Automation – StackingIT

Disable & Move old AD Computer Objects

A quick script to take a list from CSV and disable, then move objects in AD…

Remember everyone – don’t just cut & paste scripts from the internet and run them, without understanding what they are doing first, ff in doubt – DON’T run it!

Always build in sanity checking and also test on a sample set of data/test environment.

#Check AD record.
$computerlist=Import-Csv c:\temp\computers.csv
$computerlist | ForEach-Object {
$adobj = $_

try
{
$adcomp= Get-ADComputer -Identity $adobj.computername 
$errorvar = '0' 
}
catch
{
Write-host "Unable to find a computer" ($adobj.computername)
$errorvar = '1'
}

if ($errorvar -ne '1')
 {
 try
 {
 Set-ADComputer -Identity $adcomp -Enabled $false -ErrorAction Stop
 $errorvar= '0'
 }
 catch
 {
 Write-Host "Unable to disable AD account for" ($adobj.computername)
 $errorvar='1'
}
}
else
{
}
if ($errorvar -ne '1')
{
 try
 {
 Move-ADObject -Identity $adcomp -TargetPath 'OU=TBDelete,DC=mydomain,DC=local'
 $errorvar= '0'
 }
 catch
 {
 Write-Host "Unable to move AD account for" ($adobj.computername)
 $errorvar='1'
}
 }
 else
 {
 }
Clear-Variable -Name adcomp
}

Moving Shared VHDX files between Host clusters

Shared VHDX files in Hyper-V are useful for VM guest clusters – SQL, file servers and so forth. However, when moving from cluster to cluster, you need to plan for an outage in order to move the shared disks.

For me it makes the most sense to let SCVMM move the VM’s, in order to do this, I need to disconnect the shared VHDX files and reconnect them after the move. This is cleaner than offline copying/importing and trying to clean up VM config manually afterwards.

Example is below:

#Set Variables for VM cluster nodes
$currenthost='Host1'
$currenthost2='Host2'
$newhost='Host3'
$newhost2='Host4'
$vmnode1='VMname1'
$vmnode2='VMname2'
$storage='\ClusterStorage\myvolume\folder'
$newstorage='\ClusterStorage\mynewvolume\folder'

#Verify locations for shared disks in SCVMM - alter controller locations below

#Disconnect Disks from VM Node1
Remove-VMHardDiskDrive -computername $currenthost -vmname $VMnode1 -ControllerType SCSI -ControllerNumber 0 -ControllerLocation 2 
Remove-VMHardDiskDrive -computername $currenthost -vmname $VMnode1 -ControllerType SCSI -ControllerNumber 0 -ControllerLocation 3 
Remove-VMHardDiskDrive -computername $currenthost -vmname $VMnode1 -ControllerType SCSI -ControllerNumber 0 -ControllerLocation 4 
Remove-VMHardDiskDrive -computername $currenthost -vmname $VMnode1 -ControllerType SCSI -ControllerNumber 0 -ControllerLocation 5

#Disconnect Disks from VM Node2
Remove-VMHardDiskDrive -computername $currenthost2 -vmname $VMnode2 -ControllerType SCSI -ControllerNumber 0 -ControllerLocation 2
Remove-VMHardDiskDrive -computername $currenthost2 -vmname $VMnode2 -ControllerType SCSI -ControllerNumber 0 -ControllerLocation 3 
Remove-VMHardDiskDrive -computername $currenthost2 -vmname $VMnode2 -ControllerType SCSI -ControllerNumber 0 -ControllerLocation 4 
Remove-VMHardDiskDrive -computername $currenthost2 -vmname $VMnode2 -ControllerType SCSI -ControllerNumber 0 -ControllerLocation 5

#Open SCVMM, refresh VMs. Start storage migration (cluster to cluster in SCVMM)

#Copy Clustered disks from location A to B
Copy-Item \\$currenthost\c$\$storage\*.* -Destination \\$newhost\c$\$newstorage\ -Force

#Once Copy completed - reconnect clustered disks from new location

#Add Disks to VM Node1
Add-VMHardDiskDrive -computername $newhost -vmname $VMnode1 -ControllerType SCSI -ControllerNumber 0 -ControllerLocation 2 -Path c:\$newstorage\shared_disk_1.vhdx -SupportPersistentReservations
Add-VMHardDiskDrive -computername $newhost -vmname $VMnode1 -ControllerType SCSI -ControllerNumber 0 -ControllerLocation 3 -Path c:\$newstorage\shared_disk_2.vhdx -SupportPersistentReservations
Add-VMHardDiskDrive -computername $newhost -vmname $VMnode1 -ControllerType SCSI -ControllerNumber 0 -ControllerLocation 4 -Path c:\$newstorage\shared_disk_3.vhdx -SupportPersistentReservations
Add-VMHardDiskDrive -computername $newhost -vmname $VMnode1 -ControllerType SCSI -ControllerNumber 0 -ControllerLocation 5 -Path c:\$newstorage\shared_disk_4.vhdx -SupportPersistentReservations
 
#Add Disks to VM Node2
Add-VMHardDiskDrive -computername $newhost2 -vmname $VMnode2 -ControllerType SCSI -ControllerNumber 0 -ControllerLocation 2 -Path c:\$newstorage\shared_disk_1.vhdx -SupportPersistentReservations
Add-VMHardDiskDrive -computername $newhost2 -vmname $VMnode2 -ControllerType SCSI -ControllerNumber 0 -ControllerLocation 3 -Path c:\$newstorage\shared_disk_2.vhdx -SupportPersistentReservations
Add-VMHardDiskDrive -computername $newhost2 -vmname $VMnode2 -ControllerType SCSI -ControllerNumber 0 -ControllerLocation 4 -Path c:\$newstorage\shared_disk_3.vhdx -SupportPersistentReservations
Add-VMHardDiskDrive -computername $newhost2 -vmname $VMnode2 -ControllerType SCSI -ControllerNumber 0 -ControllerLocation 5 -Path c:\$newstorage\shared_disk_4.vhdx -SupportPersistentReservations

#Power on VMs

Deploying custom registry keys – to use with System Center

It can be useful to tattoo servers automatically on deployment with a custom reg – environment, service and component key set.

Example:

AssetName	Environment	Service	Component
SERVER01	PROD	WEB APP	WFE
SERVER02	UAT	WEB APP	WFE
SERVER03	DR	WEB APP	WFE
SERVER04	PROD	WEB APP	APP
SERVER05	UAT	WEB APP	APP
SERVER06	DR	WEB APP	APP
SERVER07	PROD	WEB APP	SQL
SERVER08	PROD	WEB APP	SQL
SERVER09	UAT	WEB APP	SQL
SERVER10	DR	WEB APP	SQL

Unfortunately we had a bunch of legacy servers out there, with a flakey app containing this information centrally.

Not only did we want this information into SCSM, but also available for SCOM and SCCM to use for different purposes. So, armed with a CSV of data (in the format above) I needed to get this applied quickly to a few hundred VMs.

#Set Variables
 
$ENV="HKLM:\SOFTWARE\MyCompanyName"
$SCRIPT={
$ENV = $args[0]
$ENVVAL = $args[1]
$SERVAL = $args[2]
$COMVAL = $args[3]
New-ItemProperty -Path $ENV -Name Environment -PropertyType String -Value $ENVVAL -Force
New-ItemProperty -Path $ENV -Name Service -PropertyType String -Value $SERVal -Force
New-ItemProperty -Path $ENV -Name Component -PropertyType String -Value $COMVal -Force
}
 
# Import CSV file
$list = Import-Csv C:\temp\ServiceData\servicedata.csv
 
# Pipe variable contents and invoke script
$list | foreach-object{
$obj = $_
Invoke-Command -ComputerName $obj.AssetName -ScriptBlock $SCRIPT -ArgumentList $ENV,$obj.Environment,$obj.Service,$obj.Component
}
 
# End of Script

The script above sets variables for the reg path, then a script – which will be passed to the server remotely using invoke-command.

This script sets variables based on the command arguments received in the loop at lines 20+21. The CSV data is formatted as the above example table, so the command connects to the computer (defined as AssetName), sends the script (variable $script) and appends the reg path, Environment, Service & Component data as Argument positions 0,1,2&3.

At the other end, it runs the script passed, which in the example CSV above, line 1 would be:

$ENV = HKLM:\SOFTWARE\MYCompanyName
 $ENVVAL = PROD
 $SERVAL = WEB APP
 $COMVAL = WFE
 New-ItemProperty -Path $ENV -Name Environment -PropertyType String -Value $ENVVAL -Force
 New-ItemProperty -Path $ENV -Name Service -PropertyType String -Value $SERVal -Force
 New-ItemProperty -Path $ENV -Name Component -PropertyType String -Value $COMVal -Force

It will proceed to loop round and apply each server in turn. Yes, it’s raw and there’s no error handling there, but you could easily put a TRY/CATCH in there to verify the server can be contacted, plus you can output the results to a file etc…

Now, you can build out dynamically adjusting patch groups in SCCM – based on Environment & Service, gather data into SCSM for services and customise SCOM monitoring & alerting based on Environment, plus set scheduled maintenance mode in SCOM for these groups when they patch.

After all, you dont want to be dragged out of bed for a non-prod server going offline or a routine patch cycle.

DPM 2016 agent installations – Making your life easier with SCCM

Take the pain away from manual deployment – grab the agent and put it into SCCM. The command lines for agent install (2016 UR2) are:

DPMAgentInstaller_KB3209593_AMD64.exe /q /IAcceptEULA

DPMAgentInstaller_KB3209593.exe /q /IAcceptEULA (for x86)

Just make sure all the agent pre-reqs are in place (WMF 4.0 for 2008 R2 etc…) and make the detection of those a pre-req for the SCCM deployment.

If you know what DPM server you are going to protect with – simply add the server name to the install above – that will open the ports and make the agent ready to be attached.

If you dont just yet – then run a second SCCM task to call a batch file running the setdpmserver.exe (in the DPM agent Bin directory) to configure the agent.

Run an “Application deployment type compliance details” report in SCCM, using your target collections, application, deployment type and status of “Success” to generate a CSV file of the installed agents.

Take the computer name column in excel, append your domain name (using concatenate) and put the resulting list into a .txt file (no headings or any other info required)

Open the DPM console – select Install, Attach Agents, click add from file and point to your txt file.

Output from SCCM report, manipulate and import in ~10 mins saving many hours of manual config.

Job Done!