8/25/2013
PSTerminalServices – PowerShell module for Terminal Services - Shay Levy
PSTerminalServices – PowerShell module for Terminal Services - Shay Levy: PSTerminalServices – PowerShell module for Terminal Services
8/22/2013
8/16/2013
Powershell - prompt for option
$title = "Install Time"
$message = "Select Time For WSUS Install on SATURDAY"
$One = New-Object System.Management.Automation.Host.ChoiceDescription "&1 = 8pm", `
"8 PM"
$two = New-Object System.Management.Automation.Host.ChoiceDescription "&2 = 9pm", `
"9 PM"
$three = New-Object System.Management.Automation.Host.ChoiceDescription "&3 = 10pm", `
"10 PM"
$four = New-Object System.Management.Automation.Host.ChoiceDescription "&4 = 11pm", `
"11 PM"
$options = [System.Management.Automation.Host.ChoiceDescription[]]($one, $two, $three, $four)
$result = $host.ui.PromptForChoice($title, $message, $options, 0)
switch ($result)
{
0 {$tod=20}
1 {$tod=21}
2 {$tod=22}
3 {$tod=23}
}
#"Time of Day for Install = $tod"
Cisco FAQ: How do I reverse telnet out my aux port?
Cisco FAQ: How do I reverse telnet out my aux port?: How do I reverse telnet out my aux port?
8/12/2013
Lock Windows Workstation
Sometimes I'd like to lock a VDI machine but "Windows+L" key combo executes locally -- not on the VDI session.
Create the following shortcut:
rundll32.exe user32.dll, LockWorkStation
8/07/2013
Powershell: Remotely run a script
Run Powershell Script Remotely...
#############################################################################################################
#
# report.ps1
#
# run a powershell script on a remote computer and copy a result file for viewing locally
#
$computer = "GPM"
"Run GPO Report"
"Executing remotely from $computer"
$username = read-host "Username"
$pw = read-host -AsSecureString "Password"
$pass = [Runtime.InteropServices.Marshal]::PtrToStringAuto(
[Runtime.InteropServices.Marshal]::SecureStringToBSTR($pw))
$cmd = "c:\util\psexec.exe /acceptEula \\$computer -u $username -p $pass -w c:\dev c:\dev\run-report.bat"
invoke-expression $cmd
$file = "\\" + $computer + "\c$\dev\gpostatus.html"
copy $file c:\util
c:\util\gpostatus.html
8/02/2013
Powershell - Report on Group Policy Objects
#########################################################################################################################
#
# GPO-REPORT.PS1
#
# Create a report of the status of all WSUS GPO's
#
import-module grouppolicy
$today = get-date
$outfile = "gpostatus.html"
$key = "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\au"
$days = @{"0" = "Every Day"; "1" = "Every Sunday"; "2" = "Every Monday"; "3" = "Every Tuesday"; "4" = "Every Wednesday"; "5" = "Every Thursday"; "6" = "Every Friday"; "7" = "Every Saturday"}
$gpobjs = get-gpo -all -domain usa.DOMAIN.com | where {$_.DisplayName -like "Software Update*"}
"<HTML>" | out-file $outfile
"<HEAD>" | out-file $outfile -append
"<TITLE></TITLE>" | out-file $outfile -append
"</HEAD>" | out-file $outfile -append
'<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#FF0000" VLINK="#800000" ALINK="#FF00FF" BACKGROUND="?">' | out-file $outfile -append
'<H2>WSUS Group Policy Status</H2>' | out-file $outfile -append
'<H4>' + $today + '</H4><table bordercolor=#000000; border=2px; cellspacing=0;>' | out-file $outfile -append
'<tr><td ><b><font face="monospace" size="3"> Policy </font></td>' | out-file $outfile -append
'<td ><b><font face="monospace" size="3"> Modified </font></td>' | out-file $outfile -append
'<td ><b><font face="monospace" size="3"> Enabled/Disabled </font></td>' | out-file $outfile -append
'<td ><b><font face="monospace" size="3"> Configuration </font></td>' | out-file $outfile -append
'<td ><b><font face="monospace" size="3"> Install Day </font></td>' | out-file $outfile -append
'<td ><b><font face="monospace" size="3"> Install Hour </font></td>' | out-file $outfile -append
'</tr>' | out-file $outfile -append
$gpobjs | foreach-object {
$name = $_.DisplayName
write-host $name
$modified = $_.ModificationTime
$enabledvalue = get-gpregistryvalue -name $name -key $key -valuename noautoupdate
if ($enabledvalue.value -eq "0") {
$enabled = "enabled"
}
else {
$enabled = "disabled"
}
$optionvalue = get-gpregistryvalue -name $name -key $key -valuename auoptions
if ($optionvalue.value -eq "2") {
$option = "2-Notify Only"
}
elseif ($optionvalue.value -eq "3") {
$option = "3-Download & Notify"
}
elseif ($optionvalue.value -eq "4") {
$option = "4-Download & Install"
}
else {
$option = $optionvalue.value
}
$dayvalue = (get-gpregistryvalue -name $name -key $key -valuename scheduledinstallday).value | out-string
$dayvalue = $dayvalue -replace "\s+", ""
$day = $days[$dayvalue]
$hour = (get-gpregistryvalue -name $name -key $key -valuename scheduledinstalltime).value
if ($enabled -eq "disabled") {
$option = " "
$day = " "
$hour = " "
}
'<tr><td ><font face="monospace" size="2">' + $name + '</font></td>' | out-file $outfile -append
'<td ><font face="monospace" size="2">' + $modified + '</font></td>' | out-file $outfile -append
'<td ><font face="monospace" size="2">' + $enabled + '</font></td>' | out-file $outfile -append
'<td ><font face="monospace" size="2">' + $option + '</font></td>' | out-file $outfile -append
'<td ><font face="monospace" size="2">' + $day + '</font></td>' | out-file $outfile -append
'<td ><font face="monospace" size="2">' + $hour + '</font></td></tr>' | out-file $outfile -append
}#foreach object
"</TABLE></BODY></HTML>" | out-file $outfile -append
Powershell Group Policy Management
Powershell Group Policy Management
WSUS Policies
#requires Windows 2008 R2 with Group Policy Management Console installed
#install GPM on a Windows 2008 R2
import-module -name servermanager
add-windowsfeature -name GPMC
import-module grouppolicy
#list interesting gpo's
get-gpo -all -domain usa.DOMAIN.com | where {$_.DisplayName -like "Software Update*"} | select displayname
$gpname = "Software Update Services WSUS Asia"
#retrieve an individual object
$gpobj = get-gpo -name $gpo
#When was an object modified?
$modified = $gpobj.ModificationTime
$key = "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate"
#get specific value assigned by GPO
get-gpregistryvalue -name $gpname -key $key\au -valuename noautoupdate
#get all values beneath a key
get-gpregistryvalue -name $gpname -key $key
####################################################################################################################################
#
# NOTES for WSUS
#
# - Is WSUS enabled?
# Key: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\au
# Value: noautoupdate = 0 (enabled) or 1 (disabled)
#
# - IF ENABLED, what update option is selected?
# Key: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\au
# Value: auoptions = 2 (notify before download), 3 (Download & notify), 4 (autodownload and install on scheduled day)
#
# - IF ENABLED, IF OPTION 4, what scheduled day?
# Key: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\au
# Value: ScheduledInstallDay = 0 (every day), 1 (Sundays), 2 (Mondays), 3 (Tuesdays), 4 (Wednesdays), etc
#
# - IF ENABLED, IF OPTION 4, what schedule time?
# Key: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\au
# Value: ScheduledInstallTime = number specifying the hour in a 24 hour day = 14 (2pm)
#
#Set a value
# For example - set day of week for scheduled install to Saturday:
# set-gpregistryvalue -name $gpname -key $key\au -valuename scheduledinstallday -type DWORD -value 7
Managing Windows Servers with Powershell
Powershell: install a windows feature
This is so much simpler than clicking around and waiting for screens to refresh:
import-module -name servermanager
add-windowsfeature -name GPMC
VMware KB: Repointing and reregistering VMware vCenter Server 5.1.x and components
VMware KB: Repointing and reregistering VMware vCenter Server 5.1.x and components: Repointing and reregistering VMware vCenter Server 5.1.x
8/01/2013
Cisco - more VRF stuff
Making stuff work with VRF's.... More
Get to my NTP Server, Get Telnet access workingline vty 0 4
access-class 50 in vrf-also
exec-timeout 60 0
privilege level 15
transport input telnet ssh
!
ntp server vrf [vrf-name] 10.10.10.10
Cisco TACACS+ with VRF
Cisco TACACS+ with VRF
aaa group server tacacs+ [grp-name]
server-private 10.10.10.10 key 7 [key]
ip vrf forwarding [vrf-name]
ip tacacs source-interface [interface-name]
!
aaa authentication login default local group [grp-name]tacacs+
aaa authorization exec default local group [grp-name]tacacs+
Cisco Virtual Routing and Forwarding (VRF) - Misc
Copy to TFTP using VRF
Trying to get into practice of using a separate vrf for management on network stuff.A lot of stuff needs cleaned up. Today's discovery - to make backup scripts work:
ip tftp source-interface vlan109Where VLAN109 is the vrf interface
Subscribe to:
Posts (Atom)