Ying Li at myITforum.com

PowerShell & System Center

November 2007 - Posts

Windows PowerShell 2.0 CTP Available for DownLoad

OK, I am back blogging after a short Thanksgiving break. I didn’t go nowhere though. I was “On Duty” working at home. I didn’t eat turkey either as I am enjoy reading The China Study: The Most Comprehensive Study of Nutrition Ever Conducted and the Startling Implications for Diet, Weight Loss and Long-term Health and trying to embark on a journey to eat only plant food for life. I realized that this is going to a very difficult journey so I give myself sometime to think this through. As I don’t want to do yo-yo.

Other than that, I watched Planet Earth - The Complete BBC Series using my newly acquired Dell Inspiron 1520 – equipped among everything else with 256MB NVIDIA® GeForce™ 8600M GT, running Vista Ultimate. What I can say, the screen results is amazing!

OK, enough said about my Thanksgiving Dairy and time to get back to work!

In case you haven’t heard, the new version of Windows PowerShell — Version 2.0, CTP is now available for early “adopters”.

I just spent about 20 minutes to get it installed on my new Vista Laptop, here is a couple of points worth to mention:

Windows PowerShell 1.0 and Windows PowerShell 2.0 Community Technology Preview (CTP) cannot run on the same computer. You must un-install Windows PowerShell 1.0 before installing the version 2.0 CTP; It requires Microsoft .NET Framework Version 2.0 which is part of Vista OS; if you need the Graphical PowerShell feature or the Out-GridView cmdlet, you will also need Microsoft .NET Framework Version 3.0 which is again part of Vista but you will need to use the “Turn Windows Features On Or Off” in control panel to turn it on. It also requires WS-Management v1.1 which I have yet to find it’s “vista” version. This is why I get a warning:“Windows PowerShell(TM)v2(CTP)remoting features may not work correctly in this version of the Operating System.”

Other than that I have to say the install itself is pretty smooth.

Just do get-process |out-gridview and you will like what you see. Another cool new feature is Graphical PowerShell(early alpha version)You can use it to compose and test run your scripts. It has the potential or intent to become “PowerShell Studio” down the road.

Of course PowerShell Remoting is the added feature but I have yet to test it out on Vista.

Happy Holidays

Posted: Nov 27 2007, 11:32 PM by yli628 | with 1 comment(s)
Filed under:
VB Script to check size and modified date for a list of files

Here is a VB script to check file size and modified date aginist a list of files on a list of servers.

On Error Resume Next

Set oFSO = CreateObject("Scripting.FileSystemObject")

Set InputFileX = oFSO.OpenTextFile("C:\Temp\MachineList.Txt")
Do While Not (InputFileX.atEndOfStream)
strComputer = InputFileX.ReadLine

Wscript.Echo strComputer

CheckFile

Loop

'************************************************************************************************
Function CheckFile

Set InputFileY = oFSO.OpenTextFile("C:\Temp\FileList.Txt")
Do While Not (InputFileY.atEndOfStream)
FileName = InputFileY.ReadLine

Wscript.Echo FileName

Set TargetFile = OFSO.GetFile(Filename)

Modifieddate = TargetFile.DateLastModified
Wscript.Echo Modifieddate

FileSize = TargetFile.Size
Wscript.Echo FileSize & " Bytes"

Loop

End Function

Posted: Nov 15 2007, 09:53 PM by yli628 | with 1 comment(s)
Filed under:
Windows Server 2008 Server Core - Windows Without GUI

One of the ground breaking features introduced in windows 2008 is Server core - it's a Windows OS without GUI. You need to use a command prompt or scripting techniques to manage the server. The server core installation is available  with Standard, enterprise and Datacenter versions and is available on x86 and x64 platforms.

The Server Core installation option provides you with the choice of installing windows Server 2008 with the only required services and applications. This option provides base server functionality without extra overhead. and minimize attack surface on the server

Server Core is designed for organizations that require servers to perform dedicated tasks and at the mean time permit only a minimal attack surface on the server. Here are some of the pros and cons for the server core:

Pros:

Less overhead and less attack surface

Cons:

Doesn't support all server roles and as of this writting, the following server roles are supported:

File server
Print server
Domain controller
DNS
DHCP
WINS

Doesn't support .NET Framework
Do not support upgrade from previous version of Server OS
Can not change from server Core to standard version of Windows Server 2008 without rebuild
Requires familiarity with command line and scripting

Here are some of the initial configuration tasks

Setting Administrator Password

Net user administrator *

The asterisk, at the end of the command, prompts you to enter the password rather than entering the password as part of the command.

Setting the IP Address for the server using the Netsh command

Netsh interface ipv4 set address name = "2" source = 192.168.1.10 mask=255.255.255.0 gateway=192.168.1.1

Configure Computer Name and domain Membership

Netdom renamecomutercomputername /newname:new_computername

netdom join comutername /domain: domain name /userD:username /PasswordD: *

Activating the server and Enabling the firewall

SCRegEdit.wsf is a customized VB script for Server Core. This VB script can perform multiple configuration tasks. One such task is to allow administrators to activate the server without using a GUI. You can also use this script to perform Windows Update, configure a pagefile, configure time zones, and enable Remote Desktop.

You can enable and configure windows Firewall by using the Netsh command

Netsh Firewall set opmode enable

Adding Server Roles and Features

You can add or remove all server roles and features, except the domain controller role, by using the OcSetup.exe command

start /w ocsetup DNS-Server-Core-Role (install and start DNS Server Role)

The File Server role is installed by default to provide administrative share support for management tools

You can determine the names and installation status of the available roles by using the oclist.exe command

 

Posted: Nov 12 2007, 08:40 PM by yli628 | with 1 comment(s)
Filed under:
VB Script to check on McAfee EPO Exclusions

Here is a VB script to check and verify the McAfee On Access Scan Exclusions on multiple machines and write the results to txt files.

I am doing VB script because my current job(production) environment don’t have PowerShell installed yet. But I have to say this is not a very pleasant experience after I already used to the PowerShell way of thinking. Just look at how “complicated” to write the output to a txt file in VB script, In PowerShell I could accomplish the same task in a line or two.

'On Error Resume Next

Const HKEY_LOCAL_MACHINE = &H80000002
Const ForWriting = 2
const ForAppending = 8
Const OpenAsASCII = 0
Const CreateIfNotExist = True

'Read machine names from a txt file

Set ObjFso = CreateObject("Scripting.FileSystemObject")
Set InputFile = Objfso.OpenTextFile("MachineList.Txt")
Do While Not (InputFile.atEndOfStream)
strComputer = InputFile.ReadLine

GetRegInfo

Loop

'*********************************************************************************************************
'Get information from Registry

Sub GetRegInfo

Set oReg=GetObject( _
   "winmgmts:{impersonationLevel=impersonate}!\\" &_
    strComputer & "\root\default:StdRegProv")
strKeyPath = "SOFTWARE\Network Associates\TVD\shared Components\On Access Scanner\McShield\Configuration\"

‘Enumerate the SubKeys here

oReg.EnumKey HKEY_LOCAL_MACHINE, strKeyPath, arrSubKeys
 
For Each subkey In arrSubKeys

    strKeyPath = "SOFTWARE\Network Associates\TVD\shared Components\On Access Scanner\McShield\Configuration\" & subkey
    Exclusions = strKeyPath & VBcrlf

‘Enumerate the Keys and identify the ExcludedItem_* key and get it’s value and put them in Exclusions variable

oReg.EnumValues HKEY_LOCAL_MACHINE, strkeyPath, arrValuenames

For i=0 To UBound(arrValueNames)

if Left(arrValueNames(i), 12) = "ExcludedItem" Then

oReg.GetStringValue HKEY_LOCAL_MACHINE,strKeyPath,arrValueNames(i),strValue
 
Exclusions = Exclusions & (right(strValue,(Len(strValue)-5))) & VBcrlf

End If

Next

'wscript.Echo Exclusions

strFilePath = "c:\Temp\" & strcomputer & ".txt"

' Open the file for write access.
Set objFile = objFSO.OpenTextFile(strFilePath, _
    ForAppending,CreateIfNotExist, OpenAsASCII)
' Write to file.

objFile.WriteLine Exclusions
objFile.Close

Next

End Sub

Posted: Nov 07 2007, 07:28 PM by yli628 | with no comments
Filed under: ,
Windows Server 2008 Server Roles and Server Features

In Windows Server 2008, a server role describes the primary function of the server. Administrators may choose to dedicate an entire server to one role or to install multiple server roles on a single server. For example, the DHCP adn DNS roles could be installed together on one server

A Server features provide supporting functions to servers. You can add features to improve the functionality of installed roles and not as the primary function of the server. For example, failover clustering is a feature thta is installed after specific roles, such as file server. This is done to make the File Server role redundant.

There are ~20 server roles in Windows 2008:

Active Directory Domain Services

Active Directory Federation Services

DHCP Server

Web Server (IIS)

.

.

.

There are ~30 features avaliable in Windows Server 2008:

Background Intelligent Transfer Services(BITS)

Windows BitLocker Drive Encryption

Microsoft Message Quering (MSMQ) Services

Storage Manager for Storage Area Networks (SANs)

.

.

.

You can use Server Manager to configure server roles/features.

Posted: Nov 05 2007, 11:18 PM by yli628 | with no comments
Filed under: