Category : Powershell

Another way to check Update Installed via Powershell

I have to check if machine has MS March update installed, and SCCM cannot make my job simpler ūüôĀ

So I created a new compliance rule to check the result, here is the code:

$error.clear()

try {

$Session = New-Object -ComObject “Microsoft.Update.Session”

$Searcher = $Session.CreateUpdateSearcher()

$historyCount = $Searcher.GetTotalHistoryCount()

$Searcher.QueryHistory(0, $historyCount) | Select-Object Title, Description, Date,

¬† ¬† @{name=“Operation”; expression={switch($_.operation){

¬† ¬† ¬† ¬† 1 {“Installation”}; 2 {“Uninstallation”}; 3 {“Other”}

}}}

}

catch { “March, 2017 Security Monthly Quality Rollup” }

if (!$error) {

Write-Host “Compliant”

}

else {Write-Host “Non-Compliant”}

 


Find A File with Random Characters and Send Email by SCCM Compliance Rule

Here is my Powershell script for Finding a file with random characters in the end, if the system find the file, it will email to our alert mailbox as well. This is done by SCCM Compliance Rule:

# File Finder
# Ray Qiu
# Feb 15, 2017

# Define variables

$username = “myself”
$password = ConvertTo-SecureString “password” -AsPlainText -Force
$cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $username, $password
$Computer = hostname

# Start the scan!
$result=Get-ChildItem C:\Windows\Temp\ | Where-Object {$_.Name -like ‘sam_ref*.wav’}
echo $result

if($result) {
Write-Host “found”
# Email the result
Send-MailMessage -From [email protected] -To [email protected]¬†-Subject “SCCM File Found For $Computer” -Credential $cred -Body ”
$result
Time Stamp: $(Get-Date)
Host Name: $Computer

” -SmtpServer¬†exchange.server.address
} else {
Write-Host “nothing”
}

 


SCCM Compliance Rule for Finding Process Running

Here is my powershell script for finding if a  process is running with SCCM compliance rule.

$process = Get-Process Process-name-xxx -ErrorAction SilentlyContinue
if ($process) {
Write-Host “Running”
}
else {Write-Host “Not Running”}

 

And for compliance rule is to check if the value is equal to ¬†“Running”


Find Current User via Powershell

sometimes if you run as local admin, but your current user is not a local admin, then you need some special way of finding the current username:

$user = (gwmi -Query “Select * from Win32_Process where name = ‘explorer.exe'”).GetOwner().User


Add a SCCM deployment with Powershell

Here is a powershell command for creating a SCCM deployment

 

Start-CMApplicationDeployment -CollectionName “Collection Name” -Name “Softwarename” -DeployAction Install -DeployPurpose Available -UserNotification DisplayAll -AvaliableDate (Get-Date) -AvaliableTime (Get-Date) -Verbose

 

Source:

http://www.bewi.at/?p=1132


Remote Control SCCM Package

With SCCM 2012, I love the Remote Control function, so much better than RDP! and it comes with SCCM console.

For those don’t have SCCM console, I have wrote a Powershell script to just to run Remote Control from their desktops:

First we need to copy files we need, you can check the files we need from this excellent article:

http://ccmexec.com/2012/05/running-configuration-manager-2012-remote-control-standalone/

 

And here is my SCCM Package for standalone Remote Control:

it will output verbose to c:\output.txt as well.

 

# Remote Control SCCM 2012 Standalone Installation
# Rui Qiu
# 4/1/2015
# V 1.0

$ErrorActionPreference=”SilentlyContinue”
Stop-Transcript | out-null
$ErrorActionPreference = “Continue”
Start-Transcript -path c:\output.txt -append
#Create Current Folder Function
function Get-ScriptDirectory
{
$Invocation = (Get-Variable MyInvocation -Scope 1).Value;
if($Invocation.PSScriptRoot)
{
$Invocation.PSScriptRoot;
}
Elseif($Invocation.MyCommand.Path)
{
Split-Path $Invocation.MyCommand.Path
}
else
{
$Invocation.InvocationName.Substring(0,$Invocation.InvocationName.LastIndexOf(“\”));
}
}

#Copy files
$Source = Get-ScriptDirectory
$Target = ‘C:\Program Files\Remote Control’
write-host
write-host “File Path is:”
write-host $Source

# Copy-Item $ScriptDir ‘C:\Programs Files\’ -Recurse -Force
if (!(Test-Path -path $Target)) {New-Item $Target -Type Directory}
Copy-Item -Path $Source\* -Destination $Target
Copy-Item -Path $Source\00000409\* -Destination $Target\00000409\

#Create a shortcut to desktop
$desktop = ([Environment]::GetEnvironmentVariable(“Public”))+”\Desktop”
Copy-Item “C:\Program Files\Remote Control\Remote Control.lnk” $desktop

#Create registry entry for connection records
$RegKey=”HKLM:\SOFTWARE\Wow6432Node\Microsoft\ConfigMgr10\AdminUI\Connection”
New-Item -Path “HKLM:\SOFTWARE\Wow6432Node\Microsoft\ConfigMgr10\AdminUI” -Name Connection -Force
Set-ItemProperty -Path $RegKey -Name Server -Value “SCCM MP FQDN”

Stop-Transcript


Better Way to Find Drivers for SCCM OSD Image

There are lots of ways to find drivers, such as from the manufacturer website(Lenovo, HP, Dell), vendor website(Intel, Nvidia), or from Microsoft Update Catalog.

At first I was downloading the SCCM drivers from Lenovo website, but it scared me after I imported to SCCM – 3.5G Files! That’s way to big…

So I started some digging, and here is an excellent article on finding the smallest drivers available( from microsoft update catalog).

 

http://deploymentresearch.com/Research/Post/306/Back-to-basics-Finding-Lenovo-drivers-and-certify-hardware-control-freak-style

 

Basically we just need to find out the unknown devices in our computer by using powershell, then using Microsoft Update Catalog to download the small drivers.

 

Here is the powershell script to find Device ID on unknown devices:

Get-WmiObject Win32_PNPEntity | Where-Object{$_.ConfigManagerErrorCode -ne 0} | Select Name, DeviceID | Export-CSV C:\Drivers.csv

 

Get-WmiObject Win32_PNPEntity | Where-Object{$_.Name ‚ÄďMatch ‚ÄúVGA‚ÄĚ} | Select Name, DeviceID | Export-CSV C:\Drivers1.csv

 

After you got the csv file, you use something like VEN_8086&DEV_1616 to search drivers from Microsoft website.

Unfortunately most results are just for windows 10 drivers, I need windows 7 drivers ūüôĀ

In the end, I have to use Lenovo¬†Update Retriever to get some drivers out…Still¬†around 1 GB, but it is much smaller now …

 

 

Some Cool Links:

 

https://www.windows-noob.com/forums/topic/10856-sccm-2012-osd-apply-driver-packages-without-importing-them-to-the-database/

 

Auto Apply Drivers vs. Apply Driver Package in Task Sequences

http://blogs.catapultsystems.com/mlist/archive/2012/10/18/auto-apply-drivers-vs-apply-driver-package-in-task-sequences/

 

Lenovo Update Retriever & Thin Installer:

https://support.lenovo.com/us/en/documents/tvan-admin#ur

Windows Update Catalog:

https://catalog.update.microsoft.com/


Get IP Addresses from a List of Machines

I need to get IP addresses from a list of machines, so I googled it…needs to use test-connection command, and here is the full script:

# Get IP Addresses from a List of Machine Name

# 07052015

$pcs = Get-Content “c:\test\pc.txt”

foreach ($pc in $pcs)

{

#If computer is online,return true , using quiet switch, count means only once eacho request to send

if (Test-Connection $pc -Count 1 -Quiet)

{

Test-Connection $pc -Count 1 -ErrorAction Stop | Select Address, IPV4Address | Out-file -append “c:\test\result.txt”

}

else

{

“$pc is offline” | Out-File -Append “c:\test\result.txt”

}

}


Powershell Script to Find Email Address from Username in a Text File

Here is the simple powershell script to grab email address from AD. In a text file,just put username there.

# Q’s email script

$names=get-content c:\pc.txt

foreach ($name in $names) {

Get-ADUser $name -Properties mail | select mail

}


Powershell Script to Check Live Bitlocker Encryption Status from Text File

If you have a list of computers and want the check the current bitlocker encryption status, here is a powershell script to do that:

 

# Rui Qiu PS Script
# 052014

$pcs=Get-Content “c:\pc.txt”

foreach ($pc in $pcs) {

manage-bde ‚Äďstatus -cn $pc

}