Friday, September 8, 2017

How to preserve the naming convention

The problem

[string]$VMName = 'VM-EURO-UK-01'
[int]$NumberOfVMs = 12
$VMPrefix = ($VMName -split '(?=\d)',2)[0]
[int]$VMSuffix = ($VMName -split '(?=\d)',2)[1]

for($i=0;$i -lt $NumberOfVMs;$i++)
{
    $VMName = $VMPrefix+$VMSuffix

    Write-Host "VM Name is $VMName"

    $VMSuffix = $VMSuffix + 1
}
How to preserve the naming convention in Powershell?

The solution

[string]$VMName = 'VM-EURO-UK-01'
[int]$NumberOfVMs = 12

$VMPrefix = ($VMName -split '(?=\d)',2)[0]

[int]$VMSuffix = ($VMName -split '(?=\d)',2)[1] 

for($i=0;$i -lt $NumberOfVMs;$i++)
{
    $str = if($VMSuffix -le 9){
        "0{0}" -f $VMSuffix
    }
    else{
       $VMSuffix
    }  
    $VMName = $VMPrefix+$str

    Write-Host "VM Name is $VMName"

    $VMSuffix+=1
}

Thursday, June 22, 2017

Configure to run a Powershell Script into task scheduler

The Requirement

To create a periodic action that reports in CSV the top 20 processes into a Folder in Desktop, every hour.


I have been doing a lot of Powershell Scripting in the last years. So I have to work with Task Scheduler a lot in recent days. I will show the configuration


    List of steps:
  1. Create your PowerShell script.
  2. I'll use an advanced PowerShell liner script for this tasks

         
    $start= Get-date
    $file = $start.Tostring("yyyyMMdd-hhmmss")
    Get-Process -IncludeUserName * | select @{l="Date";e={$($start)}},ProcessName,CPU,Id,StartTime,Username | Sort-Object CPU -Descending | select -First 10 | ConvertTo-Csv -NoTypeInformation  | Out-File ".\$file.csv"
    

    This script will get all the processes in the computer you run it, also it will add the 'Date' where you are doing the query, select some variables of interest, then sort descending using the "WorkingSet" property, select the first 20, convert the object to CSV, no type information about the class and finally the output would be the Output.CSV file. (In the same folder of running the script).

  3. Configure the Task

  4. Open task manager, by clicking the Windows icon, and typing "task scheduler"


    Once opened, create a Tasks by clicking the "Create Task" link in the "Actions section."

    At the start, you will be located in the "General" tab, on the next screen add a name and make sure that the checkbox "Run it with the highest privileges" is checked.
    Then move to the Triggers, here we configure that it should execute every hour. To do so we need to click the "New" Button and then set as shown in the next image, and then click ok.
    Now on the "Actions" Tab is the important one. we click on "new" on the program script add: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (without quotes since there's no space in there)

    In arguments would be the path of the file, (if contain spaces add quotes): -file "C:\Users\j0rt3g4\Desktop\scripts\Startcoco.ps1"

    and in working directory make sure that you don't add any quotes so the path should never contain any blank space. (this will be the location of the reports): C:\Users\j0rt3g4\Desktop\scripts

    Finally, the settings should be seen like this:
    And in the final configuration tab is called "Settings" in here you just need to check that "allow the task to be run on demand" and "Do not Start a new instance" are checked and selected respectively.


  5. Make sure that is working or troubleshoot what you could have missed

  6. Enable all the history for all tasks

    Make sure that the "start in contains the file".
    Successful code is 0x000000.
    And it should be generating every single hour, in the "start in" path0 configured in the "Action" of the task.
    At the end in your "Start in" you should see something like this:

If you enjoy and worked for you, thank you so much for reading and please consider to donate.

Thursday, February 9, 2017

Error -2146893022 The target principal name is incorrect (AD Replication)

The History


I had a client today that reported the CEO's computer unabled to login agaist Active Directory, it had the message 'Trust Relationship was lost'. In this kind of issues the solution is just to take out the computer from the domain and re-join it. After removing the computer from the AD I was unable to join it again, because of a error: "Logon failure: the target account name is incorrect". After checking the replication in the domain controllers, i figure out this:
Basically the CHENSDC2 and CHENSDC had 54 days without talking to each other. IPV6 was disabled on the servers And checking replication of Active Directory:
And this guide us to the headache

The Headache


Basically the Repadmin gives an error "The Target principal Name is incorrect", so replication from "CHENSDC2" to "CHENSDC" works, but from "CHENSDC" to "CHENSDC2", doesn't.
I tried several solutions to make this work but none of those worked, so I'll try to be as clean as I can be in the solution.

The Solution


To fix this issue you just need to go to do the following:

    1. Determine the Primary Domain Controller (PDC) by doing this steps:

  1. Windows key + R (at the same time)
  2. Write cmd and then press enter. A console windows will open.
  3. netdom query fsmo
The output will be something like this, and determine the server that has the PDC role:
So our PDC is called CHENSDC2 in this example, and the problematic domain controller will be CHENSDC

    2. Stop Kerberos Key Distribution Center (KDC) service in CHENSDC (problematic server):

  1. Open the console (cmd) as the previous step, if you don't have it
  2. Use the command Net stop KDC

Pre step Download WS2003 Resource kit in the link: https://www.microsoft.com/en-us/download/details.aspx?id=17657" then install it. I did it in windows server 2008 R2 with nothing but a warning about versions, just ignore it and install the software.

    3. Purge Kerberos keys in the CHENDC (problematic server)

  1. Navigate to: C:\Program files (x86)\Windows Resource Kits\Tools and run "kerbtray.exe"
  2. You will get a Green bar Next to the time, like this
  3. Now just right click the green bar and select "Purge tickets"
  4. After this the server will be aware of the syncronization KDC from the PDC.

    4. Reset the Computer's Password in the Primary Domain Controller (PDC)

  1. In the PDC computer, we got this computer in the step 1. Open the console (cmd) as the previous step, if you don't have it
  2. netdom resetpwd /server:serverName /userd:DomainName\Administrator /passwordd:AdminPassword

    5. Start the service in the CHENSDC (problematic server)

  1. Finally in the PDC computer, we got this computer in the step 1. Open the console (cmd) as the previous step, if you don't have it
  2. Then run the command: net start kdc

    6. Start IPV6 on both servers

  1. IPv6 is used by servers to communicate to each other, so enabled it and run "ipconfig /registerdns" so they can talk to each other, specially in the consoles for Active directory

Sidenote: This is basically to improve communication between domain controllers specially for the consoles of AD (AD sites and services, AD Users and Computers, etc)

    7. Check replication again

  1. run repadmin /replsum
  2. repadmin /showrepl
  3. repadmin /showreps
And make sure that all is working good again.

Please consider to donate and thank you very much for reading this.