I have been trying to automate Windows server build QA in my company. One of the tasks is to make sure vmware tools is up to date or not. Servers are built off of templates which may not be up to date.
Obviously I thought of getting the vmware tool version on the new build and comparing it with a standard build number to determine uptodateness. But that leaves little room for flexibility.
Now, if the vmtools are not upto date, the server shows a notification in the tray. So I am looking for a way to obtain that result remotely through commandline(I am open to using psexec). Am I asking for the impossible?
You can download all VMWare Tools manually Here
Write a program to compare the file size of online and offline files
and update it if they are outdated.
Schedule the Program as per your requirements
This is what I am using right now. Getting the installed version and comparing with the current version number. It is not the best way but it works for me.
$VMtoolVersion = Invoke-Command -ComputerName $FQDN -Credential $PSCredential -ScriptBlock { & 'C:\Program Files\VMware\VMware Tools\VMwareToolboxCmd.exe' -v} -ErrorAction Stop
if($VMtoolVersion -match "9.4.15.48277")
{
Write-Host "`tUPTO DATE" -ForegroundColor Green
}
else
{
Write-Host "`tOUT OF DATE. Please Update VMWare Tools " -ForegroundColor Red
}
Problem is when the tool version is higher than 9.4.15.48277, it is still gonna give me "Outdated" message. So the script will need to be updated as tools get updated.
Related
I am attempting to figure out the details of why the GPO for deleting user profiles older than X days is not working properly in our environment. I have read tons of sites/posts about this same issue, but I'm coming to the conclusion that it just may not work properly for us.
We have the GPO set for over 180 days and it is being applied to the machines, but then we ran into the issue where Windows Update (or something else) was updating the NTUSER.dat file so no profile was ever getting deleted. We applied the script that I have found in several places online (posted below) that is updating the LastWriteTime of the NTUSER.dat file to the same date as the LastWriteTime of the user's profile folder. It did just that, but the GPO is now deleting pretty much every profile that exists on the machines (aside from default) no matter how long it has been logged in, even if it's less than a week. Because of this, we have disabled the GPO and script for now.
After more research, found out that the LastWriteTime of the user profile is not necessarily accurate with logins either. This date can often be really far behind when the actual person logged in, resulting in accidental deletions. Other posts also state that the GPO no longer uses the NTUSER.dat but instead a reg key, which doesn't exist in our environment (likely because we're on an older OS (Server 2012 R2)). There were updates released in Oct 2020 for this/a similar issue, but our servers are up to date on patches.
Does anyone have a solid fix for this issue? It seems to be pretty widespread over the years with tons of people having the same problem. I don't know if newer OS's have the issue anymore, but that would be helpful to know too. We plan to upgrade to Server 2019 here in the future, but that's not coming for a bit.
If there is not a known solid fix for it, any recommendations on a file that I can reference in a custom script to check against when deleting profiles? One that for sure gets updated every login, but does not get affected by Windows Updates or AV?
Also please note that I cannot introduce new software such as delprof2 due to our security constraints, so I am looking for either a solution to the GPO problem or something I can implement in a custom script (which I can/will write).
Here is the script we are using to update the NTUSER.dat file that was found online. Several others had mostly success with it initially, but seems to not be the case any longer.
Thanks in advance
$ErrorActionPreference = "SilentlyContinue"
$Report = $Null
$Path = "C:\Users"
$UserFolders = $Path | GCI -Directory
ForEach ($UserFolder in $UserFolders)
{
$UserName = $UserFolder.Name
If (Test-Path "$Path\$UserName\NTUSer.dat") {
$Dat = Get-Item "$Path\$UserName\NTUSer.dat" -force
$DatTime = $Dat.LastWriteTime
If ($UserFolder.Name -ne "default") {
$Dat.LastWriteTime = $UserFolder.LastWriteTime
}
Write-Host $UserName $DatTime
Write-Host (Get-item $Path\$UserName -Force).LastWriteTime
$Report = $Report + "$UserName`t$DatTime`r`n"
$Dat = $Null
}
}
first I want to state that I am a novice when it comes to code/programming. Also, I have a Mac (that runs Catalina, if that matters).
This is my first time posting to this forum, so please forgive any missteps in protocol...
Here's some background info to my question:
I have Microsoft 365 for Business and I use Teams. I'm a small business and I'm the owner and administrator. I need to be able to share externally with anyone. I have changed the settings in SharePoint admin and OneDrive admin to be able to share externally. Look here to see an example of what I have done, and the problem: https://techcommunity.microsoft.com/t5/onedrive-for-business/share-with-anyone-with-the-link-setting-is-grey-out-why/m-p/810390
Even after allowing for external sharing, the sharing options are still greyed-out. But this is not my question. I know how to fix it; as it says in the above link, I need to enable sharing in Powershell via set-sposite "siteurl" -sharingcapability ExternalUserAndGuestSharing
After some research, I found that there is a Microsoft Pwsh for Mac. I downloaded Homebrew, Microsoft PowerShell and Azure. (I also have Node.js, if that matters.) Here is a screenshot of my terminal (I hid any identifying information...):
terminal screenshot
As you can see, I get this error: Connect-SPOService -Url https://<organization name here>admin.sharepoint.com Connect-SPOService: The term 'Connect-SPOService' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
I contacted Microsoft and had a technician with me on the phone trying to troubleshoot their way into my SPOService on my Mac using Homebrew in order to fix the greyed-out "share with anyone" option. We were unsuccessful. At the moment, I do have access to a Windows computer, and I was able to enter my SPOService on that Windows computer and resolve the problem. However, for each new SharePoint site I create and want to share externally, I will need to repeat this process (at least, this is what the technician told me). I will not always have access to a Windows computer, therefore I need to be able to enter my SPOService on my Macbook.
Are there any workarounds? Is there an SPOService powershell for Mac? If I have the pswh for Microsoft, why won't it let me into sharepoint?
Thank you in advance for any assistance
First, I can still not rename the domain, but I can help you with a general SharePoint update. It does not work either in Azure or on Mac OX X.
If you like to check, repeat the following steps on your computer setup, assuming you don't use a Windows Computer.
Check the availability of SharePoint
Get-Module -Name Microsoft.Online.SharePoint.PowerShell -ListAvailable | Select Name,Version
Install the module if missing
On a mac with the name of your user directory
Import-Module /Users/username/.local/share/powershell/Modules Microsoft.Online.SharePoint.PowerShell -Verbose
On Azure Powershell
Import-Module Microsoft.Online.SharePoint.PowerShell -Verbose
You get a PowerShell via a one-month Test-Subscription.
Prepare your Admin URL
$AdminCenterURL="https://name_you_used_during_first_setup-admin.sharepoint.com"
Make sure you add "-admin" at the end of your domain name. You received this when you signed up. It is not the domain name you can use for your subscription later; it's, unfortunately, how Microsoft decided to implement it. Therefore, changing from Mac or Azure is not possible.
Connect to your side
Connect-SPOService -Url $AdminCenterURL -Credential (Get-Credential)
And now it will fail with
Connect-SPOService: The type initializer for 'Microsoft.Win32.Registry' threw an exception.
Unfortunately, after exchanging many emails with Microsoft, I could not resolve this with the Support desk. However, the error seems to be known.
I wrote this note to allow others to save valuable time so that somebody would not waste his time if they tried to resolve it as I tried.
If like me, you are stuck with renaming the initial SharePoint subdomain, you currently have the following options.
Buy a Windows PC with a License or install a VM with a MS Windows trial license
Buy an Enterprise License, and use the Beta functionality.
Delete your subscription, but then you might lose the active licenses and the work you have put in already. But you can re-register, and this time put the name into the subscription, which you like to see as a subdomain of SharePoint. But you lose all work put in, in the first place.
I'm trying to uninstall Office 2013, both 32bit and 64bit versions across our network. I'v come up with a powershell script to try to uninstall these versions, but when it comes to the actual uninstall, I'm having no luck. I've tried many different methods. Here are the errors are I receive for each one.
1) This is the method that I would prefer but I receive the bootstrapper error.
Start-Process -Filepath "\\server\share\office 2013\setup.exe" -ArgumentList "/uninstall ProPlus","/config \\server\share\office\2013\proplus.ww\uninstallconfig.xml"
Here is what the xml file contains:
<Configuration Product="ProPlus">
<Display Level="none" CompletionNotice="none" SuppressModal="yes" AcceptEula="yes" />
</Configuration>
Note*: When I don't include the "/config" argument, the uninstaller is launched but I need a silent uninstaller.
2) I've tried the Get-Wmiobject win32_product search and then I use the uninstall() method from the class but it removes service packages and everything else related to Microsoft Office except Microsoft Office Professional Plus 2013.
3) I'v also tried the msexec.exe method with the GUID retrieved from the Get-wmiobject function. It appears to run, but then it is cut off before it starts to uninstall and I get the blue loading circle right next to my cursor. This displays on and off very quickly like it's trying to start up again.
I've been doing all of this through Powershell. All of our installs have come from a networkshare. I know that these processes are being run locally, once I have this part done I will start on the remote uninstallations, but for now I'd like to figure out why this local uninstallation isn't working. I'd like to keep it through Powershell, thanks. And yes, I'm running with elevated privileges.
Occasionally, when we perform our maintenance cycle the domain controller will take too long and some of our virtual machines will default to the public network category instead of domain authenticated. After searching through BOL and Google, I found the Get-NetConnectionProfile cmdlet but it only seems to be available on Windows 2012 and later. We have some machines still running Windows 2008. I've already attempted to use the -CimSession switch to connect to a 2008 machine and it returned an error.
Is there a PowerShell equivalent for earlier versions of Windows?
The entire CIM cmdlet came out with Server 2012, and is representing this CimClass class which is a part of Windows Management Infrastructure(MI), also introduced in Server 2012. Which seems to be replacement of Windows Management Instrumentation(WMI), or in Microsoft's word:
The Windows Management Infrastructure (MI) features represent the
latest version of the Windows Management Instrumentation (WMI)
Thus is closest counter part you can get is Get-WMIObject cmdlet in eailer OS. The item you looking for, should be MSFT_NetConnectionProfile. Unfortunately I didn't find anything similar from get-wmiobject -list. I also checked documentation here Networking Device Classes without luck.
If you give get-wmiobject a shot, I don't expect it would return things exactly the same, but maybe some wmi object(s) would return the item you care most?
Say I have a Collection for installing Java for 2k computers, and I'd like to check the compliance, not for all computers, but for a list of specified computers (say 500 computers in a .txt).
How can I do that?
You can of course deploy a compliance baseline on any collection, so the basic question here is how to add arbitrary computers from a list to a collection.
The easiest solution is probably using powershell. Open up your SCCM Console, click in the upper left and choose: "Connect via Windows Powershell"
This does the same as manually opening a PS window, Importing the Module ConfigurationManager.psd1 from the "bin" subfolder of the SCCM Console installation and changing to the PSDrive to the SCCM site using "cd :
from there you can add a direct membership using:
Add-CMDeviceCollectionDirectMembershipRule -CollectionId <collectionid> -ResourceId <resourceid>
So to add a whole list of computers you can just use
$Computers = get-content C:\computers.txt
Foreach ($Computer in $Computers) {
add-cmdevicecollectiondirectmembershiprule -CollectionId <collectionid> -resourceid (Get-CMDevice -name $Computer).ResourceID
}
If the computer is already a direct member of your collection you will get an error, but the powershell will continue to run, so it's not an issue.