How to: Check if port is open with Powershell

For sys admins it is important to know if ports of certain applications are open for monitoring. One simple solution is to have a monitoring software, but if you want a cheap and cheerful solution, you can use Powershell. This can be done by the below script.

The below script will check the server/port and if the port is open, it will just print on screen saying “PORT IS OPEN – OK” and if the port is not open or the service is down, it will send and email.

Feel free to change or add to this script. You can easily put this in a loop to check all the services in your enterprise.

#PARTS THAT CAN BE CHANGED
$MailServer = "mail.mydomain.com"
$MailTo = "sysadmin@mydomain.com"
$MailFrom = "IT <noreply@mydomain.com>"
$MailBody = "Please note that the server is not reachable in this test that runs every 10 minutes. Please check the status of the server."
$MailSubject = "** PORT IS NOT REACHABLE FOR SERVER 1 **"
$Server = "SQLSRV01"
$Server_port = "1433"
#PARTS THAT CAN BE CHANGED

$socket = New-Object Net.Sockets.TcpClient
$ErrorActionPreference = 'SilentlyContinue'

#Server and port
$socket.Connect($Server,$Server_Port)
$ErrorActionPreference = 'Continue'

if ($socket.Connected) {
Write-Host "POST IS OPEN - OK"
$socket.Close()
}
else
{
send-mailmessage -To $MailTo -from $MailFrom -Subject $MailSubject -body $MailBody -smtpserver $MailServer -BodyAsHtml -Encoding ([System.Text.Encoding]::UTF8)
}

$socket = $null (90)

How to: Powershell list all computers in Active Directory

Sometimes you would need to have a list of all the computers joined to the domain in your infrastructure. Instead of going through all the Organizational Units (OUs) in your AD infrastructure and listing all the computers, you can easily use the below Powershell Script.

CLS
Import-Module ActiveDirectory
$ComputerName = get-ADComputer -Filter * | Select -Expand Name
Foreach ($CN in $ComputerName)
{  write-host $CN}

This will type a list of all the computers joined in your AD infrastructure.  Save it to a file with extension PS1 and run it. If you would like to save the output to file simply run the file by adding > filename.txt and replace the write-host with write-output (280)

Fix: Your automatic reply settings cannot be displayed because the server is unavailable

When setting up the automatic reply and out of office from your Outlook 2010 having Exchange 2010 you might have the problem with a pop-up saying “Your automatic reply settings cannot be displayed because the server is unavailable”.

I have managed to solve this with a DNS record in your infrastructure. Create the following SRV record to fix the issue.

Service: _autodiscover
Protocol: _tcp
Port Number: 443
Host: myexchangeserver.mydomain.local

On the client PC run the following to refresh the DNS. Make sure you run the CMD as Administrator

ipconfig /flushdns
ipconfig /registerdns

This should fix the problem and the user will be prompted to enter his Out of office settings. (14586)

Fix: No remote desktop license server is specified

After installing the licenses on your Windows 2008 R2 and upper for Terminal services and activated both the license and server you might have a popup message saying No Remote Desktop license server is specified. Also when you open the Remote Desktop Session Host Configuration you might see a similar message under the licensing diagnosis.

To fix this issue you must specify the Remote Desktop Services License Server. This can be done by the following:

Open the Remote Desktop Session Host Configuration from the Administrative Tools
Left click on the RD Session Host Configuration node
Double click on the Remote Desktop license servers
Add the server where the licenses have been installed

This should solve the issue and stop the message from showing (3399)

How to: Delete and re-create the Exchange ECP Virtual Directory

To delete the ECP virtual directory of your Exchange server and re-create it from scratch, you can use the below to get the identity of the virtual directory.

get-EcpVirtualDirectory |fl

Use this to remove the virtual directory in question

Remove-EcpVirtualDirectory -identity "MYSERVER\ecp (Exchange Back End)"

Create the new virtual directory use the below

New-EcpVirtualDirectory -externalurl "https://outlook.mydomain.com/ecp" -internalurl "https://myserver/ecp" -Server "myserver.mydomain.local"
(11234)

Fix: Error 500 when loading Shell or ECP on Exchange 2013 SP1

After installing Exchange 2013 with SP1 you might notice that when you open the Management Shell, you will get a bunch of errors with mainly the error 500: Internal Server Error. This can also be seen when you try to access the ECP or OWA on the server in question. This issue is only on Exchange 2013 with SP1 and with Client Access role installed.

The culprit can be the following three:

#1 Time synchronization

On the Primary Domain Controller (PDC) do the below

net stop w32time
w32tm /config /syncfromflags:manual /manualpeerlist:0.pool.ntp.org
w32tm /config /reliable:yes
net start w32time

On the other DCs and servers do the following

net stop w32time
w32tm /config /syncfromflags:domhier /reliable:no /update
net start w32time


#2 Kerberos issues

Do the following on the effected servers to re-create the Powershell virtual directory.

Get-PowerShellVirtualDirectory -Server | Remove-PowerShellVirtualDirectory
New-PowerShellVirtualDirectory -Server -Name PowerShell
Get-PowerShellVirtualDirectory -Server | Set-PowerShellVirtualDirectory -BasicAuthentication:$false
IISReset

After virtual directory re-creation I have checked its modules in IIS and made sure, that Kerberos module is native and the path to its DLL is correct.

#3 WinRM Extensions

The feature might be missing, do the below to add the feature

Get-WindowsFeature *IIS* #to check if it is installed
Add-WindowsFeature Winrm-IIS-Ext # to install
(9639)

How to: Remove Arbitration mailboxes from Exchange Mailbox servers

Sometimes you would like to uninstall a mailbox server or un-install a mailbox server but when you make the Get-Mailbox -Arbitration -Database DataBase1 you see some mailboxes there. These are there to prevent you from deleting the mailbox database or server. These are used by the Exchange server. You can either move or delete these mailboxes. If this is not the last mailbox server in your setup I would suggest you move them, otherwise delete them or you will not be able to uninstall the server.

Moving the mailboxes
Get-Mailbox -Arbitration -Database EXCHDB1| New-MoveRequest -TargetDatabase EXCHDB2

Disabling the mailboxes
Get-Mailbox -Arbitration -Database EXCHDB1| Disable-Mailbox -Arbitration

Deleting the mailboxes
Get-Mailbox -Arbitration -Database EXCHDB1| Remove-Mailbox -Arbitration -RemoveLastArbitrationMailboxAllowed

If you would like to re-create them, I would suggest the below

Setup.com /PrepareAD /IAcceptExchangeServerLicenseTerms
or
.\Setup /PrepareAD /IAcceptExchangeServerLicenseTerms (5270)

How to: Uninstall an application with Powershell using GPO

Sometimes you would need to automate an uninstall of an application through Group Policies (GPO). This can be done by running a PowerShell script. Firstly create a PowerShell script as below:

$appplication = Get-WmiObject -Class Win32_Product | Where-Object
{$_.Name -match "My Application Name"}
$application.Uninstall()

Save the file and create a new GPO and set the script to load by setting up the Computer Configuration/ Policies/ Windows Settings/ Scripts/ Startup.
(5233)

How to: Set PowerShell execution policy to unrestricted using GPO

Most often when you have to execute some PowerShell scripts through the GPO and you end up with an error on execution saying that the Execution Policy does not allow you to run un-signed script.

So you would need to create a new GPO to set the Execution Policy. Create a new  GPO and edit it.

Goto Computer Configuration/ Policies/ Administrative Templates/ Windows Components/ Windows PowerShell

Double-click on Turn on Script Execution
Click on Enabled
Select Allow All Scripts

Move the GPO onto the respective OU, wait until the refresh or simple run gpupdate /force on the computers. (7199)

Fix: Missing Server Configuration in Exchange 2010 management console

When opening the Management Console in your Exchange 2010 you might noticed the Server Configuration node missing. Also you might notice that when you open a mailbox you will not see the size and other information and you will get the yellow lock and no data is shown.

In most cases it would be because you have Outlook installed and you logged in with another user in Outlook. The credentials will be saved in the vault and it will try to log into the Management Console with that user. In fact when you launch the Management Console and click on the Microsoft Exchange On-Premises node, while loading you will notice it uses the user.

You would need to do the following:

– Open a command prompt using “Run as Administrator”
– Run the command “control keymgr.dll”
– Click “Back up vault” and follow the prompts to back everything up
– Remove any credentials related to the other user

After this, try to open the Management Console, if the problem persists a quick restart of the server will do the job. (1470)