Tag: powershell

Logging Function v2.0

Leave a comment

As I created an earlier post with a simple logging function in poweshell, a while ago I upgraded this with a specific Error, Success and info switch. This way I can put it with simple colors as output on screen to see if something goes wrong or good. And also logging will be better searchable.

 

$Logfile = "D:\LogFile.txt"

Function LogWrite{
<#
<span style="font-size: 0.95em; line-height: 1.6em;">.SYNOPSIS This functions is used to generate a log file
</span><span style="font-size: 0.95em; line-height: 1.6em;">.DESCRIPTION Function creates output on screen depending on given switch and writes this with error code to the logfile
.PARAMETER $Logstring Location to the logfile
.PARAMETER $Error Switch to identify an error message
.PARAMETER $Success Switch to identify a success message
.PARAMETER $Info Switch to identify an info message
.EXAMPLE PS C:\&gt; Logwrite -error "This is an error"
</span> .INPUTS
System.String,System.Switch
.OUTPUTS
System.String
#&gt;

[CmdletBinding()]
[OutputType([System.String])]
Param(
[string]$Logstring,
[switch]$Error,
[switch]$Success,
[switch]$Info

)
try {
if ($Error){
$logstring = (Get-Date).ToString() + " ERROR: " + $logstring
Write-Host -ForegroundColor red $logstring
}
elseif ($Success){
$logstring = (Get-Date).ToString() + " SUCCESS: " + $logstring
Write-Host -ForegroundColor green $logstring
}
elseif ($Info){
$logstring = (Get-Date).ToString() + " INFO: " + $logstring
Write-Host $logstring
}
else {
$logstring = (Get-Date).ToString() + " INFO: " + $logstring
Write-Host $logstring
}
Add-content $Logfile -value $logstring
}
catch {
throw
}
}

#Example

logwrite -success "Success creating user: $user"
logwrite -error "Error creating user $user"
logwrite -info"Success quering user: $user"

vCenter 6 creating global roles with PowerCLI

Leave a comment

While middle in the migration from a vCenter 5.1 environment to a vCenter 6.x environment I wanted to use the Global Roles so I don’t have to set them per vCenter anymore.

So how do I create those global roles?

Well the important thing is to connect to your vCenter (Connect-VIServer) using the administrator@vsphere.local user (or your SSO user if you configured a different one)

Because you login with the SSO user you can create the global roles by just using the New-VIRole command.

Example:
So in with the function below I tried to create a simple function with parameters -From and -To to simply recreate the roles from vCenter1 to vCenter2.
I make use of the logwrite function I posted earlier to spam some messages on screen and to a text file

Before:
– I expect you to be connected to both vCenters using the Connect-VIServer cmdlet.

function Migrate-VIrole{
	<#
		.SYNOPSIS
			Migrates the VCenter roles from one vCenter to another
		.DESCRIPTION
			A detailed description of the function.
		.PARAMETER  $From
			This is the vCenter to read from
		.PARAMETER  $To
			This is the vCenter to build the datacenter on
		.EXAMPLE
			PS C:\> Migrate-VIRole -From vCenter1 -To vCenter2
		.INPUTS
			System.String
		.OUTPUTS
			System.String
	#>
	[CmdletBinding()]
	[OutputType([System.String])]
	param(
		[Parameter(Position=1, Mandatory=$true)]
		[ValidateNotNull()]
		[System.String]
		$From,
		[Parameter(Position=2, Mandatory=$true)]
		[ValidateNotNull()]
		[System.String]
		$To
	)
	try{
	#Grabbing roles from an to in array
	$ArrRolesFrom = Get-VIRole -Server $From |?{$_.IsSystem -eq $False}
	$ArrRolesTo = Get-VIRole -Server $To |?{$_.IsSystem -eq $False}
	
	#Checking for existing roles
	foreach ($Role in $ArrRolesFrom){
		if($ArrRolesTo|where{$_.Name -like $role})
			{
		Logwrite -Error "$Role already exists on $To"
		logwrite -Info "Checking permissions for $role"
			[string[]]$PrivsRoleFrom = Get-VIPrivilege -Role (Get-VIRole -Name $Role -Server $From) |%{$_.id}
			[string[]]$PrivsRoleTo = Get-VIPrivilege -Role (Get-VIRole -Name $Role -Server $To) |%{$_.id}
				foreach ($Privilege in $PrivsRoleFrom){
					if ($PrivsRoleTo | where {$_ -Like $Privilege})
					{
					Logwrite -Error "$Privilege already exists on $role"
					}
					else
					{
						#Setting privileges
						Set-VIRole -Role (Get-VIRole -Name $Role -Server $To) -AddPrivilege (Get-VIPrivilege -Id $PrivsRoleFrom -Server $To)|Out-Null
						Logwrite -Success "Setting $privilege on $role"
					}
				}
			}
			else
			{
				#Creating new empty role
				New-VIrole -Name $Role -Server $To|Out-Null
				Logwrite -Success "Creating $Role on $To" 
				Logwrite -Info "Checking permissions for $role"
				[string[]]$PrivsRoleFrom = Get-VIPrivilege -Role (Get-VIRole -Name $Role -Server $From) |%{$_.id}
				[string[]]$PrivsRoleTo = Get-VIPrivilege -Role (Get-VIRole -Name $Role -Server $To) |%{$_.id}
				foreach ($Privilege in $PrivsRoleFrom)
				{
					if ($PrivsRoleTo|where {$_ -Like $Privilege})
					{
						Logwrite -Error "$Privilege already exists on $role"
					}
					else
					{
					#Setting privileges
					Set-VIRole -role (get-virole -Name $Role -Server $To) -AddPrivilege (get-viprivilege -id $PrivsRoleFrom -server $To)|Out-Null
					logwrite -success "Setting $privilege on $role"
					}
				}
			}
		}
	}
	catch 
	{
		throw
	}
}

Exporting CSV files with your default delimiter

Leave a comment

Normally when you export a csv file in powershell it uses the default delimiter comma, unless you use the -delimiter parameter to use another delimiter.

Depending on your language settings tools like Excel use a different delimiter. You can find these settings in your region/language settings -> Formats -> additional settings. Here is a field with “List seperator” which shows you the list separator selected.

You also can retrieve this with the powershell command below:

[Powershell](Get-Culture).TextInfo.ListSeparator[/powershell]

Because of this and switching between servers/workstations with different language settings this can be frustrating sometimes. This is why the –useculture parameter is available

Use the list separator for the current culture as the item delimiter. The default is a comma (,).

This parameter is very useful in scripts that are being distributed to users worldwide. To find the list separator for a culture, use the following command:

export-csv -useculture

This uses your local delimiter as delimiter for your export CSV, so as soon as you doubleclick it and it opens in excel it is already correctly seperated.

ESXi Setting syslog and firewall settings with PowerCLI

Leave a comment

Syslog and firewall configuration with PowerCLI

Setting PowerCLI

Due the arrival of some SIEM solution I needed to reconfigure ESXi hosts to not only point to our Kiwi Syslog server, but also to the appliance. So a good job for some PowerCLI

I had some trouble using the set-VMHostSysLogServer as it didn’t seem to work as expected. It worked on 2 hosts which hadn’t any syslog configured, but somehow I couldn’t set all to $Null or to the new value, very strange. But I don’t give up and found the Set-VMHostAdvancedConfiguration cmdlet to set the syslog values on another way.

get-vmhost| Set-VMHostAdvancedConfiguration -NameValue @{'Syslog.global.logHost'='syslog'} -confirm:$false

While testing I noted the message:

This cmdlet is deprecated. Use New-AdvancedSetting, Set-AdvancedSetting, or Remove-AdvancedSetting instead.

Mmm let’s have a look here:

get-vmhost|select -first 1|get-advancedsetting -Name syslog* |select name,value|Ft -a

Name                                        Value
—-                                           —–
Syslog.Remote.Port                   514
Syslog.Remote.Hostname          syslog
Syslog.Local.DatastorePath        [] /vmfs/volumes/4dd2476c-etc.

Let’s try to set it

Get-AdvancedSetting -Entity (get-vmhost|select -first 1) -Name Syslog.Remote.Hostname|Set-AdvancedSetting -Value syslog -confirm:$false

You also can set multiple values like:

Get-AdvancedSetting -Entity (get-vmhost|select -first 1) -Name Syslog.Remote.Hostname|Set-AdvancedSetting -Value syslog1,syslog2 -confirm:$false

After setting the proper syslog setting it was necessary to open the syslog firewall ports on ESXi. To do this on all hosts, it can easily be done with the onelinerbelow using the Get-VMHostFirewallException cmdlet

Get-VMHostFirewallException -VMHost (get-vmhost) -Name syslog|Set-VMHostFirewallException -Enabled:$True -Confirm:$false

Powershell logging function with date and time stamp

Leave a comment

Logging Function

While I made this function a few times on demand with different purposes, I gathered a nice clean script somewhere (not sure where I found it) to start logging to a file.
I added the date/time stamp together with a write-host command to get the logging also on screen. This is a script I know always copy in my scripts to get a fast and simple logging function

 


#Variable to set the logfile location
$Logfile = "D:\LogFile.txt"

Function LogWrite{
<#
.SYNOPSIS
Simple function to write to a appending logfile with date and time stamp

.PARAMETER  $LogString
Input parameter which holds the data which goes to the $logfile

.PARAMETER  $Logfile
Parameter which contains the location of the logfile the information is written to

.EXAMPLE
LogWrite "Starting with $StrTitle files"
LogWrite "Found $StrTitle files with an amount of $TotalSize MB."

.NOTES
Version:        1.0
Creation Date:  26-08-2014
Purpose/Change: PRD
#>
Param ([string]$logstring)
Add-content $Logfile -value (((Get-Date).ToString()) + " " + $logstring)
Write-Host (((Get-Date).ToString()) + " " + $logstring)
}

Exection is as simple as :

logwrite "This line is being sent to screen and text file while a date & time stamp is added"

Powershell shows:

PowerCLI C:\> logwrite "This line is being sent to screen and text file while a date & time stamp is added"
30-8-2014 10:05:52 This line is being sent to screen and text file while a date & time stamp is added

And the text file:

30-8-2014 10:05:52 This line is being sent to screen and text file while a date & time stamp is added

Hopefully it can help someone just copy/paste and adjust where needed:)

Powershell: Parameter input e-mail script validation

Leave a comment

This is a little trick I used for doing an e-mail check verification in  a powershell script. The reason why I did choose for ValidateScript is that you can customize the error message a bit.

It’s possible to use ValidatePattern with the  same RegEx but, when there is no match you will get a  strange error that your input doesn’t fit with the RegEx used

Param(
[Parameter()][ValidateScript({
If ($_ -match "\w+@\w+\.\w+") {
$True
}
else {
Throw "$_ is not a valid e-mail address "
}})][String]$StrMailAddressManager
)

Where is my PowerShell Profile ?

Leave a comment

I was looking where to import functions in to the default Powershell profile.
The file with the custom functions is named : Microsoft.PowerShell_profile.ps1
Put your custom scripts in here and it will load as soon as your powershell session starts.

You also can use $profile to see where your personal profile is located.

It can be found at the locations:

32-bit “C:\Windows\SysWOW64\WindowsPowerShell\v1.0”
64-bit “C:\Windows\System32\WindowsPowerShell\v1.0”

 

 

Nslookup range of IP adressess

Leave a comment

I was searching for all machines in a certain IP address range to see which machines are in this range and what their host address is.

While trying to create a good working script for the purpose I needed, I came accross the following line which had like all I needed without using nslookup.

0..255 | % { [System.Net.Dns]::GetHostByAddress("192.168.1.$_") } 2> Out-Null

The range is for this script is 192.168.1.0  -> 192.168.1.255 with the 2>out-null only valid returns are replied in a nice list.