The Sysadmins

Tips and tricks from the Sysadmins

Category: Scripts (page 1 of 2)

Get Default Gateway from List of Remote Servers

Problem

Find the default gateway on a list of remote servers.

Solution

Create a textfile with a list of servers you would like to query, use a new line for each server. If you have an OU of servers you would like to query you could use the following to create a text file with all computer accounts within an OU (requires Active Directory Module for Windows PowerShell).

Get-ADComputer -LDAPFilter "(name=*)" -SearchBase "OU=Servers,DC=domain,DC=local" | Select -expand name | Out-File -Encoding utf8 "\\server\share\Servers.txt"

This would create a textfile with every computer account in the “Servers” OU on domain.local.

I tend to put a “dummy” line at the top of the text file as PSEXEC has issues with the first entry.

List of servers to obtain default gateway

Now use PSEXEC to execute the following, don’t forget to run the command prompt as administrator (using an account with the required permissions on the remote servers).

psexec @c:\Serverlist.txt ipconfig /all | findstr "Default Gateway Host" >> c:\Servergateways.txt

PSEXEC Command

…and here’s the final result.

Output text showing host name and default gateway

Create Environment Variables From Active Directory

I needed to create a firstname.lastname variable to automate an Outlook profile update via PRF. By default Windows has the %username% variable, which in my instance returns tuser- I need to set-up a new Outlook Profile for an account in a different forest which uses test.user, this script allows me to deploy the custom environment variable and therefore the PRF for the target mailbox.

I’ve given a few additional examples in the script, if you want to deploy via group policy add it as a user logon script.

The VBS Script

Set objShell = CreateObject("WScript.Shell")
Set objUserEnv = objShell.Environment("USER")
Set objADSysInfo = CreateObject("ADSystemInfo")
Set objUser = GetObject("LDAP://" & objADSysInfo.UserName)
' This will create the variable %first.last% for the first.lastname
objUserEnv("first.last") = objUser.givenName & "." & objUser.sn
' This will create the variable %first% for the first name
objUserEnv("first") = objUser.givenName
' This will create the variable %last% for the surname
objUserEnv("last") = objUser.sn
' This will create the variable %mail% for the primary mail address
objUserEnv("cn") = objUser.mail

The variable is persistent, if you find that it doesn’t work for you, and you already have the command prompt open, you will need to close and reopen the command prompt for it to take effect.

AD VBS Variable

Sage 50 Accounts – Reset Data

If a user forgets which client they currently have loaded or cannot remember the username or password there’s no easy or obvious way to reset the data or find the details.

This little tip will allow you to reset the current client and will allow you to restore a backup or create a new client, it will not allow you to recover the password or gain access to the current data. I probably come across this once a week so I decided to put together some basic batch scripts so the users can resolve the issue themselves.

I’ve included scripts for 2012 covering Windows XP and 7, you can easily modify the scripts to allow for older/new versions. Just change the year in the path C:\Documents and Settings\All Users\Application Data\Sage\Accounts\2012\company.000 or C:\ProgramData\Sage\Accounts\2012\Company.000.

This is based on a single user license, if you have a multi user license with multiple datasets you’ll want to manually go through this process and see which company.xxx needs resetting.

Sage 50 Accounts 2012 – Windows XP

REM Accounts 2011 Dataset Reset.bat
@echo Removing dataset for Sage Line 50 Accounts 2012. Please make sure the application is closed.
@echo Off
REM Removes the .old ACCDATA if script has already been run
rmdir /s /q "C:\Documents and Settings\All Users\Application Data\Sage\Accounts\2012\company.000\ACCDATA.old"
REM Delay to allow for deletion
PING -n 5 127.0.0.1 >NUL
REM Renames the current ACCDATA
rename "C:\Documents and Settings\All Users\Application Data\Sage\Accounts\2012\company.000\ACCDATA" "ACCDATA.old"
REM Creates a new ACCDATA Folder
mkdir "C:\Documents and Settings\All Users\Application Data\Sage\Accounts\2012\company.000\ACCDATA"
REM Renames the company file, this will get recreated when a backup is restored or new client is setup
rename "C:\Documents and Settings\All Users\Application Data\Sage\Accounts\2012\company" "company.old"
@echo Complete! You can now open the application.
Pause

Sage 50 Accounts 2012 – Windows 7

REM Accounts 2011 Dataset Reset.bat
@echo Removing dataset for Sage Line 50 Accounts 2012. Please make sure the application is closed.
@echo Off
REM Removes the .old ACCDATA if script has already been run
rmdir /s /q "C:\ProgramData\Sage\Accounts\2012\Company.000\ACCDATA.old"
REM Delay to allow for deletion
PING -n 5 127.0.0.1 >NUL
REM Renames the current ACCDATA
rename "C:\ProgramData\Sage\Accounts\2012\Company.000\ACCDATA" "ACCDATA.old"
REM Creates a new ACCDATA Folder
mkdir "C:\ProgramData\Sage\Accounts\2012\Company.000\ACCDATA"
REM Renames the company file, this will get recreated when a backup is restored or new client is setup
rename "C:\ProgramData\Sage\Accounts\2012\company" "company.old"
@echo Complete! You can now open the application.
Pause

A Brief Introduction to Using Zsh for Systems Administration

Introduction

Zsh is a Unix interactive shell with built-in scripting language that’s particularly suitable for administration of Unix and Unix-like systems. The shell is bash-like in a number of ways, making it easy to get started with for newcomers, and the scripting language has a clean syntax and powerful features that let you take control of local and remote systems alike without the language getting in your way.

In particular the string expansion, file and directory globbing and clean syntax for iterating over lists make it a good fit for systems scripting and control of multiple machines. It comes already installed in a vast number of popular Linux and BSD-based distributions, including Apple OS X. If you find it’s not installed then it’s usually just a quick package management command away.

Being bash-like, many simple bash scripts will run without issue via zsh, and those that don’t usually only require a minimal porting effort. Scripting from scratch is where its power lies though, and we’ll get into that quite a bit in this article series.

On top of the powerful scripting language and bash similarities, the interactive shell has one compelling feature for systems administrators: multi-line, multi-area prompts. Prompts in zsh, with a minimum of configuration, can reside on the left and right of the screen and span multiple lines. With full control over colours and support for syntax highlighting, zsh gives you a truly useful prompt that’s trivially context-aware, giving you at-a-glance information about the running environment you find yourself in.

If you have a multitude of systems to look after you can configure the prompt to make it acutely aware what machine you’re on, which user you currently are, and whereabouts in the directory hierarchy you find yourself. If you’ve configured it properly, issuing ‘pwd’, ‘whoami’ or ‘hostname’ should be a thing of the past.

Lastly, it’s easy to configure and there’s a wealth of information online, so learning more about zsh and its power, as you get to know it, is easy and fun. Let’s get stuck in with the scripting language with a view to working with multiple machines over SSH, and we’ll cover the prompt in a followup article.

This article assumes some familiarity with shell scripting and basic shell operation.
Continue reading

Deploying Office 2010 Custom Ribbons and Settings via Group Policy

Deploying Office 2010 Custom Ribbons and Settings via Group Policy. This post will detail the process of pushing UI changes out to your Office 2010 clients. It will cover default fonts, margins and changes to the ribbon. I couldn’t find a great deal of information on this subject when I first looked, so hopefully this will help those struggling to find a solution.
 
Custom Ribbons

Configurations made to the ribbon in Office 2010 are stored in .officeUI files, these aren’t created until you modify the default ribbon. Start with a vanilla office install and make the desired changes in the applications you use. Once completed, head over to 'C:\Documents and Settings\%username%\Local Settings\Application Data\Microsoft\Office' where you should find the newly created .officeUI files. For a full list of officeui files and their descriptions click here (from Microsoft). For the purpose of deploying these changes via group policy you will want to copy these up to a share that as accessible to all users.

Default Font, Size and Margins in Word

These are stored in the normal.dotm (previously normal.dot in Office 2003). Open word and make your changes, close word and head to 'C:\Documents and Settings\%username%\Application Data\Microsoft\Templates'. There is one caveat with this, when you first open word it will rename the normal.dotm and create a new template. So you may want to separate the Word section of the script below and reapply the following day. For the purpose of deploying these changes via group policy you will want to copy normal.dotm up to a share that as accessible to all users.
Continue reading

Deploying Office 2010 via Group Policy

A guide to deploying Office 2010 via group policy. There are two parts so a successful deployment. Firstly creating your configuration (.msp) file and secondly a simple batch file to install.

 

Microsoft Office customization tool

Microsoft Office customization tool allows you to edit the default configuration to suite your install requirements.

To load the office customization tool, you will need a copy of the full office 2010 install. Head to the command prompt and from within the same directory as the setup.exe type setup.exe /admin. You will be greeted with the welcome page which outlines what the tool can be used for. Move down the list and see which sections are applicable to your needs.


Office Welcome Page

To point out a few of the more useful entries.
Continue reading

Bulk Add Users to an AD Security Group from a CSV

Just a short post to demonstrate an easy method to bulk add objects to a security group in Active Directory using only one line of power shell.

To do this we’ll just need the following prerequisites:

  • PowerShell (In case you’re using a pre Win7/2008R2 platform), free download from Microsoft here.
  • Quest Powertools Active Directory Plugins, now called ‘Quest ActiveRoles Management Shell’.¬†Also a free download, no Quest products are required for this and they can be found on the Quest site here.

Install the above, this may seem a little laborious to achieve such a simple task, however the above components are an enabler for a whole host of other Active Directory management scripts. Once installed, alter the security policy of the computer to allow unsigned scripts to be executed* and install the Quest AD commandlets..

set-executionpolicy unrestricted

add-PSSnapin quest.activeroles.admanagement

Next, prepare a text file (CSV) with a list of SAMaccountname values for users within your domain you want to add to a security group. In this instance it doesn’t matter if there are any commas in the file since we are only using one column of values, ensure each username entry is on a new line.

Finally, simply import the list of users from the CSV file with the following line of PowerShell script in the PowerShell console, swapping out ‘filename.csv’ with the name of your file and ‘GS-GroupName’ with the security group you wish to add users to..

Get-Content filename.csv | Add-QADGroupMember “GS-GroupName”

PowerShell should return a list of the users added to the security group like so:

* For those with a high regard for security, it is generally not advised to allow unsigned scripts to run on your computer or server, however PowerShell security is beyond the scope of this article. You can set the security policy back to AllSigned once you are done with the following command..

Set-ExecutionPolicy AllSigned

More information for those new to PowerShell can be found on this article on MS TechNet.

Older posts