DON'T REINVENT THE COW

This is a place for Systems Administrators and IT Professionals to find and share ideas, solutions and templates. If you have something that helps you solve a problem, chances are it will help someone else too. So pay it forward and send an email to TheAgreeableCow at gmail. Full mudos to you!

Sunday 27 May 2012

Process List and Kill

If you haven't used the awesome set of PsTools by Mark Russinovich, stop reading this immediately and check them out. I'll wait.

Two of my favourites are PsList and PsKill. The first lists running process information and the second kills a process (based on it's Process ID or PID). The really cool thing is that you can run the same commands against remote machines (assuming you have appropriate credentials).

Combine the two in a user friendly script and you've got yourself an instant solution for identifying and stopping rogue processes. I've also added in some logging so you keep an eye on the history of troublesome machines.

When you first launch the script it prompts you for the machine name (or IP address), that you want to investigate.


This is then passed into a command line execution of PsList. There are a bunch of switches available, in this example I run the capture for 10 seconds with a refresh every 2 seconds. It's good to get a few refreshes in there, to avoid a false positive. The resulting text file opens up and displays all of the running process with details such as the Name, Process ID, CPU, Memory and Page Faults.


In the example above you can see WINWORD Process ID 9924 is consuming 48% of the CPU resources. The server in question has 2 vCPUs, so this is definitely a rogue process consuming an entire core. Checking the other captures confirms this process is not going anywhere.

The next prompt confirms if you want to kill a process and if so asks for the PID. This gets passed into a command execution of PsKill. Bang! That's it, the process will be killed immediately.

Here's the script.


 Cheers,
         (__)
         (oo)  ok
   /------\/  /
  / |    ||
 *  /\---/\
    ^^   ^^



Saturday 26 May 2012

Server Inventory from Active Directory

This is a very short and sweet litle script that is great for pulling information about your servers (or workstations for that matter), from Active Directory.

The example below returns a number of properties including Server Name, Description, IP address, OS Level, When Created and Last Logon. There are heaps of properties available, so experiment and find what you need.



 Cheers,
         (__)
         (oo)  ok
   /------\/  /
  / |    ||
 *  /\---/\
    ^^   ^^

Network Printers App

Over the years I went through various iterations of methods for deploying network printers to user's computers. The day in day out stuff was pretty straight forward, but occasionally you have to setup a new user, they would move locations or perhaps I'd install a new print server and cut a whole office over. I had a bunch of scripts and used delivery techniques from manual installs, links in emails, group policy deployment and even startup scripts that made intelligent updates based on the current setup (have to admit I did like that one ;)

Each time though, it was a new mini project. I want to build something that would be more centrally managed and dynamically update based on the setup of the print servers. So I built a network printer application as a centrally stored HTA (VBS and HTML), and put a shortcut on every ones desktop. 

It was sold to the users with the following benefits and was very well received:

  • Find a Printer (based on feature or location)
  • Lookup your Printer Status (print queues, paper jams, low toner etc)
  • Install a new printer (in 2 clicks!)
  • Speed up your PC (remove old printers, or printers from another office)
This is what the app looks like:


1. The Print Server area automatically selects the print server in the user's office. It also has several Feature checkboxes, and a Keyword search. So you can do a lookup for say a Colour printer in the Melbourne "Marketing" department

2. Depending on the print server selected above, a list of Available Printers appears (yes, we use movie star names - makes them easy to remember). Selectable check boxes only show next to any printers that match the filters used. Each name is also a hyperlink to that printer's web page to lookup status etc

3. This section shows the current Default Printer and allow it to be changed

4. The first Option here determines whether the printer is just added or if the drivers are reinstalled on the user's PC. The second option is a Clean Up trigger, which removes any other (network printers), that are not selected above.

5. The Information area kicks everything along, open the user's 'Devices and Printers' or resets the form. It also shows relevant information on the current install status, whether there are any printers attached to a legacy print server (handy for migrations), whether there are any printers attached to a print server in another site (slow!) and finally whether any of the currently installed printers have any status issues.

The script itself is a HTA, which is a self contained application built using a combination of VBS and HTML for the layout. Calls to the print servers are via a simple net view \\printserver command line request, which is then parsed for relevant information. Of note here is the Comments section on each printer on the print server, as this is where the Feature and Keyword lookups refer to. Information on the local printers is sourced through WMI queries and actioned via VBS statements.

The example I have is for four sites and there is a fair bit of code around lookups of specific site information, loading the form and getting the checkboxes set correctly. As always tweak as needed in your environment.

Cheers,

         (__)
         (oo)  ok
   /------\/  /
  / |    ||
 *  /\---/\
    ^^   ^^

Friday 25 May 2012

Departing User Script

Following in the user management theme, this is a script that manages the workflow for a departing user.

I found a need to standardise this process because it was all too easy to miss a step leaving an account open or email going unchecked. As always, mash it up to suit your environment.

Like the earlier script, the info is loaded from a basic CSV file, with a focus on Active Directory, Exchange and Lync.

Summary of steps:
  • Import user info and yes/no triggers from a csv file
  • Move user Profile and Home directories to an archive share
  • Disable Enterprise Voice
    • Removes Unified Messaging in Exchange
    • Removes user from Lync
  • Manage email continuity
    • Gives mailbox access to a nominated user and advises them via email
    • Adds an Out of Office auto reply, with redirection info to nominated user
    • Adds a calendar reminder to eventually disable the email address
    • Alternatively, can just disable email address immediately
  • Archive Mailbox
    • Removes user from Global Address Book
    • Moves the user's mailbox to an archive database
  • Disable AD account
    • Moves to an archive OU
    • Removes AD details (handy to clean org chart or free up IP phone number)
    • Removes from groups and distribution lists
    • Resets user's password
  • Send a summary report and log file via email


Cheers,

         (__)
         (oo)  ok
   /------\/  /
  / |    ||
 *  /\---/\
    ^^   ^^

Thursday 24 May 2012

New User Creation Script

This powershell script is very handy for setting up new users in AD, Exchange and Lync.

It's customised to my environment and has saved us a ton of time. I'm sure many will have different requirements, so add, pull out and modify the bits you need.

If you're running RSAT from Windows 7, ensure to load the Active Directory module for Windows Powershell and have appropriate credentials.

The CSV file needs to be created up front with the at least the appropriate header info. As the script runs, it will open the CSV file to add/modify the user(s) details. I get our HR department to provide all of the required info in a table format, so a quick copy/paste/save is all that is needed. Also ensure to use samAccount names in the user lookup fields (manager etc).

Here is a summary of what it does:
  • Imports new user(s) info from a csv file
  • Creates new user account and mailbox in Exchange
  • Enables for Unified Messaging
  • Add mailbox access to thier manager's mailbox
  • Populates all AD fields
  • Adds to security/distribution groups (uses another similar user to copy memberships from)
  • Creates user profile and home directories, with permissions and ownership
  • Adds user to Lync, and setups features such as enterprise voice, policies etc
  • Creates a summary report and a log file and emails it to admin, HR etc


Cheers

         (__)
         (oo)  ok
   /------\/  /
  / |    ||
 *  /\---/\
    ^^   ^^