On XenApp 6.x servers, there was a cmdlet like this:
GET-XAApplication -ServerName servername
I used to open a PSSession on the adminserver, then got all servers with GET-XAServer and then I simply did the Application command in a foreach loop, where the ServerName parameter was the servername from XAServer. Now I want to do the same on Version 7, but I can't figure out how it works.
I installed all new cmdlets for the newer Version. I found out I can get the Applications with GET-Brokerapplication - but I can't pass a parameter to tell the command from which server I want to grab them, so I can only grab them from my admin server.
Maybe someone can help me? I've already looked at the documentation (https://docs.citrix.com/de-de/xenapp-and-xendesktop/7-6/cds-sdk-wrapper-rho/xad-commands/citrix-broker-admin-v2-wrapper-xd76/get-brokerapplication-xd76.html) but I can't find a parameter who allows me to do what I want. MaybeI'm looking at the wrong cmdlet?
I would be really happy if someone has a advise for me.
In XenApp 6.x there were Worker Groups and you should have been publishing applications for Worker Groups instead of individual servers. Then you can enumerate Worker Groups and Applications:
$wgs = Get-XAWorkerGroup
foreach ($group in $wgs) {
$apps = Get-XAApplication -WorkerGroupName $group
}
In XenApp 7.x WorkerGroups are replaced by Delivery Groups and you can enumerate them and associated applications:
$groups = Get-BrokerDesktopGroup
foreach ($group in $groups) {
$apps = Get-BrokerApplication -AssociatedDesktopGroupUid $group.UID
}
Related
i'm trying to develop a script that remove a domain user from local administrators group (i can use computer management from ad but its a graphical interface i need to do it with commands) for now i'm using invoke command to remotely connect to machines and remove their users from local admins group .
im using this command : Invoke-Command -ComputerName $line2.split(";")[0] -ScriptBlock { net localgroup "administrators" $using:notadmin /DELETE } -Credential $Cred
the problem here if a the machine is not online i need to wait until it will be online , i'm searching how to remove users from local group (administrators for example ) through ad
is there a command to do that ?
I see two approaches:
If you would like to use Group Policy, you may check for: Restricted groups.
https://www.petri.com/manage-local-active-directory-groups-using-group-policy-restricted-groups
Another option would be to incoroporate Test-Connection in your script, validating if computer is online. If it is - execute the script, if it is not, store it in another list with offline machines.
Then later run the script against the offline machine list ... and so on until all the computers are being covered.
P.S. And yes, as suggested in the commments, consider using remove-localgroupmember, if your powershell version support it.
Again, depends of the case.
Hope it helps!
$RemoteComputer = "yourComputer"
$Computer = [ADSI]("WinNT://$RemoteComputer,computer")
$Group = $Computer.PSBase.Children.Find("Administrators")
ForEach ($User in (Get-Content
"c:\users\administrator.domain\desktop\localadmin.txt"))
{ $Group.Remove("WinNT://$User")
}
i tired this code and it really helped me thnx for help
Is there a way to find or list if a specific process is runing in all servers in my domain using powershell?
For exemple, I would like to list all servers in my domain that is running "abc.exe"?
the CIM/WMI cmdlets can get the process list from remote systems [unless they are blocked]. i've only the one system to test with, but this will work with multiple systems listed in the ComputerName parameter.
if you have an older version of PoSh [pre-v-3, i think] you may need to use WMI instead of CIM.
$GCIMI_Params = #{
ClassName = 'CIM_process'
Filter = "Name = 'Firefox.exe'"
ComputerName = 'LocalHost'
}
Get-CimInstance #GCIMI_Params
that returned 7 firefox.exe processes - roughly the number of tabs i have open at the moment.
ActiveDirectory module comes with Remote Server Administration Tools (RSAT). I would like to avoid the installation of RSAT on PC client. Is there a way to retrieve members of AD group without using Active Directory module?
You could use [ADSI] to do an LDAP lookup:
$Group = [ADSI]"LDAP://CN=DistinguishedNameofGroup,DC=Example,DC=com"
$Group.Member
Alternatively you could use the DirectoryServices.DirectorySearcher class:
$Search = New-Object DirectoryServices.DirectorySearcher("(&(objectCategory=group)(name=ExampleGroupName))")
$Results = $Search.FindAll()
$Results.Properties["Member"]
#As a one liner
([System.DirectoryServices.DirectorySearcher]"(&(objectCategory=group)(name=ExampleGroupName))").FindAll().Properties["Member"]
I had a similar problem recently. I knew that the .Net Framework has everything for this! So I made a small ADNAM PowerShell module, maybe it will be useful to someone.
I've made a script to automatically change and/or create the default Outlook signature of all the employees in my company.
Technically, it gets the environment variable username where the script is deployed, access to the staff database to get some information regarding this user, then create the 3 different files for the signature by replacing values inside linked docx templates. Quite easy and logical.
After different tests, it is working correctly when you launch the script directly on a computer, either by using Powershell ISE, directly by the CMD or in Visual Studio. But when we tried to deploy it, like it will be, by using SCCM, it can't get any environment variable.
Do any of you have an idea about how to get environment variables in a script when it is deployed by SCCM ?
Here is what I've already tried :
$Name = [Environment]::UserName
$EnvVarUserName = Get-Item Env:\USERNAME
Even stuff like this :
$proc = gwmi win32_process -Filter "Name = 'explorer.exe'"
$report = #()
ForEach ($p in $proc)
{
$temp = "" | Select User
$temp.user = ($p.GetOwner()).User
$report += $temp
}
Thanks in advance and have a nice day y'all !
[EDIT]:
I've found a way of doing this, not the best one, but it works. I get the name of the machine, check the DB where when a laptop is connected to our network it stores the user id and the machine, then get the info in the staff DB.
I will still check for Matt's idea which is pretty interesting and, in a way, more accurate.
Thank you all !
How are you calling the environmental variable? $Env:computernamehas worked for me in scripts pushed out via SCCM before.
Why don't you enumerate the "%SystemDrive%\Users" folder, exclude certain built-in accounts, and handle them all in one batch?
To use the UserName environment variable the script would have to run as the logged-in user, which also implies that all of your users have at least read access to your staff database, which, at least in our environment, would be a big no-no.
I'm using SCCM 2007 and Powershell to automate some mundane tasks in my environment. One of these tasks is to remove all expired or superseded updates in all of my deployment packages. I've went over the Microsoft documentation for the SMS_SoftwareUpdatesPackage WMI class and the RemoveContent method you're supposed to use for this function but keep hitting a wall.
Here's the code I'm currently using.
$x = gwmi SMS_SoftwareUpdatesPackage -computer sccm -namespace root\sms\site_unh -filter "PackageID = 'UNH00277'"
$array = #()
$array += 34827
$x.RemoveContent($array,$true)
Pretty simple, right? I've tried so many different combinations of syntax I'm going crazy. The only lead I've been tracking is that maybe my array datatype isn't right. According to the documentation, it's supposed to be a UInt32 Array but that's just a hunch.
The "solution" for this was to simply set $ErrorActionPreference to SilentlyContinue to skip over this failure. After I added that, it successfully removed all of the updates I wanted.