Live from TechEd 2006

Ha!

Anyway, here we are at the TechEd conference 2006… my first major geek convention. Free backpacks, giveaways, freebies, and MS TechEd 2006 water bottles. Actually, I am pretty excited.

I am waiting for the “Scripting for IT Pros who can’t write code” class to begin. Speaker is Corey J. Hynes of HynesITe, Inc.

First interesting thing… the PPT slides on the screen were loaded from a desktop that was labeled “PPT Server”. Is there such a thing? Perhaps that is something we should look into for Professors and Execs. If nothing else, we could easily sell Sharepoint as a PPT server as an initial justification.

Note: It was a link to a Sharepoint Document Library, duh. I guess it had not occured to me how convenient Sharepoint would be from a presenter’s perspective.

Script – cleaning up inactive computer objects

Here is another weenie script that I put together to clean up expired computer objects in our AD domain.  Afer some experimantiation, I settled on using the "oldcmp.exe" tool from the excellent www.joeware.com site, rather than a combination of "dequery" "dsrm" and "dsmod" commands.  The reason for going third-party here is that I could not find a particularly elegant way of handling error codes from dsmod and dsrm.  If my "dsquery" returned no results, then "dsmod" gets upset and returns a non-zero error code.  I then need so fancy "IF" statements to handle all possible error codes of interest.  Oldcmp is just cleaner in this regard, and makes more useful output to boot.

Anyway, here is the code: 

REM Inactive Computer Object Cleanup Script
REM v1.0
REM JGM, 2006-06-05

:start
@ECHO off
ECHO Inactive Computer Object Cleanup Script Report > .\logs\inactive_cmp_cleanup.rpt
ECHO= >> .\logs\inactive_cmp_cleanup.rpt

REM Each of the next six IF commands will exit the script to a line-specific error report script section.  The condition for determining that an error has occured is if the %errorlevel% variable returned by a command does not equal zero.
REM Disables inactive computers using the following criteria:
REM Default "Workstation" OU: Inactive for 26 weeks (1/2 year), "RIS-Workstations" OU: Inactive for 4 weeks (~1 months), all objects in "Resources" OU: Inactive for 26 weeks (3/4 year)
oldcmp -disable -unsafe -forreal -age 183 -format csv -delim TAB -llts -nolc -b ou=workstations,dc=campus,dc=ad,dc=uvm,dc=edu -file .\logs\wksDisRpt.tsv > .\logs\inactive_cmp_cleanup.log
IF %ERRORLEVEL% NEQ 0 THEN goto wksDisEr
oldcmp -disable -unsafe -forreal -age 30 -format csv -delim TAB -llts -nolc -b ou=ris-workstations,ou=cit,dc=campus,dc=ad,dc=uvm,dc=edu -file .\logs\risDisRpt.tsv >> .\logs\inactive_cmp_cleanup.log
IF %ERRORLEVEL% NEQ 0 THEN goto risDisEr
oldcmp -disable -unsafe -forreal -age 183 -format csv -delim TAB -llts -nolc -b ou=resources,dc=campus,dc=ad,dc=uvm,dc=edu -file .\logs\resDisRpt.tsv >> .\logs\inactive_cmp_cleanup.log
IF %ERRORLEVEL% NEQ 0 THEN goto resDisEr

REM Removes inactive computers using the following criteria:
REM Default "Workstation" OU: Inactive for 39 weeks (3/4 year), "RIS-Workstations" OU: Inactive for 13 weeks (~3 months), all objects in "Resources" OU: Inactive for 39 weeks (3/4 year)
oldcmp -delete -unsafe -forreal -age 274 -format csv -delim TAB -llts -nolc -b ou=workstations,dc=campus,dc=ad,dc=uvm,dc=edu -file .\logs\wksDelRpt.tsv >> .\logs\inactive_cmp_cleanup.log
IF %ERRORLEVEL% NEQ 0 THEN goto wksDelEr
oldcmp -delete -unsafe -forreal -age 90 -format csv -delim TAB -llts -nolc -b ou=ris-workstations,ou=cit,dc=campus,dc=ad,dc=uvm,dc=edu -file .\logs\risDelRpt.tsv >> .\logs\inactive_cmp_cleanup.log
IF %ERRORLEVEL% NEQ 0 THEN goto risDelEr
oldcmp -delete -unsafe -forreal -age 274 -format csv -delim TAB -llts -nolc -b ou=resources,dc=campus,dc=ad,dc=uvm,dc=edu -file .\logs\resDelRpt.tsv >> .\logs\inactive_cmp_cleanup.log
IF %ERRORLEVEL% NEQ 0 THEN goto resDelEr

goto noErr

REM Following six sections will append a section-specific error message to the report file, then exit to the "errRpt" section of the script.
:wksDisEr
ECHO Something went terribly wrong in the workstation OU disable process >> .\logs\inactive_cmp_cleanup.rpt
goto errRpt
:risDisEr
ECHO Something went terribly wrong in the RIS-Workstations OU disable process >> .\logs\inactive_cmp_cleanup.rpt
goto errRpt
:resDisEr
ECHO Something went terribly wrong in the Resources OU disable process >> .\logs\inactive_cmp_cleanup.rpt
goto errRpt
:wksDelEr
ECHO Something went terribly wrong in the workstation OU deletion process >> .\logs\inactive_cmp_cleanup.rpt
goto errRpt
:risDelEr
ECHO Something went terribly wrong in the RIS OU deletion process >> .\logs\inactive_cmp_cleanup.rpt
goto errRpt
:resDelEr
ECHO Something went terribly wrong in the Resources OU deletion process >> .\logs\inactive_cmp_cleanup.rpt
goto errRpt

:errRpt
REM Append the script log to the error report, set status of the script to "FAILED"
ECHO Errors were reported.  Analyze the logs below for clues. >> .\logs\inactive_cmp_cleanup.rpt
SET ScriptStat=FAILED
goto mailRpt

:noErr
REM Append a 'no error' message to the report file, set script status to "SUCCESS"
ECHO No errors were reported in the process.  Activity report follows: >> .\logs\inactive_cmp_cleanup.rpt
SET ScriptStat=SUCCESS
goto mailRpt

:mailRpt
REM Append the reports from each "oldcmp" run into the consolidated report:
type .\logs\inactive_cmp_cleanup.log >> .\logs\inactive_cmp_cleanup.rpt
REM use external "blat" tool to mail the generated report file to concerned parties:
blat .\logs\inactive_cmp_cleanup.rpt -to jgm@uvm.edu,gcd@uvm.edu,pjp@uvm.edu -subject "%ScriptStat% - Inactive Computer Account Cleanup Script"

:end
ECHO All done!

Sharepoint Services v3

In addition to looking at Project Server 2007 (which looks overly complicated… and still required IE for full-featured web access… bleagh!), I have been eyeballing STS3, the next version of Sharepoint.

Very Cool!

Here are some first impressions/highlights:

  • Default template for Blogs and Wikis
  • The Wiki resembles MediaWiki (it uses the same [[link]] syntax.  The Blog looks much like any other Blog, but with the in-line posting and editing features that make Sharepoint so easy to use.  The addition of Single sign-on and Directory Services integration make the service even easier to manage.
  • Directory lookup tool for groups and users (you no longer need to know the NetID or department group name)
  • Incoming mail support (errgh… this is going to get ugly… people will want this feature and it does not appear to work without Exchange!)
  • Installing Project Server 2007, Beta 2

    I have brought up a new test server to give Project Server 2007 a whirl. Here are some of the gotchas in the install process:

    • Install required "Windows Workflow Foundation, Beta2". I downloaded v2.2 from here:
      http://www.microsoft.com/downloads/details.aspx?familyid=5C080096-F3A0-4CE4-8830-1489D0215877&displaylang=en
    • Also required is ASP.NET 2.0, which is installed with the .NET Framework 2.0 components (available on Microsoft Update, or as a standalone installer. Apparently my .NET 2.0 was damaged, so I ran a repair install. After ensuring that ASP.NET was enabled in IIS, the Project Server installer now runs without complaint.
    • Project Server has an "all in one box" installation option. This installs and configures Sharepoint Services 3.0 and SQL 2005 Express Edition. It works surprisingly well!

    Also note that the test server performing miserably.  I have expanded the VM memory to 1Gb, and performed the following steps to expand the virtual drive:

    •  execute: vmware-vdiskmanager -x 15Gb <Path to.vmdk file>
    • Boot to BartPE CD with Paragon Partition Manager, expanded system drive.

    Ximage success

    I finally was able to generate an image of my Win2k3 VMWare reference system using Ximage (soon to be renamed “ImageX”).

    In the past I had many problems, although not strictly related to the utility itself:

    • Networking in VMWare workstation for the WinPE 2.0 beta in the Vista AIK will not function! Apparently this is a driver issue. There is a bug registered in the Vista beta program, but I never did follow up on it.
    • Networking in WinPE 1.5 did work, roughly speaking, but getting it all to function was like pulling teeth. WinPE 1.x kinda bites (not very user friendly)
    • BartPE networking works great! Unfortunately, getting the “C:” drive to mount on my VMware Workstation instance was a bit more difficult. Some forum hopping revealed that others who attempt to use Server 2003 SP1 as the source for the WinPE build also have this problem. By changing the source to Server 2003 RTM, I am now able to mount the C: drive, and thus run XImage.exe.

    XImage throughput was comperable to Ghost 8, and achieved almost identical compression ratios. CLI syntax is pretty straightforward. I think we have a winner…

    WinSSHD software deployment – scripted

    The Catalyst team asked me to evaluate and install an SSH/SFTP/SCP service for them on all of the CATXXX Windows servers. After some evaluation and testing, we settled on bitvise WinSSHD. To “save time” I decided to try scripting the install.

    Here is the process that I came up with:


    for /f %%s in (catserv.txt) do copy /v /y c:\install\WinSSHD-Inst.exe \\%%s\c$\install\WinSSHD-Inst.exe
    for /f %%s in (catserv.txt) do copy /v /y c:\install\cat_config.wst \\%%s\c$\install\cat_config.wst
    c:\local\bin\psexec.exe @catserv.txt "c:\install\WinSSHD-Inst.exe" -site=WinSSHD -acceptEULA -activationCode=[insertCodeHere] -settings=c:\install\cat_config.wst
    for /f %%s in (catserv.txt) do sc \\%%s start winsshd
    for /f %%s in (catserv.txt) do sc \\%%s query winsshd | find /i "running" >> isrunning.txt

    Note that this script required a few files to be in place before execution:

    1. Sysinternals “psexec.exe” must be in place in “c:\local\bin”.
    2. The WinSSHD installer must be located in “c:\install”
    3. A WinSSHD server configuraiton file named “cat_config.wat” must be in place in “c:\install”
    4. This script and the catserv.txt file must be present in “c:\local\scripts”. The catserv.txt file contains a simple list of the servers to which WinSSHD will be installed.