Category Archives: Windows Scripts

Sample Script to manage Windows

Powershell: List members of an Active Directory Group

Hi,

here are the code snippets to list all members of an Active Directory Group.

Some constants

# Define LDAP search root, the Global catalog of the domain
$sLDAPSearchRoot="LDAP://yourDomain.com:3268"
# The Groupname to looking for
$sGroupName="USR_GRP_IN_AD"

Continue reading Powershell: List members of an Active Directory Group

Advertisment to support michlstechblog.info

Windows: Initate a kernel memory dump

Hi,

for deeper inspection of Windows it is sometimes necessary to get a memory dump of the machine to analyse these output with tools like volatility .

There are several ways to provoke windows to write a dump.
Continue reading Windows: Initate a kernel memory dump

VMware: PowerCli Scripts in native Powershell

Hi,

when you want to execute your PowerCli script you have to start the “VMware vSphere PowerCLI” shell before. But, for example Schedule Tasks, it whould be nice that the script load the PowerCli environment itself. Then you simply have to start your script like this

%Systemroot%\System32\WindowsPowerShell\v1.0\powershell.exe -File YourPowerCliScript.ps1

To load the PowerCli script Environent in your powershell script add this lines at the top of your script.
Continue reading VMware: PowerCli Scripts in native Powershell

Windows: Powershell script to fix and repair WMI

Hi,

this script repairs and recreates the WMI Repository of a Windows. For example, this occurs sometimes if you clone a Windows machine with an installed SCCM/SMS Client. The typical error in this case is “Failed to open to WMI namespace ‘\\.\root\CCM\SoftwareUpdates\DeploymentAgent’ (8007045b)”

Lasts start. Start a Powershell console as Administrator. Stop all services. Sometimes other services depends on the WMI Service and does not accept a stop request. Therefore you cannot stop the WMI service. TrendMicro Office is such a service. You have to kill them by TaskManager.

# Stop WMI
# Only if SCCM/SMS Client is installed. Stop ccmexec.
Stop-Service -Force ccmexec -ErrorAction SilentlyContinue
Stop-Service -Force winmgmt

(Re)Register WMI binary components

[String[]]$aWMIBinaries=@("unsecapp.exe","wmiadap.exe","wmiapsrv.exe","wmiprvse.exe","scrcons.exe")
foreach ($sWMIPath in @(($ENV:SystemRoot+"\System32\wbem"),($ENV:SystemRoot+"\SysWOW64\wbem"))){
	if(Test-Path -Path $sWMIPath){
		push-Location $sWMIPath
		foreach($sBin in $aWMIBinaries){
			if(Test-Path -Path $sBin){
				$oCurrentBin=Get-Item -Path  $sBin
				Write-Host " Register $sBin"
				& $oCurrentBin.FullName /RegServer
			}
			else{
				# Warning only for System32
				if($sWMIPath -eq $ENV:SystemRoot+"\System32\wbem"){
					Write-Warning "File $sBin not found!"
				}
			}
		}
		Pop-Location
	}
}

Reregister WMI Managed Objects
Continue reading Windows: Powershell script to fix and repair WMI

Powershell: Check for Administrator rights

Hi,

for a lot of powershell scripts Administrator permissions are necessary. In powershell, you can check if you are elevated by the following script code.
Insert the snippet at the top of your script. It checks the credentials and exits the script if the administrator permissions are missing.
Continue reading Powershell: Check for Administrator rights