Category: Windows Server 2008

Install Windows Updates and Hotfixes from Command Line

Scenario:  You have a lot of Windows Updates and Hotfixes that you need to install manually.  You want to do the following:

  1. Script the install
  2. Do not restart the server after the update is installed — (so you can manually restart it when you are ready)

Scriptlets:

Download the updates to a folder and copy that folder to the servers requiring the update.

#Collect your Servers into a variable
$Servers = Get-exchangeserver ex*

#Create an folder to copy your updates to
$Servers.name | %{ MD \$_c$updatesCluster_Updates }

#Copy your updates to that new folder
$servers.name | %{ Copy-item "C:Cluster_updates*.msu" "\$_c$updatesCluster_updates"

Install the updates on each server by running the following command from an elevated command prompt:

FOR %h IN (*.msu) DO START /WAIT WUSA %h /QUIET /NORESTART

To verify the updates are installed on each one of your servers, run the following PowerShell commandlet:

$servers.name | %{ get-hotfix -computername $_ | Where InstalledOn -gt 2/5/2017}

 

 

 

Perform an NSLookup in PowerShell to find the IP Address(es) tied to a hostname

Scenario:  You want to perform an NSLookup in PowerShell so you can use the multiple IP addresses that you are using for DNS Round Robin in another PowerShell Query.

Solution: Run the following:

#Collect the IP Addresses of the hostname into a variable
$address = [system.net.dns]::GetHostAddresses("mail.domain.com" | Select IPAddressToString)

#For Each Loop it with a command
$address | Select -expandproperty IPAddressToString | %{ Get-ADComputer $_ }

 

Error “A reboot from a previous installation is pending” during Exchange InstallUninstall

Scenario:  When attempting to install/uninstall Exchange, you receive the following error during readiness checks:

“A reboot from a previous installation is pending”

Even after a reboot, it doesn’t clear this error.

Solution:

  1. Clear values out of the PendingFileRenameOperations key located at: HKLMSYSTEMCurrentControlSetControlSessionManagerPendingFileRenameOperations
  2. You may need to clear out the content of this key as well located at: HKLMSystemControlSet001ControlSessionManager

Determine which Windows Management Framework is installed in PowerShell

Scenario: You want to easily detect which Windows Management Framework is installed on your server.

Solution:

Run either in Powershell

host  | Select Version

OR

$PSVersionTable.PSVersion 

 

Determine TTL on a DNS record

Scenario:  You changed an IP address on a DNS record and you want to determine the TTL (Time to Live) value of the DNS record to figure out when this DNS record will become refreshed.

Solution: Run the following NSLookup command with the -type=soa record against the DNS name you wish to determine TTL.

nslookup -type=soa http://www.google.com

 

Use PowerShell to filter by or count when files were created.

Scenario:  You suspect that logs are not being generated properly and you want to find the logs or count the logs based on any log created after a specific date.

#View the file information for the logs:
Get-ChildItem "\Ex2013Server1C$Program FilesMicrosoftExchange ServerV15LoggingHttpProxyEas" | Where-Object { $_.CreationTime -gt [datetime]"2016/05/17" } | Sort-Object CreationTime | Format-Table Name, CreationTime

#Count the Logs
(Get-ChildItem "\Ex2013Server1C$Program FilesMicrosoftExchange ServerV15LoggingHttpProxyEas" | Where-Object { $_.CreationTime -gt [datetime]"2016/05/17" } | Sort-Object CreationTime | Format-Table Name, CreationTime).count

Monitor Registry Key via Powershell for Remote Computers (Monitor SSLv3)

Scenario:  You have a registry key you want to monitor and to alert you if the value changes.  We noticed after the install of Exchange 2013 CU11, it enabled SSLv3 which was manually disabled before.

Script:

#Start
#Define Server Collection
$Servers = Get-ExchangeServer | Where AdminDisplayVersion -like "Version 15*" 

#Loop for SSLv3
$sslv3_svr = @()   #Create Array Variable
$Servers | %{
              $Reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $_.name)
              $RegKey= $Reg.OpenSubKey("SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server")
              $SSLv3 = $RegKey.GetValue("Enabled")
              If($SSLV3 -ne 0){
                     $sslv3_svr += $_.name
              }
            }
#Email it
$body =""
$smtp = "smtp.domain.com"
[string[]]$to = "steve@domain.com","Batman@domain.com"
$from = "SSLv3Monitor@Domain.com"
$subject = "SSLv3 monitor" 
$body += "<b><Font color=#0404B4>SSLv3 is enabled on the following server and needs to be turned off: </b></font><br><br>"
$body += "<Font color=red>$sslv3_svr</font><br><br><br>" 
send-MailMessage -SmtpServer $smtp -To $to -From $from -Subject $subject -Body $body -BodyAsHtml -Priority high

Schedule a Task via Powershell on remote systems

Scenario:  You want to schedule a task remotely via Powershell on remote systems:

Script:

$Servers = "Win2012Svr1", "Win2012Svr2","Win2012Svr3"

$Servers |%{
Invoke-Command {
$action = New-ScheduledTaskAction -Execute 'C:TaskClientStatsClientStats.bat'

$trigger =  New-ScheduledTaskTrigger -Daily -At 1am

Register-ScheduledTask -Action $action -Trigger $trigger -TaskName "ClientStats" -Description "Daily Stat Dump" -user "domainadmin" -password "adminpassword1" -runlevel Highest
} -ComputerName $_

}

 

 

Powershell method for finding any services that are set to start automatically but have been stopped due to a failure or error.

Scenario: You want a Powershell  method for finding any services that are set to start automatically but have stopped in error or by failure.

Solution:  The script below looks for any Exchange servers that start with 2013* and then uses the logic “Find a Service that is set to Automatic that is currently not running and an Exit Code of the service is not 0” for each server.  Then attempt to restart that service on each server.   An exit code of 0 means the service was stopped manually OR stopped by Windows as it was no longer required to run. Here is a list of Error Code/Exit Code descriptions: Exit Code Descriptions

 

#Collect Servers into a Variable
$1 = Get-exchangeserver 2013*

#Collect Services that are not started due to failure or error
$2 = $1 |%{Get-CimInstance win32_service -Filter "startmode = 'auto' AND state != 'running' AND Exitcode !=0 " -ComputerName $_ | select systemname, name, startname, exitcode}

#View the Services that are stopped for each server
$2

#Restart each failed service
$2 | %{Get-service $_.Name -computername $_.SystemName | Start-service -passthru}

Cannot access the C$ on one of your Windows Server 2012 servers

Scenario:  Your server is experiencing networking issues that appear local to the Server OS.  The symptoms experienced:

  1. Although you can successfully ping the server, you cannot access the c$ or other shares hosted off the server. Your error message talks about not having the appropriate permissions AND/OR the server not being available on the network.
  2. Although you can see the network adapters in Device Manager, you cannot see the network adapters in the Network & Sharing center via control panel.

Cause:  Network Adapter Corruption

Solution:  Uninstalling and Reinstalling the network driver on the server.  Below are other troubleshooting steps that may help:

Our Troubleshooting Steps:

  1. We found EventID 10016 in the System Log.  (Microsoft-Windows-DistributedCOM)
  2. We started testing if there is corruption with the Config Key. We  deleted the Config key from the registry: HKLM/System/currentcontrolset/Control/Network/Config ,config.  This key holds all of the Network card information. Once you reboot, it creates a new key in same registry with proper settings.
  3. After reboot we found that the config key was there ,but the server lost network connection completely.
  4. We tried assigning static IP using netsh via the command prompt but that resulted in the error: Element not found.
  5. That made us believe that the network database is corrupted.
    We uninstalled the Network Drivers and network card from device manager rebooted the server.
  6. Installed the new drivers back that resulted in server to function properly.