Is your DFS structure up to date?

Distributed File System is a technology that has been around since the days of NT 4.0 so as you can imagine entropy can run wild in a DFS structure. It is paramount to remove old targers to servers gone the way of the zune player: We have all heard the phrase “My computer is slow” and depending on the end users clout in the company and your position in the company, the ticket for the slow computer may end up on your desk.
Continue reading “Is your DFS structure up to date?”

Securing the Guest account

Thanks to WMI and well known sids we can query a computer for the status of user accounts, lets start with the simple query seen here:








From the results of the query we can see that the SID of the built in guest account ends in ‘-501’. so if we run the query

Get-WmiObject -Class Win32_UserAccount|where {$_.sid -like "*-501"}

or better yet (accounting for domain accounts)

Get-WmiObject -Class Win32_UserAccount -Filter  "LocalAccount='True'" |where {$_.sid -like "*-501"}

which shows us some simple info about the user

ensuring that we have the correct user we can use the command ‘Net User‘ to set the password. below is what I use to set a complex 20 character random password for the guest account:

Net User ((Get-WmiObject -Class Win32_UserAccount -Filter  "LocalAccount='True'" |where {$_.sid -like "*-501"}).name) (('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_+='.ToCharArray()|Get-Random -Count 20) -join "")

Install SCOM agent without the GUI?

SCOM can be a bit of a bear to the newcomer, there are several components that are quirky at best and if its not set up correctly or if you don’t know what you are doing things could go awry very quickly. Thank goodness there is a plethora of PowerShell commandlets for SCOM management and install to make things easier for us.
On the SCOM management server I experimented with the Install-SCOMAgent commandlet, what I found was that with the right parameters I could very quickly install the agent on remote servers with very little input. Lets look at this one liner that installs the SCOM agent on FileServer1 without the need to launch the SCOM console and run the discovery wizard:

Install-SCOMAgent -DNSHostName -PrimaryManagementServer

Just like that the agent installs immediately on FileServer1, no need to wait, no wizard to run, no hassle.

But wait… what if I didn’t have to log onto the SCOM server at all to install the client? Below is a simple function I created which allows you to install the SCOM agent from your desktop using PSRemoting, the only thing you need to know is the name of the SCOM server, and the target server name.

Function Install-SCOMClient{            
Param ([string]$Computer,            
    $RMSSession = New-PSSession –ComputerName $SCOMServer ;             
    Invoke-Command -Session $RMSsession -ScriptBlock {Add-PSSnapin “Microsoft.EnterpriseManagement.OperationsManager.Client”} ;             
    Invoke-Command -Session $RMSsession -ScriptBlock {Install-SCOMAgent -DNSHostName ($args[0] + '.' + $env:USERDNSDOMAIN) -PrimaryManagementServer (Get-SCOMManagementServer) -Verbose} -ArgumentList $computer;            
    Remove-PSSession $RMSSession            
Install-SCOMClient -Computer FileServer1 -SCOMServer SCOM01

It’s one I like to put into my $Profile so its easily accessible to me on my client desktop.