Category Archive: Scripts

Sep 26

PowerShell Profile

This is basically the profile posts from http://www.snowland.se (which is written as different posts by Rikard Rönnkvist) and simply put together in a single profile script which I use on all of my Windows boxes:

Permanent link to this article: http://www.cluberti.com/blog/2015/09/26/powershell-profile/

Jan 20

Network Connections dialog empty / teaming “Host Unmanageable” – fix

I’ve run into this with increasing frequency in my Server 2012R2 clusters, and it ended up being WMI corruption. IPConfig would show correct IP addressing (and even the teamed NICs created with Windows teaming), and ping would work; however, the network connections dialog box (ncpa.cpl) was completely empty, Server Manager said teaming was disabled, launching the teaming administration page (lbfoadmin.exe) would show “Host Unmanageable” as the status, and attempting to make any connection to any other machine other than ping would result in failure (for example, \\server\share would fail immediately with the host being unavailable).

Here are the steps I needed to use to get the machines up and running again (and I’ve restored from failed backups on a few to test and retest these steps, and in this particular order which did seem to matter, to validate):

 

Permanent link to this article: http://www.cluberti.com/blog/2015/01/20/network-connections-dialog-empty-teaming-host-unmanageable-fix/

Jan 12

Make WMI more robust to large volumes of queries

Ever had a machine where WMI stopped working properly and needed to be rebuilt?  Was it running something that does high volumes of WMI calls (like System Center agents, or Tivoli, or HP OpenView (to name a few regular problem children – I’m sure you can think of more)?

Here’s a PS script I run to increase memory per WMI process (and globally across the machine) available to WMI, as well as modifying it in the boot order (if you rely on RSOP, WMI’s default configuration means it’s possible it won’t be completely loaded properly when Group Policy runs, and can cause RSOP issues, amongst other things).

$oWMI=get-wmiobject -Namespace root -Class __ProviderHostQuotaConfiguration
$oWMI.MemoryPerHost=768*1024*1024
$oWMI.MemoryAllHosts=2048*1024*1024
$oWMI.put()

Set-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Services\Winmgmt -Name 'Group' -Value 'COM Infrastructure'
winmgmt /standalonehost

 

Permanent link to this article: http://www.cluberti.com/blog/2015/01/12/make-wmi-more-robust-to-large-volumes-of-queries/

Sep 05

Put agent into maintenance mode remotely via PowerShell in SCOM 2012 R2

Our SCOM monitoring environment monitors one of our provisioning environments, where machines come and go regularly. These hosts are potentially in many, many different groups depending on function, and they can come and go many times a day. Yes, a group can be put into maintenance mode easily, but doing so for a host, remotely, isn’t necessarily as easy. Here’s a PowerShell script (created after reading about something similar on the Coretech Blog, here) that takes machine names passed in as the first parameter, places all machine names in an array, and sets each machine into maintenance mode in a particular SCOM management group. There’s little error checking here, so if you wanted to make this more robust, you’d probably want to add some parameter validation, etc. Without ado, here it is:

Permanent link to this article: http://www.cluberti.com/blog/2014/09/05/put-agent-into-maintenance-mode-remotely-via-powershell-in-scom-2012-r2/

May 26

Getting Kerberos token size with PowerShell

Recently, I had the unpleasant requirement to validate Kerberos token size for a network where users were experiencing random issues hitting certain sites and databases. Today I validated it was token size, but not until after I found Jacob Ludriks’ excellent PowerShell script to do so. I was about to write one myself when I stumbled across this gem, which came in immensely useful in helping a good colleague in a bad situation.

Without further ado, here’s the link to the script:
http://jacob.ludriks.com/getting-kerberos-token-size-with-powershell/

In the event this script ends up getting taken down, here’s the content – please visit Jacob’s site if you find this useful. He’s got some other PowerShell goodies over there too that you might like.

Permanent link to this article: http://www.cluberti.com/blog/2014/05/26/getting-kerberos-token-size-with-powershell/

Feb 12

Enable RDP, firewall exceptions, and NLA settings via PowerShell and WMI (aka “the right way”)

I’ve come across quite a few folks over the years that enable RDP by setting the registry values to do so manually, and enabling firewall rules the same way (or disabling the firewall service itself, which is not supported by Microsoft, so don’t). While neither of these things are “the right way” to do it (I found this out from dealing with Microsoft support on this, and apparently doing it manually via the registry can cause issues), the right way isn’t really called out as such very well that I can find either.

I’ve created a very simple PowerShell script (I put it in my MDT and SCCM task sequences when deploying machines as one of the first things done after the OS is deployed) that enables RDP for the Administrators group, opens the right port on the firewall, and can also be used to set it to NLA only if $NLAEnable = 1. Credit where credit is due, the script below was based on a script that does this same thing here. Thanks Robin!

Permanent link to this article: http://www.cluberti.com/blog/2014/02/12/enable-rdp-firewall-exceptions-and-nla-settings-via-powershell-and-wmi-aka-the-right-way/

Oct 15

Easy Windows Updating on Server Core from PowerShell!

Are you running Server Core installations of Windows Server 2008, 2008R2, 2012, or 2012R2?  If you can, you should be.  And if you are, or just like using PowerShell for everything, you should really take a look at the Windows Update PowerShell module available from the TechNet Script Center, by MVP Michal Gajda.  It’s gotten quite good over the last few revisions, and I find myself loathing working on systems where it’s not been installed.

If you want an easy way to go about updating your Windows installations from PowerShell (locally or remotely), consider giving this add-on a try.  I think you’ll like it.

http://gallery.technet.microsoft.com/scriptcenter/2d191bcd-3308-4edd-9de2-88dff796b0bc

Permanent link to this article: http://www.cluberti.com/blog/2013/10/15/easy-windows-updating-on-server-core-from-powershell/

Mar 12

Windows 7 SP1 language packs and MDT 2010 giving errors?

Seems like Microsoft changed the name of the Language Packs from “Microsoft-Windows-Client-LanguagePack-Package” to “Microsoft-Windows-Client-Refresh-LanguagePack-Package”.  A small distinction, but huge when MDT or SCCM can’t find the language pack name!  In MDT, go to the DeploymentShare’s \Scripts folder, edit “Deploywiz_Initialization.vbs”, and go down to line 1101 – you’ll see that LPQuery is set to look for only the old Language Pack package name.  Add the new package name, and things will work again (you will have to update any media you’ve created, of course).

I found this while searching TechNet, here:
http://social.technet.microsoft.com/Forums/en-US/mdt/thread/5253b2e3-a60e-43a5-921d-a9acc6485d35

The change should have line 1101 looking like this when you’re done:
LPQuery = “PackageType = ‘LanguagePack’ and (ProductName = ‘Microsoft-Windows-Client-LanguagePack-Package’ or ProductName = ‘Microsoft-Windows-Client-Refresh-LanguagePack-Package’) and substring(ProductVersion,1,7) = ‘” & left(ImgBuild,7) & “‘ and substring(ProductVersion,5,4) >= ‘” & mid(ImgBuild,5,4) & “‘”

Permanent link to this article: http://www.cluberti.com/blog/2011/03/12/windows-7-sp1-language-packs-and-mdt-2010-giving-errors/

Nov 18

Debian + Sendmail + SpamAssassin + MimeDefang config for inbound mail host

Honestly, this is more of an “I’m posting this here for my reference” post than anything else, but searching google and bing for something similar yesterday (which is prompting me to put this here) came up with old, outdated, and frankly useless, results (at least in my opinion).

I’m not going to go into how to install Debian or software (honestly, running “apt-get install sendmail spamassassin mimedefang” can’t be that hard), but I have this sendmail.mc on my current Debian Lenny installation, and it deals with spam and ham with very good results:

Permanent link to this article: http://www.cluberti.com/blog/2010/11/18/debian-sendmail-spamassassin-mimedefang-config-for-inbound-mail-host/

Jun 17

PageFile vbs for Vista/Win7 systems (may work on XP/2003, not tested)

Wrote up a very small vbscript to handle paging file creation/deletion/modification on Vista/Win7 systems (as PageFileConfig.vbs doesn’t exist inbox, and it didn’t have the ability to handle some of the situations that can arise during setup), and it ended up morphing into this.  Figured I’d save someone the time if they had a need for it, so here it is:

Permanent link to this article: http://www.cluberti.com/blog/2010/06/17/pagefile-vbs-for-vistawin7-systems-may-work-on-xp2003-not-tested/

Older posts «

Bad Behavior has blocked 396 access attempts in the last 7 days.