Author: Max Lee

An ordinary IT guy, opened to opportunities. Loves automation and preventative maintenance.

[KACE] Dell BIOS Admin Password Status Custom Inventory Field

To add a Custom Inventory Field (CIF) in Kace for Dell BIOS admin password status, use the below Custom Inventory Rule (CIR)

This CIF assumes that you have Dell Command | Monitor installed.

ShellCommandTextReturn(c:\windows\sysnative\WindowsPowerShell\v1.0\powershell.exe "invoke-command -ScriptBlock {Get-WmiObject -namespace "root\DCIM\SYSMAN" -Class DCIM_BIOSPassword| where-object {$_.AttributeName -eq 'AdminPwd'}|Select -ExpandProperty IsSet} -ErrorAction SilentlyContinue" 2> nul)

 

 

Advertisements

[KACE] Hard Disk Failure Prediction Custom Inventory Field

To add a Custom Inventory Field (CIF) in Kace for hard disk failure prediction, use the below Custom Inventory Rule (CIR)

ShellCommandTextReturn(powershell.exe "invoke-command -ScriptBlock {Get-WmiObject -Namespace root\wmi -Class MSStorageDriver_FailurePredictStatus|Select-Object -ExpandProperty PredictFailure -First 1} -ErrorAction SilentlyContinue" 2> nul)

 

This CIR will retrieve the first record returned by the command, which in most case, is the system disk.

 

[KACE] Symantec Endpoint Protection SyLink Custom Inventory Field

To add a Custom Inventory Field (CIF) in Kace for Symantec Endpoint Protection SyLink, use the below Custom Inventory Rule (CIR)

ShellCommandTextReturn(powershell.exe "invoke-command -ScriptBlock {write-host ([xml](Get-Content -Path 'C:\ProgramData\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\Config\syLink.xml')).SelectSingleNode('//Server[1]').address} -ErrorAction SilentlyContinue" 2> nul)

 

This CIR will read the XML for the server SEP is communicating with.

 

[KACE] Symantec Desktop Encryption Status Custom Inventory Field

To add a Custom Inventory Field (CIF) in Kace for the encryption status of Symantec Desktop Encryption, use the below Custom Inventory Rule (CIR)

ShellCommandTextReturn("C:\Program Files (x86)\PGP Corporation\PGP Desktop\pgpwde.exe" --status)

 

Details of the command and reference can be found at :

https://support.symantec.com/en_US/article.TECH204285.html

 

Downloading Dell Driver CAB files automagically with the Driver Pack Catalog

Another piece of puzzle solved for Dell drivers management

deploymentramblings

Dell has been hard at work behind the scenes trying to make our lives as IT Pros easier.  From their Enterprise Client Tools such as OMCI and the Client Configuration Toolkit (CCTK) to the more recent (past few years) Driver CAB files.  Well yesterday we got another tool to help us in the fight to manage our drivers and ease the pain of obtaining them.  Yesterday Dell unleashed the Dell Driver Pack Catalog.

What is the Dell Driver Pack Catalog you ask?  Warren Byle (Dell) sums it up nicely:

                The Driver Pack Catalog is an XML file containing metadata about the  new Dell systems and WinPE Driver Packs. This XML file is compressed as a Microsoft Cabinet (.CAB) file and digitally signed for delivering it to the customers over the internet.

Basically, it gives is a structured way of identifying the latest and greatest driver packages (CABs) available from…

View original post 263 more words

[PowerShell] Making good use of AD Computer object ManagedBy field

If you put the assignee of the computer in the computer object’s ManagedBy field, you will be able to search for it based on the username of the assignee with the following script

$username = Read-Host 'Please enter Username'
$userDistinguishedName = Get-ADUser -Filter "SamAccountName -eq '$username'"|Select-Object -ExcludeProperty DistinguishedName
Get-ADComputer -Filter "ManagedBy -eq '$($userDistinguishedName)'" -Properties IPv4Address,OperatingSystem,OperatingSystemServicePack,OperatingSystemHotfix,Description|Select-Object Name,IPv4Address,OperatingSystem,OperatingSystemServicePack,OperatingSystemHotfix,Description|ft -AutoSize

[PowerShell] Getting a list of users that has full-access rights to a mailbox

Below is the PowerShell Cmdlet that lets you get a list of members that has FullAccess right to a mailbox.

Get-MailboxPermission -Identity mailbox|select Identity, User,AccessRights|where{$_.AccessRights -match "FullAccess"}

To have the result on your clipboard, add |clip to the end of the command as below

Get-MailboxPermission -Identity mailbox|select Identity, User,AccessRights|where{$_.AccessRights -match "FullAccess"}|clip

Improve autodiscover performance

Nice to know the steps about auto discovery

Jaap Wesselius

Autodiscover can be a lengthy process, especially if you are in a hosted environment or if your mailbox is in Office 365.

The autodiscover process consists of five different steps, it depends on your environment where autodiscover stops and returns the information. Autodiscover is using the following mechanisms:

  • Service Connection Point (SCP) in Active Directory. This is used by domain clients.
  • Root domain discovery, used by non domain joined clients or clients not being able to access Active Directory. All other steps are used by these clients as well.
  • Autodiscover.contoso.com (standard autodiscover mechanism)
  • Autodiscover redirect to autodiscover site (often used by hosting companies)
  • Autodiscover SRV records in DNS (sometimes used by hosting companies)
  • Autodiscover redirect to Office 365 (outlook.com)

If your mailbox is in Office 365, outlook will go through all these steps until it finds the information in Office 365. All steps will fail with the accompanying time-out and…

View original post 186 more words

[POWERSHELL] CHECK QUEST KACE ONE AGENT SERVICE FOR MULTIPLE COMPUTER (VERSION #4)

Here is the #4 version, changes as below:

  • Limit concurrent running background job with $maxConcurrentJobs to 50
  • use Start-Job to check online status as well as check service

 

#The OU to search
 $SearchBase = "OU=COMPUTER,OU=World_First,DC=domain,DC=local"

#Search result of computers (Windows only)
$Computers = Get-ADComputer -Filter {OperatingSystem -Like "Windows*"} -SearchBase $SearchBase -SearchScope Subtree -ErrorAction Stop -ErrorVariable NoComputers|sort Name
if($noComputers){
 Write-Warning -Message "Unable to get computer from AD"
 Exit
}

$ServiceStatusFile = "ServiceStatus.csv"
$OfflineFile = "Offline.csv"
$noServiceFile = "noService.csv"
$maxConcurrentJobs = 50 #Max. number of simultaneously running jobs

#Array for online computers
$onlineComputers = @()
#Array for offline computers
$offlineComputers = @()

$ping={

function ping{
 param (
 [parameter(Mandatory=$true,ValueFromPipeline=$true)]
 [string]$client
 )
 
 
 #win32_PingStatus variables
 $timeout= 1500
 $filter='Address="{0}" and Timeout={1}' -f $client, $timeout
 
 
 
 
 return Get-WmiObject Win32_PingStatus -Filter $filter
 
 
 
 }

}




$func={

function checkService{

param (
 [parameter(Mandatory=$true,ValueFromPipeline=$true)]
 [string]$client
 )
 
 try{

$serviceStatus=get-service -DisplayName "Quest KACE One Agent" -ComputerName $client -ErrorAction SilentlyContinue -ErrorVariable ServiceNotAvailable|select-object MachineName,DisplayName,Status
 
 if($serviceStatus){
 $output = $serviceStatus
 return $serviceStatus
 }

else{
 
 write-warning -Message "$client,$ServiceNotAvailable"
 $output = $client +"," + $ServiceNotAvailable
 return $output
 }
 
 }
 
 Catch [System.Management.Automation.CmdletInvocationException]{
 
 write-warning -Message "$client,$ServiceNotAvailable"
 $output = $client +"," + $ServiceNotAvailable.Message
 return $output
 }
 
 Catch{
 $ErrorMessage = $_.Exception.Message
 $FailedItem = $_.Exception.ItemName
 }
 
 } 
} 
 
#Ping all computers
foreach($computer in $computers) {
 $client = $computer.Name 
 Write-Progress -Activity "Checking computer availablilty....." -status "Ping $client" -percentComplete ($computers.IndexOf($computer) / $Computers.count*100)
 if ((Get-Job -State 'Running').Count -lt $maxConcurrentJobs) {
 Start-Job -ScriptBlock {ping $args[0]} -ArgumentList @($client) -Name "$client" -InitializationScript $ping
 }else{
 Start-Sleep -Seconds 3
 Start-Job -ScriptBlock {ping $args[0]} -ArgumentList @($client) -Name "$client" -InitializationScript $ping
 }
}

#Wait for job to complete
Get-Job|Wait-Job

#Get result of ping
foreach($computer in $computers) {
 
 $client = $computer.Name
 Write-Progress -Activity "Retrieving results of availability....." -status "Ping result for $client" -percentComplete ($computers.IndexOf($computer) / $Computers.count*100)
 $pingStatus=Receive-Job -Name $client
 #Removes the ping job when result is retrieved
 Remove-Job -Name $client

#If PC is online
 if($pingStatus.StatusCode -eq '0'){
 
 $onlineComputers= $onlineComputers+($computer)
 #Create a checkService job for online PC
 if ((Get-Job -State 'Running').Count -lt $maxConcurrentJobs) {
 Start-Job -ScriptBlock {checkService $args[0]} -ArgumentList @($computer.Name) -Name "$client" -InitializationScript $func 
 }
 else{
 Start-Sleep -Seconds 5
 Start-Job -ScriptBlock {checkService $args[0]} -ArgumentList @($computer.Name) -Name "$client" -InitializationScript $func 
 }
 }
 else{
 $offlineComputers= $offlineComputers+($computer)
 Write-Warning -Message "$client is offline"
 
 $client|Out-File -FilePath $OfflineFile -Append
 
 }
}

#Wait for job to complete
Get-Job|Wait-Job

#Get result from checkService
foreach($onlinecomputer in $onlineComputers) {
 $result=receive-job -Name $onlineComputer.Name -Keep
 
 Write-Progress -Activity "Retrieving results of availability....." -status "Service result for $onlineComputer.Name" -percentComplete ($onlineComputers.IndexOf($onlinecomputer) / $onlineComputers.count*100)
 #Contains MachineName, service available
 if([bool]($result.PSobject.Properties.name -match "MachineName")){
 
 
 $result|select-object MachineName,DisplayName,Status |export-csv -Path $ServiceStatusFile -NoTypeInformation -Append
 
 }
 
 else{
 
 $result|Out-File -FilePath $noServiceFile -Append
 
 }

}
#Remove all completed job
Remove-Job -State Completed

Import-Csv $ServiceStatusFile|ft -AutoSize

[POWERSHELL] CHECK QUEST KACE ONE AGENT SERVICE FOR MULTIPLE COMPUTER (VERSION #3)

Here is the #3 version, changes as below:

  • use of Win32_PingStatus for a ping timeout of 1500ms because Test-Connection defaults to 4 seconds and there is no option to change that.
  • Added error handling with try/catch
  • use Start-Job to start checking for service status once found PC is online.

 

#The OU to search
 $SearchBase = "OU=COMPUTER,OU=World_First,DC=domain,DC=local"

#output files
 $ServiceStatusFile = "ServiceStatus.csv"
 $OfflineFile = "Offline.csv"
 $noServiceFile = "noService.csv"

#Search result of computers (Windows only)
 $Computers = Get-ADComputer -Filter {OperatingSystem -Like "Windows*"} -SearchBase $SearchBase -SearchScope Subtree|sort Name

#Array for online computers
 $onlineComputers = @()

#Array for offline computers
 $offlineComputers = @()

$func={

function checkService{

param (
 [parameter(Mandatory=$true,ValueFromPipeline=$true)]
 [string]$client
 )

try{

$serviceStatus=get-service -DisplayName "Quest KACE One Agent" -ComputerName $client -ErrorAction SilentlyContinue -ErrorVariable ServiceNotAvailable|select-object MachineName,DisplayName,Status

if($serviceStatus){
 return $serviceStatus
 }

else{

write-warning -Message "$client,$ServiceNotAvailable"
 $output = $client +"," + $ServiceNotAvailable
 return $output
 }

}
 Catch [System.Management.Automation.CmdletInvocationException]{

write-warning -Message "$client,$ServiceNotAvailable"
 $output = $client +"," + $ServiceNotAvailable.Message
 return $output

}

Catch{
 $ErrorMessage = $_.Exception.Message
 $FailedItem = $_.Exception.ItemName

}

}
 }




#Check if computers are online
 foreach($computer in $computers) {

$client = $computer.Name
 #win32_PingStatus variables
 $filter='Address="{0}" and Timeout={1}' -f $client, $timeout
 $timeout= 1500
 Write-Progress -Activity "Checking computer availablilty....." -status "Ping computer $client" -percentComplete ($computers.IndexOf($computer) / $Computers.count*100)

if((Get-WmiObject Win32_PingStatus -Filter $filter).StatusCode -eq '0'){
 Start-Job -ScriptBlock {checkService $args[0]} -ArgumentList @($client) -Name "$client" -InitializationScript $func
 $onlineComputers= $onlineComputers+($computer)

}
 else{

$offlineComputers= $offlineComputers+($computer)
 Write-Warning -Message "$client is offline"

$client|Out-File -FilePath $OfflineFile -Append
 }

}







Get-Job|Wait-Job

foreach($onlineComputer in $onlineComputers){




$result=receive-job -Name $onlineComputer.Name -Keep

#Contains MachineName, service available
 if([bool]($result.PSobject.Properties.name -match "MachineName")){
 $result|select-object MachineName,DisplayName,Status|export-csv -Path $ServiceStatusFile -NoTypeInformation -Append

}

else{

$result|Out-File -FilePath $noServiceFile -Append

}

}

Remove-Job -State Completed

import-csv -Path ServiceStatus.csv