jbmurphy.com

  • Run a task sequence after completed OSD

    We wanted to run a Task Sequence after an Operating System Deployment. The OSD image would have only Office,Antivirus, and Windows. The task sequence would have all the other common packages we roll out (Adobe Reader and Flash, Firefox, Quicktime, Java . . .). The problem was that I wanted an easy way to deploy all the packages at once, and an easy way to keep it up to date.

    First we created a Collection (that updates every 5 mins) based on the following query:

    SELECT SMS_R_System.Name, SMS_G_System_OPERATING_SYSTEM.InstallDate 
FROM SMS_R_System inner join SMS_G_System_OPERATING_SYSTEM on SMS_G_System_OPERATING_SYSTEM.ResourceId = SMS_R_System.ResourceId 
WHERE DATEDIFF(dd,SMS_G_System_OPERATING_SYSTEM.InstallDate,GetDate()) < 2
ORDER BY SMS_G_System_OPERATING_SYSTEM.InstallDate DESC

    This query returns all the machines that have had their operating system installed in the last 2 days.

    Next we created a Task Sequence that Installed all the packages, and advertised it to the new collection.

    Now within a few mins of a machine adding itself to SCCM, it will show up in the collection, and the Task Sequence will be able to be run.

    The key was the query to find the machines that have been installed recently. Thanks xrobx99 for your help with this!

  • Quick check if a mysql database exists

    Here is my bash code that checks if a db exists before I try to create one in a script:

    $DBNAME="dblookingfor"
DBEXISTS=$(mysql --batch --skip-column-names -e "SHOW DATABASES LIKE '"$DBNAME"';" | grep "$DBNAME" > /dev/null; echo "$?")
if [ $DBEXISTS -eq 0 ];then
	echo "A database with the name $DBNAME already exists. exiting"
	exit;
fi

    This will exit out if there is a database with the name you are searching for. The tricky part for me (and always is) was this double quotes inside the single quotes in the LIKE statement.

  • Rackspace Cloud Files download script

    A new(er) tool in the services I use/recommend is Rackspace Cloud servers and Rackspace Cloud Files.

    We were evaluating cloud services to host client websites, and I ended up choosing Rackspace’s cloud offerings. I really like the services the provide.

    With their Cloud files, I can upload files that can be accessed anywhere. I decided that I wanted to put our common scripts there, that way when we provision a new server, behind a firewall or in the cloud, we can pull from the same place. All I would have to do is keep them up to date in one place.

    Before I knew about Chef (future project I can’t wait to have time for), I created simple scripts to install a common set of packages on every server – our SOE (Standard Operatin Environment). Once a server is provisioned, from any other server, we can update the new server to have the same core set of packages and configurations. The most important part of this is that we install GIT and pulldown the python-cloudfiles:

    yum install git -y
git clone git://github.com/rackspace/python-cloudfiles.git

    Once python-cloudfiles is installed, we use the following script to pull down the common set of scripts:

    conn = cloudfiles.get_connection('usename','keynumberthatisreallylong')
cont = conn.get_container(container)
obj = cont.get_objects(path=sourcepath)
for filename in obj:
	print "Downloading " + (os.path.join("/",container,sourcepath,os.path.basename(filename.name))) + " to " + destpath
	filename.save_to_filename(os.path.join(destpath, os.path.basename(filename.name)))
	destfile = os.path.join(destpath, os.path.basename(filename.name))
	timestamp = filename.last_modified[:filename.last_modified.find(".")-3].replace('-','').replace(':','').replace('T','')
	cmd = "touch -m -t " + timestamp + " " + destfile
	os.system(cmd)

    What this does is pull down each file in a directory in the Cloud Files infrastructure and saves it locally. Then I added the extra step of setting the modified date to the Cloud Files last_modified date, so that we can tell what downloaded files have been changed recently (uploaded to Rackspace Cloud Files).

    I look to replace this with Chef one day, but right now it works really well for us

  • Waking a sleeping Mac Pro upon opening a folder

    Scenario

    I have two macs at home, a MacPro and a MacMini. The MacMini is attached to our TV. I put my MacPro to sleep when I leave for work in the morning. My wife comes home and tries to play videos for my son on the Mac Mini. The videos are actually on the Mac Pro, but it is transparent to her, when the machine is on. And that is the problem. When she clicks on the symbolic lynk and the MacPro is sleeping she can’t find the videos she is looking for.

    I needed a way to wake the MacPro when she is looking for the videos.

    This is longer post describing my whole Wake/Sleep setup. Requirements are MacPorts, and a Wake on LAN (WOL) utility. I use DDWRT, so there is one on my home router.

    I am a big fan of MacPorts. I used to use Fink, but I switched, and I don’t remember why. There are two utilities in MacPorts that are useful for sleeping macs, Sleepwatcher and wakeonlan. You could install Sleepwatcher via source, but I prefer a Package management system.

    Sleep

    Sleepwatcher is the most important part of this system. I used to put my Mac to sleep every night at 11 pm, but if I enabled “Wake for network access” in the energy saver preference, the machine would wake up every two hours. This article describes the problem and a solution – sleepwatcher.

    So I installed sleepwatcher via MacPorts. Then I added the following two lines to my /opt/local/etc/rc.sleep ( I could not get it working in my “$home/.sleep” file)

    /bin/sleep 1
/usr/sbin/systemsetup -setwakeonnetworkaccess on >/dev/null

    Then I added the following to my /opt/local/etc/rc.wakeup (again I could not get my “$home/.wakeup” to work)

    /usr/sbin/systemsetup -setwakeonnetworkaccess off >/dev/null

    This allows the machine to go to sleep and not wake until it receives a WOL packet.

    That takes care of the sleep part.

    Wake

    Now my machines are sleeping (properly), and they can be woken from a WOL packet. Since I use DDWRT, I can go to the web interface and wake a machine (I have OpenVPN tunnels going all over the place, so i can access the web interface internally). It occurred to me that if there is a web interface, there has to be a WOL executable on the router. With public key authentication, I can connect to my DDWRT router with the following command and wake a machine:

    ssh homerouter "/usr/sbin/wol -i 192.168.X.255 xx:xx:xx:xx:xx:xx"

    That takes care of the wake part.

    Folder Actions

    To have a machine wake when I access a folder, I add the following applescript to a “Folder Actions”:

    on opening folder this_folder
	try
		tell application "Finder"
			activate
			try
				set ping_result to (do shell script "ping -c 1 machine.trying.towake;echo -n")
				if "100.0% packet loss" is in ping_result then
					do shell script "ssh homerouter "/usr/sbin/wol -i 192.168.X.255 xx:xx:xx:xx:xx:xx" "
				end if
			end try
		end tell
	on error errmsg
	end try
end opening folder

    If the machine does not answer a ping, the script will ssh to the ddwrt router and launch the wol executable to wake the sleeping machine.

    A complex system, but it works.

  • A second addition to my PowerShell install script

    I added even more functionality in my PowerShell install script (original script, and first update). I wanted the ability to display an informational popup to let the user know what we were up to. The function below takes the text to display from the config xml file and displays it in a windows form, with an “OK” button.

    This script is starting to be fun!

    
Function DisplayWindowsForm ($Step){
	if ($Step.TextToDisplay.Value -ne "") {
    	$TextToDisplay = $Step.TextToDisplay.Value
		[void] [System.Reflection.Assembly]::LoadWithPartialName("System.Drawing") 
		[void] [System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms") 
		
		$objForm = New-Object System.Windows.Forms.Form 
		$objForm.Text = "Title bar"
		$objForm.Size = New-Object System.Drawing.Size(600,500) 
		$objForm.StartPosition = "CenterScreen"
		
		$OKButton = New-Object System.Windows.Forms.Button
		$OKButton.Location = New-Object System.Drawing.Size(250,400)
		$OKButton.Size = New-Object System.Drawing.Size(75,23)
		$OKButton.Text = "OK"
		$OKButton.Add_Click({$x=$objTextBox.Text;$objForm.Close()})
		$objForm.Controls.Add($OKButton)
		
		$objLabel = New-Object System.Windows.Forms.Label
		$objLabel.Location = New-Object System.Drawing.Size(10,20) 
		$objLabel.Size = New-Object System.Drawing.Size(500,400) 
		$objLabel.Text = $TextToDisplay
		$objForm.Controls.Add($objLabel) 
		
		$objForm.Topmost = $True
		
		$objForm.Add_Shown({$objForm.Activate()})
		[void] $objForm.ShowDialog()
	}
}

  • An update to my new PowerShell install script

    I needed new functionality in my PowerShell install script (previously mentioned here). I needed the ability to make sure a process is not running, and if it is running, I could prompt the user to close it.

    The new function takes the process name value from the config xml file (as I mentioned in previos post) and if it is running, displays a message box until the program is no longer running.

    
Function WaitForProcessToStop ($Step){
	$ProcessName= ($Step.ProcessName.Value).split(".")[0]
    if ($ProcessName -ne "") {
		[System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms")
		While (get-process $ProcessName -ea SilentlyContinue | select -Property Responding)
		{
			[System.Windows.Forms.MessageBox]::Show(
			"Please close $ProcessName", 
			"Please close $ProcessName", 
			[System.Windows.Forms.MessageBoxButtons]::OK, 
			[System.Windows.Forms.MessageBoxIcon]::Information,
			[System.Windows.Forms.MessageBoxDefaultButton]::Button1,   
			[System.Windows.Forms.MessageBoxOptions]::ServiceNotification
			)
		}
	}
}

  • My new PowerShell install script

    I wanted to write a PowerShell script that can execute common activities involved in deploying software. We require signed PowerShell scripts, so it was not practical to rewrite the script for every piece of software. Instead, I moved the configuration to an XML file.

    The first function below takes an object (pulled from the XML config file) that contains the uninstall information. The scenario would be that you want to uninstall a piece of software before you install something else. First I try to remove the software via WMI. If that fails, I lookup the uninstall string and use msiexe.exe to try and uninstall the software bassed on the GUID of the software.

    function UninstallStep ($Step)
{
    $CurrentDisplayName= $Step.CurrentDisplayName.Value
    $CurrentVersion= $Step.CurrentVersion.Value
      gwmi win32_product -filter "Name like '%$CurrentDisplayName%'" | foreach {
        $InstalledVersion = $_.Version
        if ($InstalledVersion -ne  $CurrentVersion) {
            write-host "Trying to uninstall $CurrentDisplayName $InstalledVersion via WMI"
	        if ($_.uninstall().returnvalue -eq 0) { write-host "Successfully uninstalled $CurrentDisplayName $InstalledVersion via WMI" }
	        else {
                write-host "WMI uninstall retured an error, Trying to uninstall $CurrentDisplayName $InstalledVersion from registry entries"
	            if (-not(Test-Path ("Uninstall:"))){New-PSDrive -name Uninstall -psprovider registry -root HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall | Out-Null}
	            Get-ChildItem -Path Uninstall: | Where-Object -FilterScript { $_.GetValue("DisplayName") -like "*$CurrentDisplayName*"} | ForEach-Object -Process {
	                $CommandToRun = "msiexec"
	                $UNSTring = $_.GetValue("UninstallString").split("{")
	                $Parameters = "/X /Q {" + $UNSTring[1]
	                write-host "Running Command: " $CommandToRun $Parameters
	                Start-Process $CommandToRun $Parameters -wait -workingdirectory $WorkingDirectory | out-null
	            }
	            }
        }
    }
}

    Second piece of code is a generic command to run script. This is basically just a wrapper for the Start-Process command. It can be used to run any command, but mostly I use this to start the msiexec.exe program with parameters. I can also use this command to start an setup.exe. Again, this is read from the config.xml. If there are arguments, then the second part of the conditional runs.

    Function CommandToRunStep ($Step)
{
  if ($Step.Command.Value -ne "") {
    $Command = $Step.Command.Value
    if ($Step.Arguments.Value -ne "") {
      $Arguments = $Step.Arguments.Value
      write-host "Running Command: " "$Command" "$Arguments"
      Start-Process "$Command" -ArgumentList "$Arguments" -wait -workingdirectory $WorkingDirectory | out-null
    }
    Else {
      write-host "Running Command: " "$Command"
      Start-Process -FilePath "$Command" -wait -workingdirectory $WorkingDirectory | out-null
    }
  }
}

    The final function takes a process name from the config xml file and kills it.

    function KillStep ($Step)
{
    $ProcessName= ($Step.ProcessName.Value).split(".")[0]
    if ($ProcessName -ne "") {

    write-host "Killing: " "$ProcessName"
    Stop-Process -force -processname "$ProcessName" -ea SilentlyContinue
    }
}

    The main part of this script loops through the xml file and call the correct function. The xml file can contain any number of the three types of functions above, and they are run in sequential order. This gives me the ability to create a “task sequence” in an xml file that will be run with a PowerShell script in an SCCM advertised program.

    #  Main
$WorkingDirectory = Split-Path -parent $MyInvocation.MyCommand.Definition
[ xml ]$s = Get-Content $WorkingDirectory\Install.xml

foreach ($Step in $s.Install.Steps.Step)
{
switch ($Step.StepType.Value)
    {
    "UninstallOlderThan" {UninstallStep ($Step)}
    "CommandToRun" {  CommandToRunStep ($Step)}
    "KillProcess" { KillStep ($Step) }
    }
}

    Updated
    And an example of the XML file would be:

    <Install>
<Steps>
  <Step>
	<StepType Value="UninstallOlderThan" />
	<CurrentDisplayName value="Apple Application Support" />
    	<CurrentVersion value="1.3.3" />
  </Step>
  <Step>
	<StepType Value="CommandToRun" />
	<Command Value="msiexec" />
	<Arguments Value="/i AppleApplicationSupport.msi /quiet /norestart" />
  </Step>
  <Step>
	<StepType Value="CommandToRun" />
	<Command Value="iTunesSetup.exe" />
	<Arguments Value="/quiet DESKTOP_SHORTCUTS=0" />
  </Step>
  <Step>
	<StepType Value="KillProcess" />
	<ProcessName Value="Process.exe" />
  </Step>
</Steps
</Install>

  • SCCM afterbackup.bat

    Our current SCCM backup is targeted to DFS share pointed to our backup server. We dump files to this share and the local files are backed up to tape (really to disk then replicated to tape.) I never sat down and figured out how to get multiple backups rotating in SCCM until I saw this post. It reminded me that I needed to setup an afterbackup.bat script. If you add a script named afterbackup.bat to c:\Program Files\Microsoft Configuration Manager\inboxes\smsbkup.box (or where ever you installed it), it will be executed after the backup is finished. I added the following code to afterbackup.bat

    setlocal enabledelayedexpansion
set target=\\Network\DFS\BACKUP\SCCM\%date:~0,3%

If not exist %target% goto datamove 
RD %target% /s /q 
  
:datamove 
move "\\Network\DFS\Backup\SCCM\Current" "%target%"

    All this does is move the backup folder to a folder named the day of the week. If the destination already exists, then it is deleted first. Resulting in 7 days of backup.

    To test, I started the SMS_STIE_BACKUP service, and in the SCCM logs, I see :
    SMS Site Backup task is starting.

    SMS Site Backup is starting to copy the files from the snapshot.

    SMS Site Backup successfully initiated command file “afterbackup.bat”.

    Now I see a folder named “Tues” that contains last night’s backup.

    Scratch that off the todo list. Finally.