System Center Configuration Manager 2007 SP2 R3 SCCM step by step

The first steps with System Center Configuration Manager 2007 SP2 R3

How to install sccm and set all roles, features, sql etc.  You can find on many webs.

I will provide my first steps with sccm:

1) install sccm console on local pc + set security on server for "your" account
2) copy default boot image on server
3) create driver package (unc path to driver folder)
4) add drivers and specify drivers to the boot image
5) boot image sent to distribution point
6) create usb boot image (task sequence) 

Here you go your boot usb key to sccm 

Low Disk Space Alert Windows Server 2008

Configure a Low Disk Space Alert by Using the Performance Logs and Alerts Feature in Windows Server 2008

1) Create a schedule task

Obrázek

Obrázek

2) Create  user defined collector set

Obrázek

Obrázek

select counter

Obrázek

directory should contains “\”

Obrázek

Obrázek

Obrázek

3) set data collector properties

Obrázek

the name of the schedule task

Obrázek

‘alert.vbs
Set objEmail = CreateObject(“CDO.Message”)
objEmail.From = “server@domain.cz”
objEmail.To = “alert@domain.cz”
objEmail.Subject = “srv Disk C:\ *LOW* space #WARNING#”
objEmail.Textbody = “srv Disk C:\ *LOW* space #WARNING# – ALERT value, free space is under 2%”
objEmail.Configuration.Fields.Item _
(“http://schemas.microsoft.com/cdo/configuration/sendusing”) = 2
objEmail.Configuration.Fields.Item _
(“http://schemas.microsoft.com/cdo/configuration/smtpserver”) = _
“mailer.domain.local”
objEmail.Configuration.Fields.Item _
(“http://schemas.microsoft.com/cdo/configuration/smtpserverport”) = 25
objEmail.Configuration.Fields.Update
objEmail.Send

 

These steps may not to be the best practice.

Remotly install office compactibility pack

 How remotly install office compactibility pack

C:\Windows\system32>\\domain.local\NETLOGON\psexec.exe \\pc001 -accepteula -u domain\admin \\pc001\c$\fileformatconverters.exe /quiet

PsExec v1.73 – Execute processes remotely Copyright (C) 2001-2006 Mark Russinovich Sysinternals – http://www.sysinternals.com

Password:

\\pc001\c$\fileformatconverters.exe exited on pc001 with error code 0.

Warn about computers which are in the default container ‘Computers’

Warn about computers which are forgotten in default container, not added to the accurate OU.

$body = Get-QADComputer -SearchRoot ‘CN=Computers,DC=domain,DC=local’
If ($body -ne $Null) {
$emailFrom = “alert@mail.cz”
$emailTo = “sup@mail.cz”
$subject = “Computers”
$body = $body
$smtpServer = “10.1.1.20”
$smtp = new-object Net.Mail.SmtpClient($smtpServer)
$smtp.Send($emailFrom, $emailTo, $subject, $body)
}

Conficker | Sophos Anti-Virus | Mal/Conficker

How to deploy Sophos Conficker Removal Tool.msi

Automate installation of Sophos confic-a Cleanup Tool and run scan as an Administrator.

Use GP +  2 scripts.

cleanup.cmd:

@echo off
\\domain.gl.local\NETLOGON\psexec.exe \\%computername% -accepteula -u domain\admin -p %1 \\domain.gl.local\NETLOGON\cleanup.bat

cleanup.bat:

@Echo off
cd “c:\Program Files\Sophos\Sophos confic-a Cleanup Tool”
start /min cli.exe

http://www.sophos.com/support/knowledgebase/article/110381.html

vmware vsphere CollectorServerHost.exe cpu 100%

CollectorServerHost.exe causes 100% CPU usage

CollectorServerHost.exe = Guided Consolidation is a tool that will allow you to monitor
a physical computer and determine it’s potential for adding to your virtual environment.
I would highly recommend it for a small to mid sized business looking for some
assistance with their P2V process. It has an easy to use interface with a more
simplified approach than using the full VMware Capacity Planner utility.

Obviously you don’t need it and it can be uninstalled or just stop the service.

http://whughgriffin.wordpress.com/2009/10/16/vmware-vsphere-4-guided-consolidation/

unlock locked user account powershell alert mail active directory schedule task

Very simple PowerShell script to unlock Active Directory users accounts which are locked.

Get-QADUser -Locked | Unlock-QADUser

_______________________________________________________________

PS1: (locked_account.ps1)

$output = Get-QADUser -Locked
If ($output -ne $Null) {
$emailFrom = “alert@mail.cz
$emailTo = “admin@mail.cz
$subject = “locked accounts”
$body = $output
$smtpServer = “192.168.1.2”
$smtp = new-object Net.Mail.SmtpClient($smtpServer)
$smtp.Send($emailFrom, $emailTo, $subject, $body)
}
___________________________________________

CMD: (Schedule task)

PowerShell.exe -PSConsoleFile “C:\Program Files\Quest Software\Management Shell for AD\ConsoleSettings.psc1” “& ‘c:\locked_account.ps1′”

http://www.quest.com/powershell/activeroles-server.aspx

cacti on windows | send alert e-mail

Cacti monitoring on windows

Are you looking for plugin which extend cacti for e-mail alerting when host is inaccessible? No problem.

You can solve it with script to db!

Save this script as the alert.php and run as a schedule task like the poller.php.

________________________________________________________

<?php
mysql_connect(“localhost”, “root”, “password”) or
die(“Could not connect: ” . mysql_error());
mysql_select_db(“cacti”);

$result = mysql_query(“select description from host where status<>3 and disabled<>’on'”);

while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
$message=”Device “. $row[‘description’] .” is INACCESSIBLE | more on http://localhost/cacti“;
mail(“your-mail@domain.com“, “Cacti ALERT”, $message);

}

mysql_free_result($result);

?>

________________________________________________________________

Example how to run poller.php (the same settings  for alert.php):

poller.bat (alert.bat.) run as a schedule task:

cd c:\php\
start /min php “c:\inetpub\wwwroot\cacti\poller.php”

– – – – – – – – – –

Special thanks to my colleague Roman and Cacti developers!

Unknown device HP windows 7 acpi\hpq0004 vid_138a

Fresh windows 7 installation with OEM media / ignore hp windows 7 preinstall

 

Useful for hp probook 6555b and many other types.

Angry of nonsence commercial windows 7 preinstall full of trial and unwanted software + partitioned disk etc.

Fresh installation with OEM w7 media + downlaod drivers from hp sites:

3d_driveguard *

ati

cam

card_reader

(docking)

(drive_encryption)

fingerprint_driver *

hp_hotkey

modem

net

touch_pad

usb_smartcard_reader

sound

__________________________________________

hp 3d driveguard # acpi\hpq0004

fingerprint sensor driver usb # vid_138a

After all sipmle activate Windows via phone – it is correct action when you want to avoid of preinstall!

# (FIRST FOLLOW PREINSTALL AND  BE SURE WITH CREATED RECOVERY MEDIA (at least 4 or 5 DVDs THEN YOU CAN TRY FRESH INSTALL)!

PING failed send alert email

If ping to a device failed send an alert e-mail

Pokud není ping na zařízení, pošli oznámení

ping.cmd:

@echo off
ping 192.168.0.1 > c:\temp\pinglog.txt
find “TTL=” < c:\temp\pinglog.txt
if not errorlevel 1 goto :END
call C:\alert.vbs
:END

REM Most programmers agree that an errorlevel 0 means the command executed succesfully, and an errorlevel 1 or higher usually spells trouble

______________________________

alert.vbs:

Set objEmail = CreateObject(“CDO.Message”)
objEmail.From = “mejl@mejl.cz”
objEmail.To = “alert@mejl.cz”
objEmail.Subject = “device is DOWN #WARNING#”
objEmail.Textbody = “device is DOWN #WARNING# – ALERT value —  There is no packet TTL”
objEmail.Configuration.Fields.Item _
(“http://schemas.microsoft.com/cdo/configuration/sendusing&#8221;) = 2
objEmail.Configuration.Fields.Item _
(“http://schemas.microsoft.com/cdo/configuration/smtpserver&#8221;) = _
“yourSMTP.local”
objEmail.Configuration.Fields.Item _
(“http://schemas.microsoft.com/cdo/configuration/smtpserverport&#8221;) = 25
objEmail.Configuration.Fields.Update
objEmail.Send

Check if a file exists

 
Scriptin’10
 
Check if a file exist on a list of computers
Ověření, zda existuje soubor na definovaných strojích
 
 
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colFiles = objWMIService.ExecQuery _
    ("Select * From CIM_Datafile Where Name = ‘C:\\Program Files\\WinPcap\\Uninstall.exe’")
If colFiles.Count > 0 Then
    Wscript.Echo "yes"
Else
    Wscript.Echo "No"
End If
________________________________________________________________________________
 
On Error Resume Next
Set fso = CreateObject("Scripting.FileSystemObject")
Set objInputFile = fso.OpenTextFile("comps.txt", 1, True)
Set objOutputFile = fso.OpenTextFile("vystup.txt", 8, True)
Do While objInputFile.AtEndOfLine <> True
strComputer = objInputFile.ReadLine
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("SELECT * FROM Win32_ComputerSystem")
Set colFiles = objWMIService.ExecQuery _
    ("Select * From CIM_Datafile Where Name = ‘C:\\Program Files\\AVG\\AVG9\\avgrsx.exe’")
If colFiles.Count > 0 Then
    ObjOutputFile.WriteLine "Ano je AVG9 " & "PC: " & strComputer & vbNewLine
Else
    ObjOutputFile.WriteLine "Neni AVG9 " & "PC : " & strComputer & vbNewLine
End If
Loop
 

Migrate from AVG to Sophos

  
 
– Automatic migrate in 1 script (avg2soph.cmd) added as a logoff script
– Automatická migrace z AVG na Sophos jedním jebem 🙂

_______________________________________________________________________________________________________________________
avg2soph.cmd

@Echo off
if exist “C:\program Files\Sophos\Sophos Anti-Virus\SAVAdminservice.exe” GOTO END
SET RUNAVG=\\domain.local\NETLOGON\psexec.exe \\%computername% -accepteula -u user -p %1 \\Server\AVG\Setup\uninstall\AvgSetup.bat
CALL %RUNAVG%
call
SET RUNSOPHOS=\\domain.local\NETLOGON\psexec.exe \\%computername% -accepteula -u user -p %1 \\domain.local\NETLOGON\soph_inst.bat
CALL %RUNSOPHOS%
:END

______________________________________________________________________________________________________
AvgSetup.bat

@ECHO OFF
REM AVG Setup Batch
SET SETUP=”\\Server\AVG\Setup\uninstall\avg_ipw_stf_all_90_730a1834.exe
IF NOT EXIST %SETUP% GOTO NoSetup
REM Start AVG Setup
%SETUP% /SCRIPT_FILE “\\Server\AVG\Setup\uninstall\AvgSetup.ini” /MANDATORYONLY /CFGFILE_PATH “\\Server\AVG\Setup\uninstall\remoteinst.pck” %1 %2 %3 %4 %5 %6 %7 %8 %9
if %ERRORLEVEL% EQU 1 goto AvgErr
goto End
:AvgErr
ECHO Error while installing AVG
goto End
:NoSetup
ECHO Missing installation files
REM Continue batch processing
:End
ECHO setup returned %ERRORLEVEL%
(AvgSetup.bat a AvgSetup.ini a remoteinst.pck se vytvoří pomocí avg konzole viz.)
http://drnek.spaces.live.com/blog/cns!509D00E35B2D7B2C!329.entry
__________________________________________________________________________________
soph_inst.bat
@Echo off
\\server\SophosUpdate\CIDs\S000\SAVSCFXP\setup.exe -mng yes -crt R -user user -pwd password -updp \\Server\SophosUpdate\CIDs\S000\SAVSCFXP\ -s -ni
__________________________________________________________________________________________
 

 

Diasable UAC

 
 
Script
Disable UAC
Zrušení UAC
Scriptin’9
 
‘Někdy ani domain controler a GP nebere, tak pomůže už jenom script:
 
Const HKEY_LOCAL_MACHINE = &H80000002
Set fso = CreateObject("Scripting.FileSystemObject")
Set objInputFile = fso.OpenTextFile("comps.txt", 1, True)
Do While objInputFile.AtEndOfLine <> True
strComputer = objInputFile.ReadLine
 
Set objRegistry = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
 
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Policies\System"
strValueName = "EnableLUA"
dwValue = 0
objRegistry.SetDWORDValue HKEY_LOCAL_MACHINE, strKeyPath, strValueName, dwValue
Loop

ACL FOLDER GROUP MEMBER POWERSHELL

 
 
Powershell scriptin’3
 
Get folder and subfolders permissions
List folder and subfolders permissions
Get group members for specify groups
Get group members for groups named "text"
 
Jaká jsou nastavená oprávnění do složek a podsložek
Jací uživatelé jsou členy skupin obsahující v názvu "text"
 
1) Zjištění oprávnění:
\Windows Resource Kits\Tools>showacls /s c:\temp
 
nebo
 
PS1:
 
get-childitem \\server\d\slozka\ –recurse | get-acl |select-object path,owner,accesstostring,group | export csv c:\ACL.csv
 
2) Výpis členů konkrétních skupin:
 a) Get-QADGroup *text* | Get-QADGroupMember (všichni členové všech skupin obsahující v názvu text).
 
 b) PS1:
 
Get-QADGroup *text* | ForEach-Object {
“Group: ” + $_
Get-QADGroupMember $_ | Format-Table -auto
}
(jmenovitě podle skupin).