Bhargav's IT Playground

Passion for Technology. Power of Messaging.

How to convert a word document to other formats using PowerShell

Jul 28

Posted by Bhargav in PowerShell | No Comments

I recently borrowed a Sony Reader Touch Edition from someone I know to try it out. As I started using Sony’s own library manager, I quickly got bored. I then tried open source Calibre which turned out to be a lot better interface but had a major flaw when it comes to supporting Sony Reader: It didn’t support importing word documents in the library despite of Sont Reader’s capability to read it. It can however import filtered html files which work can produce. Given my lazy nature, I did not want to convert a bunch of word documents I have by hand so I set out to write a PowerShell script to do the work for me.

The script turned out to be much simpler than I thought. Here it is for everyone’s benefit.

param([string]$docpath,[string]$htmlpath = $docpath)

$srcfiles = Get-ChildItem $docPath -filter "*.doc"
$saveFormat = [Enum]::Parse([Microsoft.Office.Interop.Word.WdSaveFormat], "wdFormatFilteredHTML");
$word = new-object -comobject word.application
$word.Visible = $False

function saveas-filteredhtml
	{
		$opendoc = $word.documents.open($doc.FullName);
		$opendoc.saveas([ref]"$htmlpath\$doc.fullname.html", [ref]$saveFormat);
		$opendoc.close();
	}

ForEach ($doc in $srcfiles)
	{
		Write-Host "Processing :" $doc.FullName
		saveas-filteredhtml
		$doc = $null
	}

$word.quit();

Save this code to convertdoc-tohtml.ps1 and you can run it on a set of word documents regardless of doc or docx extension. Also for efficiency I am using –filter in Get-ChildItem instead of piping to where-object or using If statement in the script. Why? Because it says right in the help:

“Filters are more efficient than other parameters, because the provider applies them when retrieving the objects, rather than having Windows PowerShell filter the objects after they are retrieved.”

To run the script, you simple need to point it to a folder where your source document files are and provide output folder if you wish. If not provided, source folder will also be used as output folder. Here’s how you can run it:

convertdoc-tohtml.ps1 -docpath "C:\Documents" -htmlpath "C:\Output"

If you want to know how the script can be transformed to save as different format, refer to wdSaveFormat Enumeration members on MSDN.

Originally posted at http://blogs.technet.com/bshukla

  • Share/Bookmark
Print

Deceiving scopes of variables in a function

Jul 7

Posted by Bhargav in PowerShell | No Comments

I was recently troubleshooting a script when I came across a problem where a variable with defined scope was not retaining its value even though scope seemed correct. Let’s look at simplified example below:

Function Global:Name-ofaFunction
{
$Global:VariableinQuestion = $null
$VariableinQuestion = "Value"
$VariableinQuestion
}

Name-ofaFunction
$VariableinQuestion

The function “Name-ofaFunction” when called, creates a variable with global scope and sets its value to null. Next, it sets the value of a variable and prints current value to host. Part of the script, I am also calling variable after running the function. This helps me verify the value.

When you run this script, however, you will notice that it prints current value (“Value”) of the variable only once.

If you debug the code, you will notice that the variable is set to null when exiting the function! Interesting why that is happening when you have defined the variable scope to be global in line 3!!!

So let’s try this code.

Function Global:Name-ofaFunction
{
#$Global:VariableinQuestion = $null
$global:VariableinQuestion = "Value"
$VariableinQuestion
}

Name-ofaFunction
$VariableinQuestion

If you notice the difference, I have commented out line 3. Also, in line 4, I have added global scope to the variable. If you run this code, you will get the value of the variable printed to the host twice. Once inside the function and second time after the function!

How did that happen? The code doesn’t look much different. Only difference is where I define global scope. Why should that matter? Let me explain.

Although I am not sure if it is a feature or a bug, it seems PowerShell is resetting variable scope to local in line 4 in first example. Because it resets the scope to local, the variable loses its value and is set to null when exiting the function. This is because the variable is created inside the function and is scoped as local for the function. This is fixed in second example by defining it as global right where I am setting its value.

As you can imagine, there are many uses of setting correct scope of the variable. i.e. You may want to use the value returned by the function in another function. When you set the scope properly, the values are retained in appropriate scopes which can be used by other piece of code like functions of cmdlets run on host.

For more information on scope, you can read my previous blog post “PowerShell Variables and Scopes” and TechNet article “about_Scopes”.

Originally posted at http://blogs.technet.com/bshukla

  • Share/Bookmark
Print

Script to configure static ports on Exchange Server 2010

May 19

Posted by Bhargav in Exchange 2010, PowerShell | 13 Comments

If you are planning to implement or are implementing Exchange Server 2010, you may have already noticed that with new changes introduced in this version we highly recommend that you load balance your CAS servers using hardware load balancer. The client connections are not mediated through RPC Client Access service on CAS and that’s why load balancing CAS is very important.

Now if you know how Outlook clients work with Exchange RPC/MAPI, you may as well be aware that it uses random high ports for connection to the Exchange servers. This may not work well when you try to configure your hardware load balancer device. There are many other reasons why you may decide that you would rather use a static port or two for services that need it. It also makes it easy to configure network devices to work with few ports than a whole upper range of high ports.

To that matter, TechNet article “Load Balancing Requirements of Exchange Protocols” has done a great job documenting how you can configure static ports on CAS and Mailbox servers. Henrik Walther has also provided some more details on TechNet wiki article “Configuring Static RPC Ports on an Exchange 2010 Client Access Server”.

Now only if you had the script to do it all for you so you can enjoy doing other things that may be more important or interesting to you… :)

Well, that’s why I have created this script… just for YOU!

So, how do I run the script?

There are few ways you can run it. One is to just call the script with your server name.

& 'c:\scripts\Set-StaticPorts.ps1' -Server Server1

This will change RPC and Address Book ports on the server you specify.

If you want to change many servers, store your servers in a variable and pipe it. Use whichever method works for you to create the array variable with servers you need. One example is to use text file containing one server per line:

$Servers = Get-Content c:\scripts\servers.txt
$Servers | Foreach {& 'c:\scripts\Set-StaticPorts.ps1' -Server $_}

The script can be run remotely as long as you have proper permissions on the server to change registry and exchange configuration files.

So far, in examples above, we did not specify which ports to use for each service. The script accommodates for this by having default values 7575 and 7576 for RPC Service and Address Book Service respectively. But what if you want to specify your own ports? Run:

& 'c:\scripts\Set-StaticPorts.ps1' -Server Server1 -rpcport "50000" -abport "50001"

This will allow you to define your own ports. Just ensure you are not using well known ports or ports in use by other services in your environment to avoid any conflict or confusion.

The script is noisy as you may notice when you run it. It is intentional. It will prompt for your confirmation when changing ports if they are already changed before. It will ask for confirmation before restarting services. Now you may say, I am running the script and I know what I am doing. Well, let the force be with you. –force parameter I mean!

& 'c:\scripts\Set-StaticPorts.ps1' -Server Server1 -rpcport "50000" -abport "50001" –force $true


And this will silcence prompting. It will still write output for each server to the host. You can redirect it to a file as well!

& 'c:\scripts\Set-StaticPorts.ps1' -Server Server1 -rpcport "50000" -abport "50001" –force $true | out-file c:\scripts\results.txt

So, where is this script? You can download it here: Set-StaticPorts.ps1

If you are still reading, here’s the actual script to refer:

#############################################################################
# Set-StaticPorts.ps1
# This script will configure static ports for RPC Client Access and
# Address Book Service on Exchange 2010 CAS servers.
#
# Usage syntax:
# Set-StaticPorts [-Server]  [-rpcport]  [-abport]  [-force]
#
# Usage Examples:
# Set-StaticPorts -Server Server1 -rpcport "50000" -abport "50001" -force $true
# Set-StaticPorts -Server Server1
#
# Use this script in accordance to the following Technet wiki article:
# http://social.technet.microsoft.com/wiki/contents/articles/configuring-static-rpc-ports-on-an-exchange-2010-client-access-server.aspx
#
# Created by
# Bhargav Shukla
# http://blogs.technet.com/bshukla
# http://www.bhargavs.com
#
# DISCLAIMER
# ==========
# THIS CODE IS MADE AVAILABLE AS IS, WITHOUT WARRANTY OF ANY KIND. THE ENTIRE
# RISK OF THE USE OR THE RESULTS FROM THE USE OF THIS CODE REMAINS WITH THE USER.
#############################################################################
 
# Declare Parameters with defaults
param([string]$server,[string]$rpcport = '7575',[string]$abport = '7576',[bool]force = $false;)
 
# Filter to set tcp-port, for avoiding redundancy in the code that follows
function tcp-port
{
	if (($regkey.getvalue($VALUE)) -eq $null)
	{
		# Create / Set TCP/IP Port key and value
		$regKey.Setvalue('TCP/IP Port', "$rpcport", 'Dword')
 
		# Make changes effective immediately
		$regKey.Flush()
 
		# Read and store current value
		$global:TCPPort = $regkey.getvalue($VALUE)	
 
		# Close registry key
		$regKey.Close()
 
		Write-Host -ForegroundColor Green "TCP/IP Port for RPC Client Access is set to $TCPPort on server $server."
	}
	else
	{
		if (($regkey.getvalue($VALUE)) -ne $rpcport)
		{
			$rpccurrport = $regkey.getvalue($VALUE)
			If (($force) -or (Read-Host "Change the RPC Client Service port from $rpccurrport to $rpcport ? [Y/N]") -eq "Y")
			{
				# Create / Set TCP/IP Port key and value
				$regKey.Setvalue('TCP/IP Port', "$rpcport", 'Dword')
 
				# Make changes effective immediately
				$regKey.Flush()
 
				# Read and store current value
				$global:TCPPort = $regkey.getvalue($VALUE)	
 
				# Close registry key
				$regKey.Close()
 
				Write-Host -ForegroundColor Green "TCP/IP Port for RPC Client Access is set to $TCPPort on server $server."
			}
			else
			{
				Write-Host -ForegroundColor Green "No changes to RPC Client Service port are made on server $server."
			}
		}
		else
		{
			Write-Host -ForegroundColor Green "No changes to RPC Client Service port are necessary on server $server."
		}
	}
}
 
function get-installpath
{
	# Set Exchange base key and value to read
	$Reg_ExSetup = "SOFTWARE\\Microsoft\\ExchangeServer\\v14\\Setup"
	$VALUE = "MsiInstallPath"
 
	# Set regKey for MsiInstallPath
	$regKey= $reg.OpenSubKey($REG_ExSetup)
 
	# Get Install Path from Registry and replace : with $
	$installPath = ($regkey.getvalue($VALUE) | foreach {$_ -replace (":","`$")})
 
	# Set Address Book Service config file path
	$global:ABFile = "\\$Server\$installPath"+"Bin\microsoft.exchange.addressbook.service.exe.config"
 
	# Close registry key
	$regKey.Close()
}
 
function restart-services
{
	# Restart Microsoft Exchange RPC Client Access and Microsoft Exchange Address Book service
	#### You must specify a timeout (in seconds) or the script could potentially never end
	$TimeOut = 30
 
	#### This will stop a single service on all servers in sequence
	$ServiceFilters = "(name = 'msexchangerpc')","(name = 'msexchangeab')"
 
	$Locator = new-object -com "WbemScripting.SWbemLocator"
	$WMI = $Locator.ConnectServer($Server, "root\cimv2")
	# Stop Service and check for timeout or sucessful stop
		$ServiceFilters | %{
			$ThisFilter = $_
			(Get-WmiObject -Class Win32_Service -ComputerName $Server -filter "$ThisFilter AND state='running'") | %{
				$Service = $_
				$Refresher = new-object -comobject "WbemScripting.SWbemRefresher"
				$FreshObject = $Refresher.Add($WMI,$Service.__RELPATH)
				$Refresher.Refresh()
				$Then = Get-Date
				:Checking Do {
					$Service.StopService() | out-null
					$Refresher.Refresh()
					if (($FreshObject.Object.properties_ | ?{$_.name -eq "state"}).value -eq "Stopped")
					{
						Write-Warning "Service $($Service.Name) is stopped on server $Server."
						break :Checking;
					} Else {
						If (((Get-Date) - $Then).seconds -ge $TimeOut)
						{
							Write-Warning "Service $($Service.Name) timed out while trying to stop on server $Server. Please restart service manually."
							break :Checking;
						}
					}
				} While ($True)
			}
		}
 
	# Start Service and check for timeout or sucessful start
		$ServiceFilters | %{
			$ThisFilter = $_
			(Get-WmiObject -Class Win32_Service -ComputerName $Server -filter "$ThisFilter AND state='Stopped'") | %{
				$Service = $_
				$Refresher = new-object -comobject "WbemScripting.SWbemRefresher"
				$FreshObject = $Refresher.Add($WMI,$Service.__RELPATH)
				$Refresher.Refresh()
				$Then = Get-Date
				:Checking Do {
					$Service.StartService() | out-null
					$Refresher.Refresh()
					if (($FreshObject.Object.properties_ | ?{$_.name -eq "state"}).value -eq "running")
					{
						Write-Host "Service $($Service.Name) started successfully on server $Server"
						break :Checking;
					} Else {
						If (((Get-Date) - $Then).seconds -ge $TimeOut)
						{
							Write-Warning "Service $($Service.Name) timed out while trying to start on server $Server. Please restart service manually."
							break :Checking;
						}
					}
				} While ($True)
			}
		}
}
 
If ($server)
{
	# Set Registry Key variables
	$REG_BASE = "System\\CurrentControlSet\\Services\\MSExchangeRPC"
	$REG_KEY = "System\\CurrentControlSet\\Services\\MSExchangeRPC\\ParameterSystem"
	$VALUE = 'TCP/IP Port'
 
	# Open remote registry
	$reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $Server)
 
	# Open the targeted remote registry key/subkey as read/write
	$regKey = $reg.OpenSubKey($REG_KEY,$true)
 
	# Create/Modify Key and Values as necessary
	if ($regKey)
	{
	tcp-port
	}
	else
	{
	$regBase = $reg.OpenSubKey($REG_BASE,$true)
	$regBase.CreateSubKey('ParameterSystem')
	$regBase.Close()
	# Open the targeted remote registry key/subkey as read/write
	$regKey = $reg.OpenSubKey($REG_KEY,$true)
	tcp-port
	}
 
	# Get location of Address Book Service configuration file
	get-installpath
 
	# Verify the file exists, exit if it doesn't
	if (Test-Path $ABFile -ErrorAction SilentlyContinue)
	{
		# Backup file before editing
		$currentDate = (get-date).tostring("MM_dd_yyyy-hh_mm_s")
		$ABbackup = $ABFile + ".$currentDate"
		$xml = [xml](get-content $ABFile)
		$xml.Save($ABbackup)
 
		# Edit RpcTcpPort if 0, ask user for approval if not 0
		$root = $xml.get_DocumentElement();
		ForEach ($item in $root.appSettings.add)
		{
		if (($item.key -eq "RpcTcpPort") -and ($item.value -eq "0"))
			{
				$item.value="$abport"
				Write-Host -ForegroundColor Green "TCP/IP Port for Address Book Service is set to $ABPort on server $server."
			}
			else
			{
			If (($item.key -eq "RpcTcpPort") -and ($item.value -ne "$abport"))
				{
				if (($force) -or (Read-Host "Change port from $($item.value) to $abport on server $server ? [Y/N]") -eq "Y")
					{
						$item.value="$abport"
						Write-Host -ForegroundColor Green "TCP/IP Port for Address Book Service is set to $ABPort on server $server."
					}
				else
					{
						Write-Host -ForegroundColor Green "No changes are made to TCP/IP Port for Address Book Service on server $server."
					}
				}
			}
		}
		$xml.Save($ABFile)
	}
	else
	{
	Write-Host -ForegroundColor Red -BackgroundColor Black "Address Book Service configuration file does not exist for server $server. Please verify file and update manually."
	}
 
	# Ask for and restart services if requested
	If (($force) -or (Read-Host "Restart services MSExchangeRPC and MSExchangeAB? [Y/N]") -eq "Y")
		{
			restart-services
		}
		else
		{
			Write-Warning "Please restart the Microsoft Exchange RPC Client Access (MSExchangeRPC) service for changes to take effect."
		}
 
	# Reminder for MAilbox Servers
	Write-Warning "Please do not forget to change ports on Mailbox servers for Public Folder Access."
}
else
{
Write-Host -ForegroundColor Red -BackgroundColor Black "Server Name is null. Please provide Server where static ports need to be set."
Write-Host -ForegroundColor Red -BackgroundColor Black "The syntax is 'Set-StaticPorts.ps1 `"servername`" `"1234`" `"1235`"'."
Write-Host -ForegroundColor Red -BackgroundColor Black "Please replace values of `"1234`" and `"1235`" with valid port numbers for RPC and Address Book Services respectively."
}


This is a cross post from http://blogs.technet.com/bshukla

  • Share/Bookmark
Print

Disaster Recovery

May 3

Posted by admin in Announcements | No Comments

As many may have noticed already, my site had been unavailable for days. I was able to finally move to a better host, and recover content from backups. I however have lingering issues like missing images and some other miscellaneous items.

I appreciate  your patience and hope this will not happen again. I would also like to let you know that I have also created blog at http://blogs.technet.com/bshukla. The content will be cross posted so it will be available to both here and at my technet blog. This way you can continue following my articles either way.

Lastly, I would like to thank you for your patience while I worked on restoring my site from catastrophic failure.

  • Share/Bookmark
Print

How to install Update Rollups remotely on Exchange 2010 server

Apr 7

Posted by Bhargav in Exchange 2010, PowerShell | No Comments

If you are like me, you are always looking for ways to not leave your chair, or for that matter, not switch windows.

When it comes to install Update Rollups on every Exchange 2010 server you have, the same applies. So I set out to find a way and I found one! Even though this requires some work upfront, it will make it easy ever after.

Pre-Requisites:

The cost of making it easier for future is the work you have to do now. Well, let’s get to it. In order to be able to connect to your Exchange servers remotely, you will need to configure winrm (if not configured already). All you need to do is run 

winrm quickconfig

from elevated PowerShell session (run as administrator). The command adds an HTTP listener, configures the server to allow remote requests, and creates a Firewall exception rule. I am assuming that you are running Windows Server 2008 R2. I have not tested this on other server versions, however it should work if PowerShell v2 and WinRM is installed correctly.

Script:

So, how do I run the script?

Get-Content “\\server\share\servers.txt” | Foreach-Object {Invoke-Command –ComputerName $_ –FilePath “\\server\share\Install-UpdateRollups.ps1”}

The command will read list of servers from servers.txt (specify your path where it reads \\server\share\servers.txt) and call script to install Update Rollup specified in the script. Notice that I am user serialization by piping. This way I am running update only on one server at a time. The command could be change to look like this:

Invoke-Command –ComputerName (Get-Content “\\server\share\servers.txt”) –FilePath “\\server\share\Install-UpdateRollups.ps1”

however, I have not tested it on multiple computers and unsure of the success using this method.

After the installation of Update Rollup, the script will prompt user for reboot and if user approves, script will also reboot the server.

So, a million dollar question is, where is this script? You can download it here: Install-UpdateRollups.ps1

The code is pasted below for reference:

#############################################################################
# Install-UpdateRollups.ps1
# Remotely installs Update Rollups on Exchange 2007 or Exchange 2010 servers
#
# Pre-requisites
# --------------
# Requires winrm enabled on destination servers. Run winrm quickconfig to enable.
# Requires write access to $Log_Drive folder and $Install_Drive folder if "Logs"
#   folder doesn't exist in $Install_Drive.
#
# Created by
# Bhargav Shukla
# http://blogs.technet.com/bshukla
# http://www.bhargavs.com
#
# DISCLAIMER
# ==========
# THIS CODE IS MADE AVAILABLE AS IS, WITHOUT WARRANTY OF ANY KIND. THE ENTIRE
# RISK OF THE USE OR THE RESULTS FROM THE USE OF THIS CODE REMAINS WITH THE USER.
#############################################################################

#Update variables to reflect correct locations and Update Rollup installer file name
$Install_Drive = "\\server\share"
$RU_File = "installer.msp"
$Log_Drive = "$Install_Drive\Logs"
$ServerName = $Env:COMPUTERNAME

# Check for RU install file
$CheckRUPath = "$Install_Drive\$RU_File"
Write-Host -ForegroundColor Green "Checking for $CheckRUPath"
if (-not (Test-Path $CheckRUPath))
{
	Write-Host -ForegroundColor Red "ERROR: Update Rollup File not found!"
	Write-Host -ForegroundColor Red "ERROR: Exiting."
	exit
}

# Check for Logs path, create folder if doesn't exist
$CheckLogPath = "$Log_Drive"
Write-Host -ForegroundColor Green "Checking for $CheckLogPath"
if (-not (Test-Path $CheckLogPath))
{
	Write-Host -ForegroundColor Yellow "ERROR: Log Folder not found!"
	Write-Host -ForegroundColor Yellow "INFO:  Creating Log Folder..."
	New-Item -Path $Install_Drive -Name Logs -itemtype directory -Force
}

# Disable "Check for publisher's certificate revocation"
Write-Host ""
Write-Host -ForegroundColor Green "Disabling publisher's certificate revocation check..."
set-ItemProperty -path "HKCU:\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing" -name State -value 146944

Write-Host -ForegroundColor Green "Installing Exchange Update Rollup..."
	$oProcess = [System.Diagnostics.Process]::Start("$Install_Drive\$RU_File", " /passive /lv $Log_Drive\$ServerName-InstallRollup.log /norestart")
	$oProcess.WaitForExit() 

# Enable "Check for publisher's certificate revocation"
Write-Host -ForegroundColor Green "Re-enabling Check for publisher's certificate revocation..."
Set-ItemProperty -path "HKCU:Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing" -name State -value 146432

# Reboot if user responds [Y]es
if ((Read-Host "Reboot? [Y/N]") -eq "Y")
{
write-host -ForegroundColor Red "Rebooting Server $ServerName."
Restart-Computer
}
Update:

I failed to mention the effect of double-hops and delegation of authentication for the remote installation mentioned above to work. Here’s why it is a problem:

Your install files and list of servers are located on a server (let’s call it ServerA). You are running the invoke-command from a client computer (let’s call it ClientA) and you are going to install RU on Exchange servers (let’s call it EXA, EXB and EXC). When you run the command, get-content is run is local runspace of ClientA and works fine. The next step is to pipe the servernames to invoke-command. The install script mentioned above is then called from share on ServerA. However, this is now remote runspace on exchange servers EXA, EXB and EXC. The error you will notice is when the install script checks for existence of RU file. Even if the RU file exists in mentioned share and permissions are given to account you are using to run the commands from ClientA, you will see that script errors and exits unexpectedly. It thinks the RU file doesn’t exist when it actually does!

That is because, your credentials from ClientA are passed to EXA, however, to access the file on ServerA, your credentials needs to be passed on to it. This is delegation. And we have not configured any delegation yet! This will cause script block to fail since it can’t access the RU file without access.

How can you solve this? Here are the steps:

1. on ClientA run:

Enable-wsmancredssp -role client –delegatecomputer *

This will enable credssp delegation from ClientA to computers you define in –delegatecomputer. In our example, we allowed delegation to all computer by using * which is ok for lab. In production environment, you may want to restrict it to your domain name (i.e. *.domain.com) or list of servers (i.e. EXA.domain.com, EXB.domain.com, EXC.domain.com).

2. on all target servers, EXA, EXB and EXC in our example, run:

Enable-wsmancredssp -role server

This will allow target servers to use credentials specified by ClientA using CredSSP to access files on ServerA.

3. on ClientA, run the install command:

$cred = Get-Credential
Get-Content “\\server\share\servers.txt” | Foreach-Object {Invoke-Command –ComputerName $_ –FilePath “\\server\share\Install-UpdateRollups.ps1” –Authentication CredSSP –Credential $cred}

Notice the use of CredSSP and explicit specification of credentials. This is important and required for the remote install process to work.

One more gotcha. The process above does not work if your ClientA isn’t Windows 7, Vista or Windows Server 2008. This is because CredSSP isn’t available to Windows XP or Windows Server 2003. You can host your share on Windows Server 2003, however, you must run step 1 and 3 from a client that is capable of using CredSSP.

Here are some references for further reading:

Multi-Hop Support in WinRM

Using invoke-command to launch a script on a remote computer which connects to network resources

Enable-WSManCredSSP

 

This article is also posted to http://www.bhargavs.com

  • Share/Bookmark
Print

Script to enable preview pane for PowerShell scripts

Mar 29

Posted by Bhargav in PowerShell | No Comments

If you are running Windows 7, you probably know what preview pane is. And if you use PowerShell and create ps1 scripts, you may also wonder how can you enable preview for PowerShell scripts in Windows Explorer.

Well, Nate Bruneau shared how to edit registry to enable preview for ps1 scripts. Being a scripter myself, I figured I would wrap it into a nice script and share it with everyone. Thanks Nate for your permission.

The scrip runs on Windows 7 and Windows Server 2008 R2. You must run it from elevated PowerShell session. The script uses elevation code from Ian Griffiths’ blog to check for elevation and exits with notification if PowerShell is not running as administrator.

Here’s the script:

#############################################################################
# Enable-ps1Preview.ps1
# This script will enable preview for ps1 files in Windows Explorer.
# Special thanks to Nate Bruneau for the idea.
#
# Created by
# Bhargav Shukla
# http://www.bhargavs.com
#
# DISCLAIMER
# ==========
# THIS CODE IS MADE AVAILABLE AS IS, WITHOUT WARRANTY OF ANY KIND. THE ENTIRE
# RISK OF THE USE OR THE RESULTS FROM THE USE OF THIS CODE REMAINS WITH THE USER.
#############################################################################

# Check if OS is Windows 7 or Windows Server 2008 R2, quit if not.
$OS = (Get-WmiObject -Class win32_OperatingSystem).caption
switch -wildcard ($OS)
{
  "*Windows 7*" {"`nChecking Elevation..."}
  "*Windows Server 2008 R2*" {"`nChecking Elevation..."}
  default {Write-Host -ForegroundColor Red "`nYou are not running Windows 7 or Windows Server 2008 R2. You can't use this feature on older OS."; exit}
}

# Function to check if PowerShell is running elevated
function Check-Elevated
{
  $wid=[System.Security.Principal.WindowsIdentity]::GetCurrent()
  $prp=new-object System.Security.Principal.WindowsPrincipal($wid)
  $adm=[System.Security.Principal.WindowsBuiltInRole]::Administrator
  $IsAdmin=$prp.IsInRole($adm)
  if ($IsAdmin)
  {
    Set-Variable -Name elevated -Value $true -Scope 1
  }
}

# Make registry changes if running elevated, throw error if not
Check-Elevated
If ($elevated -eq $true)
{
	# Set Registry Key variables
	$REG_KEY = ".ps1"

	# Open remote registry
	$reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('ClassesRoot', ".")

	# Open the targeted remote registry key/subkey as read/write
	$regKey = $reg.OpenSubKey($REG_KEY,$true)

	# Set PerceivedType to "text"
	if ($regKey -ne $null)
	{
		$regKey.Setvalue('PerceivedType', 'text', 'String')
		$regKey.Setvalue('Content Type', 'text/plain', 'String')

		# Close the Reg Key
		$regKey.Close()

		Write-Host -ForegroundColor Green -BackgroundColor Black "Preview for .ps1 files is now enabled. Enable preview pane in Windows Explorer.`n"

	}

}
else
{
  Write-Host -ForegroundColor Red -BackgroundColor Black "Please run PowerShell as administrator before you run this script.`n"
}

You can download the script here – Enable-ps1Preview.ps1

  • Share/Bookmark
Print

Script to suppress Link State Updates

Mar 25

Posted by Bhargav in Exchange 2010 | No Comments

If you are in process of upgrading from Exchange 2003 to Exchange 2010, you must have read “Upgrade from Exchange 2003 Transport” article on Technet which spells out the details of a requirement – “minor link state updates must be suppressed to make sure that message looping doesn’t occur when a route is recalculated”.

I will not go into details of the requirement, however, if you read the details in the “Suppress Link State Updates” article, you know that the task can be daunting, especially if you have multiple Exchange 2003 servers, possibly in geographically dispersed locations.

Well, sweat no more. I have written a script that will help you get it done easily. Here’s the script:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173

#############################################################################
# Suppress-Linkstate.ps1
# Using static text file or Get-ExchangeServer, this script will configure
# selected Exchange 2003 servers to suppress Link State to aid in upgrade to
# Exchange Server 2010 environment.
#
# Use this script in accordance to the following Technet article
# http://technet.microsoft.com/en-us/library/aa996728.aspx
#
# Created by
# Bhargav Shukla
# http://www.bhargavs.com
#
# DISCLAIMER
# ==========
# THIS CODE IS MADE AVAILABLE AS IS, WITHOUT WARRANTY OF ANY KIND. THE ENTIRE
# RISK OF THE USE OR THE RESULTS FROM THE USE OF THIS CODE REMAINS WITH THE USER.
#############################################################################
 
function Suppress-Linkstate
{
# Create empty results file or overwrite existing file
"Server Name,SuppressStateChanges,ServiceStopState,ServiceStartState" | Out-File .\results.csv -Encoding ASCII
 
	foreach ($Server in $Servers)
	{
		# Do Nothing if $_ is null
		if ($Server -ne $null)
		{
		# Set server to connect to
		#$Server = "$_"
 
		# Read SuppressStateChanges from servers
 
			# Set Registry Key variables
			$REG_KEY = "System\\CurrentControlSet\\Services\\RESvc\\Parameters"
			$VALUE = "SuppressStateChanges"
 
			# Open remote registry
			$reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $Server)
 
			# Open the targeted remote registry key/subkey as read/write
			$regKey = $reg.OpenSubKey($REG_KEY,$true)
 
			# Set SuppressStateChanges to 1 if key exists
			if ($regKey -ne $null)
			{
			$regKey.Setvalue('SuppressStateChanges', '1', 'Dword')
 
			# Write changes to registry without closing it
			$regKey.Flush()
 
			# Read and Store SuppressStateChanges value in variable
			$SuppressStateChanges = $regkey.getvalue($VALUE)
 
			# Close the Reg Key
			$regKey.Close()
			}
 
		# Restart SMTP service, the Microsoft Exchange Routing Engine service, and the Microsoft Exchange MTA Stacks service
		#### You must specify a timeout (in seconds) or the script could potentially never end
		$TimeOut = 30
 
		#### This will stop a single service on all servers in sequence
		$ServiceFilters = "(name = 'smtpsvc')","(name = 'resvc')","(name = 'msexchangemta')"
 
 
			$Locator = new-object -com "WbemScripting.SWbemLocator"
			$WMI = $Locator.ConnectServer($Server, "root\cimv2")
		# Stop Service and check for timeout or sucessful stop
			$ServiceFilters | %{
				$ThisFilter = $_
				(Get-WmiObject -Class Win32_Service -ComputerName $Server -filter "$ThisFilter AND state='running'") | %{
					$Service = $_
					$Refresher = new-object -comobject "WbemScripting.SWbemRefresher"
					$FreshObject = $Refresher.Add($WMI,$Service.__RELPATH)
					$Refresher.Refresh()
					$Then = Get-Date
					:Checking Do {
						$Service.StopService() | out-null
						$Refresher.Refresh()
						if (($FreshObject.Object.properties_ | ?{$_.name -eq "state"}).value -eq "Stopped") {
							$ServiceStopState = "Service $($Service.Name) stopped";
 
							# Store result string in a variable
							$result = "$Server,$SuppressStateChanges,$ServiceStopState,$ServiceStartState"
 
							# Write results to file
							$result | Out-File .\results.csv -Encoding ASCII -Append
 
							$ServiceStopState = $null
 
							break :Checking;
						} Else {
							If (((Get-Date) - $Then).seconds -ge $TimeOut){
								$ServiceStopState = "Service $($Service.Name) stop TIMEOUT";
 
								# Store result string in a variable
								$result = "$Server,$SuppressStateChanges,$ServiceStopState,$ServiceStartState"
 
								# Write results to file
								$result | Out-File .\results.csv -Encoding ASCII -Append
 
								$ServiceStopState = $null
 
								break :Checking;
							}
						}
					} While ($True)
				}
			}
 
		# Start Service and check for timeout or sucessful start
			$ServiceFilters | %{
				$ThisFilter = $_
				(Get-WmiObject -Class Win32_Service -ComputerName $Server -filter "$ThisFilter AND state='Stopped'") | %{
					$Service = $_
					$Refresher = new-object -comobject "WbemScripting.SWbemRefresher"
					$FreshObject = $Refresher.Add($WMI,$Service.__RELPATH)
					$Refresher.Refresh()
					$Then = Get-Date
					:Checking Do {
						$Service.StartService() | out-null
						$Refresher.Refresh()
						if (($FreshObject.Object.properties_ | ?{$_.name -eq "state"}).value -eq "running") {
							$ServiceStartState = "Service $($Service.Name) started";
 
							# Store result string in a variable
							$result = "$Server,$SuppressStateChanges,$ServiceStopState,$ServiceStartState"
 
							# Write results to file
							$result | Out-File .\results.csv -Encoding ASCII -Append
 
							$ServiceStartState = $null
 
							break :Checking;
						} Else {
							If (((Get-Date) - $Then).seconds -ge $TimeOut){
								$ServiceStartState = "Service $($Service.Name) start TIMEOUT";
 
								# Store result string in a variable
								$result = "$Server,$SuppressStateChanges,$ServiceStopState,$ServiceStartState"
 
								# Write results to file
								$result | Out-File .\results.csv -Encoding ASCII -Append
 
								$ServiceStartState = $null
 
								break :Checking;
							}
						}
					} While ($True)
				}
			}
		}
	}
}
 
 
#Add Exchange 2010 snapin if not loaded
# Uncomment following four (4) lines if using dynamic list mentioned below
If ((Get-PSSnapin | where {$_.Name -match "E2010"}) -eq $null)
{
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010
}
 
# Uncomment next line if you want to dynamically get Exchange 2003 servers using Exchange 2010 Management Shell
$Servers = (get-exchangeserver | Where-Object {$_.AdminDisplayVersion -like '*6.5*'} | ForEach-Object {$_.Name})
# Comment line above and Uncomment next line if you want to provide list of servers in a text file (one server per line)
# You can't have both of the abovementioned lines uncommented. Please use one of your choice.
# $Servers = Get-Content .\servers.txt
 
$Servers | Suppress-Linkstate

Few important pointers:

  • The script can use one of the two methods, please comment and uncomment necessary lines as documented in script

     – Dynamically retrieve list of Exchange 2003 servers in your environment using Get-ExchangeServer cmdlet from an Exchange 2010 server

     – Use list of Exchange 2003 servers provided in servers.txt file (one server per line)

  • If you choose to use dynamic method, you  must have Exchange server 2010 admin tools installed on the machine where the script is run from
  • The output will be store in results.csv file
  • Timeout value in line 62 works fine in my lab tests, it may not work for you. Please adjust the value as necessary

You can download the script from here: Suppress-Linkstate.ps1

I am sure there are ways to optimize and improve this script. I would love to know how I can make the script better and more useful. Please feel free to drop me a line using contact form. I will be happy to hear your feedback and improve script. You can also use comments option on this post to leave your feedback.

  • Share/Bookmark
Print

Tags: , , ,

Send a Tweet from PowerShell

Mar 16

Posted by Bhargav in PowerShell | 1 Comment

I was reading Shay’s article on how to send direct messages on twitter using PowerShell when I couldn’t resist but find a way to send normal tweets from PowerShell. While trying to do that, I also incorporated security so that your transmission is secure and so is your input. Here’s the code:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

function Send-Tweet($Message,$UserName)
{
   if ($Message -eq $null) {$Message = Read-Host "Enter your tweet"}
   if ($Username -eq $null) {$Username = read-host "Enter your twitter username"}
   if ($Password -eq $null)
   {
	$Password = read-host -assecurestring "Enter your twitter password"
	$marshal = [Runtime.InteropServices.Marshal]
	$Password = $marshal::PtrToStringAuto($marshal::SecureStringToBSTR($Password))
   }
   $url="https://twitter.com/statuses/update.xml?status=$Message"
   $request = [System.Net.WebRequest]::Create($url)
   $request.credentials= New-Object System.Net.NetworkCredential($UserName,$Password)
   $request.method= "POST"
   $request.contentType = "application/x-www-form-urlencoded"
   $request.GetResponse().statusCode # return the status code of the request
}

To send tweet, you need to type:

Send-Tweet -Message "Hello World!" -Username userxyz

Notice I did not include –Password. Infact, I did not include $Password in parenthesis after function. This way even if you were using tab to cycle through available parameters, you won’t see “Password” as a parameter. It still won’t stop you from typing:

Send-Tweet -Message "Hello World!" -Username userxyz -Password password

But by not declaring the parameter, I am encouraging one to skip typing password in plain-text. When user sends tweet using first option (without password) this script will prompt user for password. How is it secure? Notice –assecurestring when I am prompting user for password. This way your entry will show up as ****** instead of plaintext. If you were to use second method, you will type your password in plaintext and I am assuming you will do that when you are sure your screen is not visible to anyone else.

Another nice feature in my script is, I am using https in URL. This way I am sending authentication string over SSL. Shay’s original script for direct message does not use SSL hence username and password is transmitted in base64 encoding of string “username:password”. Your tweet will be published and will be in public domain but I don’t like the idea of transmitting username and password the same way. Here’s why:

The network capture shows the following:

image

Now let’s see what we can do with highlighted string in PowerShell:

PS> $b64upass = "dXNlcm5hbWU6cGFzc3dvcmQ="
PS> $bytes = [convert]::FromBase64String($b64upass)
PS> $decoded = [System.Text.Encoding]::UTF8.GetString($bytes)
PS> $decoded
username:password

So as you can see, even though Base64 is not plaintext, it’s very easy to decode and your username and password is more valuable than that!

If you are going to use Shay’s script for direct tweets, you can simply change URL to https and it should transmit securely. you can also use other ideas from my script to make password entry more secure.

Here’s another way of doing it:

$Tweetcred = Get-Credential
$UserName=$Tweetcred.GetNetworkCredential().UserName
$Password=$Tweetcred.GetNetworkCredential().Password

Using this method simply asks user for username and password in standard windows security dialog box and stores it in credential object of the OS.

image

I thank Shay for showing me way and hope you will benefit from both his and my scripts!

Update: Including link to Wikipedia article on HTTP Basic Access Authentication for reference.

  • Share/Bookmark
Print

Tags: , , ,

Charter Member of MCITP: Enterprise Messaging Administrator Exchange 2010

Mar 5

Posted by Bhargav in General | 3 Comments

I just came to know that I am a “Charter Member” of MCITP: Enterprise Messaging Administrator 2010. It is interesting because I took exams when they were in Beta stage and knew I would be one of the first few, however, when I got certificate from MCP site right after getting certified, it did not who me as Charter Member. I did not really bother wondering why or email MCP team. However, today when I saw someone else posting about it, I was curious so I headed to MCP site and checked again. To my surprise, the Certificate download tool now listed me as Charter Member! Interesting but not surprising. It’s always good to know I got that special designation.

There are different views about what a Charter Member is. Some suggest it is first 5000 who get certified and the MCP site suggests differently. I am going to quote what I consider an authoritative resource: Microsoft Learning Site.

As per the site:

“Charter Members are the pioneering group of individuals who achieve a certification shortly after the certification becomes available. When a Charter Member certification is offered, it is available to candidates who achieve the new certification within six months after the certification exam is released. Charter Members are recognized by receiving the Charter version of the certificate.”

But hey, either way, I am a Charter Member. Hurray! :)

MCITP-2010-Charter

  • Share/Bookmark
Print

Tags: , ,

Enterprise Root CA Web Enrollment – RTFM, but what if I didn’t?

Mar 1

Posted by Bhargav in Windows Server | No Comments

I was building Enterprise Root CA in my lab and was in rush so ofcourse, I did not read the fabulous manual and went forward with installing the Enterprise Root CA without installing IIS. I did know IIS is needed for web enrollment but did not care to check if it was already installed. It sure wasn’t.

So the Root CA was installed but I could not request certificates using web enrollment.

I went ahead and installed IIS and enabled ASP after the fact but web enrollment still wasn’t going to work as the virtual directories for web enrollment were missing as expected. Only if I had read RTFM.

What can I do now? How big of an issue this is going to be for me? luckily not any bigger than issuing a command “certutil –vroot”. As long as IIS was installed correctly, the command creates necessary, checks if ASP is enabled and warns you if not. That’s it for fixing the problem I created for myself. Thanks fabulous programmers at Microsoft to make products work for those who don’t read the fabulous manuals without real headache of reinstall.

Off to my next task…

  • Share/Bookmark
Print

Tags: , ,