Anthony Reinke

Archive for the ‘work’ Category

I added a batch script I wrote to install SNMP on a bunch of machine back on Jan. 14, 2012 (http://www.anthonyreinke.com/2012/01/14/installing-snmp-through-the-command-line/).  I have since modified the script.  Changing the file from a .bat to a .cmd will allow you to right click and run as administrator on Windows 2008.  Also I noticed in 2008, it defaults in to having the localhost as the only system that can communicate to the SNMP Service.

PsExec.exe @hosts.txt -s -c installsnmp.cmd

Below is the file to download.  Rename the file to installsnmp.cmd
installsnmp.cmd.txt

As always, please contact me if you have questions.

@echo off

cls

REM Detect if the system is Windows Server 2003
systeminfo | find "2003" > nul
if %ERRORLEVEL% == 0 goto 2003

REM Detect if the system is Windows XP
systeminfo | find "XP Pro" > nul
if %ERRORLEVEL% == 0 goto XPPro

REM Detect if the system is Windows XP
systeminfo | find "2008" > nul
if %ERRORLEVEL% == 0 goto 2008

REM If the system is Windows Vista, Windows Server 2008, or higher, 
REM they have the required files built in.
goto ERROR

:2003
REM If Windows 2003, set the path to the i386 directory
REM Note: The path needs to be one level above the i386 directory
REM Example: if the path is \\server\share\windows2003\i386\ then
REM the path would be \\server\share\windows2003\
REM Note that the you need both a 32bit and 64bit versions

if (%PROCESSOR_ARCHITECTURE%) == (AMD64) (
echo Windows Registry Editor Version 5.00
echo.
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup]
echo "SourcePath"="\\\\server\\share\\Extracted\\Win2003x64\\"
echo "ServicePackSourcePath"="\\\\server\\share\\Extracted\\Win2003x64\\"
) > %temp%\setW2003Path.reg

IF (%PROCESSOR_ARCHITECTURE%) == (x86) (
echo Windows Registry Editor Version 5.00
echo.
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup]
echo "SourcePath"="\\\\server\\share\\Extracted\\Win2003\\"
echo "ServicePackSourcePath"="\\\\server\\share\\Extracted\\Win2003\\"
) > %temp%\setW2003Path.reg

REM Installing the created Registry File
regedit /s /q %temp%\setW2003Path.reg

goto SNMP

:XPPro
REM If Windows XP Professional, set the path to the i386 directory
REM Note: The path needs to be one level above the i386 directory
REM Example: if the path is \\server\share\windowsXP\i386\ then
REM the path would be \\server\share\windowsXP\
if (%PROCESSOR_ARCHITECTURE%) == (AMD64) (
(
echo Windows Registry Editor Version 5.00
echo.
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup]
echo "SourcePath"="\\\\server\\share\\Extracted\\XPProx64\\"
echo "ServicePackSourcePath"="\\\\server\\share\\Extracted\\XPProx64\\"
) > %temp%\setXPProPath.reg
) ELSE IF (%PROCESSOR_ARCHITECTURE%) == (x86)
(
echo Windows Registry Editor Version 5.00
echo.
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup]
echo "SourcePath"="\\\\server\\share\\Extracted\\XPPro\\"
echo "ServicePackSourcePath"="\\\\server\\share\\Extracted\\XPPro\\"
) > %temp%\setXPProPath.reg
)

REM Installing the created Registry File
regedit /s /q %temp%\setXPProPath.reg.reg

goto SNMP

:2008
REM Since 2008 stopped using the sysocmgr.exe to install features, in Vista and higher
REM you need to use the servermanagercmd.exe to add features. A great list of the 
REM features and their command line install string is at:
REM http://www.techrepublic.com/blog/datacenter/install-windows-server-2008-features-with-servermanagercmd/294

servermanagercmd.exe -install SNMP-Services

goto Strings

:SNMP
REM Building the Unattended Install

(
echo ;SetupMgrTag
echo [NetOptionalComponents]
echo SNMP=1
echo [SNMP]
echo Any_Host=YES
) > %temp%\snmp.txt

REM Installing the SNMP application with the Unattended Install

sysocmgr /i:%windir%\inf\sysoc.inf /u:%temp%\snmp.txt

goto Strings

:Strings

REM Removing the public string
(
echo Windows Registry Editor Version 5.00
echo.
echo [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SNMP\Parameters\ValidCommunities]

REM Removing the only allow localhost communication, by default 2008 will only allow the 
REM localhsot to talk to the SNMP service
echo [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SNMP\Parameters\PermittedManagers]

REM Setting the SNMP strings
echo.

REM Setting the SNMP Contact Info
echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SNMP\Parameters\RFC1156Agent]
echo "sysContact"="Server Administrators"
echo "sysLocation"="Server Room"
echo "sysServices"=dword:0000004f
echo.
REM Setting the Read Only and Read Write Communities
echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SNMP\Parameters\ValidCommunities]
echo "readonly"=dword:00000004
echo "readwrite"=dword:00000008
echo.
REM Creating the Permitted Managers Key
echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SNMP\Parameters\PermittedManagers]
echo.
) > %temp%\setupsnmp.reg

REM Installing the created Registry File

regedit /s /q %temp%\setupsnmp.reg

REM Cleaning Up

IF EXIST %temp%\setupsnmp.reg del %temp%\setupsnmp.reg
IF EXIST %temp%\setW2003Path.reg del %temp%\setW2003Path.reg
IF EXIST %temp%\setXPProPath.reg.reg del %temp%\setXPProPath.reg.reg
IF EXIST %temp%\snmp.txt del %temp%\snmp.txt

echo %COMPUTERNAME% Complete >> \\server\share\SNMP\SNMPInstall.txt

goto END

:ERROR
echo.
echo Could not determine the OS type
pause

goto END

:END

I needed a way to mass install SNMP to the servers in my environment.  The problem I was having was Microsoft Windows Server 2003 needing files from the CD.  We don’t copy the i386 directory from the CD for two reasons.  We store the files on the network and drive space is limit on a lot of servers.  The batch script will check if the server is 2003.  If it is 2003, it will point the install cd to a network path or a local path.  Next it builds the  unattended install file.  Once the file is written, the system will add the SNMP feature per the unattended file.  After SNMP is installed, the registry keys are set for the SNMP community strings.  Lastly the script removes the temporary files it created.

Use this script in combination to PSTools’ PSExec and you can mass install.  Create a list of systems you want to install this on and call it hosts.txt.  Each server needs to be on it’s own line and it is best to use the fully qualified name or IP Address.  Copy the hosts.txt and installsnmp.bat file in to your PSTools directory and run the following command:

PsExec.exe @hosts.txt -s -c installsnmp.bat

Download the Install SNMP Batch File, just rename to a .bat file.

@echo off

echo %COMPUTERNAME% Started >> \\server\share\SNMP\SNMPInstall.txt

REM Detect if the system is Windows Server 2003
systeminfo | find "2003" > nul
if %ERRORLEVEL% == 0 goto 2003

REM Detect if the system is Windows XP
systeminfo | find "XP Pro" > nul
if %ERRORLEVEL% == 0 goto XPPro

REM If the system is Windows Vista, Windows Server 2008, or higher, 
REM they have the required files built in.
goto SNMP

:2003
REM If Windows 2003, set the path to the i386 directory
REM Note: The path needs to be one level above the i386 directory
REM Example: if the path is \\server\share\windows2003\i386\ then
REM the path would be \\server\share\windows2003\
REM Note that the you need both a 32bit and 64bit versions

if (%PROCESSOR_ARCHITECTURE%) == (AMD64) (
(
echo Windows Registry Editor Version 5.00
echo.
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup]
echo "SourcePath"="\\\\server\\share\\Extracted\\Win2003x64\\"
echo "ServicePackSourcePath"="\\\\server\\share\\Extracted\\Win2003x64\\"
) > %temp%\setW2003Path.reg
) ELSE IF (%PROCESSOR_ARCHITECTURE%) == (x86)
(
echo Windows Registry Editor Version 5.00
echo.
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup]
echo "SourcePath"="\\\\server\\share\\Extracted\\Win2003\\"
echo "ServicePackSourcePath"="\\\\server\\share\\Extracted\\Win2003\\"
) > %temp%\setW2003Path.reg
)

REM Installing the created Registry File
regedit /s /q %temp%\setW2003Path.reg

goto SNMP

:XPPro
REM If Windows XP Professional, set the path to the i386 directory
REM Note: The path needs to be one level above the i386 directory
REM Example: if the path is \\server\share\windowsXP\i386\ then
REM the path would be \\server\share\windowsXP\
if (%PROCESSOR_ARCHITECTURE%) == (AMD64) (
(
echo Windows Registry Editor Version 5.00
echo.
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup]
echo "SourcePath"="\\\\server\\share\\Extracted\\XPProx64\\"
echo "ServicePackSourcePath"="\\\\server\\share\\Extracted\\XPProx64\\"
) > %temp%\setXPProPath.reg
) ELSE IF (%PROCESSOR_ARCHITECTURE%) == (x86)
(
echo Windows Registry Editor Version 5.00
echo.
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup]
echo "SourcePath"="\\\\server\\share\\Extracted\\XPPro\\"
echo "ServicePackSourcePath"="\\\\server\\share\\Extracted\\XPPro\\"
) > %temp%\setXPProPath.reg
)

REM Installing the created Registry File
regedit /s /q %temp%\setXPProPath.reg.reg

goto SNMP

:SNMP
REM Building the Unattended Install

(
echo ;SetupMgrTag
echo [NetOptionalComponents]
echo SNMP=1
echo [SNMP]
echo Any_Host=YES
) > %temp%\snmp.txt

REM Installing the SNMP application with the Unattended Install

sysocmgr /i:%windir%\inf\sysoc.inf /u:%temp%\snmp.txt

goto Strings

:2008
REM Since 2008 stopped using the sysocmgr.exe to install features, in Vista and higher
REM you need to use the servermanagercmd.exe to add features. A great list of the 
REM features and their command line install string is at:
REM http://www.techrepublic.com/blog/datacenter/install-windows-server-2008-features-with-servermanagercmd/294

servermanagercmd.exe -install SNMP-Services

goto Strings

:Strings

REM Removing the public string
(
echo Windows Registry Editor Version 5.00
echo.
echo [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SNMP\Parameters\ValidCommunities]

REM Setting the SNMP strings
echo.
echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SNMP\Parameters\RFC1156Agent]
echo "sysContact"="Server Administrators"
echo "sysLocation"="Server Room"
echo "sysServices"=dword:0000004f
echo.
echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SNMP\Parameters\ValidCommunities]
echo "readonly"=dword:00000004
echo "readwrite"=dword:00000008
) > %temp%\setupsnmp.reg

REM Installing the created Registry File

regedit /s /q %temp%\setupsnmp.reg

REM Cleaning Up

IF EXIST %temp%\setupsnmp.reg del %temp%\setupsnmp.reg
IF EXIST %temp%\setW2003Path.reg del %temp%\setW2003Path.reg
IF EXIST %temp%\setXPProPath.reg.reg del %temp%\setXPProPath.reg.reg
IF EXIST %temp%\snmp.txt del %temp%\snmp.txt

echo %COMPUTERNAME% Complete >> \\server\share\SNMP\SNMPInstall.txt

Currently I am having an issue with not knowing information about the servers I am responsible.   I am not happy not knowing things.  I spent a little time gather different parts of different scripts (hacker / script kiddie style) and compiling them in to one Visual Basic Script.  This script is designed to work against Dell Servers.  It will ask the computer for it name, the OS, OS version number, Service Packs, Bit Level (32 or 64 bit), Dell Warranty info, list of local users, and a list of local groups and the users in the groups.  It takes the list of servers from “hosts.txt” which is just a list of servers or ip addresses where there is one per line.  It will write all the information it gathers in to a file called “report.txt”.

Download the .VBS File

Here is the code:

Option Explicit

Dim url, svctag, wshShell, wshNetwork

Dim strComputer, colGroups, objGroup, objUser

Dim objWMIService, colItems, objItem

Dim warrantyRows, warrantyCols

Dim objsvc,svccount, errorChecking,svc,objNetwork,colAccounts

Dim get_OS_Bit, info, strComputer2, oReg, strKeyPath, strValueName, strValue

Dim objShell, objIE, objWMI

Dim colOSes, objOS

Dim objFSO, objTextFile, objTextFileW, objTextFileO, strNextLine, arrServiceList

Dim i, result

Const ForReading = 1

Const ForAppending = 8

Set objFSO = CreateObject(“Scripting.FileSystemObject”)

Set objTextFileW = objFSO.OpenTextFile (“report.txt”, ForAppending, True)

Set objFSO = CreateObject(“Scripting.FileSystemObject”)

Set objTextFileO = objFSO.OpenTextFile _

(“hosts.txt”, ForReading)

Do Until objTextFileO.AtEndOfStream

strNextLine = objTextFileO.Readline

arrServiceList = Split(strNextLine , “,”)

strComputer = arrServiceList(0)

wscript.echo strComputer

On Error Resume Next

Set colOSes = objWMIService.ExecQuery(“Select * from Win32_OperatingSystem”)

For Each objOS in colOSes

objTextFileW.Writeline “########################################”

objTextFileW.Writeline

objTextFileW.Writeline “========================================”

objTextFileW.Writeline “==            Computer Info           ==”

objTextFileW.Writeline “========================================”

objTextFileW.WriteLine “Computer Name      : ” & objOS.CSName

Next

objTextFileW.WriteLine

Set objWMI = GetObject(“winmgmts:\” & strComputer & “rootCIMV2″)

Set colItems = objWMI.ExecQuery(“SELECT * FROM Win32_OperatingSystem”,,48)

For Each objItem in colItems

objTextFileW.WriteLine “Operating System   : ” & objItem.Caption

objTextFileW.WriteLine “OS Version Number  : ” & objItem.Version

objTextFileW.WriteLine “Service Pack       : ” & objItem.ServicePackMajorVersion

objTextFileW.WriteLine

Next

const HKEY_LOCAL_MACHINE = &H80000002

Set oReg=GetObject(“winmgmts:{impersonationLevel=impersonate}!\” & strComputer & “rootdefault:StdRegProv”)

strKeyPath = “HARDWAREDESCRIPTIONSystemCentralProcessor”

strValueName = “Identifier”

oReg.GetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,strValue

if (instr(strValue,”x86″)) then

get_OS_Bit=”32″

elseif (instr(strValue,”64″)) then

get_OS_Bit=”64″

else

get_OS_Bit=”NotSure”

end if

objTextFileW.WriteLine “OS is              : ” & get_OS_Bit & “bit”

objTextFileW.WriteLine

objTextFileW.Writeline “========================================”

objTextFileW.WriteLine “==  Get the Dell warranty information ==”

objTextFileW.Writeline “========================================”

url = “http://support.dell.com/support/topics/global.aspx/support/my_systems_info/details?c=us&cs=RC956904&l=en&s=hied&~lt=bodyonly&~wsf=tabs&servicetag=”

set objIE=createobject(“internetexplorer.application”)

set objShell = WScript.CreateObject(“WScript.Shell”)

set objWMI = GetObject(“winmgmts:{impersonationLevel=impersonate}!\” & strComputer & “rootcimv2″)

If InStr(UCase(objWMI.ExecQuery(“Select Manufacturer From Win32_ComputerSystem”).ItemIndex(0).Manufacturer), “DELL”) = 0 then Err.Raise 2, “This is not a Dell dude!”, “No Service Tag”

svctag = objWMI.ExecQuery  (“Select SerialNumber from Win32_BIOS”).ItemIndex(0).SerialNumber

Set objWMIService = GetObject(“winmgmts:” _

& “{impersonationLevel=impersonate}!\” _

& strComputer & “rootcimv2″)

objTextFileW.WriteLine “Service Tag        : ” & svctag

objIE.navigate url & svctag

do while objIE.readystate<>4 : wscript.sleep 50 : loop

set warrantyRows = objIE.document.getElementsByTagName(“table”).item(1).getElementsByTagName(“table”).item(2).getElementsByTagName(“table”).item(0).getElementsByTagName(“tr”)

For i = 1 to warrantyRows.length – 1

set warrantyCols = warrantyRows.item(i).getElementsByTagName(“td”)

objTextFileW.WriteLine “Description        : ” & warrantyCols.item(0).innerText

objTextFileW.WriteLine “Provider           : ” & warrantyCols.item(1).innerText

objTextFileW.WriteLine “Warranty Extension : ” & warrantyCols.item(2).innerText

objTextFileW.WriteLine “Start Date         : ” & warrantyCols.item(3).innerText

objTextFileW.WriteLine “End Date           : ” & warrantyCols.item(4).innerText

objTextFileW.WriteLine “Days Left          : ” & warrantyCols.item(5).innerText

objTextFileW.WriteLine

Next

objTextFileW.Writeline “========================================”

objTextFileW.WriteLine “==       List all local users         ==”

objTextFileW.Writeline “========================================”

Set objNetwork = CreateObject(“Wscript.Network”)

‘strComputer = objNetwork.ComputerName

Set colAccounts = GetObject(“WinNT://” & strComputer & “”)

colAccounts.Filter = Array(“user”)

For Each objUser In colAccounts

objTextFileW.WriteLine “Local User         : ” & objUser.Name

Next

objTextFileW.WriteLine

objTextFileW.Writeline “===========================================”

objTextFileW.WriteLine “== List all local groups and their users ==”

objTextFileW.Writeline “===========================================”

Set colGroups = GetObject(“WinNT://” & strComputer & “”)

colGroups.Filter = Array(“group”)

For Each objGroup In colGroups

objTextFileW.WriteLine “Group              : ” & objGroup.Name

For Each objUser in objGroup.Members

objTextFileW.WriteLine “User               : ” & objUser.Name

Next

objTextFileW.WriteLine

Next

objTextFileW.WriteLine “== List all services ==”

set objsvc = GetObject(“winmgmts:{impersonationLevel=impersonate}\” & strComputer & “rootcimv2″).ExecQuery (“SELECT * FROM Win32_Service”)

for each svc in objsvc

objTextFileW.WriteLine “Service            : ” & svc.displayname

objTextFileW.WriteLine “Current Status     : ” & svc.state

objTextFileW.WriteLine “Startus Type       : ” & svc.startmode

objTextFileW.WriteLine “Run Server As      : ” & svc.startname

objTextFileW.WriteLine

next

objTextFileW.WriteLine

Loop

objTextFileW.Close

I have been at my new job for around 8 weeks now.  There have been 2 major outages.  We have one employee put in their notice.  After this week my equal in one of offices will no longer be here.  The guy has been around IT for a while and had a lot of resources.  He knew a lot of different people he could count on and different ways to find answers.  That is a big loss for the company.

The First Outage:
The system have needed to be replaced a while ago.  I don’t blame the people that were here before me.  They were doing the best they could with the cards dealt to them.  We have had two major outages.  The first outage was caused by bad power from our power company Lincoln Electric System (LES).  The power dipped low enough to damage the equipment but not low enough to trip the UPS.  The power dip caused one of the switches in our core stack to blow the power supply in it.  Cisco was able to send a new switch, but at first they could get us one until Monday.  The outage happened Thursday night / Friday night.  After working with Alexander Open Systems (AOS), they were able to get a switch from Cisco to us the next day.  We had a former employee help with the configuration of the switch since the network has multiple vlans and vlan are configured at the port level.  Normally this isn’t a problem but we didn’t have a backup of the switch configuration.  The outage also caused problems to the firewall in the form of the firewall loosing its configuration.  We had a person from AOS help us reconfigure the switches and firewall so that everything was good again.

The Second Outage:
First our file and print server decided to deny access to the share and then the share no longer showed online.  Next all the printers on the server disappeared.  Shortly after this one of our main SANs decided to stop working.  So the team got to working on these issues and then we no longer to remote in.  Wait.. We can’t get to anything from outside.  Got have no email, no websites, and no VPN.  Researching the firewall we noticed it was denying everything from the outside.  I started looking in to that and then I noticed that the external dns addresses weren’t resolving.  First I thought it was due to the firewall blocking everything but from an external location I querried Google’s DNS Server for a site of ours.  Nothing came back.  Normally it takes hours before DNS will exhaust.  So I try to log in to our DNS server and I can’t get connected.  So I jump to the VM server and notice an error.  The ESX server doesn’t have enough room for the VM.  The physical disk is out of space so it halted the VM session.  Just great.  I go to reboot the server and get the equivalent of the BSOD on a Windows server.  I hard power the server and after the 5 minutes it takes to start loading the OS I get a kernel panic.  The OS has an issue with the hard drive.  At this point I need a DNS server up and I need it now.  I start building a new ESX server out of scraps of different servers.  The idea is to build a server and move the hard drives to the new server.  While I am doing this I am taking the DNS zone files and creating a new DNS server on another VM host just encase the ESX server idea doesn’t pan out.  Plus I went to a DNS hosting company and start moving our DNS file to this host.  I got the new ESX server built.  I got the new DNS server built.  I have the DNS moved to the DNS hosting company.  I created a CNAME to our name servers to point to the DNS server names for our new DNS hosting company.  This got us back in business.  A coworker got AOS on the phone and remotely got them to be able to configure the firewall.  Looks like the firewall flipped back to a new version of the firmware that we downgraded.  Once they downgraded us we were back in business.  My coworkers got the file server and SAN already figured out.  It is Sunday mid-day and so at this point the systems have been down for 48 hours.  I have been helping since 11am on Sunday when I returned home from Church.  At around 5pm I went in to work to do all the things that needed done physically (build the ESX server and trying to copy the files off the drive). At 6:45am the next day I have the new ESX server up, files being copied down from the old ESX server which is back up, and the zones built for the external DNS hosting provider.  By 10am the files were done copying down to a portable drive.  I was able to start up the vm server for the host.  Everything was basically up and going.  Tuesday we noticed that some emails were not going through and sites were down.  When creating the CNAME to fix the issue it caused an issue with the other sites we were hosting in the fact that the external provider didn’t have zone files for the other sites.  So Tuesday afternoon I removed the CNAME.  By Tuesday evening some of the sites were up and happy again.

Facts about IT:

• You will get yelled at
• Very rarely will you get a thank you from anyone outside of IT
• You will loose a lot of sleep in your career.  Doing a 36 to 40 hour shift is typical.
• Even if you spend all weekend fixing things, users still expect you to be there to help them get their new songs on their blackberry
• In small to medium sized companies the burn out rate in IT is high.  Everyone wants everything but they don’t want to pay for it and why haven’t you got it done already?
• In larger company most IT people feel like they are just part of a large heard of cattle and that they can and will be replaced at any given time.

Sorry about the lack of the posting.  I have switched jobs and the perfect storm hit us.  Due to a power outage (well,multiple outages) from Lincoln Electric System (http://les.com) we lost a main switch, the firewall configuration, and dhcp configuration.  I haven’t logged in to a Cisco device in many years and never in the depth I have had to in the past month.

Things I am working on:

• Jumping in to Cisco head first
• More with Splunk
• Setting up MPLS between multiple site, and a couple of co-locations
• More in to security
• Guest Posters