Powershell Tuesday Quick Tip #1

Let’s see how many Tuesdays I can do this!  The goal: a quick oneliner or at most 2-3 lines of code to do something timesaving and useful. For the Powershell gurus some may be simplistic but I can vouch that these all WORK as of spring of 2018. Which is more than you can say for some of the stuff that comes up for a Bing/Google (Bing-gle) search.

So today’s is something that came up today. I needed to change the mailbox/calendar settings on Rooms for meeting reservations in Outlook.

PROBLEM: By default, a Room mailbox only publishes meetings as “Busy” for any but the organizer.  So when other people really need that room, they don’t even know who to contact about maybe changing times around.

SOLUTION:

Get-Mailbox -Filter {(RecipientTypeDetails -eq "RoomMailbox")}|
ForEach-Object {Set-CalendarProcessing "$_" -AddOrganizerToSubject $True -DeleteComments $False -DeleteSubject $False}

Of course you have to be connected to Office 365 in your Powershell session first. Instructions on that are detailed here: Microsoft Docs 

See ya next week!

2018 – Ready, Set, GO!

We all know the usual platitudes around the new year. We’ve heard them, we’ve said them, and it’s the same every year. “New Year, New Me”, “This is my year!” or the ever-increasing spate of diet and fitness articles books and well-meaning resolutions. It’s our traditional or perhaps even natural tendency to look forward optimistically, to prepare to succeed in the New Year. Sometimes, that’s where we stop.

Our seemingly bottomless pit of procrastination seems to be dug with a shovel labelled “Preparation”. We have phrases like “Proper Preparation Prevents Piss Poor Performance”, and “He who fails to prepare, prepares to fail”. These truisms exist because they are true.  But coupled with an overactive ‘inner critic,’ preparation quickly spirals into the abyss of procrastination.

Most people have experienced this. We plan to do things. We make lists, we study, we prepare. But then things slip to the side a bit. We feel uncertain or hesitate for whatever reason. So, we review the lists and plans. This of course leads to revising the lists and plans and the cycle starts again. Notice what is missing? The ‘doing of the thing’.

Stop preparing to prepare!  –Matthew Parks, Sr  (paraphrased)

We’ve all been guilty of it to some degree, but it seems to be far worse when venturing into unfamiliar territory. We want to be certain that we’re not making a mistake, or that we won’t look foolish. In short, we fear failure.

How do we break the cycle? Honestly, I’m not sure the ‘best way’. Trying to find the best method/cure/path to righteousness/whatever is how we get stuck in that cycle to start with! So I propose to simply pick a path, perhaps not the “best path”, just “a path”.  Take a few steps and see if it hurts. See if there are any obvious pitfalls ahead. You can usually change course if it looks too bad. Meanwhile each step takes you further from the Pit of Procrastination.

I’m not saying to go against all the truisms and advice and just jump into things without preparation or caution. That would be foolishI’m saying let’s try to not get stuck in the prep and never do the thing.  How will it turn out? We’ll just have to see, won’t we?

Meanwhile I’ve written an entire blog post on procrastination, based on my thoughts about how to stop procrastinating on writing a blog post. <shakes head>

“Dilly Dilly!”

Have a great year!

How a cloud service pays for itself in one emergency

Imagine this scenario: It’s Friday evening and a storm that was going to hit a nearby town veers off toward your corporate HQ. Suddenly you are looking at torrential rains and flooding of biblical proportions at your corporate HQ. Oh, and to top it off it’s your major stocking location for your national distribution business.

We weren’t imagining this when Hurricane Harvey dropped trillions of gallons of rain on the Houston area. Of all the Disaster Recovery and Business Continuity plans the one that was so very very simple was email and communication. We had already transitioned all of that to Office 365. What was our DR/BC plan for email and other written communication? We didn’t need to worry about the service.  We simply made sure that key people had laptops and good to go!

Of course, all wasn’t peaches and roses.

We have a couple of areas in the business that were still using on-premises file servers. The users trying to access those servers had to use a VPN (an uncommon occurrence for many of them). That was awkward and strained our licensed capacity for VPN connections, but it wasn’t a major ordeal. Guess who is going to be pushed toward SharePoint Online Document Sites? You betcha!

The other pain point was our legacy IBM PowerSystem. None of our locations lost power/connectivity during the storm, but we watched it like a hawk to determine if we should failover to the DR site. If that system was in a cloud bank in Arizona, there is less chance of hurricane issues.

True enough, cloud-based systems have their own set of problems. However, if you go with a geo-diverse plan, the likelihood of a big storm/blizzard/earthquake halting your business are greatly reduced. This is in addition to all the typically touted benefits of OPEX vs CAPEX, hardware maintenance and all that.

The moral of the story: If you work in a hurricane zone – pay attention to the cloud.

 

 

TechMentor Redmond 2017 – the short(ish) version

What is TechMentor? The answers range from the serious business case to the snarky, depending whom you ask and when. The short answer: it’s a tech conference focused on education for IT Professionals. The long answer can be found here on their site.  For me, it’s a recharging of my mental batteries and a chance to learn a lot and see some fellow IT folk I only see at these things.

I’m not going to do a day by day because this is 5 full days of learning, both from the speakers and the fellow attendees. I promised a short post so here it goes!

1. We are not doing enough for security (duh) and we’re not alone in that. While our situation isn’t as dire as some, it’s not as good as it can be. After this week I have the tools needed to address some of this.  

2. I could be wringing a lot more use out of Azure Active Directory for not alot more money. Things like Dynamic Groups based on user’s AD attributes and assigning Office 365 features based on group membership.

3. We all need to move from “Classic IT” to “Modern IT”. That is, from spending time redeploying software and images on OEM pc’s to simply updating what came on them to what the business user needs to function. *Hint* The Windows Configuration Designer is key here for SMB’s. This feeds into the concept of Windows as a Service.

4. If you’re going to make good training videos, the gear and the environment is as important as the software to record. A LOT of dollars can be spent to generate professional grade educational videos, but it also appears that if you aren’t TOO picky, you can get moderate grade gear for a couple of hundred bucks.

5. Building custom Desired State Configuration Resources isn’t as hard as I thought. It’s not EASY, but if you can build a function and know a few tricks of formatting it’s do-able. That’s my first blush after a good intro to the subject this week. We’ll see if I feel the same after I get knee-deep into making one. Good thing I met an expert or two on this.

6. REST and SOAP calls in PowerShell aren’t nearly as complicated when you have a good teacher walk you through it. What can be complicated is the what you do  with the info you get back. This has some really interesting ideas churning in my head.

7. Regular Expressions aren’t as hard when you understand what the engine is doing behind the scenes. It’s also good to have a tool test your expressions before you turn it loose in the world.

That’s seven key takeaways in broad strokes. Now to use a “bonus thing” I learned and deconstruct those broad items into projects and tasks.

Not bad for 5 days…..

Windows 2016 and DSC – Like Peanut Butter and Chocolate

We’ve all heard about DSC, right? Sure you have. Maybe you’ve been playing around a bit in labs or using for test environments. Why haven’t we all taken the plunge to Infrastructure as Code ( or more accurately Infrastructure from Code)? Because it’s hard, and we’re busy?

Likely, it’s because we don’t have the opportunity to go all ‘greenfield‘ in our daily jobs. Most of us live in the depressingly named ‘brownfields.’ We have servers already, we have workloads on them that are of different importance to our companies. We can’t just rip everything out and replace it! Oh but wait! Most of those machines are running older versions of Window Server or have old hardware. We’re going to need to do an upgrade/replacement plan anyway.

I know a lot of us have those old servers that run some important job. Maybe we virtualized when the hardware broke, but otherwise, they are still on 2008 or god forbid 2003. We can’t manage them with the latest tools because they have an old version of PowerShell ( if at all). We want to get rid of them, but what a daunting task!

Why not combine these two tasks? Two birds one stone and all that. Build out a pull server, and rebuild your infrastructure the “Modern” way. Don’t upgrade those VM,s construct new ones and shift the workload over. That ensures the cleanest installation and configuration. Since you’re configuring them from scratch, why not do it with DSC?

Here’s what I’m in the middle of right now: I have several physical servers at or near the end of life. I have a few 2008 servers still lingering. I want to get all my servers on 2016 to take advantage of several newer technologies. To make our Hyper-V hosts more efficient, I want to move as much as possible to Server Core.  I had used DSC for several small servers but not in a truly ” production ” manner. Time to upgrade!

Here’s my plan in broad terms:

  1. Build out a pair of new load balanced secure Pull Servers – using DSC Push Mode.
  2. From there, make a BASE configuration shared by all servers and inject that MOF into the image I’m using to build new VMs. This base config contains things like domain join, setting up the LCM with where to look for the pull server, network set up, etc.
  3. Create configurations for the server Archetypes – File Server – Web Server – App Server – Backup Server – Domain Controller – etc.
  4. Write some basic Pester tests to verify that the configurations are doing what I expect.
  5. Start standing up servers, pushing configs and testing. Once tests pass…..
  6. Move to production mode!

At some point, I plan to move the whole shooting match from Github to Visual Studios Team Services for source control and test beds. It would be nice to be able to apply a MOF file to a VM in Azure, run pester tests, and upon a full pass, have it deploy that new MOF to the on-site pull servers. But that’s a learning curve for another day!

Your “WannaCry” Takeaway

Postmortem on ransomware attacks.

Don Jones

As the news media continues to report on the meltdown of all global tech (sigh), there’s one takeaway for you, a professional IT person, as a postmortem. And it’s a simple question:

View original post 1,004 more words

Quick VPN Reset for Windows Insiders

As a “Windows Insider” on the Fast Ring, I get new builds of Windows semi-frequently. Love it! Great! Oh wait, now to VPN into the office for that 3am emergency I have to reconfigure my VPN because the installation of the new build hosed it. ARRGGH!

To be clear, it’s NOT because of a fault in Windows per se, it’s a side effect of the constant state of upgrade. Our network requires us to install SonicWALL Mobile Connect to log into our firewall based  VPN. It’s a slick little system and not hard to set up, the problem comes when the Windows build elf comes in the middle of the night. This ‘breaks’ the registration of the Windows Store app for MobileConnect, so when you try to fire up a VPN you get an “application not found” error.

The manual process, while not hard , is both annoying and inconsistent. Each time, you have to go into the Settings/Apps & features to find the SonicWALL Mobile Connect app. Then click the Advanced Features link, and hit the RESET button. That’s all straightforward. Here’s where if gets funky.

Sometimes you can immediately connect up a VPN and get to work. Sometimes you need to rebuild the VPN configuration. Sometimes you need to reboot. Sometimes both! That’s frustrating enough to need a solution.

So I did some poking around with PowerShell ( of course) and discovered that essentially the SonicWALL app needed to be “re-registered”. A short script and a desktop shortcut later, and I’ve got a one-click fix!

The full script can be found HERE – It’s pretty straightforward but here are some parts that can stand a bit of explaining.

As I learned when scripting the creation of the VPN’s ,there are some XML variables required by the SonicWALL app.

Capture

I’m recreating existing VPN’s so I grab the list using Get-VpnConnection

Capture

Then it’s a quick For-Each loop to remove the VPN connections….

Capture

Followed by a re-add of the app….

Capture

And finally a simple For-Each loop to rebuild the VPNs I deleted earlier…

Capture

…. and done!

As I said, it’s not terribly complicated, but it sure is handy. I hope you found this helpful. If not directly then maybe it’s sparking some ideas.