Last couple of weeks I am actively working on SCOM. Initially I thought it is easy to sync Active Directory Group members with SCOM group members since both are MS babies. But my assumption was wrong and it is not that easy. I explored a bit more about available options to auto populate SCOM group membership but there are no easy ways. Initially I came across a option where I had to export the current groups members using a script in XML format, and then play with XML tags to include new members and import the XML back to get the new members added to groups. This looked very cumbersome to me. After some research I came across an interesting post where the author discussed about populating SCOM group membership from external sources using discovery.

Here the article I am referring to http://blogs.msdn.com/b/boris_yanushpolsky/archive/2008/10/26/populating-groups-from-external-sources.aspx

All we need to do here is, create a custom VB script which queries AD directly and returns the members and configure the script in discovery portion of SCOM group definition XML. I felt this is much easy and better way available in web and kudos to author for publishing this information.

In next few days you will see more powershell scripts from me in SCOM area.

Happy learning….

This is my first post on Windows 8. After Microsoft announced it’s first Windows 8 Developer preview edition, I downloaded 32-bit version of it and tried on my virtual computer environment. It surprised the moment I started the boot from ISO with a blue screen message, “Your PC ran into a problem that it couldn’t handle, and now it needs to restart. HAL_INITIALIZATION FAILED”. See the below picture. I read few posts in internet about this error and everywhere blame is on Microsoft that this time they gave a nice BSOD message. But I don’t see this as BSOD, it is just a installation error.

Like the message indicates, “HAL INITIALIZATION FAILED”, means my hardware is not compatible with Windows 8 Operating System. Since I am installing it in VMware, I tried all possible combinations in virtual machine settings but in vain.

Finally, I came across the “Building Windows 8” blog which gave me clear background about the error. In this article Microsoft Made it clear that, Windows 8 developer installation is supported on only below platforms.

• Hyper-V in Windows 8 Developer Preview
• Hyper-V in Windows Server 2008 R2
• VMware Workstation 8.0 for Windows
• VirtualBox 4.1.2 for Windows

So, if you are trying to install Windows 8 on a platform which is not in the above list, sorry, you need to upgrade your virtual environment first before you start windows 8 installation.

Hope this helps.. happy learning.

Thanks,

I came across a nice VMWare powershell poster that every VMWare admin should have at desk. It is a easy and easy reference for every Vmware administrator.

The new poster adds to the original vSphere PowerCLI core cmdlets and allow you to quickly reference cmdlets from the following :

• vSphere
• Image Builder
• Auto Deploy
• Update Manager
• Licensing
• View
• vCloud

This poster can be downloaded from http://communities.vmware.com/thread/327234

Happy learning…

When you have a long powershell command in powershell console and you want to move to some where in middle of that command, the general thing to do is, arrow key. The problem with that is it moves forward(or backward) character by character. If you want to move even bit faster, just use CTRL+Arrow Key.

This helps you to navigate quickly. Hope this helps.

Have you started using Group Policy Preferences lately to manage your Windows 7 and Windows 2008 computers? It is possible that Group Policy Preferences can cause increase in login times in your environment if security groups are used for targeting preferences. For example, you may be mapping drives based on user security group membership(ex: sales, finance, etc). Per AskDS, when a security group is used for targeting a group policy preference setting, the computer has to make several round trips to domain controllers to verify the user group membership. This trip time depends on the kind of connectivity you have to domain controllers and the load of DC. If you are on a Wan link, the trip time may be even more. The windows 7/2008 computer won’t allow you to complete the login until this preference setting is evaluated and applied. In such graces the logon time will increase drastically which is a very bad experience for end users.

The AskDS team suggested using Organization Units instead of security groups for targeting. Usage of OUs will reduce the trips to domain controllers as the GPPs have to just parse the DN text of computer/user account to verify if a setting is applicable or not.

After reading the AskDS article, I wondered why they(MS) didn’t use security tokens for evaluating computer/user group membership at the time of processing the target. It is very easy and less traffic to domain controllers. It makes sense. Isn’t it?

I question was answered in very short time in the form of another AskDS article.  They exactly implemented what I felt. MS release hotfix(http://support.microsoft.com/kb/2561285) which injects this nice feature into Group Policy Preferences which can reduce the user logon times and computer startup times(if you are using security group targeting in computer GPPs).

So, if you are using Group Policy Preferences in your organization, then make sure that all your Windows 7/2008 computers have this hotfix. Otherwise one or other day you will end up looking for it when you users keep complaining about slow login issues.

I am excited to say that today my blog has crossed 1lakh visits(1,00,000). It’s been close to 1.5 years since I started this blog and I am happy that this blog helped so some of my fellow sys admins in the world.

The major motive to start this blog is to help the people in internet who search for information. I depend on a lot on public forums, blogs, and articles to resolve various issues that arise with technology in the firm where I work. Since I am benefited from the experience of others who is sharing it, I wanted to make my experience online so that it can help others and save some time and efforts for them. On this wonderful moment I want to make some changes to the way I blog.

So far, I am the only author in this blog. Looking at the responses I am receiving and thrust for knowledge/information in internet, I want to expand the scope of it. That is providing more and more information to my blog readers and also to people who land on my site from Google search. Well, I know that this is not an easy task. I have to increase the time if I decide to continue work on this blog alone. Instead, I have some plans in mind which I want to implement to make this blog richer in terms of information.

My ideas are like this…

1. Invite my friends to share the information: It is fortunate that most of my friends and college juniors are system administrators by profession. They work in different fields of system administrations like windows, UNIX, and networks. I want to take their help and encourage keeping it in the blog in very simple terms (saves time for them and information is online).
2. Invite tips/Tricks: While I search for information on internet, I come across, some interest tips which generally benefits system administrators. Most of the times, I try to put it on my blog so that it is helpful to my blog readers. While this is true with me, some of my friends told me, they too come across such tips but don’t have time (or laziness?) to keep it online. If you are also like my friends, don’t hesitate to just send me an email with brief description of the tip/trick/tool that you came across. I will take care of rest and keep it online with on behalf of you (of course, credit goes to you only) when I find some time.
3. UserGroup in the place where I live: Unfortunately, I couldn’t find a explicit System Administrators User Group in the place I live (Hyderabad, India)where as other major cities in INDIA are very well running some System Administrator’s user groups to share their knowledge and  experience. So, I am planning to have one for system administrators in Hyderabad as well. I know, this is not an easy task and achievable with ones interest. It will see success only if other people in my niche here feels the same vision as mine.

Thanks for reading my long rambling of thoughts. Thanks again for being part of my blog and success to achieve this wonderful 1Lakh milestone.

Please keep sharing your valuable feedback and ideas.

I wish all my dear Indians a very happy INDEPENDENCE DAY.

Often I have seen people struggling to convert date time value that is returned from a WMI class. For example, below query returns the timestamp of the time computer booted last time but it is not a readable format.

(Get-WmiObject -Class Win32_OperatingSystem).LastBootupTime            

Output:            
20110811122050.894035+330

Here you have multiple ways to convert this raw data to some readable format. You can manually parse the raw text using conventional methods but that is not efficient. The procedure I recommend is using the WMI built-in methods.

Let us see how to do that.

$boottime = Get-WmiObject win32_Operatingsystem            
$boottime.ConvertToDateTime($boottime.LastBootUpTime)

As you can see in the above code, I am using ConvertToDateTime method that is available in WMI itself to convert the datetime from WMI format to very conventional date time format which humans can read easily. We are just passing the raw value of LastBootupTime to the function. Isn’t it looking very easy instead of parsing the output and converting into some meaningful format? But you hate to use two lines to convert the date and looking for even single liner? Here you go …

([wmi]"").ConvertToDateTime((Get-WmiObject -Class Win32_OperatingSystem).LastBootuptime)

Much simpler. Isn’t it?

Hope this tip helps you and saves you some time.

Are you in need of a script which uninstall patches from both local and remote computers? You landed at right place. Today I came across a question in one of the forum asking for a way to uninstall patches/security updates/hotfixes from llocal or remote computers. While this is an easy thing to perform on local computers, it is little tricky when it comes to remote computers. I thought about it some time and finally came up with below code which works for both local and remote computers. All it does is, constructs a uninstall command for the given patch and executes that using WMI process class.

This script comes handy for you when you want to uninstall patches from Windows 2008 Core server which don’t have a GUI and can’t perform uninstallations the way you do in regular windows 2008 OS.

Here is the code:

function Uninstall-Hotfix {
[cmdletbinding()]
param(
$computername = $env:computername,
[string] $HotfixID
)            

$hotfixes = Get-WmiObject -ComputerName $computername -Class Win32_QuickFixEngineering | select hotfixid            

if($hotfixes -match $hotfixID) {
    $hotfixID = $HotfixID.Replace("KB","")
    Write-host "Found the hotfix KB" + $HotfixID
    Write-Host "Uninstalling the hotfix"
    $UninstallString = "cmd.exe /c wusa.exe /uninstall /KB:$hotfixID /quiet /norestart"
    ([WMICLASS]"\\$computername\ROOT\CIMV2:win32_process").Create($UninstallString) | out-null            

    while (@(Get-Process wusa -computername $computername -ErrorAction SilentlyContinue).Count -ne 0) {
        Start-Sleep 3
        Write-Host "Waiting for update removal to finish ..."
    }
write-host "Completed the uninstallation of $hotfixID"
}
else {            

write-host "Given hotfix($hotfixID) not found"
return
}            

}

Usage:

Uninstall-HotFix -ComputerName PC1 -HotfixID KB123456

Querying the user lists who interactively logged on to a computer. I want to do this from very long time using powershell so that I can use it in my other powershell scripts. Earlier I tried to do it via WMI but I was not very successful. After struggling for some time, I finally made a code which works for most windows platforms from which you can query interactively logged on users information.

This script is a wrapper which depends on most famous psloggedon utility. It parses the output of the psloggedon util and prepares a object with domain and user information.

function Get-LoggedOnUsers {            

[cmdletbinding()]            
param(            

[parameter(valuefrompipelinebypropertyname=$true)]            
[string]$ComputerName = $env:computername            

)            

begin {}            
process {            

[object[]]$sessions = Invoke-Expression "PsLoggedon.exe -x -l \$ComputerName 2> null" |             
        Where-Object {$_ -match '^s{2,}((?w+)\(?S+))'} |             
        Select-Object @{             
            Name='Computer'             
            Expression={$ComputerName}             
        },             
        @{             
            Name='Domain'             
            Expression={$matches.Domain}             
        },             
        @{             
            Name='User'             
            Expression={$Matches.User}             
        }             

    IF ($Sessions.count -ge 1)             
    {             
        return $sessions            
    }             
    Else             
    {             
        'No user logins found'            
    }             

}            
end {}            
}

I found this code originally at Scripting Guys blog. I had to make few modifications to make it parse the output properly and exclude the psloggedon util logo information.