Thursday, October 30, 2014

Finding OU's that block GPO inheritence

import-module activedirectory
get-adobject -LDAPFilter "(&(objectclass=OrganizationalUnit)(gPOptions=1))"

Tuesday, October 21, 2014

Windows not fully booting after patching (black screen after windows logo)

I have noticed on several machines over different patch cycles that I come across the occasional machine that will start the boot sequence, it shows the early windows logo and then goes to the temporary black screen prior to the blue background of group policy and other OS startup items. The problem though is that it stays at the black screen without progressing. On some machines there seems to be a "normal" hang here with 0 disk activity and apparently nothing happening, but in this case the hard drive with briefly tick for a moment every few seconds. So it appears like something is happening, but the machine never boots. In the few cases I have seen this, booting to safe mode usually works to resolve the problem. Since patches install over multiple stages of shutdown and preboot, it may be something is preventing it from finishing. Safemode seems to get around this block for the OS to resolve the problem, and the next reboot is back to normal.

Powershell - Listing services with file version details

In the event that you want to inventory system services and look at version details, you can do this with a combination of WMI and get-childitem to read file version details. This can be additionally modified to try to reduce the list of services to only non-microsoft products. Company details are in the Get-ChildItem versioninfo results.

Example:
(gci  (gwmi win32_service|select -first 1 -prop *|
 select -expand pathname).replace('"','')).versioninfo|
 select *


Comments           :
CompanyName        : Adobe Systems Incorporated
FileBuildPart      : 4
FileDescription    : Adobe Acrobat Update Service
FileMajorPart      : 1
FileMinorPart      : 7
FileName           : C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
FilePrivatePart    : 0
FileVersion        : 1, 7, 4, 0
InternalName       : armsvc.exe
IsDebug            : False
IsPatched          : False
IsPrivateBuild     : False
IsPreRelease       : False
IsSpecialBuild     : False
Language           : English (United States)
LegalCopyright     : Copyright © 2013 Adobe Systems Incorporated.  All rights reserved.
LegalTrademarks    :
OriginalFilename   : armsvc.exe
PrivateBuild       :
ProductBuildPart   : 4
ProductMajorPart   : 1
ProductMinorPart   : 7
ProductName        : Adobe Acrobat Update Service
ProductPrivatePart : 0
ProductVersion     : 1, 7, 4, 0
SpecialBuild       :


To collect the basic information for all services, you can run the following:

gwmi win32_service |
select name,caption,@{name="filepath";expression={$_.pathname.split("-")[0].split("/")[0].replace('"','')}} |
select name,caption,filepath,@{
 name="fileversion";
 expression={(gci $_.filepath | select -expand versioninfo).productversion}
 }