Script to remotely list Windows local administrator group membership


The following script can be run against remote Windows machines, and will enumerate the contents of the remote server’s local administrators group.

It requires Sysinternals PSExec utility, and must be run with administrative credentials.  Set the four paths to the correct locations for your workstation.

REM set path to PSexec on machine the script is being run from
Set PSExecDir=c:\pstools

REM Set file that contains the list of all your remote machines
Set InputFile=C:\servers.txt

REM Set path to file where administrator group membership is logged
Set OutputFile=C:\localadmins.txt

REM set path to error log file
Set ErrorFile=C:\errors.txt

for /f %%a in (%InputFile%) do (

echo *** Checking Server %%a *** >> %OutputFile%

%PSExecDir%\psexec \\%%a net localgroup administrators >> %OutputFile%

IF ERRORLEVEL 1 (echo Problem with obtaining local administrators on %%a >> %ErrorFile%)
)

Script to find and email files in a directory


I needed to write a batch file that would email some files, and could be run as a scheduled task.  I chose to use Blat as my email program, you can download it for free from SourceForge.

The batch file requirements were: 

1.  Had to email all the .xls files in one directory from the current date.  Luckily for me the date was in the file name, so I just had to find all files in the format *MMDDYY*.xls
 
2.  The emails had to be sent “To” some users, then “CC”d to others
 
3.  I could only use free software (no shareware) but could use our internal smtp replay server to send the mail through.
 
4. The Scheduled task that executes the script must run on a Windows 2003 server.
 
The following script is what I came up with.  I’ll go through it line by line, then post the entire thing at the end.
 
****************************************************
 
Here I’m getting the current date in the month month day day year year format, and saving it to a variable named search.  This can obviously be changed to meet your particular need
REM set search date variable in MMDDYY format for file search
REM set search to month-date-year for date formatting
for /f “Tokens=1-4 Delims=/ ” %%i in (‘date /t’) do set search=%%j%%k%%l
 
Adding a blank line to the log file ReportLog.txt since I like my logs nice and neat. Makes them easy to read.
echo. >> ReportLog.txt
 
Writing the date and time the script starts to the log file ReportLog.txt
echo %date% %time% Starting script >> ReportLog.txt
 
Using the variable search, which contains the current date, I’m getting a list of all .xls files from today and saving it in FileNames.txt
dir /b “\\server\share\%search%*.xls” > FileNames.txt
 
If there’s a problem retrieving the names of the files, write a message to the log file
IF ERRORLEVEL 1 (echo %date% %time%  problem with retrieving file names >> ReportLog.txt)
 
Using find /c to count how many files are in filenames.txt, and saving that number in the variable NUMFILES
for /f “tokens=3″ %%i in (‘find /v /c “SomeStringNotToBeFound” filenames.txt’) do set NUMFILES=%%i
 
If the variable NumFiles equals zero, there were no files found for today.  Skip to ZEROFILES to send an email alert
If %NUMFILES% EQU 0 GOTO ZEROFILES
 
If NUMFILES isn’t zero, then files exist that need to be emailed.  There may be more than one file, so we’re going to use a loop to process all the files listed in FileNames.txt
For /F “tokens=1-2* delims=” %%B IN (FileNames.txt) DO (
 
write the name of the file to the log file
echo file to email is %%B >> ReportLog.txt
 
Use blat.exe to send the email to addresses specified in tolist.txt
Use blat.exe to send emails as CC to addresses specified in cclist.txt
Attached file is listed at the end of the command
This command is all one line, it may wrap on the page
blat.exe -tf tolist.txt -cf cclist.txt -subject “Report %%B” -body “Here is the current report.” -server smtp.yourdomain.com -f sender@yourdomain.com -attach “\\server\share\%%B”
)
 
We’re done emailing the files, so skip over to WRITELOG
goto WRITELOG
 
Zero files were found, so we need to send an email alert
:ZEROFILES
 
write the name of the file to the log file, along with the date and time
echo %date% %time%  problem with retrieving number of current files >> ReportLog.txt
 
Use blat.exe to send an email alert to addresses specified in problist.txt
This command is all one line, it may wrap on the page
blat.exe -tf problist.txt -subject “Problem with Report” -body “Problem sending the current report.” -server smtp.yourdomain.com -f sender@yourdomain.com
 
Writing the date and time the script starts to the log file ReportLog.txt
:WRITELOG
echo %date% %time% Ending Script >> ReportLog.txt
 
****************************************************
 
The script in it’s entirely:
 
REM set search date variable in MMDDYY format for file search
REM set search to month-date-year for date formatting
for /f “Tokens=1-4 Delims=/ ” %%i in (‘date /t’) do set search=%%j%%k%%l
 
 
REM format ReportLog.txt
echo. >> ReportLog.txt
echo %date% %time% Starting script >> ReportLog.txt
 
 
REM Get the names of all log files for specified date, save to FileNames.txt
dir /b “\\server\share\%search%*.xls” > FileNames.txt
IF ERRORLEVEL 1 (echo %date% %time%  problem with retrieving file names >> ReportLog.txt)
 
REM Count how many files are in filenames.txt, put into %NUMFILES%
for /f “tokens=3″ %%i in (‘find /v /c “SomeStringNotToBeFound” filenames.txt’) do set NUMFILES=%%i
 
If %NUMFILES% EQU 0 GOTO ZEROFILES
 
REM loop when more than one file to be emailed
For /F “tokens=1-2* delims=” %%B IN (FileNames.txt) DO (
echo file to email is %%B >> ReportLog.txt
blat.exe -tf tolist.txt -cf cclist.txt -subject “Report %%B” -body “Here is the current report.” -server smtp.yourdomain.com -f sender@yourdomain.com -attach “\\server\share\%%B”
)
goto WRITELOG
 
:ZEROFILES
echo %date% %time%  problem with retrieving number of current files >> ReportLog.txt
blat.exe -tf problist.txt -subject “Problem with Hold Report” -body “Problem emailing the current hold report.” -server smtp.yourdomain.com -f sender@yourdomain.com
 
:WRITELOG
REM format ReportLog.txt
echo %date% %time% Ending Script >> ReportLog.txt
 
****************************************************

Howto automatically change the CD-ROM drive letter after running sysprep


I’m finalizing a Windows 2003 R2 build that will become our gold image, which will be the source of all new server deployments within our organization.  One challenge I had to overcome was getting the CD-ROM/DVD drive to be set to drive Z: after the syspreped image is cloned and booted.

Many people are familiar with changing drive letters within the Device Management tool aka devmgmt.msc.  I needed to automate this task so the CD-ROM drive, which shows up as drive D on my image after running sysprep, would be automatically set to drive Z.

To accomplish this, I needed three things:

  1. An entry in the [GuiRunOnce] section of my sysprep.inf file that calls a batch file after booting up the sysprep’ed image for the first time. 
  2. The batch file mentioned in step 1, changeletter.cmd runs diskpart.exe, with the parameters supplied in drives.txt
  3. The drives.txt file, which details the diskpart.exe commands that change the CD-ROM’s drive letter from drive D to drive Z.

The applicable portion on my sysprep.inf file:

[GuiRunOnce]
Command0=”C:\changeletter.cmd”

My changeletter.cmd file:

diskpart /s c:\drives.txt

My drives.txt file:

select disk 0
select volume d
assign letter z noerr

Put all these pieces together, and your CD/DVD drive should be changed to drive letter Z after booting up the sysprep’ed image.  Note that in the [GuiRunOnce] section of the sysprep.inf file, the part to the left of the equals sign is Command0, as is Command zero.  If you wanted to run additional scripts, the next would be Command1, followed by Command2, etc.

If you’re curious about diskpart.exe, check out the details on syntax in KB300415.

Find Windows system uptime from the command line


Here’s a quick and easy way of checking how long a Windows server or workstation has been up, via the command line.  It pipes the results of Net Statistics Workstation into find.  Run the following from a command prompt:

net statistics workstation | find /i “statistics since”

The results will look like

Statistics since 8/12/2009 11:08 PM

Which shows the machine has been up since 11:08pm on August 12, 2009.

.cmd script that determines if a directory is empty and sends email notification of status


I have an email archiving application on a Windows 2003 server that requires a lot more manual intervention than I prefer.  As the application moves the mail messages throughout it’s various directory queues, sometimes it experiences an event that causes processing to halt.  This results in a particular directory filling up until an administrator manually clears out the queues.  The last time this happened we had 75,000 files, 10GB worth of messages we had to remove and recover by hand.

This server is only monitored by SolarWinds, which has the ability to monitor a volume, by not a particular directory.  In the past the only time we knew there was a problem was when the volume filled up with backlogged messages.
 
I decided to implement a system that would periodically poll the queue directory and would send email notifications that the queue was empty, or that files were backlogged.  Because of our strict change control procedures I am unable to load any freeware monitoring solutions, so I needed to create my own via scripts.  Luckily V-Mailer, a freeware SMTP batch mailer is already approved for usage on our internal network, so I was able to utilize this software.
 
The script shown below, chksize.cmd, utilizes the built in DIR command to determine if the server’s e:\msw\internet\pending directory is empty.  
REM delete existing mailarch1file.txt file
if exist mailarch1file.txt del mailarch1file.txt

REM determine if files are queued using dir and output results to mailarch1file.txt
e:\msw\internet\pending /A-D /B  mailarch1file.txt

REM If mailarch1file.txt is empty (EQU 0), files are not queued
For %%R in (mailarch1file.txt) do if %%~zR EQU 0 goto nofiles

REM delete existing results.txt file if exist results.txt del results.txt
REM combine message file mailarch1fail.txt with results of mailarch1file.txt into results.txt
copy /B mailarch1fail.txt + mailarch1file.txt results.txt

REM email notification that files are queued in directory e:\msw\internet\pending
REM notification to technical support using vmailer.exe that mailarch1 may be failing
vmailer.exe results.txt 172.17.61.83 mailadmin@domain.corp mailarch1@domain.corp
goto exitscript

:nofiles
REM email notification no files are queued in directory
REM notification to technical support using vmailer.exe that mailarch1 is okay
vmailer.exe mailarch1isok.txt 172.17.61.83 mailadmin@domain.corp mailarch1@domain.corp

:exitscript
REM exit script
exit

If the DIR command’s output file mailarch1file.txt is empty, a notification text file mailarchisok.txt is emailed to myself that states the server is okay.   

If the output file is not empty, the results of mailarch1file.txt is concatenated with a text file mailarchfail.txt that states the server may be failing.  Because V-Mailer does not really handle attachments, I have to combine the results text file with the notification text file into results.txt, which is an ugly but effective method.
Here is my mailarch1fail.txt file, which is pre-formatted for use with V-Mailer
To: mailadmin@domain.corp
From: mailarch1@domain.corp
Subject: mailarch1 may be failing

mailarch1 DOES have messages queued in the E:\MSW\Internet\PENDING directory
Here is my mailarch1isok.txt file, which is pre-formatted for use with V-Mailer
To: mailadmin@domain.corp
From: mailarch1@domain.corp
Subject: mailarch1 is okay

mailarch1 DOES NOT have messages queued in the E:\MSW\Internet\PENDING directory

Finally, I used the Windows schtasks command line utiliy to run c:\chksize.cmd daily at 4pm.  The task, named chksize4pm runs as as the service@domain.corp user with a password of 3rv1c3. 
This is a single command that may have wrapped in your browser.
schtasks /create /S \\mailarch1 /U service@domain.corp /P $3rv1c3 /SC Daily /TN chksize4pm /TR c:\chksize.cmd /ST 16:00
Follow

Get every new post delivered to your Inbox.

Join 32 other followers