multiple

Get Inactive Users Report for the past 60 days in a multi domain environment

I had a request recently to provide an inactive user report for the past 60 days. Basically, find out which accounts have not logged in for the past 60 days so action can be taken against them.

The request was for a multi domain forest which queries every domain controller and gets the latest lastlogon value by comparing value from each. I wrote a script and wanted to share as other might find it handy too.

 

Get Primary, Secondary, Tertiary DNS values and more from Multiple Servers

Came across a unique request to get primary, secondary, and tertiary DNS values for multiple computers/servers across the domain. I started writing the script and got what I wanted.

Now this started off as just to query for DNS Server information, but then I thought to add other pieces to get myself a good Network Inventory of all the servers in the environment.

I am utilizing the Win32_NetworkAdapterConfiguration WMI Class to get the required information.

You can modify the script below to suit your needs. The complete list of settings that can be captured:

Since the scripts are querying for information it is best if it runs from a DC or a privileged server with an account that has privileged access.

To get the results you need the following two scripts:

Get-NetworkInfo.ps1:

I needed to get all the network information for all the domain controllers in the domain. So the following code retrieves it for me. This came really handy in viewing all the DNS settings setup on all the DCs and correcting them if needed.

Get-Remote-NetworkInfo.ps1

This will get the information and export to an excel file that you can have handy for reference or auditing. Hope this helps!

Resolve IP Addresses from List of Host Names

If you have a list of hostnames/servers that you need IP addresses for its cumbersome to ping each server and get the ip address.

PowerShell to the rescue!

To do this we need a file called Server.txt with each server’s hostname on each line. I am storing the file in D:\Data\Servers.txt.

Once we run the script below it resolves the ip via DNS and stores to another file called D:\Data\Addresses.txt.

All the IP addresses are getting pulled from their DNS value. 

Get PasswordAge for users in a particular domain

In Office365 if you have more than one domain in a subscription, there are times where you may want to get the password age for users of that domain.

In my case to check which users are covered and meeting policy and get the users addressed.

The output will be similar to:

Configure SNMP on an ESXi Host or multiple Hosts

Recently I needed to configure all of our 40 or so ESXi hosts to forward SNMP traps to our corporate monitoring solution. This meant enabling and configuring SNMP on each of the hosts. Naturally, I wrote a script for this as 40 hosts is way too many to do manually.

This article shows you how configure SNMP on an ESXi host manually, via PowerCLI and via host profiles.

Option 1: Manually via Command Line

This is the most boring approach and should really only be used if you only have a few ESXi hosts to do, or if you really like doing things manually 🙂

  1. Start the SSH service on the ESXi host (Configuration >> Software >> Security Profile >> Services)
  2. SSH into host (using putty or something similar)
  3. Run the following to configure SNMP settings, enable SNMP in the firewall and start the SNMP agent:
    Note 1: Replace <COMMUNITY_STRING> with the community string for your monitoring solution.

    Note 2: Replace <TARGET_STRING> with the target string that maps to your environment, in the format of [email protected]/community_string.

    Option 2: Manually via PowerCLI

    Option number 2 is to use PowerCLI to configure SNMP on an ESXi host. The following script is how to do this on a single host. To configure SNMP on an whole bunch of ESXi hosts, see option 3 below.

    Note: Prior to being able to use the script above, ensure you configure the following variable values:

    • <ESXI_HOST> – The FQDN or the IP address of the ESXi host you want to enable SNMP on.
    • <COMMUNITY> – This is the community string you require for your environment (same as in option 1 above).
    • <TARGET> – This is the FQDN or IP address of the target you want to send the SNMP traps to. Note: THIS IS NOT A TARGET STRING as in option 1. In this instance you ONLY need the FQDN or IP address. The @port and the community_string will be added automatically by the Set-VMHostSnmp cmdlet.
    • <PORT> – The port you require SNMP traps to be sent on.

Option 3: Automatically via PowerCLI

If you have to configure SNMP for more than just a handful of ESXi hosts, then it is worth automating the entire process through a PowerCLI script. The logic around enabling SNMP on the ESXi host is the same as in option 2 above, with some additional logic around this to enumerate and complete the process on all ESXi Hosts.

Here is a script that will connect to a vCenter Server, get a list of all ESXi Hosts and then configure SNMP on each ESXi host:

Note: Similar to option 2 above, you will need to configure the following variables first:

  • <COMMUNITY> – This is the community string you require for your environment (same as in option 1 above).
  • <TARGET> – This is the FQDN or IP address of the target you want to send the SNMP traps to.
    Note: THIS IS NOT A TARGET STRING as in option 1. In this instance you ONLY need the FQDN or IP address. The @port and the community_string will be added automatically by the Set-VMHostSnmp cmdlet.
  • <PORT> – The port you require SNMP traps to be sent on.

Option 4: Automatically via Host Profiles

Finally, if you are lucky enough to be running Enterprise Plus licensing, then you will have the ability to use Host Profiles. This allows you to configure SNMP within the host profile and then just apply that profile to all of your ESXi hosts.

Follow these steps to add the SNMP configuration into an existing Host Profile:

  1. From the VI Client, navigate to Management >> Host Profiles
  2. Select the profile you want to add the SNMP settings and click Edit Profile
  3. Expand the SNMP Agent Configuration policy and select SNMP Agent Configuration
  4. In the Configuration Details pane, complete the followng:
    • Enable or Disable agent: Ticked
    • IP/UDP Port: The port you require SNMP traps to be sent on
    • SNMP Community String: The community string for your environment
    • Notification Receiver: The target string that maps to your environment, in the format of [email protected]/community_string
  5. Click OK to save changes
  6. For each ESXi host attach and apply the profile (Note: An ESXi host needs to be in maintenance mode to be able to apply the host profile)

And that concludes how to configure SNMP on a ESXi host.

Source