Wednesday, May 29, 2013

Powershell - Local user password expiration and other properties with WMI

I found a lot information about using net user and wmic. I run into a issue with wmic grabbing a domain account with the same name. My guess is there is a quick fix but it wasn't using /node so i decided to go down try something new. Below is a code snippet for creating a user if it doesn't exist and adding to administrators with password that doesn't expire. This code works wonders using Powershell remoting to setup new virtual machines with dynamic users based on requester.

Changing Password Expires field and updating user:
$localuser = Get-WmiObject -Class Win32_UserAccount -Namespace "root\cimv2" -Filter "LocalAccount='$True'" | where {$_.Name -eq $user}
$localuser.PasswordExpires = $false
$localuser.Put()
 
 
Here are a list of the properties that can be read or changed.
Properties:
AccountType         Property      uint32 AccountType {get;set;}                                    
Caption             Property      string Caption {get;set;}                                        
Description         Property      string Description {get;set;}                                    
Disabled            Property      bool Disabled {get;set;}                                         
Domain              Property      string Domain {get;set;}                                         
FullName            Property      string FullName {get;set;}                                       
InstallDate         Property      string InstallDate {get;set;}                                    
LocalAccount        Property      bool LocalAccount {get;set;}                                     
Lockout             Property      bool Lockout {get;set;}                                          
Name                Property      string Name {get;set;}                                           
PasswordChangeable  Property      bool PasswordChangeable {get;set;}                               
PasswordExpires     Property      bool PasswordExpires {get;set;}                                  
PasswordRequired    Property      bool PasswordRequired {get;set;}                                 
SID                 Property      string SID {get;set;}                                            
SIDType             Property      byte SIDType {get;set;}                                          
Status              Property      string Status {get;set;} 

Example:

try
{
    $user = "User"
    $userpass = "Pass"
    $localuser = Get-WmiObject -Class Win32_UserAccount -Namespace "root\cimv2" -Filter "LocalAccount='$True'" | where {$_.Name -eq $user}
    if($localuser)
    {
        Write-Host "$user was already created"
    }else{
        & net user "$user" "$userpass" /ADD
        $localuser = Get-WmiObject -Class Win32_UserAccount -Namespace "root\cimv2" -Filter "LocalAccount='$True'" | where {$_.Name -eq $user}
        if($localuser)
        {
            & net localgroup administrators $user /add
            $localuser.PasswordExpires = $false
            $localuser.Put()
        }else{
            throw "User Creation failed"
        }
    }
}catch{
    throw $error[0]
    exit 1
}finally{
    $userpass = ""
}
Happy Hunting with automating

Friday, December 14, 2012

SSIS Catalog Creation - C:\Program Files\Microsoft SQL Server\110\DTS\Binn\SSISDBBackup.bak Missing

The error below happens on SQL Server 2012 install without SSIS installed on the same host.

The catalog backup file 'C:\Program Files\Microsoft SQL Server\110\DTS\Binn\SSISDBBackup.bak' could not be accessed. Make sure the database file exists, and the SQL Server service account is able to access it.

This will be the case for most installs on clusters since its not recommended.

http://technet.microsoft.com/en-us/library/hh213127.aspx

To fix this issue copy that file from a SSIS install to the same directory. Rerun your SSIS Catalog create dialog. If this isn’t your issue you may want to check on this connect issue post.

https://connect.microsoft.com/SQLServer/feedback/details/620992/create-catalog-integration-services-fails-if-the-default-backup-location-was-changed-during-install

 

Get event action failed. java.security.cert.CertificateException: The required certificate doesn't exist in the key store.

This error comes if your event subscription username and password aren’t filled in. You may see this error if right click on the IPS in IME and click status. The connection status should read OK. Update your IPS by right clicking and click edit and fill in both subscription username and passwords fields. Hope this will help ya solve this problem since it doesn’t seem to have anything to do with a certificate.

Monday, November 19, 2012

Hyper-V – VM’s page file on SCSI VHD

Just a heads up if you get an warning windows could not create page file on specified volume. This is because the SCSI disks in Hyper-V are driver based and are loaded after windows loads. This would mean the page file would be loaded first before the disk was mounted. As of Windows 2008 R2 Hyper-V this doesn’t not seem to be supported. If you switch your page file VHD to a IDE drive it will solve this issue.

Tuesday, October 23, 2012

Cisco IP Manager Express - IOException when try to get certificate: connect timed out

image

This seems to be one of two problems from a quick glance. The easy one is if the IP Address is no accessible from the IME desktop or server.

image

Second one should have been more obvious but when a Host isn’t in the allowed hosts its not allowed to even connect or ping. The result is the IME application giving you the same error as it doesn’t exist. Add your host or Network to the trusted hosts and try again to add this IPS to IME.

image

image

Wednesday, August 15, 2012

Orchestrator 2012 – Registration of the Integration Pack XXXX with the Orchestrator Management Server Failed

I ran across this while creating IPs for SCORCH 2012 and needed to make some updates. When registering this IP with the Management Server that currently had this installed threw the errors below.

Product: XXXX-- Configuration failed.

Windows Installer reconfigured the product. Product Name: XXXX. Product Version: 1.1. Product Language: 1033. Manufacturer: XXXX. Reconfiguration success or error status: 1638.

I haven’t gone through the logs yet but a good enough fix is to uninstall and run the registration again and deploy it again. Until I get a chance to go back through this.

Wednesday, March 21, 2012

SCVMM – Cannot Resolve with DNS

I observed this issue when creating a cluster in a remote site using Active Directory sites. DNS for this does take about 15 minutes based on the default replication value. Also this configuration had my Virtual Machine Manager in a remote site using site local library to deploy virtual machines. When trying to add another cluster to SCVMM shortly after I created it gave me the error message below.

SERVER cannot resolve with DNS

Ensure there is network communication with the DNS server. if the problem persists contact your network administrator

ID:404

Details: The request name is a valid but no data of the requested type was found

image

After logging in to the SCVMM server to test the DNS name of the cluster. The SCVMM server is the one making the DNS requests and must be able to resolve any cluster or server names which you wish to add. For this issue I had to flush out the previously cached values on the SCVMM server or wait for the cache to expire.

IPCONFIG /flushdns

If your experiencing issues I would start on your SCVMM server and check your DNS servers and if it can correctly retrieve the DNS records.