1 / 33

Scripting Tips for Windows Administrators and commands you should know about

Who am I?. John KelbleyInfrastructure Technology SpecialistMicrosoft New England. Topics. Scripting Technology OverviewCool Commands You Need to Know AboutEspecially WMICScripting vs Command line (WMIC)Scripting Resources I Use and LikeVirtual Server 2005 and Scripting (as time permits).

eze
Download Presentation

Scripting Tips for Windows Administrators and commands you should know about

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    2. Scripting Tips for Windows Administrators (and commands you should know about) John Kelbley Product Technology Specialist Microsoft Corporation

    3. Who am I? John Kelbley Infrastructure Technology Specialist Microsoft – New England

    4. Topics Scripting Technology Overview Cool Commands You Need to Know About Especially WMIC Scripting vs Command line (WMIC) Scripting Resources I Use and Like Virtual Server 2005 and Scripting (as time permits)

    5. What’s all this talk about scripting? What’s “Scripting” Writing non-compiled, easy to edit code to automate tasks Stringing commands together in a .bat file is scripting!

    6. Why does scripting get a bad rap? Lots of books and languages for different applications that are USELESS if you don’t need them Administrators don’t need VBS / Jscript for web development books There’s NO specific book on what YOU do at YOUR job that needs to be automated via scripts!

    7. Key Scripting Terms (for Windows) WSH – Windows Script Host WScript vs CScript (demo) ADSI – Active Directory Service Interface WMI – Windows Management Instrumentation

    8. Key Scripting Solutions (for Windows) Batch files (purist would argue) VBScript / VBS / Visual Basic Script Engine built into WSH, similar syntax to Visual Basic Runs interpreted Jscript Engine built into WSH, similar syntax to Java (and C) Runs interpreted, VS .Net has compiler Perl Supported by WSH (not built in) http://www.activestate.com Similar syntax to C, has downloadable “header” files Compiles on first execution (or before) Ports easily to other platforms (UNIX)

    9. You Want more Script Support… Check out SFU (Services for UNIX 3.5) SFU is FREE!!!! Comes PACKED full of cool UNIX stuff Interix subsystem, NFS, NIS, awk, grep, sed, tr, cut, tar…, Password Sync with UNIX! Active State Perl included in package You could download it for free from ActiveState already If you are serious about Perl, buy upgrade from ActiveState, it is worth it! KornShell C Shell

    10. Changing gears for a few minutes… Here’s some way cool commands you need to know, and why… Vrfydsk – Chkdsk a drive WHILE its in use ForFiles – Quick & easi loop though files and take action EventTriggers – when something happens – LET ME KNOW!!!! WMIC – See almost everything - do lots too!

    11. VrfyDsk Tool to check consistency and integrity of file system (FAT or NTFS) Creates & displays status report for volume based on file system VrfyDsk cannot correct issues– to correct errors, run Chkdsk in fix mode Uses the Volume Shadow Copy service (VSS) to create shadow copy, then check file system for shadow copy

    12. VrfyDsk – Example Output C:\>vrfydsk c: /v /i /c Attempting to create shadow copy of \\?\Volume{9347f443-a0da-11d7-956a-806e6f6e6963}\. Shadow copy creation succeeded on \\?\Volume{9347f443-a0da-11d7-956a-806e6f6e6963}\. The device is \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy5 Assigning drive letter Z: to device \Device\HarddiskVolumeShadowCopy5 (shadow copy of volume \\?\Volume{9347f443-a0da-11d7-956a-806e6f6e6963}\ ) Invoking chkdsk on drive Z: (shadow copy of volume \\?\Volume{9347f443-a0da-11d7-956a-806e6f6e6963}\ ) ... The type of the file system is NTFS. WARNING! F parameter not specified. Running CHKDSK in read-only mode. WARNING! I parameter specified. WARNING! C parameter specified. Your drive may still be corrupt even after running CHKDSK. CHKDSK is verifying files (stage 1 of 3)... File verification completed. CHKDSK is verifying indexes (stage 2 of 3)... Index verification completed. CHKDSK is verifying security descriptors (stage 3 of 3)... Cleaning up 184 unused index entries from index $SII of file 9. Cleaning up 184 unused index entries from index $SDH of file 9. Cleaning up 184 unused security descriptors. Security descriptor verification completed. 39070048 KB total disk space. 18156012 KB in 69973 files. 23272 KB in 6912 indexes. 0 KB in bad sectors. 146860 KB in use by the system. 65536 KB occupied by the log file. 20743904 KB available on disk. 4096 bytes in each allocation unit. 9767512 total allocation units on disk. 5185976 allocation units available on disk. Cleaning up shadow copy of volume \\?\Volume{9347f443-a0da-11d7-956a-806e6f6e6963}\. Unassigning drive letter Z: from device \Device\HarddiskVolumeShadowCopy5.

    13. ForFiles Selects files in a folder or tree for batch processing Syntax forfiles [/p Path] [/m SearchMask] [/s] [/c Command] [/d[{+ | -}] [{MM/DD/YYYY | DD}]] Use /? on command line for assistance – GUI help has lots of good examples but the “date” syntax is wrong! Examples To list all of the batch files on drive C:, type: forfiles /p c:\ /s /m *.bat /c "cmd /c echo @file is a batch file" To list all of the directories on drive C:, type: forfiles /p c:\ /s /m *.* /c "cmd /c if @isdir==true echo @file is a directory“ To list all of the files older than 100 days on drive C:, type: forfiles /p c:\ /s /m *.* /d -100 /c "cmd /c echo @file : date >= 100 days" To list all of the files older than January 1, 1993 on drive C:, and then display "file is quite old!" for files with a date older than 01/01/1993, type: forfiles /p c:\ /s /m *.* /d -01/01/1993 /c "cmd /c echo @file is quite old!” To list all of the extensions of all of files on drive C: in column format, type: forfiles /p c:\ /s /m *.* /c "cmd /c echo extension of @file is 0x09@ext0x09“ To list all of the MP3’s on drive C:, type: forfiles /p c:\ /s /m *.mp3 /c "cmd /c echo @file is a Music file“ To list all of the MP3’s on drive C:, type: forfiles /p c:\ /s /m *.mp3 /c "cmd /c del @path"

    14. EventTriggers Displays and configures event triggers on local or remote machines. To view the command syntax, click a command: “eventtriggers /create” creates a new event trigger that monitors / acts on log events of given criteria Syntax eventtriggers[.exe] /create [/s Computer [/u Domain\User [/p Password]]] /tr TriggerName [/l [APPLICATION] [SYSTEM] [SECURITY] ["DNS Server"] [LOG] [DirectoryLogName] [*] ] {[/eid ID] | [/t {ERROR | INFORMATION | WARNING | SUCCESSAUDIT | FAILUREAUDIT}] | [/so Source]} [/d Description] /tk TaskName Examples eventtriggers /create /tr "Disk Cleanup" /l system /t error /tk c:\windows\system32\cleanmgr.exe eventtriggers /create /s srvmain /u maindom\hiropln /p p@ssW23 /tr "Low Disk Space" /eid 4133 /t warning /tk \\server\share\diskcleanup.cmd eventtriggers /create /s srvmain /user maindom\hiropln /p p@ssW23 /tr "Disk Backup" /eid 4133 /l system /t error /tk \\server\share\ntbackup.exe Other key things to know eventtriggers /delete eventtriggers /query

    15. WMI Scripting

    16. WMIC WMI is cool…but you need to write lots of scripts some times (yuck) WMIC is way cool! Available on Windows XP and Windows Server 2003 Access lots of stuff that’s WMI’ed Event Logs, QFE’s, hardware info, other Can loop through a file list of systems! Output as text, CSV, or even HTML!

    17. WMI Command-Line (WMIC)

    18. WMIC Demo

    19. WMIC Test Drive Cool document available at: http://www.AdminAttic.com/Downloads Walks you though a lot of the capabilities of WMIC Create web pages of “stuff” from a list of servers in a text file (ex. AD rep issues) /output:c:\test.html NTEVENT WHERE "Logfile='Application' and TimeGenerated>'2003.10.07' and EventType<'2'" GET Message,SourceName,TimeGenerated /format:htable.xsl

    20. Patch Management – Scripts You ever want to find out which systems in a domain had a specific patch, but couldn’t look in SMS? You ever want to find out which patches a system had loaded, but were too tired to click on “Control Panel?

    21. Dumping QFE’s for a System Local System WMIC QFE WMIC /output:c:\test.csv qfe get /all /format:csv WMIC /output:c:\test.html qfe get /all /format:htable.xsl Remote System WMIC /node:CompName QFE List of Systems WMIC /node:@file.txt QFE

    22. How to get a list of systems… Here’s a few thoughts… Type it (if you are only doing a few boxes) AD Users & Computers AD – CSVDE DNS (nslookup zone transfer) WINS dump Hyena (neat tool) …or with a script!!!!!

    23. My HUGE Domain Dump Script Dim Domain Domain = "northamerica" set objDomain = GetObject("WinNT://" & Domain) objDomain.GetInfo if objDomain.PropertyCount > 0 then objDomain.Filter = Array("Computer") for each objItem in objDomain WScript.Echo objItem.Name next else WScript.Echo Domain & ": Cannot connect to domain" end if

    24. Want to See What’s Up With Your Servers? How would you look in the event log? Check each one manually Use MOM Best solution – has log “persistence” Gets all your data! Trigger on events – send a page, e-mail, whatev Write a BIG script (yuck!) Write a little batch file using WMIC!!!!

    25. My Huge Server Monitor Batch File DoItAll.bat walk through

    26. A word about QFE checking via WMI It’s a great way to look for QFE’s, but… There’s this little bug in Windows 2000 SP2 that shows up...“WMI Win32_QuickFixEngineering Queries Cause Winmgmt Process to Hang” Check http://support.microsoft.com/default.aspx?scid=kb;en-us;279225 for more information (KB279225)

    27. How to do the same WMIC “one command thing” in 3 pages of VBS… DumpQFE.VBS walk through http://www.adminattic.com/Downloads/QFE.zip

    28. 3 pages of VBS you want – scan for a specific patch.. CheckQFE.VBS walk through http://www.adminattic.com/Downloads/QFE.zip

    29. The ScriptoMatics! They slice, they dice, they generate the code you need!

    30. These Scripts and commands are nice, but… They are not a replacement for a secure network They only help you assess Systems that are on Systems you happen to have rights to They need care and feeding Have to be “hand crafted” Output requires interpretation

    31. Books to Check Out Microsoft® Windows® 2000 Scripting Guide http://www.microsoft.com/MSPress/books/6417.asp

    32. Scripting Sites I like… All languages (VBS, Jscript, Perl, Batch – hard to navigate, but worth it) NetReach http://cwashington.netreach.net/main/default.asp?topic=news hit script depot icon VBScript Microsoft Technet (duh) Windows 2000 Scripting Guide http://www.microsoft.com/technet/treeview/default.asp?url=/technet/scriptcenter/scrguide/sagsas_overview.asp Script Center http://www.microsoft.com/technet/treeview/default.asp?url=/technet/scriptcenter/default.asp SCRIPT CENTER EXAMPLES ALL IN ONE FILE!!!! A MUST HAVE!!!! http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=B4CB2678-DAFB-4E30-B2DA-B8814FE2DA5A SCRIPTOMATIC (WMI) I used it for this demo! http://www.microsoft.com/technet/treeview/default.asp?url=/technet/scriptcenter/tools/wmimatic.asp ADSI SCRIPTOMATIC http://www.microsoft.com/technet/treeview/default.asp?url=/technet/scriptcenter/tools/admatic.asp Perl Active State http://www.activestate.com/ Roth Consulting http://www.roth.net/perl/scripts/

More Related