Powershell: Prevent Users To View and Change Input or Config Files That Are Used by a Script

Often, I use .xml or .ini files to store settings that a PowerShell script uses. When I distribute my scripts to end users, sometimes, I want to make sure users cannot manually view or change the content of these config files. Below is what I did to achieve the goal: Create a password protected zip file that contains the config file (.xml or .ini). rename the zip file from xxxxxx.zip to xxxxxx.bin In powershell script, use ICSharpCode.SharpZipLib.dll to unzip renamed zip file compile powershell script to exe so users cannot view the script to figure out the zip file password.

Continue reading

Using SCOM PowerShell Snap-in and SDK client with a PowerShell Remote Session

Recently, I’ve been working on a utility based on PowerShell scripts using WinForms GUI to perform some SCOM tasks (i.e. create maintenance window, approve manually installed agents, adding network devices, etc.). Since this script is going to be widely used in the organisation when it’s completed, I’ve always kept in mind that when users run this utility, the utility should only connect to SCOM SDK service when required and disconnect as soon as the task is done. In another word, I don’t want this utility to remain connected to the SDK service because Microsoft recommends the concurrent connections should not

Continue reading

Disabling Auto Discovery in SCDPM 2010

System Center Data Protection Manager is not something I normally play with. Recently, I’ve been dobbed in to troubleshoot an issue with remote sites network performance at work and the issue ended up was caused by Auto Discovery in DPM 2010. So basically, DPM has this built-in function called “Auto Discovery” which queries the domain controller of its’ own home domain and stores every single domain member servers in its database. This job runs once a day, you can choose the time window of this job, but you can’t really disable it. One of my colleagues has posted this issue

Continue reading

PowerShell Script: Remove All Packages From A SCCM Distribution Point

Often, SCCM administrators found packages still assigned to distribution points that no longer exist. There are scripts available to remove these “orphaned” package distributions via SMS Provider. i.e. This one called DPClean.vbs from TechNet Blog: Removing a retired DP from all your packages. It was written for SMS 2003. I’m not sure if SMS 2003 works differently when deleting package distribution via SMS Provider as I don’t have a SMS 2003 environment around that I can test. But, this script may not work in a multi-tiered SCCM environment (multiple primary sites below a central site). This script only tries to

Continue reading

PowerShell Script: Get SCCM Management Point server name from AD

I wrote this function as a part of a script that I’m working on. it searches AD for the management point server name for a particular SCCM site: [sourcecode language=”Powershell”] Function Get-MPFromAD ($SiteCode) { $domains = Get-AllDomains Foreach ($domain in $domains) { Try { $ADSysMgmtContainer = [ADSI]("LDAP://CN=System Management,CN=System," + "$($Domain.Properties.ncname[0])") $AdSearcher = [adsisearcher]"(&(Name=SMS-MP-$SiteCode-*)(objectClass=mSSMSManagementPoint))" $AdSearcher.SearchRoot = $ADSysMgmtContainer $ADManagementPoint = $AdSearcher.FindONE() $MP = $ADManagementPoint.Properties.mssmsmpname[0] } Catch {} } Return $MP } [/sourcecode] Note: This function uses another function called Get-AllDomains, which I’ve blogged before here: http://blog.tyang.org/2011/08/05/powershell-function-get-alldomains-in-a-forest/ So make sure you include BOTH functions in your script.

Continue reading

PowerShell Script: Calculate First and Last IP of a Subnet

I just wrote this script to calculate the first and last IP of a subnet based on any given IP (within the subnet) and it’s subnet mask: Syntax: .\Get-NetworkStartEndAddress.ps1 “IP address” “Subnet Mask” Download here: Get-NetworkStartEndAddress.ps1

Continue reading

SCCM Health Check Script Updated: Version 3.5

I have just updated the SCCM Health Check Script to from version 3.3 to 3.5 Version 3.4 was finished a while back but I never got time to publish it in this blog. I only emailed 3.4 to few people who contacted me from my blog. Now that I’ve updated it again to 3.5, I thought I’ll just publish version 3.5. What’s Changed Since 3.3? Added site system name under ‘site systems with issues’ section Detect site components that are missing heartbeats. Changed function Validate-DNSRecord to use Win32_ComputerSystem.caption rather than DNSHostname to retrieve computer name as DNSHostName is not available

Continue reading

PowerShell Script: Convert To Local Time From UTC

I wrote this function in the script from my previous post “SCOM MP Authoring Example: Generate alerts based on entries from SQL Database (Part 2 of 2)”. It comes handy sometimes so I thought I’ll blog it separately as well. In PowerShell Datetime object, there is a ToUniversalTime() method that converts local time to UTC time. However, there isn’t a native way to convert FROM UTC To local time. So I wrote this function: [sourcecode language=”powershell”] Function Get-LocalTime($UTCTime) { $strCurrentTimeZone = (Get-WmiObject win32_timezone).StandardName $TZ = [System.TimeZoneInfo]::FindSystemTimeZoneById($strCurrentTimeZone) $LocalTime = [System.TimeZoneInfo]::ConvertTimeFromUtc($UTCTime, $TZ) Return $LocalTime } [/sourcecode]

Continue reading

SCOM MP Authoring Example: Generate alerts based on entries from SQL Database (Part 2 of 2)

This is the 2nd part of the 2-part series.  Part 1 can be found here. In Part 2, I’ll cover the steps involved to create each module type and the rule in this article. all these objects will be created in SCOM 2007 R2 Authoring Console. You can create a new management pack for this or use an existing one. Firstly, we will need create the probe action and data source modules: Probe Action Module: 1. Under Type Library pane, go to “Probe Actions” under Module Types and click New—>”Composite Probe Action…” 2. Give it a unique identifier such as

Continue reading

SCOM: Using PowerShell to update SMTP server address in SMTP notification Channels

I’ve been asked a question on how to bulk update SMTP server addresses in SMTP notification channels using PowerShell. Here’s the script to run in OpsMgr Command Shell: [sourcecode language=”powershell”] $newSMTP = <name of your new SMTP server> $SMTPChannels = Get-NotificationAction |Where-Object {$_.Name –imatch “smtp”} Foreach ($item in $SMTPChannels) { $item.Endpoint.PrimaryServer.Address = $newSMTP $item.Endpoint.update() } [/sourcecode]

Continue reading
%d bloggers like this: