Monday, August 20, 2018

Powershell - Create local reboot scheduled task/Check scheduled task

There are two scripts here, one creates several scheduled tasks on a remote computer, as local system account, the reason was before changing domain I could use a old\domain account, but mid-migration the computers were not quiet in the new domain, so a local scheduled task as local system would reboot to finish the process.

The second script checked to see if the identically named scheduled task existed as you can create a new one if the old name is in use, equally I could not delete them if found (bug maybe).

First script


$computers = Import-Csv C:\temp\computerlist.txt
ipconfig /flushdns

foreach ($computers in $computers){
#change for each migration date.
#$date="26/03/2018"
$time1="11:45"
$time2="11:55"
#$time3="14:55"

$ThisComputer=$computers.computername.trim()
$ThisComputer=$ThisComputer + ".old.gov.au"
$taskName1="ADMTPreBoot"
$taskName2="ADMTPostBoot"
 
$didit = Test-Connection $ThisComputer -count 1 -quiet

if ($didit -ne $false) {

#today
#write-host Attempt: $ThisComputer
Write-Host $ThisComputer +  $taskName1 "to computer at" $time1 "and" $time2
c:\windows\system32\schtasks.exe /create /s $ThisComputer /sc once /tn $taskName1 /tr "C:\Windows\System32\shutdown.exe /r /t 30 /f /d P:2:4" /st $time1 /ru "NT authority\local service" >>null
$now=(get-date).AddMinutes(2).ToString("HH:mm")
c:\windows\system32\schtasks.exe /create /s $ThisComputer /sc once /tn ADMTipconfig /tr "ipconfig /registerdns" /st $now /ru "NT authority\local service" >>null
#c:\windows\system32\schtasks.exe /s $ThisComputer /run ADMTIPconfig >>null
#Write-Host "Add schelded reboot for" $taskName2 "to computer" $ThisComputer
c:\windows\system32\schtasks.exe /create /s $ThisComputer /sc once /tn $taskName2 /tr "C:\Windows\System32\shutdown.exe /r /t 30 /f /d P:2:4" /st $time2 /ru "NT authority\local service" >>null
c:\windows\system32\schtasks.exe /create /s $ThisComputer /sc once /tn ADMTgpudate /tr "GPupdate /force" /st $time2 /ru "NT authority\local service" >>null
#Write-Host "Add schelded reboot for" $taskName3 "to computer" $ThisComputer
#c:\windows\system32\schtasks.exe /create /s $ThisComputer /sc once /tn $taskName3 /tr "C:\WINDOWS\CCMSETUP\CCMSETUP.EXE /MP:SCM.NEW.GOV.AU" /st $time3 /ru "NT authority\local service"

#future date (you can do today or this command is in the future)
#c:\windows\system32\schtasks.exe /create /s $ThisComputer /sc once /tn $taskName1 /tr "C:\Windows\System32\shutdown.exe /r /t 30 /f /d P:2:4" /st $time1 /sd $date /ru "NT authority\local service"
#Write-Host "Add schelded reboot for" $time "to computer" $ThisComputer
#c:\windows\system32\schtasks.exe /create /s $ThisComputer /sc once /tn $taskName2 /tr "C:\Windows\System32\shutdown.exe /r /t 30 /f /d P:2:4" /st $time2 /sd $date /ru "NT authority\local service"
}

if ($didit -eq $false) {write-host $ThisComputer " is offline or unreachable"}

}



Second script, check for existing




$computers = Import-Csv C:\temp\computerlist.txt
ipconfig /flushdns

foreach ($computers in $computers){

#change for each migration date.
$ThisComputer=$computers.computername.trim()
$ThisComputer=$ThisComputer + ".wca.gov.au"
$taskName1="ADMTPreBoot"

#look

$didit = Test-Connection $ThisComputer -count 1 -quiet
if ($didit -ne $false)
{
#write-host Attempting to look at $ThisComputer
$isItDone = c:\windows\system32\schtasks.exe /query /v /s $ThisComputer /fo csv | ConvertFrom-Csv | ? TaskName -like *$taskName1* | select "next run time"

if ($isItDone -ne $null) {$ThisComputer + " has scheduled ADMTboots"
############## TO remove
compmgmt.msc /computer:$ThisComputer
##
}

if ($isItDone -eq $null) {$ThisComputer + " no ADMTboots"
############## TO remove
#compmgmt.msc /computer:$ThisComputer
##
}

#made a mistake?
#Write-Host "Removed reboot for" $time " computer" $ThisComputer
#error????
#c:\windows\system32\schtasks.exe /delete /s $ThisComputer /tn $taskName1


# c:\windows\system32\schtasks.exe /Query /s $ThisComputer /tn $taskName1
}
else {write-host $ThisComputer "offline"}
}







Powershell - check ADMT already done on workstation

Because this specific migration was feed in user name and computer names from the business (ie full of mistakes) it was super common for computers to be targeted to be migrated a second time.

The issue with that is step one of ADMT is to delete the destination computer account (or reset the password, I forget which). The affect of that was you throw the computer off the domain and at next reboot the user needs the service to re-join the computer to the domain.

This checked old v new to tell you if the computer had moved, and had rebooted after the migration and was ready for a user.



$computers = Import-Csv C:\temp\computerlist.txt

foreach ($computers in $computers){
$thisPC=$computers.computername.Trim()

$looked=$null
$old=$null
$looked=Get-ADcomputer -Filter 'Name -like $thisPC' -Properties * -SearchScope Subtree
$old=Get-ADcomputer -Filter 'Name -like $thisPC' -Properties * -server "dc1.old.gov.au"

if ($old -eq $null) {$thisPC + " not in OLD domain - not a valid name"}

if ($looked.SamAccountName -eq $null -and $old -ne $null) {$thisPC + ".old.gov.au, Not in NEW (OLD only) OLD enabled? " + $old.Enabled + " " + $old.Description + "OLD last logon " + $old.LastLogonDate }
if ($looked.LastLogonDate -ne $null)
{
if ($looked.LastLogonDate -ge $old.LastLogonDate) { write-host $thisPC ".new.gov.au --------> newer in NEW Domain" }
}
if ($looked.SamAccountName -ne $null -and $looked.LastLogonDate -eq $null  )  {$thisPC + " computer has never logged on FAILED migration, in migration now?, OLD enabled? " + $old.Enabled + $old.Description + " OLD last logon " + $old.LastLogonDate}
}

Blog Archive