Sometimes I need to run some command on bunch of computers. So I’ve created little bit more advanced function to be able to run script block on computers list created from domain:
<#
.Synopsis
This function provides you way to run scriptblock on remote machines in the domain.
.DESCRIPTION
This function is extension to Cmd-Let Invoke-Command. This function lists computer names in domain
based on ADSearchBase and Filter parameters. In invoke scriptblock on those computers in the list.
.EXAMPLE
To restart service "Windows Time" on all machines in domain:
Invoke-CommandOnADComputers -SearchBase "DC=domain,DC=local" -ScriptBlock { Restart-Service W32Time; }
.EXAMPLE
To restart service "Windows Time" on all machines which containt number 7 in name:
Invoke-CommandOnADComputers -SearchBase "DC=domain,DC=local" -Filter 'Name -like "*7*"' -ScriptBlock { Restart-Service W32Time; }
#>
Function Invoke-CommandOnADComputers
{
[CmdletBinding(SupportsShouldProcess=$True,ConfirmImpact='Low')]
Param
(
# This is Active Directory Search Base to limit selection for computer accounts in domain.
# It can be for example "OU=Computers,OU=Company Name,DC=domain,DC=local"
[parameter(Mandatory=$true)]
[string]
$SearchBase,
# Active Directory filter to merge your computer selection in to the detail.
# It can be for example 'Name -like "Desktop*"'
[string]
$Filter = "*",
# This is scriptblock which should be run on every computer.
# For example { Restart-Service W32Time; }
[parameter(Mandatory=$true)]
[scriptblock]
$ScriptBlock
)
Begin
{
#
# Get list of computer accounts
#
Write-Verbose "Getting list of computer from $ADSear"
try
{
[array]$ADComputersList = Get-ADComputer -SearchBase $SearchBase -Filter $Filter -ErrorAction Stop
}
catch
{
Write-Error -Message "Couldn't search in $SearchBase" -ErrorAction Stop
}
#
# Write number of found computers
#
Write-Host "Found $($ADComputersList.Count) computers"
#
# If in debug, write list of computers
#
Write-Verbose "List of machines:"
If (!$PSDebugContext)
{
foreach ($item in $ADComputersList)
{
Write-Verbose " $($item.Name)"
}
}
Write-Verbose "Done with domain computer list"
}
Process
{
#
# Let's invoke command on remote computer
#
foreach ($ADComputer in $ADComputersList)
{
Write-Host $ADComputer.Name
try
{
Write-Verbose "Invoking scriptblock on computer"
Invoke-Command -ComputerName $ADComputer.Name -ScriptBlock { $ScriptBlock } -ErrorAction Stop
Write-Host " Scriptblock invoked successful."
}
catch
{
Write-Host " Scriptblock invoked UNSUCCESSFUL."
}
}
}
}
You can run it using
Invoke-CommandOnADComputers -SearchBase “DC=domain,DC=local” -ScriptBlock { Restart-Service W32Time; }
and it will read all computer accounts from domain and restart Windows Time service.
Enjoy,
This year VMware granted me a non-technical certification vExpert. I helped out on VMWare Thinapp forum.
I’m so happy 😉
Sometimes when you work on linux in bash you don’t want to leave commands in bash history (.bash_history). Easy way to clean it up it’s to run following command:
HISTSIZE=0
Now your bash history will be not accessible and not saved when you logoff.
If you want to know if your computer is ready to host Hyper-V role you can check it quickly using old command systeminfo.exe with new feature. This new feature is in systeminfo.exe which is included in Windows 8 and higher and Windows Server 2012 and higher.
When you run it you can see the last output lines about Hyper-v Requirements:
That’s all for today,
I just found one cool utility. It’s called clip.exe. You can use this utility to input the content from pipline into clipboard and then paste the content of clipboard where ever you want.
Here a example:
ipconfig /all | clip
When you run this all the output from command “ipconfig /all” is stored into windows clipboard. Now you can Paste (CTRL+V) this into any application you want.
When you want to read the content of any file into windows clipboard you can use following command:
clip < C:\kukuc.txt
This cool utility came with Windows Server 2003 (not in Windows XP) and stayed there until Windows 8 and Windows Server 2012 R2.
Have a good day,
I’m creating couple powershell scripts which I use in my work. I want to share couple of them with you. So here is a script which look for domain computers and then check who is logged on those online machines.
$ADSearchBase = "OU=Computers,DC=domain,DC=local"
$ADFilter = "*"
Function Get-LoggedUsersOnComputers
{
$ADComputersList = Get-ADComputer -SearchBase $ADSearchBase -Filter $ADFilter
foreach ($ADComputer in $ADComputersList)
{
Write-Output $ADComputer.Name
Try
{
$ExplorerProcesses = Get-WmiObject -ComputerName $ADComputer.Name -Class win32_process -Filter "Name='explorer.exe'" -ErrorAction Stop
}
Finally
{
If ($?)
{
foreach ($ExplorerProcess in $ExplorerProcesses)
{
Write-Output " $($ExplorerProcess.GetOwner().User)"
}
}
Else
{
Write-Output " <<< Could not connect"
}
}
}
}
Get-LoggedUsersOnComputers
If you have any remark on my script, please, let me know. I will be happy to make it more cute 🙂
I was playing today with new feature called PowerShell Web Access. This feature was brought in Windows Server 2012. It is very easy to install and easy to use. You need to select one server which will act as Web Access PowerShell gateway server. You will be connecting to this server using SSL and this server will use PowerShell remoting to access computers inside your network. So let’s make it work.
First you need to run PowerShell as a admin on gateway server:
Let’s look for Windows features which contain word “shell”:
Windows PowerShell Web Access is the feature we want to install. So let’s install it:
Now we can look at this website to lear more, but let’s play more. Now we have new cmdlets containig word “pswa” (PowerShell Web Access):
We installed pswa feature, but this feature didn’t install its web component into the server. So let’s install pswa Web application using cmdlet Install-PswaWebApplication with parameter -UseTestCertificate. This parameter creates self-signed SSL certificate for this new site, you can use your own certificate. Be aware that this certificate expires in 90 days.
New website was created:
By default no one can use Powershell access gateway. You need to define explicit rules who, where and what can do. For easy test you can use following rule for domain group called GRP_PowerShell_Remote to access all computers with all permissions:
Now everything is prepared. We need to make some changes in network (routers and NAT) to be able to access 443 port on server from Internet. Now when we open site, we can see:
And now you can work on machines inside your network. It’s secure and reliable:
This is very nice and cute feature.
I hope you will start to use and enjoy it.
Have a nice day.
Hello folks
Today I found one really nice utility at Windows Server 2008 R2 and up. It’s called Storage Explorer. It’s MMC snap-in which enables you to see what your fiber optic cards (HBAs) on fiber optic fabrics.
You can see information about your HBAs:
This utility somehow connected into fibre optic switch and listed its ports and WWNs connected to it:
And also found some information about optical switch (for example management IP address):
I know this tool is not as powerfull as Brocade SANHealth, but it’s bettern than nothing 🙂
That’s all folks for today,
I had little problem with Synology 814+ and I couldn’t get into Web management. So I connected to console (speed of serial console is 115200). I was able to see a console, but I was not able to login into console. I was looking for default password and I found out that Synology generates password for admin and root by actucal date. More about is here. When your Synology doesn’t have access to Internet’s NTP server, it has local date 01/01/2001. So it means default console password is 101-0101 if Synology doens’t have access to Internet.
I hope this saves at least hour of your time 🙂
I implemented DFSR replication in our customer between two locations. There are people opening same files on both locations and they want to use Office document locking feature. This locking mechanism is based on creation of temporary files (~*). So I removed file exception (~*) from DFSR Replicaiton Group and allowed to replicate temporary Office files. When I create and open Word document on one location two files are were: WORD.docx and ~$WORD.docx. And when I created new Excel document two files were created: EXCEL.xlsx and ~$EXCEL.xlsx.
On other location only two files were replicated (created): WORD.xlsx and ~$WORD.xlsx:
When I closed Word and Excel temporary files dissapeared and docx and xlsx files replicated correctly.
So let’s look why those files were not replicated. In some Technet articles I found that DFSR doesn’t replicate temporary files. More info is here and here.
It’s nice to know that DFSR doesn’t replicate files marked as temporary. So let’s look at those opened Word and Excel files.
WORD.docx
– Only archive attribute set (0x20)
~$WORD.docx:
– Archive attribute (0x20) and Hidden (0x02)
EXCEL.xlsx
– Only archive attribute set (0x20)
~$EXCEL.xlsx
So utility fsutil cannot open data from this file. It looks that Excel opens its files different way as Word does. And that’s why file ~$EXCEL.xlsx didn’t copy to other location, because DFSR cannot access this file while it’s opened in Excel.
This Excel behaviour causes that Office locking mechanism is not working over DFSR.
Let’s hope Microsoft will fix this in other release Office 🙂
Have a nice day,
Recent Comments