The Secret of WMI Monitoring with Non-Administrator account: How to add the missing windows services to monitoring !

Update: The purpose in this blogpost is about giving permission of specific windows service to specific monitoring user. So, you can replace step-6 (setting DNS service permission to specific account that will monitor service) with easier methods in my new blog post.

 

There are three methods for monitoring windows servers:

1. By installing Agents (such as Zabbix,SCOM Agents).
2. SNMP v1,v2, v3 regardless of platforms.
3. WMI Monitor for windows servers.

And today, I’m going to make the WMI monitoring in a couple of steps, plus how to monitor the missing windows services that is unavailable in the default monitor method. Here, I’ll use the Microsoft DNS Server as a monitoring client for DNS Service + basic resource monitoring.

Things that I used in this tutorial:

•       Server 2012R2x64bit, named as “DNS-test.contoso.com”
•          Solarwind Server and Application Monitor(in a Trial version), on the server named as “monitor.contoso.com”
•         Some windows Built-in Tools

·      Wmimgmt (windows management instrumentation management)

·      Dcomcnfg (DCOM configuration)

·      Sc (Service Controller) and scmanager

PowerShell: Join Domain Users to Any Specific OU

I have been looking for ways for automatic domain join so that the end-users can do by themselves without special  knowledge. There are serveral scripts I found on google that make it work, but none of them seems to be an all-in-one solution.Moreover, I don't want to do usernames/password put in text files that are delivered to each user. So, I decided to make a complete script for automatic-domain-join  of users.

What this script will do:
1) Test the DNS Server is reacheable and if OK, change the users' DNS setting to point to Domain Controller.
2) Prompt for username/password to join to domain, no need to put username/pass with the script file.
3) Users can choose their own OU for their domain-join-process, so Admin doesn't need to move thier computer objects to specific OU after domain join. ( the one I liked most & the reason why I wrote this script xP ).

Powershell: Find the Windows Service of a Running Process

Today, I need to find the registered services of some running processes & its installed path. Here we can use some third-party tools, such as Process Explorer, Process Hacker and find each process's associated service. But, I want to use the built-in options, so WMI with Powershell is the way to go. I also checked the windows task manager and it only listed the service & it's associated service name, not the process name. So, I need to do some scripting to get it through.

PowerShell Remoting Made Easy !

With Powershell Remoting, you can do administrative tasks on bunch of servers remotely or in the background while the client users are currently logged in or not.
PowerShell remoting is supported since PowerShell version 2 and above, which is from windows7, 2008R2 and above. If you want to use the PowerShell remoting in server 2003 and windows XP environment, you first need to install the Server2003 Service Part 2 and Windows Management Framework. You can go and download these packages from Microsoft Website.

Check Multiple Forward and Reverse DNS records by Powershell

A few days ago, I had to query over 100 DNS records whether forward & reverse records are working fine. nslookup over 100 records is time-consuming and daunting task for a system admin. So, I decided to write the powershell script to automatic this task. Hope it useful to others.

For beginners new to powershell,
1) Copy the below code & put into file that has .ps1 extension, (i.e,  Find_DNS_Forward_Reverse.ps1)

2) Put the host names in the hostnames.txt  in the same directory as powershell script.

3) Run the script, it will ask for input parameters.
Code as below:

How to convert virtualbox VDI to VMDK or VHD using built-in tools, virtualbox manager

There are so many third-party tools to convert from the virtualbox virtual harddisk to .vmdk(in Vmware) or VHD (in Hyper-V), such as Vmware Standalone Converter, Starwind V-2-V tools. But, you can easily use the built-in virtualbox manager to convert from one disk type to another.
Moreover, I found it is much faster than using Vmware standalone converter.
I show the steps are as below: Note that the same procedure should work in linux environment.

Kill windows service that is not responding/hungs

1) Query the service PID via NT service controller.

sc queryex <servicename>
eg.
sc queryex w32time
Note: you can find the service name from services.msc in Run box. Here w32time for Windows Time Service.

 



2) Note the PID of the service

3) kill the process by PID.
tskill <PID>

Change Windows Service Startup Option that are gray out

Sometimes, we find some services are gray-out, such as antivirus service that prevents disabling with malicious purpose. In this cases, you have 2 options to change the startup type of these services.

Option 1#
1)type "msconfig" in Run box
2) in the service tab, uncheck the service
3) reboot the computer



Option 2# (via registry method)
1) Go to HKLM\SYSTEM\CurrentControlSet\Services\
2) Double-Click the Start SubKey
3) Change the DWORD value to 0 to 4 according to your startup option. 2 for Automatic & 4 for Disabled.
Below are values according to technet article.

Value	Meaning
0	Boot (loaded by kernel loader). Components of the driver stack for the boot (startup) volume must be loaded by the kernel loader.
1	System (loaded by I/O subsystem). Specifies that the driver is loaded at kernel initialization.
2	Automatic (loaded by Service Control Manager). Specifies that the service is loaded or started automatically.
3	Manual. Specifies that the service does not start until the user starts it manually, such as by using Device Manager.
4	Disabled. Specifies that the service should not be started.