Archive

Archive for the ‘Powershell’ Category

What’s new in WSUS in Windows Server 2012

March 27th, 2013 No comments

Installation of WSUS on Windows Server 2012

I started to install WSUS service on Windows Server 2012. I selected to install Windows Internal Database as store of WSUS metadata.

WSUS installation

I selected to store updates on local C:\ drive (it’s just testing machine):

Store updates localy

After first run on Windows Server Update Services management tool WSUS asks again if I want to store updates locally or not:

WSUS complete installation

When I click Run, post-installation starts to run:

Post-installation

And I received Post-installation “notification” 🙂 in Microsoft word it means I have a problem (Failed to restart the current database. The currecnt database is switched to master):

Post-installation error

So if computer has problem with restarting database, let’s restart service. Didn’t help 🙂 Let’s restart whole computer. Didn’t help either. So the problem will be somewhere else.

I tried to install WSUS from scratch. I uninstalled WSUS and also Windows Internal Database feature. I also deleted data for Windows Internal Database from directory C:\Windows\WID. Then I installed WSUS with all dependecies – WID, IIS, …

Now I’m getting different error:

WSUS illegal character in path

Problem was backslash in input window for defining directory to store updates 😀 This path was predefined by wizard and it was wrong. This is really funny 🙂

So after reinstallation of WSUS and WID and defining “correct” path to update store directory (without backslash on the end 🙂 ) everything looks to be done correctly:

Post-installation done

Let click Close and look what’s new in WSUS. First we need to configure WSUS and I did it using WSUS Wizard. I don’t see any news in this Wizard compared to older one.

Exploring WSUS

I haven’t notice any news in WSUS mmc console. I always use client side group targeting. This feature allows you to create groups of computers in WSUS structure. It can be used to target updates specified for testing to just group of computers and so on. To make this working you need to set client side of group targeting by defining name of Group and also you need to create new Computer Group in WSUS structure. What I always forget it to create these Computer Groups in WSUS structure 🙂 I would love to see some option to allow WSUS to create these Computer Groups automatically. But this didn’t happend of this version of WSUS.

I think the most powerful thing Microsoft added into WSUS is support for Powershell cmd-lets. Most of the time WSUS settings about update Classifications and update Products are same from customer to cutosmer, so you can automate this settings using cmd-lets Get-WsusClassification, Set-WsusClassification, Get-WsusProduct and Set-WsusProduct.

To get some information about WSUS Server it selft you can use cmd-let Get-WsusServer:

Get-WsusServer

There are more interesting cmd-lets. One is Get-WsusComputer which prints out some more information about computer reported into WSUS:

Get-WsusComputer

Get-WsusComputer has lot of ability to filter out computers on some conditions. Failed, Needed, …

To manage updates from powershell you can use cmd-lets Get-WsusUpdate, Approve-WsusUpdate and Deny-WsusUpdate. You can for example approve all updates that are Unapproved and FailedOrNeeded:

Get-WsusUpdate -Classification All -Approval Unapproved -Status FailedOrNeeded | Approve-WsusUpdate -Action Install -TargetGroupName “All Computers”

And the last cmd-let I really love, because I can make scheduled task to run Clean-up Wizard. Cmd-let is Invoke-WsusServerCleanup. You can do every cleanup task you can make from GUI.

Conclusion

I don’t think there is too much to improve on WSUS, but little powershell support for WSUS is handy.

Quickie: Exchange Empty Submission queue

January 14th, 2013 No comments

Today I was solving problem with open relay Exchange server. I came to server and it was full of SPAM e-mail messages. I needed to clean all this mess from Submission queue. I used following command:

Get-Message -Filter {FromAddress -eq “<>”} -Server MAILSERVER | Remove-Message

That’s all folks 🙂

 

Quickie: vShere PowerCLI to change NTP settings

November 8th, 2012 No comments

I had to change NTP servers on 40 ESX servers today. When I started to click this settings via vShere Client I was bored after two pieces 🙂 Then I have decided to use vShere PowerCLI.

Run vShere PowerCLI. Then I had to connect to Virtual Infrastructure server:

Connect-VIServer vCenterSERVER_Name.domain

List all ESX servers and put this list into variable:

$hosts=Get-Cluster Cluster | Get-VMHost

And the last, run couple commands to proceed:

ForEach ($ESX in $hosts)

{

     Remove-VMHostNtpServer -NtpServer “NTP_SERVER_OLD1” -VMHost $ESX | Out-Null;

     Remove-VMHostNtpServer -NtpServer “NTP_SERVER_OLD2” -VMHost $ESX | Out-Null;

     Add-VmHostNtpServer -NtpServer “NTP_SERVER_NEW_01” -VMHost $ESX | Out-Null;

     Add-VmHostNtpServer -NtpServer “NTP_SERVER_NEW_02” -VMHost $ESX | Out-Null;

     Get-VMHostService -VMHost $ESX | Where-Object {$_.key -eq “ntpd” } | Restart-VMHostService -Confirm:$false | Out-Null

}

And everything was set in couple of seconds 🙂

Remove-VMHostNtpServer – removes NTP settings for ESX

Add-VMHostNtpServer – adds NTP settings for ESX

Last command restarted ntpd service.

Have a nice day,

 

Quickie: Add your photo into AD

November 7th, 2012 No comments

More and more are people working with Outlook 2007+, using Lync clients, … all of these applications have ability to show pictures of users in their interface. Let’s look how to implement picture into AD for some users.

Picture in AD is stored in one AD attribute called thumbnailPhoto. We need to put picture into this attribute. Exchange servers and other services use Global Catalog Domain Controllers to resolve attributes for objects in domains. So first of all we need to make sure attribute thumbnailPhoto is propagated into Global Catalog database. We need to modify properties of attribute thumbnailPhoto:

  • Register MMC snap-in for Active Directory Schema running command:

Regsvr32 schmmgmt.dll

  • Open up Active Directory Schema MMC snap-in
  • Under Attributes look for thumbnailPhoto and open its properties
  • Check option “Replicate this attribute to the Global Catalog”

Edit thumbnailPhoto properties

Edit thumbnailPhoto properties

Read more…

Quickie: List Copy Status of Storage Group

August 22nd, 2012 No comments

We have Exchange 2007 environment which contains 6 Failover Exchange clusters and each with 24 mailbox databases (total 144 mailbox databases). When there is a problem with replication of databases we needed to click every Failover cluster and check Copy Status of databases. To get rid of this hassle I wrote little script which lists all databases which Copy Status is not “Healthy”:

Get-MailboxServer | % { Get-StorageGroupCopyStatus -Server $_.Identity | ? {$_.SummaryCopyStatus -NotLike “Healthy” } }

For Exchange 2010 it would change little bit to:

Get-MailboxServer | % { Get-MailboxDatabaseCopyStatus -Server $_.Identity | ? {$_.Status -NotLike “Healthy” } }

Now I’m ready to check in couple of seconds the health of databases 🙂

How to determine size of mailboxes in Exchange 2010

January 11th, 2012 No comments

Here is a short script to find out the size of mailboxes in your Exchange 2010 infrastructure. This information is not visible in EMC.

Get-MailboxStatistics -Server 'mailserver' | select DisplayName, TotalItemSize | sort TotalItemSize

Microsoft people should leave good things in GUI consoles and not force admins into powershell.

 

Exchange 2007/2010 mailflow statistics

September 6th, 2011 No comments

At one of our customer I was asked if there is any tool to make some statistics out of Exchange mailflow. You can use GUI Microsoft Exchange Tracking Log Explorer. This tool it usefull unless you need to make some smarter data handling. This tool doesn’t count how many mails user sent or received. Even those data displayed on the end are not exportable.

Read more…