CAT | PowerShell
26
OpsMgr / SCOM & Opalis : Deploy agent to untrusted zones
No comments · Posted by Christopher Keyaert in Opalis, OpsMgr / Scom, PowerShell
When the agent is located in a domain separate from the domain where the Operations Manager management server is located, and no two-way trust exists between the two AD forests, certificates must be used so that authentication can take place between the agent and management server.
Anders Bengtsson wrote a excellent article on how to deploy SCOM to untrusted zones with Opalis
agent · deplooyment · opalis · Scom
13
SCOM : Maintenance Mode History / Report
1 Comment · Posted by Christopher Keyaert in OpsMgr / Scom, PowerShell
By powershell :
http://blogs.technet.com/b/brianwren/archive/2008/03/11/mms-command-shell-presentation.aspx
$mc = get-monitoringClass -name Microsoft.Windows.Computer
$mo = get-monitoringObject -monitoringClass $mc | where {$_.name -eq ‘srv01′}
$mo | get-maintenanceWindow -history
By SQL :
maintenance mode history is available in the OperationsManager database or DW using this query
select * from dbo.vMaintenanceModeHistory
By a specific management pack :
http://www.systemcentercentral.com/tabid/145/indexId/70867/Default.aspx
This MP includes a report that allows tracking of who is using maintenance mode to disable monitoring and reports the maintenance start, end, comment, user id and reason code.
database · maintenance mode · Object · OperationsManager · start
8
SCOM : Create a Rule and Monitor from a PowerShell Script
No comments · Posted by Christopher Keyaert in OpsMgr / Scom, PowerShell
In this video, Brian Wren demonstrates how to create a management pack containing a monitor and rule sharing a Windows PowerShell script. The demonstration includes modifying an existing script to be included in a management pack and then creating custom modules and monitor types to run the script and make its collected data available to workflows. Finally, a rule and monitor are created to collect data from the script for reporting and to set the health state of a managed object. The concept of the solution and each step are discussed prior to a detailed walkthrough of their creation and configuration.
http://technet.microsoft.com/en-us/ff723797.aspx
monitor · PowerShell · rules · Scom · state
20
PowerShell : Upload file to WebDav Server
No comments · Posted by Christopher Keyaert in PowerShell
The purpose of that Powershell Script is to upload a file on a webdav server. This could be useful for automatic report publishing on a portal.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 | ######################################## #Webdav Access with PowerShell ######################################## #Put the complete path of the file that you want to upload $file = "D:\test.txt" #Put the url without the last "/" $url = "http://mywebSite/webdav" #Provide User and Pwd for Webdav Access $user = "user" $pass = "pwd" ######################################## #Script ####################################### #Adding the name of the file at the end of the URL $url += "/" + $file.split('\')[(($file.split("\")).count - 1)] #Connecting to WebDav Write-Host "File upload started" # Set binary file type Set-Variable -name adFileTypeBinary -value 1 -option Constant $objADOStream = New-Object -ComObject ADODB.Stream $objADOStream.Open() $objADOStream.Type = $adFileTypeBinary $objADOStream.LoadFromFile("$file") $arrbuffer = $objADOStream.Read() $objXMLHTTP = New-Object -ComObject MSXML2.ServerXMLHTTP $objXMLHTTP.Open("PUT", $url, $False, $user, $pass) $objXMLHTTP.send($arrbuffer) Write-Host "File upload finished" |
And that’s it 
Christopher Keyaert
PowerShell · script · upload · webdav
20
SCOM : Not enough entropy when installed Linux Agent
No comments · Posted by Christopher Keyaert in OpsMgr / Scom, PowerShell
Hello
When you try to deploy a SCOM agent on a Linux Operating System (most of the time a Virtual Machine) is possible that you get Failed to get random data – not enough entropy error message.
The message in details :
1 2 3 4 5 6 7 8 9 | Generating certificate with hostname="xxxxxxxx" [/home/serviceb/TfsCoreWrkSpcLinux_REDHAT_5.0_x86_64/source/code/tools/scx_ssl_config/scxsslcert.cpp:198] Failed to allocate resource of type random data: Failed to get random data - not enough entropy error: %post(scx-1.0.4-248.x86_64) scriptlet failed, exit status 1 type="Microsoft.SSH.SSHCommandData" time="2009-12-03T12:08:30.6908778+01:00" sourceHealthServiceId="91A3B596-F820-6A90-305C-6974DA25966D"><SSHCommandData><stdout>Generating certificate with hostname="xxxxxxx" [/home/serviceb/TfsCoreWrkSpcLinux_REDHAT_5.0_x86_64/source/code/tools/scx_ssl_config/scxsslcert.cpp:198] Failed to allocate resource of type random data: Failed to get random data - not enough entropy error: %post(scx-1.0.4-248.x86_64) scriptlet failed, exit status 1 |
Now, fixing the issue:
- clean off the partially installed agent using the commands
- rpm -e scx
- rm -rf /etc/opt/microsoft/scx
- Regenerate the random element
- rm /dev/random
- mknod -m 644 /dev/random c 1 9
- chown root:root /dev/random
- Rediscover the server from the SCOM Console and install the Agent
- After fixing the install issue, switch the /dev/random file back to a signed random file using the commands:
- rm /dev/random
- mknod -m 644 /dev/random c 1 8
- chown root:root /dev/random
More information details on the XplatExperts Web Site.
Christopher Keyaert
Cross Platform · Linux · Scom
20
SCOM : Automatic Agent Deployment on Windows OS With PowerShell
No comments · Posted by Christopher Keyaert in OpsMgr / Scom, PowerShell
Hello,
Some weeks ago, I had to deploy SCOM Agent on more than 350 windows servers at the same time. For that, I wrote a little PowerShell Script where you just have to give a server list in input (a simple txt file, one server name per line) and the name of your RMS/MS . And that’s it, the script’ll perform the agent installation for you and a CSV file will be generated as output with the agent installation status for each servers.
Concerning the right management, you have to ensure that the Default Action Account used on your (root) management server has administrative right on the servers that you want to add in SCOM. For that, and the duration of the deployment only, use a Domain Admin Account as the Run As Account of your MS/RMS.
The script :
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 | ########################### # Autor : Christopher Keyaert # Version : 1.0 # Date : 28 DEC 2009 ########################## #Getting the credential of the user #$creds = Get-Credential ########################### #Param ########################## $RMS = #don't forget to use the FQN RMS001.contoso.local $MS = #don't forget to use the FQN MS001.contoso.local $myFile = "D:\Dep\myfile.txt" #List of Servers $ResultPath = "D:\Dep" #Folder for path output Start-Transcript -path "$ResultPath\Transcript$(get-date -uformat '%Y-%m-%d_%Hh%Ms%S').log" $MaintenanceModeEnable = $false $MaintenanceModeDuration = 10 * 1440 # 1440 minutes per day $comment = 'Global Deployment' $reason = 'PlannedOther' ###################### #Functions ##################### function SetToMaintenanceMode($rootMS,$computerPrincipalName,$minutes,$comment,$reason) { $computerPrincipalName = $computerPrincipalName + ".dir.ucb-group.com" $computerClass = get-monitoringclass -name:Microsoft.Windows.Computer $healthServiceClass = get-monitoringclass -name:Microsoft.SystemCenter.HealthService $healthServiceWatcherClass = get-monitoringclass -name:Microsoft.SystemCenter.HealthServiceWatcher $computerCriteria = "PrincipalName='" + $computerPrincipalName + "'" $computer = get-monitoringobject -monitoringclass:$computerClass -criteria:$computerCriteria $healthServices = $computer.GetRelatedMonitoringObjects($healthServiceClass) $healthService = $healthServices[0] $healthServiceCriteria = "HealthServiceName='" + $computerPrincipalName + "'" $healthServiceWatcher = get-monitoringobject -monitoringclass:$healthServiceWatcherClass -criteria:$healthServiceCriteria $startTime = [System.DateTime]::Now $endTime = $startTime.AddMinutes($minutes) Write-host " " "Putting " + $computerPrincipalName + " into maintenance mode" New-MaintenanceWindow -startTime:$startTime -endTime:$endTime -monitoringObject:$computer -comment:$comment -Reason:$reason "Putting the associated health service into maintenance mode" New-MaintenanceWindow -startTime:$startTime -endTime:$endTime -monitoringObject:$healthService -comment:$comment -Reason:$reason "Putting the associated health service watcher into maintenance mode" New-MaintenanceWindow -startTime:$startTime -endTime:$endTime -monitoringObject:$healthServiceWatcher -comment:$comment -Reason:$reason Write-host " " } ################################# #Init the connection to SCOM srv ################################# if(-not (Get-pssnapin | Where-Object {$_.Name -eq "Microsoft.EnterpriseManagement.OperationsManager.Client"})) { Add-PSSnapin Microsoft.EnterpriseManagement.OperationsManager.Client } new-managementGroupConnection -ConnectionString:$RMS Set-Location "OperationsManagerMonitoring::" -ErrorVariable errSnapin ; Set-Location $RMS -ErrorVariable errSnapin ; ########################## #Agent installation ########################## #Creating the computers list $ComputersList = @() $ComputersList = Get-Content $myFile #Define a WindowsDiscoveryConfiguration $discoConfig = New-WindowsDiscoveryConfiguration –ComputerName: $ComputersList –PerformVerification: $true -ComputerType: "Server" #–ActionAccountCredential: $creds #Start the discovery process. $managementServer = Get-ManagementServer | Where-Object {$_.PrincipalName -like "*$MS*"} $discoResult = Start-Discovery –ManagementServer: $managementServer –WindowsDiscoveryConfiguration: $discoConfig #Check that the discovery process discovered the Windows computers you specified. $discoResult.CustomMonitoringObjects if($discoResult.CustomMonitoringObjects -ne $null) { Write-Host "Agent installation in progress..." Write-Host "" Install-Agent –ManagementServer $managementServer –AgentManagedComputer $discoResult.CustomMonitoringObjects Write-host "Installation Finished, waiting for 60 secondes" Start-Sleep -s 60 } else{ Write-Host "No servers discovered" } #################################################################### #We have to check if all the agent has been well installed + Maintenance mode ##################################################################### Write-Host "" Write-Host "Installation Checking" Write-Host "" $InstallArray = @() foreach($srv in $ComputersList) { $Value = $null $Value = Get-agent | Where-Object {$_.ComputerName -like "*$srv*"} if($Value -ne $null) { Write-Host "$srv - Agent installed " $InstallTime = $Value.InstallTime $HealthState = $Value.HealthState $AgentInstalled = $true #Write-Host "Activation of the Maintenance Mode" #Put the server in Maintenance Mode if($MaintenanceModeEnable -eq $true){SetToMaintenanceMode $RMS $srv $MaintenanceModeDuration $comment $reason} } else{ Write-Host "$srv - Agent not installed" $AgentInstalled = $false $InstallTime = "" $HealthState = "" } $obj = New-Object PSObject $obj | Add-Member Noteproperty -Name "Name" -Value $srv $obj | Add-Member Noteproperty -Name "AgentInstall" -Value $AgentInstalled $obj | Add-Member Noteproperty -Name "InstallTime" -Value $InstallTime $obj | Add-Member Noteproperty -Name "HealthState" -Value $HealthState $InstallArray += $obj } Write-Host "" Write-Host "Save the Result File" $InstallArray | Export-Csv "$ResultPath\$(get-date -uformat '%Y-%m-%d_%Hh%Ms%S').csv" Stop-Transcript |
Christopher Keyaert
agent · deployment · PowerShell · Scom · script
20
VI Toolkit / PowerShell : How to connect to more than one Virtual Center at the same time
No comments · Posted by Christopher Keyaert in PowerShell, VMWare
Hello All,
If you only use the command GET-VM, you will receive back the VMs List only from the Virtucal Center that you last connect on. If you want the get all the VM from your both virutal centers, you absolutely need to add the parameter -server $vcs to you command.
If you want to connect to more than one virtual center at the same time, here the starting code :
1 2 3 4 5 6 7 | $vcs = @() $vcs += connect-viserver vc1.mydom.local $vcs += connect-viserver vc2.mydom.local # You could add many as you need... # Command example get-vm -server $vcs | export-csv C:\Export.csv |
In a general way, don’t forget to add -server $vcs to every command than you use with the VI Toolkit.
As always, RTM -> the documentation on VI Toolkit :
http://communities.vmware.com/docs/DOC-4210
Christopher Keyaert
PowerShell · script · virtual center · VMWare
6
SCOM / PowerShell : Number of locked AD accounts
No comments · Posted by admin in PowerShell
Dear All,
Here a new little powershell script that creates an event 6970 in the event viewer when there is more than X accounts locked in less than Y minutes. Now, you just have to create a new rule in SCOM that collect event with the ID6970 and schedule that script to run every 10 minutes.
Thanks to that you can be alert when there is an attack attempt to your Active Directory.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 | ######################################################## #Get the number of lock account in less than 10 minutes ######################################################## ########################### # Param ########################### $LockedSince = 10 #Minutes $NumberofLockedAccount = 50 # ########################### # FUNCTIONS ########################### ########################### # SCRIPT ########################### $objDomain = New-Object System.DirectoryServices.DirectoryEntry $objSearcher = New-Object System.DirectoryServices.DirectorySearcher $objSearcher.SearchRoot = $objDomain $objSearcher.PageSize = 1000 $objSearcher.Filter = "(&(objectClass=User)(lockoutTime>=1))" $colProplist = "name","samaccountname","lockoutTime" foreach ($i in $colPropList){$objSearcher.PropertiesToLoad.Add($i) | out-null} $colResults = $objSearcher.FindAll() $cpt = 0 $result = $null $result2 = $null foreach ($objResult in $colResults) { $domainname = $objDomain.name $samaccountname = $objResult.Properties.samaccountname $user = [ADSI]"WinNT://$domainname/$samaccountname" $ADS_UF_LOCKOUT = 0x00000010 #$objResult.Properties if(($user.UserFlags.Value -band $ADS_UF_LOCKOUT) -eq $ADS_UF_LOCKOUT) { $Sam = $objResult.Properties.samaccountname $Name = $objResult.Properties.name [String]$LockTime = $objResult.Properties.lockouttime [datetime] $LockTime = [datetime]::FromFileTime($LockTime) #We want all the account locked in the last 24h $DayDate = Get-Date $DayDateBefore = $DayDate.AddMinutes(-$LockedSince) if(($LockTime -gt $DayDateBefore) -and ($LockTime -lt $DayDate)) { Write-Host "************" Write-Host "User : $sam" Write-Host "Name : $name" Write-Host "LockTime : $lockTime" Write-Host "************" Write-Host "" $result2 += "************`r" $result2 += "User : $sam`r" $result2 += "Name : $name`r" $result2 += "LockTime : $lockTime`r" $result2 += "************`r" $result2 += "`r" $cpt += 1 } } } Write-Host "************" Write-Host "There is $cpt account(s) locked in the last $LockedSince minutes" Write-Host "************" $result += "************`r" $result += "There is $cpt account(s) locked in the last $LockedSince minutes`r" $result += "************`r" $result += $result2 if($cpt -ge $NumberofLockedAccount) { Write-Host "" Write-Host "Limit reached, /!\ ALERT /!\" Write-Host "" $infoevent=[System.Diagnostics.EventLogEntryType]::Error } else{ $infoevent=[System.Diagnostics.EventLogEntryType]::Information } ############################ #Var for the event creation ############################ $evt = new-object System.Diagnostics.EventLog("Application") $evt.Source = "AD-SCOM" $evt.MachineName = "." $evt.WriteEntry($result,$infoevent,6970) |
active directory · ad · PowerShell · script