmdlets (lets call it that way Winking smile):

image

Now Create csv file you data and columns names and run this little script for importing multiple users and adding them to local user group for accessing Remote desktop. I hope I helped someone. Microsoft please add Powershell module for local users and groups! If you did please let me now!

Import-Module -Name LocalUserModule

If(!(Test-IsAdministrator)) { &quot;This module requires admin rights.&quot; ; exit }

Import-Csv 'C:\Users\superip\Documents\book1.csv' |

Foreach-Object {

  New-localuser -username $_.username -password $_.password -description 'elta kabel korisnik' 

  Set-LocalGroup -userName $_.username -GroupName 'Remote Desktop Users' -add 

}

Remove-Module -Name LocalUserModule

Deleting inactive computer accounts in Active Directory with PowerShell scripts

 

After some years of AD life in your company  you will probably get a lot of computer accounts in AD that are not used anymore. How we clean AD from this kind of objects? Let’s start with how to identify them. Computer account have two attributes that can maybe help. LastLogon and LastLogonTimeStamp. Only one of these will give us right status of computer account. LastLogon represent time of last logon on domain controller we are connected with and checking this attribute. LastLogonTimeStamp will give us last computer account logon on all domain. We will use this value to determine old computer account.

image

LastLogonTimeStamp value represent number of 100-nanosecond intervals that have elapsed since the 0 hour on January 1, 1601 till the date/time that is being stored. If you want to convert this value to normal readable format you can use this Windows command

w32tm.exe /ntte 128271382742968750
148462 05:57:54.2968750 - 24.6.2007. 6:57:54

This command converts LastLogontimeStamp value to number of days + hours, and then it converts it to date and local computer time (+1 CET).

Lets  get all computer account from our AD that has LastLogonTimeStamp older than specified time (2 years) and export it to csv file with some attributes. Before doing anything you need to run “import-module ActiveDirectory” in powershell window  We will use this Powershell script:

$time = (Get-Date).AddYears(-2)  

Get-ADComputer -Filter {LastLogonTimeStamp -lt $time} -Properties * | select name, distinguishedname| export-csv computers.txt
 

you will get computers.txt csv file with all computer account with LastLogonTimeStamp older than 2 years. If you just don’t care you can simply pipe this output and remove computer accounts with command Remove-ADComputer. Script will look like:

$time=(Get-Date).AddYears(-2)

Get-ADcomputer -Filter {LastLogonTimeStamp -lt $time}  -Properties name, lastlogondate | Remove-ADComputer 

You will probably want to have some control, so lets make script to delete computer account objects from import-csv values. It is little complication but with my knowledge of Powershell it is only way I know. First of all we will use csv file we get earlier from previous script.

$adcomputer= import-csv C:\users\username\computers.txt

foreach ($comp in $adcomputer)
{

$distinguishedname= $comp.distinguishedname

Remove-ADObject -Identity &quot;$distinguishedname&quot; -Recursive -Confirm:$true

}

Why I used Remove-ADobject instead of Remove-ADComputers? Because if you use Remove-ADComputers you will probably get this error: “The directory service can perform the requested operation only on a leaf object.” It means that computer account hide some more objects inside computer account. Not all but some are.  You can see it only with ADSIEdit tool. Remove-ADcomputers can not remove leaf objects, and that’s why we use Remove-ADObject with –Recursive switch to delete all objects down under. I put confirm true but you can set it false if you don’t want to confirm every deletion yourself

Powershell remote to Azure virtual machine SSL problems

Hi, I wanted to start powershell remote to azure virtual machine but this is what I get.

PS C:\Users\ipuhalo> enter-pssession -computername igymo2.cloudapp.net -credential igor -usessl
enter-pssession : Connecting to remote server igymo2.cloudapp.net failed with the following error message : The server
certificate on the destination computer (igymo2.cloudapp.net:5986) has the following errors:
The SSL certificate is signed by an unknown certificate authority. For more information, see the about_Remote_Troublesh
ooting Help topic.
At line:1 char:1 enter-pssession -computername igymo2.cloudapp.net -credential igor -usessl
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (igymo2.cloudapp.net:String) [Enter-PSSession], PSRemotingTransportExce
   ption
    + FullyQualifiedErrorId : CreateRemoteRunspaceFailed

 

Because it is self signed certificate you should import it on your pc so that you can trust this publisher. How to do it. In IE10 I couldn’t find the way to view and install certificate. You can do it with some other browsers like Firefox but not with IE. If you know the way please tell me. That’s why I did something else. I connected to Remote desktop  on virtual machine and open certificate snap in in mmc console.  Under personal find your certificate and export it to cert file without private key

image 

Copy that file to your local pc, open mmc console with current user certificate snap in. Import certificate to Trusted root Certification Authority folder. After import you will confirm this security warning about untrusted publisher

image

After that you will be able to Powershell remotely to Azure virtual machine.

image