Just a Tech Guy

Preventing A Disaster (with Powershell)

So, I walked into a production issue this morning at work that could have been easily prevented. A process we run at work moves files to a directory then imports the information from those files. This occurs every day and the files being moved into the import directory will not overwrite any files that are already in that directory. Long story short the files imported were the wrong ones since the ones that needed to be dropped off were moved to a staging area instead. Had I known there were files in there a 5 minute fix to prevent this would have saved me a half day’s recovery. I decided to prevent this from happening again by running a simple script.

The following script checks the directory on a server for any files with the csv extension. If it doesn’t find any, then all is well, life goes on. If files are found, it emails/pages me so I can move those files before the process runs.

1      $filecheck = Test-Path "\\servername\directory\*.csv"
2      If ($filecheck) {
3            $SmtpClient = new-object
4            $SmtpServer = "localhost"
5            $ = "exchange.server.address"
7           $msg = New-Object Net.Mail.MailMessage
8           $msg.From = "Your Server"
9           $msg.To.Add("")
10        $msg.Subject = "Your Directory not Empty!"
11         $msg.Body = "The directory for the blah is not empty! " + (Get-Date)
12         $SmtpClient.Send($msg)
14                                }

Ok, broken down line one sets a variable querying whether or not the path listed exists. This variable saves as a boolean.  Line two does a simple If/Else statement. In Powershell Else will be assumed. Boolean equivalent of True is If($variable) if we needed to check for false we would use If(!$variable). Lines 3-12 are the lines needed to email with SMTP.

Line 3 creates the email object.
Line 4 uses the localhost as the SMTP server.
Line 5 defines the ‘real’ server to relay the email off of. You will need to put your company’s exchange or email server’s address in here and make sure it allows relays.
Line 7 Creates the Message object.
Line 8 is Whatever you want your email From address to say. (Can be anything)
Line 9 is where you add an email address to send to. For each email address you would like to send to, just add a line identical to this one and change the email address.
Lines 10 and 11 are obvious. Change to whatever you like.
Line 12 sends the email.

Let me know if you have any questions or suggestions.

– Jason

Finding a Service’s Authentication ID

At work, us Administrators are considered prima donnas. And most of the time we accept that and will even admit to it. We like things a certain way and we tend to also get set in our ways. Recently the company hired a new VP of a department that promotes a more secure environment to work in. To protect the guilty, I’ll not use his name, so instead I’ll refer to him as Satan. *smirk* Satan has good intentions in the long run but has the social and personality skills of a pissed off bull. He has no professional courtesy nor does he wish to. Now I will also note that anyone in his position will always be considered the ‘bad guy’ but I think he really enjoys the title more than actually just accepting it as a side effect of his profession.

I say all of that to say this: We, the prima donna group have been in the habit of not changing our passwords as regularly as we should, and in cases where our bosses and end users beat us into submission about getting something to work “no matter how it’s done”, we’ve made some bad practices over the years. Such as…. running a service, scheduled task, or mapping a drive with our own credentials. Well without warning Satan decided to enforce the company policies in the middle of a work day and force a company wide password change, which under most circumstances wouldn’t be so bad… however, this broke a lot of things that people have forgotten about for years. (ie. a Service that’s been running under ‘Johnsmith’ for the last 28 months. The key point in this was “WITHOUT WARNING”, none. He is 100% correct in enforcing the rule but professional courtesy should have given us a day or two’s heads up about it so we can prepare.

Either way, I scrambled to make sure none of my servers were affected and none were however, others were. I put together this powershell script to at least run through and look for any ID’s that matched the syntax of our standard user ID’s and to kick out a report showing which ones are potential dangers.

# The first section merely defines important variables such as the log that will be written to, date, or time.

$log = "c:\temp\Service_IDs.txt"                            

#The section below looks for the log and if it exists, wipes it and writes a date stamp within the file.

$logexist = Test-Path $log
If ($logexist -eq $true)
$date = Get-Date
Write-Output ("The following Information is for Servers on your list: " + ($date))| Out-File $log
Start-Sleep -Seconds 2

# The section below reads from a list of servers (defined in the $servers variable and loops through each.

$servers = gc "c:\scripts\powershell\servers_prod.txt"
foreach ($server in $servers){
Start-Sleep -Seconds 1

#This part queries each Service on each server and searches for one who’s account login name matches the [regex] pattern.

$svc=gwmi win32_service -ComputerName $server | Where-Object {$_.startname -match "s*d"}
foreach ($service in $svc){

# The following section actually writes each part to a log in a format that is quicker to understand, filling in variables after each subsection.

"Server: " + ($server) + " | Service Name: " + ($service.Name) + " | Service Account ID: " + ($service.startname) | Out-File -Append $log
Start-Sleep -Seconds 2

# The last line merely opens the file when it’s done appending.

Invoke-Item $log

* Notice you see (Start-Sleep *) in the file in several locations. This is to keep the script from stepping all over itself. When run without it you will see errors where there is contention between one loop and another. Basically the script is running too fast and one section is still processing while the next one wants access to the file.

** I am by no means good at scripting. I do it on my own for personal and work reasons and am sure to be told by many that there are easier ways to accomplish the same tasks. Feel free to drop me a line or comment.

– Jason

Welcome to I Am Roberson

Well, was taken… long taken. A law firm in Texas bought it in ’97 and apparently owns it until they renew it in 2011. Ah well, IAmRoberson will work just as well and has a nice weird ring to it.

Anyways… Welcome.