Send email using PowerShell

I like it when you come across something new and today’s nugget is the PowerShell cmdlet Send-MailMessage.  I’ve used mailing scripts with VBS in the past, for example when I wanted email notification when a script had finished but the beauty of the PowerShell method is that you can do it with a single line of code.  As a bare minimum all you need is something like:

Okay, so I did say that you only needed a single line of code but I used the back-tick (highlighted) just to make it more readable.

You can find the TechNet article on the Send-MailMessage cmdlet here.

Checking BADMIFS

Recently there has been a slight increase in the number of files appearing the BADMIFS folder on one of our SCCM servers.  Given that these files get assigned a seemingly random name the only way to identify which client machine they’ve come from to identify any pattern is to open each one.  If you’ve only got a couple of BADMIFs then this task isn’t too onerous but anymore than that you need to look to automate the checks.  What I came up with was a…wait, can you guess?…PowerShell script that checks if there are any BADMIFS on either server and if found then extracts the particular line that contains the computer name and outputs it all to a text file.  A sanitised version of the code I came up with is below:

TechEd 2010 Day 3

I haven’t skipped a day of the conference, just haven’t had time to post.  So day 3 started with a level 400 Advanced PowerShell and has ended with one on Processes & Threads (which I found most disappointing as it seemed to have been lifted straight from the relevant chapters in the Windows Internals book and wrapped up in some pretty awful PowerPoint effects.  The rest of the day has been made up of sessions on Application Compatibility and RemoteFX a really cool new feature of SP1 for Server 2008 R2 when running a VDI.

TechEd 2010 Day 1

Here I am back in Berlin for TechEd EMEA 2010, although actually posting this at the beginning of day 2.  Signs of cut-backs are obvious: no longer do delegates get a branded laptop bag filled with assorted pieces of tat, this year you get a carrier bag.  Yes dear reader a plastic carrier bag!  Well I did my best to make up for that ensuring that I got a fair amount of conference/vendor crap memorabilia.  The Welcome Drinks event was sponsored by HP and looking at the amount of beer consumed by the 6000 delegates I cant see them being in a position to lower the prices of their servers anytime soon.

I’m starting day 2 with a level 400(!) session looking under the hood at the Application Compatibility Toolkit.  Here’s hoping that all the caffeine I had at breakfast starts to kick in pretty soon…

Which way does your data go?

Recently Steve Riley posted made a really interesting about Greg’s Cable Map, an interactive map showing the undersea cable routes.  When I first started working in IT (longer ago than I care to remember now) one of the wonders was how data could travel from one place to another over great distances in the blink of an eye.  These days it seems to be taken for granted but I find the technology behind it, particularly the cabling that facilitates it fascinating and Greg’s Cable Map offers a really good visual representation.

On a historical note, if you are ever in Cornwall, UK it would be well worth visiting the Porthcurno Telegraph Museum if you’re interested in the history of undersea cable and telecommunications.

Lazy debugging

Like all lazy good sysadmins if I have to do something more than twice I’ll start to think about either:

• Delegating to one of my team(!)
  or
• Scripting it.

A while back I read a blog post by Dmitry Vostokov about scripting the analysis of mini crash dumps but never got round to trying it until today.  The only difference from Dmitry’s post is that I took the script and then saved it as minidump_analysis.txt on my notebook.  I then fired up WinDbg and opened a minidump for analysis.  Using the following you can then call your script to be run against the loaded dumpfile

This will then run all of the commands in the script against the minidump and output it to a text file which will be the name of the dumpfile with .log appended to it.

Okay, so its not going to actually do the analysis for me but at least I don’t have to remember to run all the different commands.

Appreciating productivity…

A while back I posted how my work mobile had been swapped out for an Apple iPhone 3GS and hinted that apart from the PowerShell app pretty much everything else I’d installed was non-work related.  I’m glad to report that it’s situation normal today’s non-work app recommendation is Dilbert Mobile.  Don’t know how long this app has been around for but already I’ve lost count how many times I've pressed ‘Random Dilbert’ and had to suppress laughter (it’s uncanny how much they map across to your own work environment….).  And best of all it’s free!

Oh, and today is the 11th Annual System Administrator Appreciation Day.  I’d like to be able to say how much appreciation I’ve been shown today but there hasn’t been any.  Probably because people know how long I spend reading Dilbert strips on my iPhone instead of administering systems…

Don’t stick that USB in there (aka PNP_DETECTED_FATAL_ERROR)…

A couple of days ago one of my team reported that one of our Windows servers had just BSOD’d just as they were sliding the monitor out of the rack.  This particular Server 2003 box runs as our main licence server here at the University for the numerous and varied specialist applications that have their own licence managers (such as FlexNet / FLEXlm) and therefore we have a fair number of dongles from various suppliers that work as part of the licensing mechanism.  The server was set to auto-restart after a crash so once it was back up the investigation started and after tasking the same team member with checking that the server seemed in reasonably good health and that the licence managers were working (might be the Summer vacation but we still have some students and academics around the place) I started the work to try and establish what had triggered BSOD.

The event logs showed the crash but there were no entries immediately prior that would indicate something bad was about to happen.  Next I grabbed the crash dump file from the machine.  The server was configured to create a kernel dump so c:\windows\memory.dmp was a manageable 114MB.  After loading it up into WinDbg the initial output confirmed the bugcheck code that I’d seen in the event log but running…

!analyze –v

…gave me something much more useful.  At the top of the output some more info on the bugcheck was displayed:

This was the first time that I’d seen a PNP_DETECTED_FATAL_ERROR bugcheck but the output gave me some idea about what had gone on.  Given that the output pointed to duplicate PDOs I wondered if maybe one of the USB licence dongles, or the hardware it had attached to had fallen over and then come back causing the PnP manager to enumerate the new device before the old entry had been tidied up (maybe the PnP’s surprise-remove remove command hadn’t been actioned properly?  surprise-remove is what kicks in if you remove a USB memory stick for example without doing the ‘Safely Remove Hardware’ routine).  Didn’t seem likely but the next thing to do was to identify what device was showing as being duplicated.  After making a note of the two offending PDOs (the newly reported PDO 88790170, and the one that it was a duplicate of 8991ac40) I ran…

 !devnode 0 1

…and searched the output to track them down.  Pretty quickly I found the following:

Running !devnode 0 1 shows the devnode structure in a hierarchical format which makes it much easier to read the results.  So despite my first thoughts that maybe the crash was linked to one of the many licence manager we’ve got running on the server (along with their USB dongles) I think that I might actually be looking for a team member who has been sticking a SanDisk Cruzer USB stick somewhere they shouldn’t…

Web browser forensics

Once of the unfortunate aspects to my job is that I sometimes have to do investigative work if it’s been identified that one of our users browsing may have infringed either our own acceptable usage policy / T&C’s or those of our ISP.  The Internet Storm Center has posted an article on an update to Web Historian, one of the free tools from Mandiant.  Looks like it might prove to be useful (supports Firefox, Chrome etc as well as IE) so will check it out.

You can download the latest version of Web Historian here.

Ich gehe nach Berlin…again!

Once again I’ve been fortunate in being able to book my place at Tech-Ed Europe along with two other colleagues (if I’d been really fortunate I’d be going to Tech-Ed North Australia!).  Having checked out the sessions that ran at Tech-Ed North America it looks like it is going to be as good as ever, and am looking forward to hopefully getting to see a bit more of Berlin than I did last year.

Lego Futurama

Not work related but definitely cool, the New New York of Futurama made of Lego!

PowerShell on an iPhone…almost!: v.2 now available.

V.2 of the iPhone PowerShell help app I posted about now available.  Details here.

Windows 7 Cake Edition

Just over a week ago I passed what some may think of as a milestone birthday, and as I was on leave I thought that I had got away with it passing by unnoticed by those that I work with.  Well not quite as this afternoon I was presented with a cake, handmade by a colleague, that was undoubtedly the most apt design that anyone could have come up with…

Even the base was made of icing and had been done in the same design as the default Win7 background.  Oh, and it was delicious as well!

Big thanks to Cath for creating such a delicious logo!

PowerShell on an iPhone…almost!

I’ve been lucky enough to have been issued with an iPhone as a replacement for my HTC S740 Windows Mobile device.  I’m trying not to get too attached to it as it might be possible that someone may decide to pull rank on me and it may end up being reallocated as quickly as it arrived, but like most things Apple it’s a pretty nice device.  Anyway, since I’ve had it I have inevitably trawled the AppStore looking for useful applications to allow me to be more productive at work with my work supplied device.  So far..Lego Photo, BubbleWrap, AirCoaster, Sky News, Sky Sports Football Centre, Met Office Weather, Paper Toss and an app to turn my iPhone into a Star Wars light sabre….well, you get the idea.  But that was until yesterday when into my Inbox arrived an email from Sapien updating me on their products (I’ve used PrimalScript as my scripting environment for years and I’m yet to find anything better).  Lo and behold there’s a PowerShell app for the iPhone that contains full descriptions for all PS v1 cmdlets.  Installed it and it looks pretty good, and now I’m happier as I’m now doing something almost work-related on my new device.  Details on the app can be found here.