At the companies I’ve worked for , disk space on the system disk ran out on a regular basis for some systems and caused a lot of monitor calls. These kind of boring repetitive tasks are always the ones you want to automate.
So when I came across the great blog post “Weekend Scripter: Use PowerShell to Clean Out Temp Folders” on the “Hey, Scripting Guy! Blog”, I wanted to post it on my own blog as well. The blog post also describes the process of creating the script very well, which is very convenient for those who are relatively new to PowerShell to scripting and want to learn how to do it better.
If you want to take it even a step further, you could automate it even more. By example by automatically running the clean script when an event is generated that the disk is running out of space. You can configure this using by example:
Or you could use PowerShell remoting to do it on many systems at the same time. This could come in handy by example when after WSUS patching the content in “C:\Windows\SoftwareDistribution\Download” is not deleted automatically.
Like this:
Like Loading...
Tags: automation, clean, disk full, disk running out of space, disk space, Event, Powershell, SCOM, Script, Scripting, System Center Configuration Manager, temp, temporary, temporary files
Microsoft has released the Security Compliance Manager 3.0 (SCM). This version includes support for Windows Server 2012, Windows 8, and Internet Explorer 10.
SCM enables you to quickly configure and manage computers and your private cloud using Group Policy and Microsoft System Center Configuration Manager. It provides ready-to-deploy policies and DCM configuration packs based on Microsoft Security Guide recommendations and industry best practices, allowing you to easily manage configuration drift, and address compliance requirements for Windows operating systems and Microsoft applications.
Basically in SCM 3.0 you can use predefined baselines, customize them or create completely new ones. Then you can export it from SCM 3.0 and apply it using an Active Directory GPO. To do this, create a new GPO in Group Policy Management, right click the GPO, import settings and complete the wizard.
You can also export existing GPO and then import it into SCM 3.0 and compare the differences.
Like this:
Like Loading...
Tags: Active Directory, AD, best practice, ConfigMgr, DCM configuration, GPO, Internet Explorer 10, policies, policy, Private Cloud, SCCM, SCM, SCM 3.0, Security Compliance Manager, Security Compliance Manager 3.0, settings, System Center Configuration Manager, System Center Configuration Manager 2007, System Center Configuration Manager 2012, Windows, Windows 8, Windows Server 2012
I created this script to automate extracting English only MSP files from CAB files in the SCOM 2012 Update Rollup 3 (UR3) files. By default it will delete extracted non-English versions. With some minor modifications it can be used for any CAB file though, not just SCOM 2012 Update Rollup 3. It includes a lot of comments, so it is manageable and can be used for getting to know PowerShell better.
SCOM 2012 Update Rollup 3 can be downloaded here : http://catalog.update.microsoft.com/v7/site/search.aspx?q=2750631
The issue with SCOM 2012 Update Rollup 3 is that after downloading you’ll end up with a total of 41 CAB files. The large number of files is because they are for different components and in multiple languages. And what is even worse, is that the file names do not show which file is for which language.This script will extract all cab files to a subfolder and will then removes the non English ones. Below are some of the example files in Update Rollup 3 to give you an idea about the nondescriptive file names:
- all-kb2750631-amd64-console_1af57997fba722cdd3dfe4b2ddb4b8d8d829dd6f.cab
- all-kb2750631-amd64-console_3d61c9e090622b2b59ee8bf7b13b922e815bdf15.cab
- all-kb2750631-amd64-console_494a77ddaa09206f8f61ecdfb2edfcd1e82a497c.cab
- all-kb2750631-amd64-console_69bb307dbd450cfd8b732c2ac3845c9870bdc6d0.cab
- all-kb2750631-amd64-console_71c65fc2ded6769edbf610958780b5a8ac374f8c.cab
Deploying SCOM 2012 components and updates to them can be done in multiple ways: http://technet.microsoft.com/en-us/library/hh551142.aspx
Most of the work while updating will probably be updating the agents. Basically for SCOM 2012 there are 2 major ways to install agents:
- Push installation (initiated from SCOM 2012). Updates can then also be deployed from within SCOM (Remotely Manageable = Yes). Push installation is often preferred, because it is easy and also allows you to push updates to clients from within SCOM 2012. The downside however is that it also requires a lot of open ports (including RPC) which might not always be acceptable: http://support.microsoft.com/kb/2566152. Push install and update install can also consume a lot of bandwidth and depending on your architecture (b.e. WAN links), the push install might not be the best way.
- A manual installation (anything that is not a push installation). Updates cannot be deployed from within SCOM (Remotely Manageable = No). Manual installation includes running setup manually, using a GPO software install or using deployment tools like System Center Configuration Manager). Using the GUI, you cannot simply set an agent back to remotely manageable = Yes. You can change this in SQL though, but keep in mind that connectivity requirements still need to be met.
With Update Rollup 3, it is now possible to leverage WSUS / Microsoft Update to deploy updates (not the inital agent) to all SCOM 2012 components. I predict this will probably become the preferred way of updating SCOM 2012 for most companies:
+ It does not require many ports on your firewall to be opened.
+ Better bandwidth management (local WSUS, BranchCache, BITS).
+ Auto detects components on systems (component updates are not forgotten).
+ Still in control of when which updates are deployed/approved.
+ Leverage existing patch/update management procedures and systems WSUS/SCCM (standardization).
– Initial agent installation cannot be performed using WSUS.
PS: Also check these great blog posts when deploying Update Rollup 3:
Like this:
Like Loading...
Tags: Background Intelligent Transfer Service, BITS, BranchCache, CAB, cab files, decompress, extract, ICT, manual install, Microsoft, Microsoft System Center Operations Manager 2012, Microsoft Update, operations management, operations manager, Operations Manager 2012, OpsMgr, OpsMgr 2012, OpsMgr 2012 Update Rollup 3, OpsMgr2012, Patch Management, Powershell, push install, Remotely Manageable, rollup, SCCM, SCOM, SCOM 2012, SCOM 2012 Update Rollup 3, SCOM2012, service pack, System Center, System Center Configuration Manager, System Center Operations Manager, System Center Operations Manager 2012, testing environment, Update Management, update rollup, Update Rollup 3, WSUS
Last week I got a beta exam invite for exam “70-688 Managing and Maintaining Windows 8” (in beta it is 71-688). As with most beta exams lately, you only have max two weeks to prepare and there are no books available yet that you can use to study. Therefore I start with looking at what skills are being measured and if there are preparation guides available. From there on I start looking for relevant learning resources for each subject and adding them to the skills that are being measured for easy future reference.
I hope it is useful for you as well.
Read the rest of this entry »
Like this:
Like Loading...
Tags: 070-688, 071-688, 70-688, 71-688, ACT, Action center, AEM, Agentless Exception Monitoring, App-V, App-V 5.0, application compatibility toolkit, application reputation, Application Virtualization, Applocker, asset, asset inventory, authentication, Azure, backup, bcdboot, bcdedit, Beta, biometrics, BitLocker, BranchCache, certificate, client hype-rv, CMAK, computer inventory report, ConfMgr, ConfMgr 2012, ConfMgr2012, Connection Manager, Connection Manager Administration Kit, DaRT, DaRT 8, DCA, DEM, deployment strategy, Desktop Error Monitoring, Diagnostic and Recovery Toolkit, DirectAccess, DirectAccess Connectivity Assistant, disk image, disk image backup, DISM, DNSSEC, domain, EAS, EFS, EHD, Encrypted Hard Drive, Encrypting File System, Endpoint Protection, Exam, Exchange Active Sync, Exchange Activesync, file history, find and fix problems with devices, Firewall, folder redirection, group policy, hardware, hardware and devices troubleshooter, high-touch, Hyper-V, image, IPv4, IPv6, Learning, learning resource, learning resources, lite-touch, Live Mesh, live service, live services, LiveMesh, local account, Managing and Maintaining Windows 8, MBAM, MDOP, MDOP 2011 R2, metered network, metering, metro application, microsoft account, Microsoft Application Virtualization, Microsoft Azure, Microsoft Bitlocker Administration and Monitoring, Microsoft Desktop Optimization Pack, migrate, migration, mobile, mobile device, mobile device management, multifactor authentication, name resolution, native boot, Near Field Communication, network, network metering, NFC, off-network, Office 365, Office 365 Desktop Setup, offline files, Packaged App, PC refresh, PC reset, picture password, Powershell, PowerShell Remoting, prep guide, preparation, preparation guide, prepare, print management, printer, rdp, RDS, Recimg, Recimg.exe, recovery drive, recovery media, remote access, remote desktop protocol, Remote Desktop Services, Remote Server Administration Tools, RemoteApp, removable storage devices, report, roaming profiles, roaming user profiles, RSAT, SCCM 2012, SCCM2012, Secure SIM, security, shim, sideload, sideloader, Skydrive, Skydrive Pro, smart card, Software Restriction Policies, SRP, Storage Spaces, study, Sync center, System Center, System Center 2012, System Center 2012 Endpoint Protection, System Center 2012 Endpoint Protection client, System Center Configuration Manager, System Center Configuration Manager 2012, System Center Desktop Error Monitoring, System Center Endpoint Protection, system restore, trust, trust relationship, Trusted PC, two-factor authentication, UE-V, upgrade, upgrade path, User Experience Virtualization, user state migration tool, usmt, VDI, vhd, Virtual Desktop Infrastructure, virtual hard disk, virtualization, VPN, wet, Windows, Windows 7 file recovery, Windows 8, windows 8 application, Windows 8 FIle History, Windows 8 Image, Windows 8 PC refresh, Windows 8 PC reset, windows 8 upgrade path, Windows Azure, Windows Defender, windows easy transfer, Windows Firewall, Windows Intune, Windows Recovery Environment, Windows store, Windows To Go, Windows Update, wireless, workgroup, WRE, WSUS, zero-touch