SCAPaoT

System Center, Automation, Powershell and other Thoughts

Archive for the ‘Server 2008 R2’ Category

SQL collation Requirement in System Center Orchestrator 2012 beta

A requirement for installation for System Center Orchestrator 2012 Beta is to have the right collation in SQL server.

As SCOM, SCO also needs the SQL_Latin1_General_CP1_CI_AS for its databases.

We where faced with an error in the Send Email Activity, caused by wrong collation.

As Microsoft told us, there is a bug submitted to check for right collation at installation time.

We actually force SQL_Latin1_General_CP1_CI_AS as we write our schema entries (as does SCOM) but having the alternate collation would have some impact in terms of temp table usage and such.

I have submitted a bug previously to include a prerequisite check requiring the SQL Server to be installed using SQL_Latin1_General_CP1_CI_AS so I will check on that bug to make sure it is in fact being included in RC/RTM.

Send Email Activity doesn’t store data in Orchestrator 2012 Beta

This was a bug we where facing in the actual installation of System Center Orchestrator 2012 beta.

The build in activity to send emails from within a runbook didn’t store its settings.
So the runbook failed.

The error was caused by a wrong collation.
The sql server 2008 R2 was set up with SQL_Latin1_General as collation.

As a requirement, System Center Orchestrator needs SQL_Latin1_General_CP1_CI_AS as collation.
So we had to reinstall the sql server with the correct setting and everything was correct.

A Senior Support Escalation Engineer from Microsoft wrote us about that bug:

We actually force SQL_Latin1_General_CP1_CI_AS as we write our schema entries (as does SCOM) but having the alternate collation would have some impact in terms of temp table usage and such.

 

DFSR: Powershell script for removing “temporary file” flag to replicate a file

At a customer we decided to remove the need of backing up files in the branches, so theres no need for the employees to switch tapes or usb drives.
To get all data backed up nevertheless, we implemented DFSR between the branches and the head quarter. In the head quarter the data are backed up.

A quick look in the DFSR reportings showed up, that there are files, that where not backed up.

With a little search in a famous serach engine, we stumbled throughwards that blog:
http://blogs.technet.com/b/askds/archive/2008/11/11/dfsr-does-not-replicate-temporary-files.aspx

At the customer, there are some scanning devices responsible to convert all paper mail into digital files. Those devices are generating its output directly on the file server.
All files generated that way do not loose the temporary file attribute after saving the file.

So we buidled a powershell script that run’s as scheduler to remove these flags on a daily base.

If you are interested in this on,

here you are:


<#

.SYNOPSIS
This script is for determing files with  "Temporary File" attribute set.

.DESCRIPTION
The script shows files where the "Temporary File"-attribute is set. Those files are not synchronised by Microsoft DFSR.
Also the script can remove the attribute, based on the file extension.
The common extensions are a set as default, but can be overridden by command.

.PARAMETER startpath
    Specifies the file path to start the search for files with "Temp File"-attribute set.

    Required?                    true
    Default value
    Accept pipeline input?       false

.PARAMETER RemoveTemp
    If this switch is used, the "Temp File"-attribute is removed from the file.

    Required?                    false
    Default value
    Accept pipeline input?       false
.PARAMETER extensions
    Specifies the file extensions that should be inspected.

    Required?                    false
    Default value   (".pdf",".xls",".doc",".docx",".xlsx",".ppt",".pptx",".bmp",".jpg")
    Accept pipeline input?       false

.PARAMETER countOlny
    If given, only the count of the affected file is shown.

    Required?                    false
    Default value  
    Accept pipeline input?       false

.EXAMPLE
.\tempfiles.ps1 -startpath D:\

This Example lists the files where the "Temp File"-attribute is set located on the hole D:\ - Drive

.EXAMPLE
.\tempfiles.ps1 -startpath D:\ -removeTemp

This Example lists the files where the "Temp File"-attribute is set and removes the "Temp File"-attribute.

.EXAMPLE
.\tempfiles.ps1 -startpath D:\ -removeTemp -extensions ".exe",".jpg"

This Example lists the files where the "Temp File"-attribute is set if the file extension is exe or jpg only.
.NOTES
See Link for further description.

.LINK

<a href="http://blogs.technet.com/b/askds/archive/2008/11/11/dfsr-does-not-replicate-temporary-files.aspx">http://blogs.technet.com/b/askds/archive/2008/11/11/dfsr-does-not-replicate-temporary-files.aspx</a>

#>

param([string]$startpath=(read-host "Start Pfad"),[switch]$removeTemp,[string[]]$extensions=(".pdf",".xls",".doc",".docx",".xlsx",".ppt",".pptx",".bmp",".jpg"),[switch]$countOnly)

if(!($startpath -eq ""))
{
if(test-path -path "$startpath" -ErrorAction SilentlyContinue)
{
if(!($countonly))
{
Get-childitem $startpath -recurse | `
ForEach-Object {
 if (($_.attributes -band 0x100) -eq 0x100)
 {
  
  foreach($ext in $extensions)
  {
  if($_.extension.tolower() -eq $ext.tolower())
   {
    $_.fullname
  
    if($removetemp)
    {
     $_.attributes = ($_.attributes -band 0xFEFF)
    }
   break
   }
  }
 }
}
}
else
{
$count = @(Get-childitem $startpath -recurse | where-object { $_.attributes -band 0x100 }).count
"There are $count files affected in $startpath with seleted extensions: `"$extensions`""
}
}
else
{
"Path $startpath not found!"
}
}
else
{
 get-help .\tempfiles
}

Monitoring conhost.exe with SCOM 2007 R2 – KB977648

Actually there is a bug within an update, that replaces the conhost.exe on Server 2008 R2 systems that do not have SP1 installed.
At these serversystems the eventlog for application is flooded with “EventID 33,  SideBySide” pointing towards conhost.exe and a missing assembly.

For further details on that error see the following KB article:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;977648

 The corresponding hotfix can be found here:

http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=977648&kbln=de

At a customer, there are many servers with 2008 R2 installed.
So we decided to build a monitor in SCOM that displays an information for every system that hasn’t been updated with the hotfix or an sp1 installed.

The monitor fires the following script, checking the fileversion of conhost.exe.


Dim oAPI, oBag
Set oAPI = CreateObject("MOM.ScriptAPI")
Set oBag = oAPI.CreatePropertyBag()

Set objFSO = CreateObject("Scripting.FileSystemObject")
conhostVersion =  objFSO.GetFileVersion("c:\windows\system32\conhost.exe")

If InStr (1,conhostVersion, ".16823", 1) > 0 Then
 Call oBag.AddValue("Status","BAD")
else
 Call oBag.AddValue("Status","OK")
End If

Call oAPI.Return(oBag)

So after enabling the monitor, we have 138 servers left to patch.

Kind regards and happy patching.

OperationsManager DB is growing fast

A customer installed a new instance of Operations Manager 2007 R2 CU 4 and added some management packs for monitoring server, sql, active directory and exchange.

Also the agent was deployed to 10 servers in the infrastucture to tune the managment packs.

After round about one week, the OperationsManager database size was 4GB.

Five days later, it was at nearly 8GB big.

So the customer asked, if that growing is as expected and was surprised, that we told him, it should be quite below 1GB with this amount of management packs and agents.

To get a handle on the fast growing of the database site, I stumbled over a create blog from Kevin Holeman about “Useful Operations Manager 2007 SQL queries”.

Yes, it is an old article, but it is the best for finding spammers that fill up the database by running some queries against it.

In conclusion:

The unexpected database growing was caused by the event collection rule from the exchange management pack and a leftover form exchange troubleshooting that traced verbose into the eventlog on a mailbox server.

Thanks Kevin for an other very usefull blog post.

KMS MP: Idle Minutes Monitor Alert

A customer of mine had several “Idle Minutes Monitor Alert” raised by the Key Management Server MP.

The eventlog for KMS on the KMS Server stated, that there was an KMS request round about every 30 seconds.
So the error was definitiv a false positive.

The treshold for the monitor was default (480 minutes).

I inspected the monitor and saw in the configuration, that the last activity in KMS is stored in the operations manager.
These values are inserted through a scheduled discovery that runs every 15 minutes.

I exported the management pack and had a look on that discovery. There I found an VBS script that does a lot of WMI queries.

As the KMS Server is a Server 2008 R2, and there is a WMI Memory Leak on excessive usage of WMI, I installed the corresponding hotfix and the error was gone.
This hotfix is: KB981314 (http://support.microsoft.com/kb/981314)

Kind regards,

Benedikt

Documentation made easy – Convert Problem Step Recorder File to HTML

Since Windows 7 and Server 2008 the build in tool “Problem Step Recorder” can make screenshots automatically on every click that is made. It is perfect for building installation howto’s or any other kind of documentation. Yes, there are more powerfull tools on the market, but hey, its for free… 
Only problem is, the files that are delivered as zipped MHT-Files only. So only browsers can show them. You are not able to import them for editing directly into Microsoft Word.

So I decided to build a little parser script in Powershell that converts the mht files from psr.exe into its html-files and jpeg’s.

This script takes the filepath of the zipfile or the unzipped mht file and extracts the hmtl, css, and jpeg’s into a subfolder:

param($file=$(read-host "filename of psr-zip or psr-mht file? "))

function writefile($dir, $fname, $text)
{
    $text | out-file -append $dir\$fname -Encoding "default"
}

function convertJPG($dir)
{

$jpgfiles = get-item $dir\*.jpeg.txt
foreach($jpg in $jpgfiles)
    {
        $filename = $jpg.name.tostring()

        "$filename -> $($filename.substring(0,$filename.length-4))"

        [System.Convert]::FromBase64String((Get-Content $jpg -readcount 0)) | set-content -Encoding Byte "$dir\$($filename.substring(0,$filename.length-4))"
        remove-item $dir\$filename -force
    }   
}

function extractPSR($zipfile, $destfolder)
{
 $shellApplication = new-object -com shell.application
 $zip = $shellApplication.Namespace($zipfile)
 $dest = $shellApplication.Namespace($destfolder)
 $dest.copyhere($zip.Items())
}
if(test-path $file)
{
$file = get-item $file

$folder = (get-date -Format "yyyyMMddHHmmss").tostring()
$folderObject = new-item $folder -type directory -force
$filename = ""

if($file.name.tostring().tolower().endswith(".zip"))
{
 $unzipdest = "$($folderobject.fullname.tostring())\temp"
 new-item $unzipdest -type directory -force | out-null
 extractPSR $file.fullname $unzipdest
 $psrfile = get-item "$unzipdest\*.mht"
}
else
{
 $psrfiles = $file
}

$content = get-content $psrfile

"Start: creating files in folder $pwd\$folder"

foreach($line in $content)
{
  switch -wildcard ($line)
  {
    "Content-Location: *"
    {
        #$line
        $filename = $line.split(":")[1].trim()
         if($filename.tolower().endswith(".jpeg"))
         {
            "writing: $filename.txt"
         }
         else
         {
            "writing: $filename"
         }

        break;
    }
    "--=_NextPart_*" { break; }

    "Content-Type: *" { break; }

    "Content-Transfer-Encoding: base64" { break; }

    default
    {
        if($filename -ne "")
        {
            if($filename.tolower().endswith(".jpeg"))
            {
                if($line -ne "")
                {
                    writefile $folder "$filename.txt" $line
                }
            }
            else
            {

                writefile $folder $filename $line
            }
        }
        break
    }

  }

}
"Finished: Creating files"
"Start: converting pictures from text to JPG"

convertJPG $folder
"Finished: converting pictures"

$yesno = read-host "Open containing folder? [y] "

if($yesno -eq "" -or $yesno.tolower() -eq "y")
{
    &explorer.exe $pwd\$folder
}
}
else
{
    "ERROR: $pwd\$file not found"
}

Next thougts are to convert it into a standard documentation directly or crop the slideshow of.

But these are plans for the future,
as well as adding some more comments to the code ;-)

Update

As there are several errors with the linefeeds while copying the source code, here you can download it as a .zip-File

psr.zip

Bitlocker Pin Tool on Codeplex

Hello,

as written in the post “Change Bitlocker PIN without administrative rights using SCCM” we builed a little gui for non administrative users to change the bitlocker pin.

We where really astounded about the feedback and the questions on how to get the tool or the source code. So we decided to bring it up on Codeplex.

And here it is: http://blpintool.codeplex.com/

Project Description
Deploying Bitlocker with Windows 7 in enterprise environments works pretty nice with the new features which have beend implemented by microsoft. There’s still one big problem to solve. Users can’t change their PBA Bitlocker PIN without administrative priviledges.

Feel free to give away this link and grab the tool on codeplex.

DfsDnsConfig also under Server 2008 R2

Since DFS Namespaces are available in Windwos 2000, clients get the referrals to the linked shares with the netbios name instead of the FQDN of a fileserver.
In Server 2008 R2 nothing was changed. So clients get the referall with only the netbios-name of the server.

In time where Microsoft wants WINS to die, why don’t they change that?

Getting the netbios instead of the FQDN of a server doesn’t make any problems when all your systems work in just a single active directory domain.
But if you need to gain access from outside the domain where the dfsroot is in, then using only the netbiosname can make a problem.

Two possible solutions are:
1. Add the dns suffix to the suffix search list, so it will try accessing the netbios name with the dns suffix attached if the netbios name isn’t found.
This has to be done on every client. It can be done by GPO or DHCP to not to touch all clients)

2. This is the one I preferr:
At a Registy key to the server that will be the root server for the namespace.
If the server already is a namespace server. you have to remove the root before setting the key.
The value is DfsDnsConfig = 1 (dWord) under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dfs

All DFS-Namespaces have to be build up again. For that you can export the namespace with dfsutli, change all netbios names into FQDN’s and import it back.

Read this KB article also:http://support.microsoft.com/kb/244380/en-us