I have the below code that looks at OS system and based on the build type it returns the NTP server they point to.
However, it works fine on a match of 7601 (Windows Server 2008 R2) - but, for Windows Server 2003 servers I always get an error. For Windows Server 2003 servers you need to read a registry key.
If I did the same query on the registry key locally on a server it works fine...although it reports back other stuff aswell as the registry key..
here is the error:
NTPSource Server
--------- ------
The following error occurred: The procedure number is ou... SERV1
Here is the code:
$servers = #('SERV1','SERV2')
$version = Get-WmiObject Win32_OperatingSystem -computer $servers | select buildnumber
foreach ($server in $servers){
if ($version -match '7601')
{
$ntps = w32tm /query /computer:$server /source
new-object psobject -property #{
Server = $Server
NTPSource = $ntps
}
}
elseif($version -match '3790')
{
Get-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Services\W32Time\Parameters' -Name Type
}
}
Personally I use this to retrieve NTP server (Windows Server 2000/2003/2008/2008r2):
$Servers = (gc Computers.txt) # list of servers name
$pw = Get-Credential
$HKLM = 2147483650
foreach( $Server in $Servers )
{
$reg = GWMI -list -namespace root\default -computername $server -Credential $pw |
where-object { $_.name -eq "StdRegProv" }
$key = $reg.GetStringValue($HKLM,"SYSTEM\CurrentControlSet\Services\W32Time\Parameters","NtpServer")
write-host "$server `t$($key.svalue)"
}
Related
When trying to obtain the Citrix XenApp 6.5 server status by using the following code, a resultset is returned when run in PowerShell locally on a Zone Data Collector:
$serverName = "SOMECITRIXSERVER"
$Invoke-Command -ScriptBlock {Add-PSSnapin Citrix.XenApp.Commands}
$serverStatus = Get-XAServer | select ServerName,#{n="InMaintenanceMode";e={ if($_.LogOnMode -like "Prohibit*"){$true}elseif($_.LogOnMode -eq "AllowLogons"){$false} }} | where {$_.ServerName -eq $serverName} | Select InMaintenanceMode}
Write-Output "Status: $serverStatus.InMaintenanceMode"
Status: false
The same scriptblock is then executed in PowerShell with computername set to a ZDC and credentials supplied. No exceptions are thrown and the resultset is empty:
$zoneDataCollector = "SOMEZDCHOST"
$serverName = "SOMECITRIXSERVER"
$key = (somekeyvaluehere)
$passwordZDC = cat CredentialFile.txt | convertto-securestring -key $key
$credZDC = new-object -typename System.Management.Automation.PSCredential -argumentlist $usernameZDC, $passwordZDC
$ZDCSession = New-PSSession -ComputerName $zoneDataCollector -Credential $credZDC
$Invoke-Command -Session $ZDCSession -ScriptBlock {Add-PSSnapin Citrix.XenApp.Commands}
$serverStatus = Invoke-Command -Session $ZDCSession -ScriptBlock {Get-XAServer | select ServerName,#{n="InMaintenanceMode";e={ if($_.LogOnMode -like "Prohibit*"){$true}elseif($_.LogOnMode -eq "AllowLogons"){$false} }} | where {$_.ServerName -eq $serverName} | Select InMaintenanceMode}
Write-Output "Status: $serverStatus.InMaintenanceMode"
Status:
Running a Wireshark network packet capture is not very helpful because the WinRM traffic payload is encrypted.
Any ideas as to why the command within the scriptblock would work locally, but return an empty resultset without throwing exceptions?
Thanks!
ds
When you using the invoke-command on a remote server, and you need to call a variable from the local machine, then you need to add params to the scriptblock and argumentslist
So your code should look like
$serverStatus = Invoke-Command -Session $ZDCSession -ScriptBlock {param($serverName) Get-XAServer | select ServerName,#{n="InMaintenanceMode";e={ if($_.LogOnMode -like "Prohibit*"){$true}elseif($_.LogOnMode -eq "AllowLogons"){$false} }} | where {$_.ServerName -eq $serverName} | Select InMaintenanceMode} –argumentlist $serverName
The code below turns off firewall on each remote computers and return any computers that was turned off. I am also trying to retrieve software that has been authorized to pass through firewall for each computer.
I understand that I am using try, catch so is there any way to print the output of $Appfilter to offComp&programsALLO.txt ? The text file just prints the value of $Appfilter.
The output should ideally look like:
Computers:
"name of computer" followed by "programs allowed"
Here is the code:
Get-ADComputer -Filter * | Select-Object -ExpandProperty Name | Out-File .\ADcomputers.txt
$LaunchLine = 'powershell.exe -Version 4.0 -Command "& {netsh advfirewall set allprofiles state off}"'
$Appfilter = 'powershell.exe -Version 4.0 -Command "& {Get-NetFirewallApplicationFilter -program * | fl program}"'
$ComputerList = Get-Content .\adcomputers.txt
foreach($Computer in $ComputerList) {
[String]$wmiPath = "\\{0}\root\cimv2:win32_process" -f $computer
try {
[wmiclass]$Executor = $wmiPath
$executor.Create($LaunchLine, $Appfilter)
} catch {
Add-Content offComp&programsALLO.txt "computers:$Computer, $Appfilter "
}
}
I would use Invoke-Command with the -ComputerName parameter if possible:
#store AD Computer names in an array
$computerList = (Get-ADComputer -Filter *).Name
#declare results arrays
$results = #()
$offline = #()
#for each computer
foreach($computer in $computerList) {
#if computer responds to ping
if(Test-Connection $computer -Count 2 -Quiet -ErrorAction SilentlyContinue) {
#disable firewall
Invoke-Command -ComputerName $computer -ScriptBlock {
netsh advfirewall set allprofiles state off
} | Out-Null
#store retrieved authorized programs list in an array
$programs = Invoke-Command -ComputerName $computer -ScriptBlock {
(Get-NetFirewallApplicationFilter).Program
}
#build results object and add it to results array
$results += [PSCustomObject]#{
ComputerName = $computer
Programs = $programs -join ";"
}
} else {
#build results object and add it to offline array
$offline += [PSCustomObject]#{
ComputerName = $computer
Status = "OFFLINE"
}
}
}
#export results to files
$results | Out-File "report.txt"
$offline | Out-File "offline.txt"
I'm pretty new to powershell, and am wondering why this isn't working. Basically, I have a foreach loop that checks if IIS is running and reports the OS version if so and writes this out to a file. However, it's not reporting correctly. It seems like it gets the values for the first item (IIS state and OS) and then populates it through the other items in my loop.
#Get List of Servers to Scan
$servers = (Get-Content e:\servers.txt)
#Determine if IIS is Running
foreach($server in $servers){
$iis = get-wmiobject Win32_Service -ComputerName $server -Filter "name='IISADMIN'";
if($iis.State -eq "Running")
{$OSVer= [environment]::OSVersion.Version}
Write-Host "$server,$IISRun,$OSVer" | Out-File -FilePath "E:\results.txt"
}
The Results:
Server1,true,5.2.3790.131072 <---- Correct
Server2,true,5.2.3790.131072 <---- Correct
Server3,true,5.2.3790.131072 <---- Wrong OS reported (windows 2008)
Server4,true,5.2.3790.131072 <---- Wrong OS reported (windows 2008)
Server5,true,5.2.3790.131072 <---- IIS isn't installed here at all
Server6,true,5.2.3790.131072 <---- IIS isn't installed here at all
Thanks for any advice...
[environment]::OSVersion.Version gets you your local OS version. Use Get-WmiObject Win32_OperatingSystem -ComputerName $server instead to get target computer's OS information, e.g.:
foreach ($server in $servers)
{
$iis = Get-WmiObject Win32_Service -ComputerName $server -Filter "name='IISADMIN'"
$os = Get-WmiObject Win32_OperatingSystem -ComputerName $server
$iisRunning = $iis.State -eq "Running"
$osVersion = $os.Version
Write-Host "$server, $iisRunning, $osVersion"
}
I'm looking for help with my script again :)
I have a script that will query list of servers to find if specific service is installed. This works fine. However, I know that there are some servers in my list that I don't have access to, or there are different credentials. How do I make this visible in output? Because I only get output that service is not installed, which is not true, I just don't have correct credentials.
$name = "BESClient"
$servers = Get-content C:\list.txt
function Confirm-WindowsServiceExists($name)
{
if (Get-Service -Name $name -Computername $server -ErrorAction Continue)
{
Write-Host "$name Exists on $server"
return $true
}
Write-Host "$name does not exist on $server"
return $false
}
ForEach ($server in $servers) {Confirm-WindowsServiceExists($name)}
Also, I'd like to have output formatted into the one line, e.g.:
Server1 Service running
Server2 Service not installed
Server3 no access
etc...
Thanks a lot for any help.
Here's an option which just displays the content of the error on failure:
function Confirm-WindowsServiceExists($name)
{
if (Get-Service -Name $name -Computername $server -ErrorAction SilentlyContinue -ErrorVariable WindowsServiceExistsError)
{
Write-Host "$name Exists on $server"
return $true
}
if ($WindowsServiceExistsError)
{
Write-Host "$server" $WindowsServiceExistsError[0].exception.message
}
return $false
}
As for the second part of the question #arco444 has described the correct approach.
Here's a WMI solution. Any errors you get from attempting to connect to remote computers will be caught with the try/catch blocks. The result of each operation will be stored to a custom object and added to the array that holds the results of all the operations.
$result = #()
$name = "BESClient"
$servers = Get-Content C:\list.txt
$cred = Get-Credential
foreach($server in $servers) {
Try {
$s = gwmi win32_service -computername $server -credential $cred -ErrorAction Stop | ? { $_.name -eq $name }
$o = New-Object PSObject -Property #{ server=$server; status=$s.state }
$result += ,$o
}
Catch {
$o = New-Object PSObject -Property #{ server=$server; status=$_.Exception.message }
$result += ,$o
}
}
$result | Format-Table -AutoSize
You should end up with something like this:
server state
------ -----
s1 running
s4 stopped
s2 The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
I have the below script that I want it to go out to multiple servers and get the value of a registry. Unfortunately it is currently just posting back the local registry value of the machine that I am running the script on.
How do I get the script to run against remote registry?
SCRIPT:
clear
#$ErrorActionPreference = "silentlycontinue"
$Logfile = "C:\temp\NEWnetbackup_version.log"
Function LogWrite
{
param([string]$logstring)
Add-Content $Logfile -Value $logstring
}
$computer = Get-Content -Path c:\temp\netbackup_servers1.txt
foreach ($computer1 in $computer){
$Service = Get-WmiObject Win32_Service -Filter "Name = 'NetBackup Client Service'" -ComputerName $computer1
if (test-connection $computer1 -quiet)
{
$NetbackupVersion1 = $(Get-ItemProperty hklm:\SOFTWARE\Veritas\NetBackup\CurrentVersion).PackageVersion
if($Service.state -eq 'Running')
{
LogWrite "$computer1 STARTED $NetbackupVersion1"
}
else
{
LogWrite "$computer1 STOPPED $NetbackupVersion1"
}
}
else
{
LogWrite "$computer1 is down" -foregroundcolor RED
}
}
You can try using .net:
$Reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $computer1)
$RegKey= $Reg.OpenSubKey("SOFTWARE\\Veritas\\NetBackup\\CurrentVersion")
$NetbackupVersion1 = $RegKey.GetValue("PackageVersion")
Try the Remote Registry Module, the registry provider cannot operate remotely:
Import-Module PSRemoteRegistry
Get-RegValue -ComputerName $Computer1 -Key SOFTWARE\Veritas\NetBackup\CurrentVersion -Value PackageVersion
If you have Powershell remoting and CredSSP setup then you can update your code to the following:
$Session = New-PSSession -ComputerName $Computer1 -Authentication CredSSP
$NetbackupVersion1 = Invoke-Command -Session $Session -ScriptBlock { $(Get-ItemProperty hklm:\SOFTWARE\Veritas\NetBackup\CurrentVersion).PackageVersion}
Remove-PSSession $Session
another option ... needs remoting ...
(invoke-command -ComputerName mymachine -ScriptBlock {Get-ItemProperty HKLM:\SOFTWARE\VanDyke\VShell\License -Name Version }).version
For remote registry you have to use .NET with powershell 2.0
$w32reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine',$computer1)
$keypath = 'SOFTWARE\Veritas\NetBackup\CurrentVersion'
$netbackup = $w32reg.OpenSubKey($keypath)
$NetbackupVersion1 = $netbackup.GetValue('PackageVersion')
If you need user's SID and browse remote HKEY_USERS folder, you can follow this script :
<# Replace following domain.name with yours and userAccountName with remote username #>
$userLogin = New-Object System.Security.Principal.NTAccount(“domain.name“,”userAccountName“)
$userSID = $userLogin.Translate([System.Security.Principal.SecurityIdentifier])
<# We will open HKEY_USERS and with accurate user’s SID from remoteComputer #>
$remoteRegistry = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey(‘Users’,”remoteComputer“)
<# We will then retrieve LocalName value from Control Panel / International subkeys #>
$key = $userSID.value+”\Control Panel\International”
$openKey = $remoteRegistry.OpenSubKey($key)
<# We can now retrieve any values #>
$localName = $openKey.GetValue(‘LocaleName’)
Source : http://techsultan.com/how-to-browse-remote-registry-in-powershell/