MDT

Update sshd_config to use Protocol 2

NINet.org - Mon, 06/02/2014 - 05:31
Had to write an script to update SSHD to only use protocol 2 without changing any of the other settings, to be deployed via BMC Bladelogic (horrible horrible tool), but you work with what you have. The script should work across Linux, AIX and Solaris. Script:
Categories: MDT

Getting Kerberos token size with PowerShell

cluberti.com - Mon, 05/26/2014 - 20:57

Recently, I had the unpleasant requirement to validate Kerberos token size for a network where users were experiencing random issues hitting certain sites and databases. Today I validated it was token size, but not until after I found Jacob Ludriks’ excellent PowerShell script to do so. I was about to write one myself when I stumbled across this gem, which came in immensely useful in helping a good colleague in a bad situation.

Without further ado, here’s the link to the script:
http://jacob.ludriks.com/getting-kerberos-token-size-with-powershell/

In the event this script ends up getting taken down, here’s the content – please visit Jacob’s site if you find this useful. He’s got some other PowerShell goodies over there too that you might like.

# Always credit where due - this was found via # http://jacob.ludriks.com/getting-kerberos-token-size-with-powershell/ #Gets max token size #Run with .\get_tokensize.ps1 -Username "domain\username" #Reference: http://support.microsoft.com/kb/327825 #tokensize = 1200 + 40d + 8s Param( [Parameter(Mandatory=$True)] [String]$Username ) $domain = ($username.split("\"))[0] $user = ($username.split("\"))[1] Import-Module ActiveDirectory $rootdse = (Get-ADDomain $domain).distinguishedname $server = (Get-ADDomain $domain).pdcemulator $usergroups = Get-ADPrincipalGroupMembership -server $server $user | select distinguishedname,groupcategory,groupscope,name $domainlocal = [int]@($usergroups | where {$_.groupscope -eq "DomainLocal"}).count $global = [int]@($usergroups | where {$_.groupscope -eq "Global"}).count $universaloutside = [int]@($usergroups | where {$_.distinguishedname -notlike "*$rootdse" -and $_.groupscope -eq "Universal"}).count $universalinside = [int]@($usergroups | where {$_.distinguishedname -like "*$rootdse" -and $_.groupscope -eq "Universal"}).count $tokensize = 1200 + (40 * ($domainlocal + $universaloutside)) + (8 * ($global + $universalinside)) Write-Host " Domain local groups: $domainlocal Global groups: $global Universal groups outside the domain: $universaloutside Universal groups inside the domain: $universalinside Kerberos token size: $tokensize"
Categories: MDT

TechEd NA 2014 – Here is my sessions on Channel 9

The Deployment Bunny - Sun, 05/25/2014 - 07:36
Top OS Deployment Issues with Answers from Experts

Bare Metal OS Deployment in Microsoft System Center 2012 R2 Virtual Machine Manager: This Is How It Is Done!

Building the Perfect Windows 8.1 Image


Categories: MDT

Gathering Recent Events for a Specific VM

Virtual PC Guy's WebLog - Tue, 05/20/2014 - 13:44

Imagine this scenario: you login to one of your Hyper-V servers and find that something has gone wrong with a virtual machine.  Maybe the guest operating system is not responding, maybe it is running slower than expected, maybe something else has gone wrong.

As you are triaging the problem – you are likely to want to gather all the information you can about what has been happening with the virtual machine in question.  Luckily, this is quite easy to do with PowerShell.

In fact, you just need to run this code snippet:

$vmName = "File Server"
Get-WinEvent -FilterHashTable @{LogName ="Microsoft-Windows-Hyper-V*"; StartTime = (Get-Date).AddDays(-2)} | ?{( [xml]$_.toxml()).event.userdata.vmleventlog.vmname -eq $vmName}

And you will get results like this:
 
(sorry for the lack of results – I have not had any problems with my virtual machines lately!)

This works because Hyper-V tags each event log entry with the virtual machine name, and the Get-WinEvent Cmdlet allows you to look for this tag in the event log results.

Cheers,
Ben

Categories: MDT

Quickly Recovering Replication on Hyper-V

Virtual PC Guy's WebLog - Mon, 05/19/2014 - 13:53

Two weeks ago, I had to recover from a sizable power outage. When this happened, my first priority was to make sure that all of my virtual machines were running well. Once I had done this, my next goal was to get Hyper-V Replica back up and running - so that I would be protected against any future problems.

Now, Hyper-V Replica would have eventually sorted itself out - but I did not want to wait for this to happen organically. I wanted things fixed immediately.

Hyper-V Replica had correctly detected that was a problem, and had scheduled resynchronization for all of my virtual machines. What I did to speed up the process was to shut down all non-critical virtual machines, and then use PowerShell to run the following command:

Get-VM -ComputerName Hyper-V-1, Hyper-V-2 | ?{$_.ReplicationMode -eq "Primary" -and $_.ReplicationHealth -eq "Critical"} | Resume-VMReplication -Resynchronize

This caused replica resynchronization to start immediately for all virtual machines that were reporting that replication was in a critical state. At this stage I must give a word of caution. You may be wandering why I shut down non-critical virtual machines before doing this. The reason is that initiating a mass resynchronization like this will generate a huge amount of disk activity, as Hyper-V goes through and rechecks all of the data on disk. I shut down non-critical systems to try and minimize the amount of data churn that occurred during this process.  Even with this precautionary step, I could feel the system slow down overall while resynchronization was happening.

But after a relatively short period of time, resynchronization was complete and my computers were (almost) back to normal.

Cheers,
Ben

Categories: MDT

Back to Basic – CustomSettings.ini – Sample 3 and a bunch more

The Deployment Bunny - Mon, 05/19/2014 - 10:59

Customsettings.ini is one of those text files in MDT/ConfigMgr that has a major impact on the solution, badly written the solution is a pain in the… correctly written and it works like magic…

A while back I created sample package, but I only published 2 of the samples in the package and now it is time for the rest of them:

  • Disable OSInstall.ini
  • Setting based on Computer type and location.ini
  • Settings based on Computer type.ini
  • Settings based on Default Gateway.ini
  • Settings based on MAC for servers.ini
  • Settings based on MAC.ini
  • Settings based on Model.ini
  • Settings based on TaskSequenceID.ini
  • Settings based on UserExit-Alias.ini
  • Settings based on VB Calculation.ini
  • Settings based on Virtual Machines.ini
  • Settings for UDI.ini
  • Using the SMSTSOrg.ini

To try them out in your environment you can just run:

cscript.exe “Path to your MDT folder”:\Scripts\ZTIGather.wsf /Inifile:”The Path to the .ini file you would like to test”

You can download the samples here: http://1drv.ms/1qPkg7l

(Note all these files has been made upon request from customers, so if you need one that I down have, ask me…)

/mike


Categories: MDT

Nice to Know – Switch from ImageX to DISM in MDT

The Deployment Bunny - Mon, 05/19/2014 - 09:09

Be default the capture process in MDT 2013 uses ImageX to capture the image, there is nothing wrong with that, well, it takes time since Imagex takes about 15 minutes or more just to scan the file system before it starts to capture the image and maybe you would like to get rid of that time. That is possible by doing some modification to one of the scripts in MDT so that it starts to use DISM.exe instead

The script that needs to be modified is ZTIBackup.wsf and you can download the updated version here. (Please make sure you have a copy of the previous version so that you can go back for any reason.)

As a bonus this also fixes the problem to append the wim file to an existing wim file.

How-to?
  1. Download the file from here: http://1drv.ms/1gZICln
  2. Rename the Scripts\ZTIBackup.wsf to ZTIBackup.old
  3. Clear the Internet download flag from the new ZTIBackup.wsf.
  4. Copy the new ZTIBackup.wsf to the Scripts folder.

Done.

/mike


Categories: MDT

Nice to Know – MPIO “may” need to be configured correctly to increase performance when using Storage Spaces in Windows Server 2012 R2

The Deployment Bunny - Mon, 05/19/2014 - 08:15

This happens currently once a week, someone calls me and say “I’m using Storage Spaces with or without Scale Out file server and the performance is #”"!&%%&##”

There is many reasons but a very common is that MPIO be default is set to Round Robin and that is worse then bad.

Change the setting for all disks and for new disks as well by running the following command from en elevated PowerShell prompt:

Set-MSDSMGlobalDefaultLoadBalancePolicy LB

Read more here: http://support.microsoft.com/kb/2744261

Also read the blog from Jose:

http://blogs.technet.com/b/josebda/archive/2013/04/17/file-server-tip-how-to-rebalance-a-scale-out-file-server-using-a-little-powershell.aspx

http://blogs.technet.com/b/josebda/archive/2014/04/01/step-by-step-for-mirrored-storage-spaces-resiliency-using-powershell.aspx

http://blogs.technet.com/b/josebda/archive/2013/10/30/automatic-smb-scale-out-rebalancing-in-windows-server-2012-r2.aspx


Categories: MDT

Enterprise Mode Internet Explorer

With the release of Windows 8.1 Update, enterprises have a new tool at their disposal for addressing issues with older web sites.  This new feature, called Enterprise Mode IE, effectively enables IE 11 to run web pages that otherwise would only work in IE 8. 

And this isn’t just for Windows 8.1 – you can get the same functionality on Windows 7 by installing the latest IE 11 cumulative update (e.g. http://www.microsoft.com/en-us/download/details.aspx?id=42463 or http://www.microsoft.com/en-us/download/details.aspx?id=42471).  So even if you aren’t planning on deploying Windows 8.1, you can still use this to fix your browser issues with Windows 7 SP1.

I’ve been surprised by the number of people at TechEd North America this week who weren’t aware of Enterprise Mode IE.  Fortunately, Fred Pullen did a great session on this and you can watch the video here:

http://channel9.msdn.com/events/TechEd/NorthAmerica/2014/WIN-B320

Read more about Enterprise Mode at these links:

http://blogs.windows.com/windows/b/springboard/archive/2014/04/09/internet-explorer-11-now-helps-customers-stay-up-to-date.aspx

http://blogs.msdn.com/b/ie/archive/2014/04/02/stay-up-to-date-with-enterprise-mode-for-internet-explorer-11.aspx

Categories: MDT

TechEd NA 2014 – The Scripts from my session – DCIM-B309 – Bare Metal OS Deployment in Microsoft System Center 2012 R2 Virtual Machine Manager

The Deployment Bunny - Thu, 05/15/2014 - 08:30

Here is the sample scripts from my session at TechEd NA 2014 (DCIM-B309 – Bare Metal OS Deployment in Microsoft System Center 2012 R2 Virtual Machine Manager: This Is How It Is Done!)

SkyDrive: http://1drv.ms/1n0vTm2

Channel 9: http://channel9.msdn.com/Events/TechEd/NorthAmerica/2014/DCIM-B309

/mike


Categories: MDT

Links and notes from the MVP Expert Session @TechED 2014 Houston

Coretech Blog » Kent Agerlund - Tue, 05/13/2014 - 10:10
One word – Awesome! Attending the MVP Expert session along with 1000 attendees as speaker was nothing short of an awesome experience. For those of you who couldn’t attend session, you can catch the recording here: http://channel9.msdn.com/Events/TechEd/NorthAmerica/2014/PCIT-B410#fbid= The scripts I used
Categories: MDT

Links and notes from the “ConfigMgr in the Real World” precon @ TechEd NA 2014

Coretech Blog » Kent Agerlund - Tue, 05/13/2014 - 09:36
First a huge thanks to the 341 attendees showing up at the precon, you all contributed to making this a day to remember for both Johan and I. By now we should have answered all questions that was posted to #TEPRC10 on Tweeter. Precon links from Johans blog: http://www.deploymentresearch.com/Research/tabid/62/EntryId/173/Links-from-ConfigMgr-2012-R2-preconference-at-TechEd-2014-NA.aspx Pre-creating the database using this script […]
Categories: MDT

Nice to Know – OS Deployment on TechNet – Check This out!!!

The Deployment Bunny - Mon, 05/12/2014 - 10:34

For many years TechNet has been the source of information for IT Pro’s, but in many cases it has been “This is what you could do”, leaving a lot of IT profs in a guessing game. For OS Deployment that has now changed, it is changing into “This is how you should do!” and that is VERY nice!

Go to http://technet.microsoft.com/en-us/windows/hh974336

And check this out ASAP

(And yes, they hired external resources the help them get the best content ever…)

/mike


Categories: MDT

TechEd NA 2014 – PRC06 Deploying and Managing Windows in the Real World – Slides

The Deployment Bunny - Mon, 05/12/2014 - 09:15

You asked for the slides after our session, here they are

http://1drv.ms/1mRiD2R

 

If you are looking for all the deployment links we talked about, you will find the here

http://blogs.technet.com/b/mniehaus/archive/2014/05/12/useful-deployment-links.aspx

 

/mike


Categories: MDT

Useful deployment links

As we were going through our TechEd North America deployment pre-conference today, we showed a lot of links for pages of interest.  Here is a list of those (at least the ones I remembered):

If I missed any, or if there are any follow-up questions from the day, please add them to the comments for this blog, e-mail me at mniehaus@microsoft.com, or ping any of us via Twitter:  @mniehaus, @benhunter, or @mikael_nystrom.  Also, be sure to look for the session slides on http://deploymentbunny.com.

For those of you who put up with us all day, thanks.

Categories: MDT

Nice to Know–Bare metal deployment in SCVMM using Custom script and Custom resources could fail

The Deployment Bunny - Sun, 05/04/2014 - 10:05

The bare metal OS deployment function in SCVMM has the ability to be customized by adding custom scripts (also know as GCE). Basically there is two ways to do this, you either make sure the  script is in the WinPE image or you add it using recourses in the SCVMM Library. There are two locations for those scripts, Pre and Post and the problem seems to be true when we are doing Pre OSD GCE’s. So how do I know it fails then?, well that is not that hard. It will give you a very informative message in the job log like this:

Error (2941)
VMM is unable to complete the request. The connection to the agent on machine SCVMM01.network.local has been lost.
Unknown error (0x80072efe)

Recommended Action
Ensure that the WS-Management service and the agent are installed and running and that a firewall is not blocking HTTPS traffic.

And if you open the vmmAgentPE.exe.log file on the host you are deploying you will se this:

058C.05C4::05/04-12:23:13.425#00:OSDDownloadFileFromUrl.cpp(88)[000000000306EB: ThrowOnWin32Failure : 80072efe. Operation attempted WinHttpReceiveResponse(m_hRequest, NULL)
058C.05C4::05/04-12:23:13.425#00:exceptions.cpp(97)[000000000306EB: CarmineException::CarmineException: CarmineError: 1051488,  hr: 0x80072efe

If you look at the last file it tries to download you will see that it is trying to download the SCVMMCRTag.cr file and if you check the size of the file you will se that the size is 0 bytes and “carmine” does not like to transfer 0 size files in WinPE.

Solution:

Modify the SCVMMCRTag.cr in notepad.exe and type whatever you like, close it, done. If you try once more it should work.

/mike


Categories: MDT

Pre-Flight Checks – SMART Check

The Deployment Guys - Thu, 05/01/2014 - 14:22

While writing my last entry titled Pre-Flight Checks – Wireless Connectivity, I figured I would go ahead and post this script that does a pre-flight check to check the S.M.A.R.T. status of the hard drive.  S.M.A.R.T. stands for Self_Monitoring Analysis & Reporting Technology and it allows the machine to effectively predict impending failures of the hard drive.

To check this status of the hard drive, I am looking at the Win32_DiskDrive class.  This class has an object called Status that keeps track of, oddly enough, the status of the hard drive.  The status we are looking for is ‘OK’.  For more information on the Win32_DiskDrive class, or Status, click here.

As always, I am using the zero touch script format in a custom .wsf file.  For more information on custom ZTI scripts, please visit here.

Option Explicit Dim iRetVal Dim oWMI, oConn, oRs Dim strComputer, sSmartIsClear, sSmartStatus, sSMART, DQ Dim colDisks, disk Const LOCAL_HARD_DISK = 3 DQ = CHR(34) '//---------------------------------------------------------------------------- '// End declarations '//---------------------------------------------------------------------------- '//---------------------------------------------------------------------------- '// Main routine '//---------------------------------------------------------------------------- On Error Resume Next iRetVal = ZTIProcess ProcessResults iRetVal On Error Goto 0 '//--------------------------------------------------------------------------- '// '// Function: ZTIProcess() '// '// Input: None '// '// Return: Success - 0 '// Failure - non-zero '// '// Purpose: Perform main ZTI processing '// '//--------------------------------------------------------------------------- Function ZTIProcess() iRetVal = Success ZTIProcess = iRetval Const scriptVersion = "1.0" strComputer = "." ' Create objects Set oRs = CreateObject("ADODB.Recordset") Set oConn = CreateObject("ADODB.Connection") Set oWMI = GetObject("winmgmts:\\" & strComputer & "\root\cimv2") oLogging.CreateEntry "Querying the SMART WMI connection.", LogTypeInfo Set colDisks = oWMI.ExecQuery("Select * from win32_DiskDrive") oLogging.CreateEntry "Parsing the SMART WMI connection.", LogTypeInfo For Each disk in colDisks sSmartStatus = disk.Status oLogging.CreateEntry "sSmartStatus: " & sSmartStatus, LogTypeInfo Next If sSmartStatus = "OK" Then sSmartIsClear = "TRUE" oLogging.CreateEntry "sSmartIsClear: " & sSmartIsClear, LogTypeInfo Else sSmartIsClear = "FALSE" oLogging.CreateEntry "sSmartIsClear: " & sSmartIsClear, LogTypeInfo Wscript.Quit(1) End If Set colNetCards = Nothing ELSE oLogging.CreateEntry "Unable to establish a connection to SQL server " & SQLLOGSRV & _ ". Error - " & Err.Number & " - " & Err.Description, LogTypeError END IF If sSmartIsClear = "FALSE" Then WScript.Quit(1) End If END FUNCTION

Adding to the Task Sequence

To add this check to the task sequence, I have added it into a command-line task utilizing the shown syntax.

 

This post was contributed by Brad Tucker, a Senior Consultant with Microsoft Services, East Region, United States

Disclaimer: The information on this site is provided "AS IS" with no warranties, confers no rights, and is not supported by the authors or Microsoft Corporation. Use of included script samples are subject to the terms specified in the Terms of Use

Z-SMARTCheck.zip

Categories: MDT

Pre-Flight Checks – AC Power Check

The Deployment Guys - Thu, 05/01/2014 - 14:14

While writing my last entry titled Pre-Flight Checks – Wireless Connectivity, I figured I would go ahead and post this script that does a pre-flight check to ensure the machine is plugged in to AC power.  With the numbers of mobile devices becoming more and more prevalent in today’s enterprises, a check to ensure the device is plugged in prior to beginning imaging is crucial.

As I stated in my prior post (see above), MDT offers some checks, and even offers a wireless and AC power check within the UDI wizard.  These last two checks, however, would require a touch for the wizard, as they are built in.  Thus, this simple script to check the mobile device for AC power.

To check if the device is plugged in, I am looking at the Win32_Battery class.  This class has an object called BatteryStatus that keeps track of, oddly enough, the status of the battery.  The status we are looking for is ‘2’.  This is recognized as ‘The system has access to AC so no battery is being discharged. However, the battery is not necessarily charging’.  For more information on the Win32_Battery class, or BatteryStatus, click here.

Function ZTIProcess() iRetVal = Success ZTIProcess = iRetval Const scriptVersion = "1.0" strComputer = "." Set oWMI = GetObject("winmgmts:\\" & strComputer & "\root\cimv2") ' Query Win32_Battery from WMI Set colBatteries = oWMI.ExecQuery("Select * From Win32_Battery") oLogging.CreateEntry "Checking to determine if computer is plugged in...", LogTypeInfo For each Item in colBatteries If Item.batterystatus = 2 Then oLogging.CreateEntry "The computer is plugged in. Battery status is " & _ Item.batterystatus, LogTypeInfo Wscript.Quit(0) Else oLogging.CreateEntry "The computer is not plugged in. Battery status is " & _ Item.batterystatus, LogTypeError Wscript.Quit(1) End If Next END FUNCTION

 

Adding to the Task Sequence

When adding this check to the task sequence, I add it to a standard command-line step and set it to run only if ISDESKTOP = ‘FALSE’ and ISSERVER = ‘FALSE’.

 

 

This post was contributed by Brad Tucker, a Senior Consultant with Microsoft Services, East Region, United States

Disclaimer: The information on this site is provided "AS IS" with no warranties, confers no rights, and is not supported by the authors or Microsoft Corporation. Use of included script samples are subject to the terms specified in the Terms of Use

Z-ACPowerCheck.zip

Categories: MDT

Pre-Flight Checks – Wireless Connectivity

The Deployment Guys - Thu, 05/01/2014 - 14:11

As many of you know, MDT offers a series of ‘pre-flight’ checks you can run at the beginning of a task sequence to verify any number of things – BitLocker state, memory, Windows Scripting Host, etc…  They exist within the Tools\x64\Preflight and Tools\x86\Preflight folders located in the deployment share.  Within the UDI Wizard, there are even checks to ensure the machine is plugged into AC power and to ensure the machine is using a wired LAN connection and not wireless.  These checks are part of the compiled code and not available to us via a script.  This is fine for Lite Touch Installation, but since it requires a touch, it would not work for a Zero Touch deployment.

I have been recently asked to create a wireless check to insert into the task sequence.  I built it with the following requirements…

  1. It must check to see if the currently used network connection was a wireless connection
  2. If it determines the current connection to be wireless, it must return an error, or non-zero code
  3. It must log with the rest of the OSD logs.

Determine the Current Adapter

First we have to determine the currently used adapter.  To do this, I looked in the Win32_NetworkAdapterConfiguration class.  I queried for anything with IPEnabled = TRUE and then verified it had a valid IP address.While this seemed to pull all active adapters, the script continued to tell me the machine was connected via LAN, even though it was on wireless.  The problem was related to the Hyper-V adapters I had installed.  The Hyper-V virtual adapters were seen by the computer as a physical adapter and an additional ‘Local Area Connection’.  Thus, the script assumed a physical adapter was in use.

To get around this, I modified the WMI query to look like this:

SELECT * FROM win32_NetworkAdapterconfiguration WHERE IPEnabled = TRUE AND NOT Caption LIKE '%Hyper-V%'

'// Check for LAN Connection Set colNetCfg = oWMI.ExecQuery("SELECT * FROM win32_NetworkAdapterconfiguration _ WHERE IPEnabled = TRUE AND NOT Caption LIKE '%Hyper-V%'") For Each oNetCfg in colNetCfg sAdapterName = Mid(oNetCfg.Caption,12) oLogging.CreateEntry "Adapter name: " & sAdapterName, LogTypeInfo '// default value IsValidIPAddress = False For Each sIPAddress In oNetCfg.IPAddress If InStr(sIPAddress,":") = 0 And Mid(sIPAddress,1,8) _ <> "169.254" And Mid(sIPAddress,1,3) <> "0.0" Then IsValidIPAddress = True oLogging.CreateEntry "IsValidIPAddress: " & IsValidIPAddress, LogTypeInfo End If Next

Find the Wireless Adapter

Now that we have the currently used adapter, we need to know if it is wireless.  The approach I chose to take is to query the registry.  The key we are looking for is HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}.  Now we can look through each of the machine’s connections in the sub keys.  As we loop though them, we are looking for a connection with a MediaSubType = 2.  This type is returned for all adapters classified NdisPhysicalMediumWirelessLan in OID_GEN_PHYSICAL_MEDIUM.  More information on this OID can be found here.  Once we find this adapter, we retrieve its name.

'// Get all Subkeys oRegProv.Enumkey HKLM, RegKeyPath, arrSubKeys '// Read each Subkey values For Each sSubKey In arrSubKeys '// Get MediaSubType value if any oRegProv.GetDWORDValue HKLM, RegKeyPath & "\" & sSubKey & "\" & "Connection", _ "MediaSubType", dwValue If dwValue = 2 Then '// Get Name oRegProv.GetStringValue HKLM, RegKeyPath & "\" & sSubKey & "\" & "Connection" _ ,"Name", sRegNetworkName oLogging.CreateEntry "sRegNetworkName: " & sRegNetworkName, LogTypeInfo

NOTE:  In some rare cases, a wireless adapter may show a MediaSubType other than 2.  These are usually due to the adapter not supporting the wireless configuration service or the vendor uses a proprietary tool.  Please contact the vendor for assistance.

Getting Results

Now that we have the wireless adapter name from the registry (sRegWlanName) and the name of the currently used adapter (sAdapterName), we compare the two.  If they equal each other, then wireless status is set to TRUE and we return a non-zero code (1).

This takes care of the first two requirements, but to cover the third I am using a .WSF script template.  For more information on the ZTI scripting template, click  here.

'// Compare both If sRegNetworkName = sNetConnectionID Then GetWirelessName = TrueTo VPN or Not To VPN

We now have determined what type of connection the machine is using, but we need to do one more thing before it can be implemented.  We need to make sure that all connections that show as LAN connected are not, in fact, VPN connections. To do this, I am searching the adapter name for anything identified in my array sVPNAdapters.

'// VPN adapter strings sVPNAdapters = Array("VPN","JUNIPER")

I am only looking for “VPN” or “Juniper”, but you can easily add to this for different VPN types. 

Now that we have what to look for, we need to compare it to the adapter name previously recorded.  As you can see, if it finds “VPN” or “JUNIPER”, it sets IsVPNAdapter = TRUE and returns a non-zero code.

'// if adapter is not wireless If IsWLANAdapter = False Then '// check if adapter is VPN For Each sVPN In sVPNAdapters If (Instr(UCase(sAdapterName),sVPN) > 0) Then IsVPNAdapter = True End If Next If IsVPNAdapter = True And oNetCfg.IPConnectionMetric > 0 Then iIPConnectStatus = oNetCfg.IPConnectionMetric sWLANStatus = "VPN Connected" oLogging.CreateEntry "Connection status: " & sWLANStatus, _ LogTypeError Wscript.Quit(1)

Adding to the Task Sequence

Now that I have a functional script, I am going to add it to the task sequence.  I have named the script z-WirelessCheck.wsf and have placed it in the Scripts folder within my Microsoft Deployment Toolkit package. So to add it to the task sequence, I have simply created a command-line task and used the following syntax – cscript.exe "%deployroot%\scripts\z-WirelessCheck.wsf" /debug:true

NOTE:  Make sure that “Continue on error” is not checked in the Options tab.

 

I want to give credit to Veeraswamy ”Swamy” Achanta for contributing to this script.

This post was contributed by Brad Tucker, a Senior Consultant with Microsoft Services, East Region, United States

Disclaimer: The information on this site is provided "AS IS" with no warranties, confers no rights, and is not supported by the authors or Microsoft Corporation. Use of included script samples are subject to the terms specified in the Terms of Use

z-WirelessCheck.zip

Categories: MDT

New PowerShell Scripting Tools Released

The Deployment Guys - Thu, 05/01/2014 - 12:36

Microsoft Customer Services & Support (CSS) with assistance from the PowerShell team and the Garage has released some very cool scripting tools.  Since those of us involved with deployments are always creating/modifying/sharing scripts, these tools look to be right up our alley.  These tool are:

  • Script Browser – IT Pros can search, download and manage 9000+ TechNet automation script samples covering almost all Microsoft IT products from within their scripting environment.  Script Browser even supports offline search so users can download all interesting scripts and search them when they do not have internet access.
  • Script Analyzer – It automatically scan your automation script and provide suggestions to improve the script quality and readability.

The resources can be downloaded from the following link:

http://blogs.msdn.com/b/powershell/archive/2014/04/16/a-world-of-scripts-at-your-fingertips-introducing-script-browser.aspx

The teams developing these tools are committed to continuously adding new features and benefiting IT Pros’ work.   They have an ambitious roadmap.  If you love what you see in Script Browser & Script Analyzer, please recommend it to your friends and colleagues. If you encounter any problems or have any suggestions, please contact onescript@microsoft.com. Your opinions and comments are more than welcome.

 

Disclaimer: The information on this site is provided "AS IS" with no warranties, confers no rights, and is not supported by the authors or Microsoft Corporation. Use of included script samples are subject to the terms specified in the Terms of Use.

This post was contributed by Michael Murgolo, a Senior Consultant with Microsoft Services - U.S. East Region

Categories: MDT

Pages