How to export services and their users into csv

I need to export the services and their ‘run as’ users in a number of servers. This is how I did it.

#Ebin Issac 6/3/2018
#This will read a list of servers from a text file, and extract the services which are not run by localsystem, and save into a csv file. Need to be run from a server with elevated permissions

$ComputerList = Get-Content serverlist.txt
ForEach ($Server In $ComputerList) {
    Write-Host "Processing $($Server) ... " -ForegroundColor White -NoNewline
    Get-wmiobject -computername $Server win32_service | where { $_.startname -notmatch "localsystem"}| select-object pscomputername,Displayname,name,startname | Export-Csv "$Server.csv" -NoTypeInformation 
   # write-host $?
    If ($? -eq 'True') {
			Write-Host "OK." -ForegroundColor Green
    }
     Else {
			Write-Host "Failed." -ForegroundColor Red
    }
}

You can find the download link here.

So this will take a list of servers, and extract the services, but excludes those run by localsystem, and export into a csv. You can filter that part based on your requirements. The output will look similar to this.

How to export group memberships of Active Directory users into CSV format..

So I started a new job recently, and I am working on a as-is migration. I needed to export the list of AD users and their group memberships into human readable format. So this is how I did it.

$users = Get-ADUser -Filter *
foreach ($user in $users) {

$Groups = (Get-ADPrincipalGroupMembership -Identity $user.SamAccountName | Select-Object -ExpandProperty name) -join ','
get-aduser $user.SamAccountName -properties memberof,samaccountname,givenname,surname | select samaccountname, @{name="Groups";expression={$Groups}} | export-csv -append "ADUsers.csv" -Delimiter "," -NoTypeInformation -Encoding UTF8
}

You can find it in github here.

Basically, it just get all users from AD, and find their memberships and save only their names and memberships.

How to fix puppet certificate errors

When we recently took over some client’s infrastructure, we started to get the following error.

I just had to renew the cert to fix this. To renew, follow the steps below:

1.Delete the old certificate from client.

root@agent1:/etc/puppetlabs/puppet# mv ssl ssl.20171115

2.Delete the old certificate from server.

root@ip-172-31-7-177:/home/ubuntu# puppet cert clean agent1.ap-southeast-1.compute.internal   //make sure to change the agent name

3.Run puppet agent again, it will create a new certificate.

root@agent1:/etc/puppetlabs/puppet# puppet agent -tv
Info: Creating a new SSL key for agent1.ap-southeast-1.compute.internal
Info: Caching certificate for ca
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for agent1.ap-southeast-1.compute.internal
Info: Certificate Request fingerprint (SHA256): 16:E8:E6:51:46:A1:07:0E:FA:E1:E9:F9:54:C4:4E:F7:F9:EF:0E:xx:xx:xx:xx:xx:xx
Info: Caching certificate for ca
Exiting; no certificate found and waitforcert is disabled
root@agent1:/etc/puppetlabs/puppet#

4.If we get the following message, that means puppet server auto sign is not enabled, so we need to manually sign the cert from server. If it is not there, move to step 7

Exiting; no certificate found and waitforcert is disabled

5.To manually sign, first list the certs to be signed in the master.

root@ip-172-31-7-177:/home/ubuntu# puppet cert --list
"agent1.ap-southeast-1.compute.internal" (SHA256) 16:E8:E6:51:46:A1:07:0E:FA:E1:E9:F9:54:C4:4E:F7:F9:EF:0E:xx:xx:xx:xx:xx:xx
"agent2.ap-southeast-1.compute.internal" (SHA256) B1:3F:AF:A5:70:90:33:60:B8:63:EF:2C:A5:97:72:2C:DD:EF:xx:xx:xx:xx:xx:xx:xx
root@ip-172-31-7-177:/home/ubuntu#

6.Sign the certificate for that agent by :

root@ip-172-31-7-177:/home/ubuntu# puppet cert sign agent1.ap-southeast-1.compute.internal
Signing Certificate Request for:
"agent1.ap-southeast-1.compute.internal" (SHA256) 16:E8:E6:51:46:A1:07:0E:FA:E1:E9:F9:54:C4:4E:F7:F9:EF:xx:xx:xx:xx:xx:xx:xx
Notice: Signed certificate request for agent1.ap-southeast-1.compute.internal
Notice: Removing file Puppet::SSL::CertificateRequest agent1.ap-southeast-1.compute.internal at '/etc/puppetlabs/puppet/ssl/ca/requests/agent1.ap-southeast-1.compute.internal.pem'
root@ip-172-31-7-177:/home/ubuntu#

7.To verify, run puppet agent again in agent.

root@agent1:/etc/puppetlabs/puppet# puppet agent -tv
Info: Retrieving plugin
Info: Caching catalog for agent1.ap-southeast-1.compute.internal
Info: Applying configuration version '1510728583'
Info: Creating state file /var/lib/puppet/state/state.yaml
Notice: Finished catalog run in 0.01 seconds
root@agent1:/etc/puppetlabs/puppet#

How to export the last login details of all users in a Windows server using Powershell

So one of our clients want to get a monthly report on the last login details of all users in the Windows servers in our environment. So we came up with this powershell script which is scheduled to run end of every month. This will extract the data, and upload them to an S3 bucket. It makes use of awscli for uploading to s3. We can even include SNS notification, but right now it is not implemented.

Below is the script:

Disclaimer : I do not know if this is the best way to do it just like all my other scripts, but this works [ At least for me ]

$currentMonth = Get-Date -Format MM
$currentYear = Get-Date -UFormat %Y
$hostname = hostname
$filename = $currentYear+""+$currentMonth+""+$hostname+"_login.csv"
$([ADSI]"WinNT://$env:COMPUTERNAME").Children | where {$_.SchemaClassName -eq 'user'} | select @{l='name';e={$_.name}},@{l='LastLogin';e={$_.lastlogin}} | export-csv C:/temp/$filename

(gc C:/temp/$filename) -replace (gc C:/temp/$filename)[0],"" | sc C:/temp/$filename -Force
(gc C:/temp/$filename) -replace (gc C:/temp/$filename)[1],"" | sc C:/temp/$filename -Force
(gc C:/temp/$filename) | ? {$_.trim() -ne "" } | set-content C:/temp/$filename

aws s3 cp C:/temp/$filename s3://YourBucket/$currentYear/$currentMonth/

This will create a csv file in the following format.

How I managed to get all 3 AWS associate certifications..

You read it right.
Today I got my third AWS certification – AWS certified SysOps administrator.

I think a lot of it comes from common sense, and some general industry knowledge. I only have less than 2 years of IT experience, and even in that 1.5 years was of just desktop support. Its from my current job that I really started some ‘real IT’ job. But for past few years I have been following major tech sites, and so called geeky facebook pages and the famous r/sysadmin. I think all those things gave me some idea on what is happening in the industry although I don’t really have any experience.

Coming to AWS, I first heard about AWS back in 2015 when I was starting to look for an IT job. But then..nothing happened. So its only since my current job, precisely from May 2017, that I really started doing AWS stuffs. That is around 6 months now. In this 6 months, I haven’t really implemented anything from scratch, but just have been maintaining the existing stuffs.

One good thing about my employer is that they value these certifications, and will reward if we get one, and also will refund the exam fee. So, why not? Basically my preparation was same. I bought the courses from A Cloud Guru, watched them all. Once done with that, bought practice exams from Whizlabs. Other than these two, I referred the AWS FAQs.That’s it. As I mentioned earlier, I think its all about common sense and general knowledge about IT and AWS. The exams are not really difficult. Especially the SA and Dev. I got 89% for SA, 96% for Dev and 87% for SysOps.

Why am I taking all these certs ? Well I think its nice to put this up in resume and LinkedIn. And it doesnt cost me anything. So why not?

 

How to select full URL upon click in Firefox..

I use Firefox as my personal browser. Although I sync it, there are some settings which are not synced. So every time I reinstall or change PC, I have to redo them again and again. This is one of those things. After a re install, if I click on the address bar, it wont select the whole address. I need to click Ctrl+A for it. But with a simple tweak, we can get that functionality. For that,

• go to about:config in firefox address bar.
• Search for browser.urlbar.clickSelectsAll
• Double click and change the value to true.

How to get a Snapshot report from AWS using Python..

I was not sure if I was making a mistake by leaving Micron for a job in a small company. Anyway I don’t regret the move. In fact I actually love this job so far. It has all the good and bad things of working in a small company. Things are messy there. But.. the opportunity to learn and perform are tremendous, and that is what I really was looking for.

I was asked to modify a python script written by an ex-employee to get the snapshot report from AWS. I have never touched python for at least 5 years, and even then, that was all about simple things. And my experience with AWS SDK were none. So when I looked at the code, I did not understand anything. So I decided to do it myself from scratch instead of modifying it.

You can find the script here.

Basically, it collects the access and secret keys as arguments, then connect to ec2, get all the running instances, then the volumes attached to it, and then the snapshots. I have no idea if it is the best way to do it. I don’t even think that I used the best python practices.  Anyway, it works well now. Once the script is executed, it will create a nice csv file as follows, which is great. It has all the fields, and it is easy to manipulate in a spreadsheet according to our needs.

This saves us a  lot of time from checking manually for each of our customer accounts if the snapshots are there or not.

I feel pretty proud about this. You know, no matter how bad  the code is, it works. 😉

 

 

Experience on taking AWS Certified Solution Architect – Associate exam

I first heard about this whole Amazon web services thing back in 2015, when I was looking to find a job in IT. I felt that it is a great tool, and decided to study it. I created a trial account, borrowed books from library….and in 1 month, I lost interest and started doing other things.

But now, I came to a position where I am working mainly on AWS and other cloud related stuffs and felt that this is the time to go back continue with the vision of taking AWS certification. I watched all the videos in A Cloud Guru, and did some practical labs. Also did a lot of hands on at work. Then I got really busy with other things again. Sigh. But once free again, I read through all the whitepapers, then the FAQs and did all the practice questions available at Whizlabs. Man, I gotta tell you that the questions from Whizlabs came up a lot.

I just came back from my exam with 89% marks. And I am really happy on achieving it. Another one to add to my resume 😉

My experience with RHCE and RHCSA exams

In one word, I can say the following:

RHCSA – Easy

RHCE – Doable

Although I have been using desktop linux , particularly Ubuntu for a while, I never had a chance to do proper system administration. So in a way, I was a fresher. One advantage I had was that I had some domain knowledge on how all these things works, and some things in general. So the terms were not aliens to me.

For exam prep, I did an online course by IPSR, a training institute from India. They claims to have produced the most number of Red Hat professionals in the world. One thing that I can assure is that their training is good. Even if the course is not taken, it is really good to do mock exams using their practice papers.

Coming to the exams, they follow a pattern. RHCSA was 2.5 hours exam, but they were following an exactly similar pattern of questions as that from IPSR’s practice papers. Once you are familiarized with these questions, it is almost 100% chance to pass this exam. In fact, there are people who learn these answers by-heart and pass the exam. There are a lot of model questions that I found online, but most of them wont help for this exam ( They help for real life situations for sure ). I managed to complete the exam in just over an hour, and managed to score 294 out of 300.

Verdict : Simple

For RHCE also, the questions follow a pattern. IPSR’s questions help us familiarize with them too. But unlike RHCSA, the content is huge, and you cant just pass by learning them by heart. You really need to understand the concepts and learn how to apply them. Its a 3.5 hours exam, and it will take you at least 3 hours to finish all.

In my case, I was really confident on the exam, and started doing well. At around 2.5 hour point, I had completed 2/3rd of the questions. But for the next question, I did a huge mistake and messed up the whole partition in my server machine. It was not able to boot up, so I had to start from scratch at that point. My client was still there, so I had to redo everything that I did in the server again. I only managed to reach the 2/3rd point by the end of 3.5 hours.

I thought I would fail, but when the result came, I passed with 232 out of 300. I think it is good to say that dont attempt the question if you dont know. It is better to leave it there rather than messing it up.

Verdict : Doable, but need to do proper time management, and should have enough knowledge on commands and how to read through man pages.

I did the exams on Dec 2016

How to display a pop up message in a remote computer using powershell

In my daily work, there are times which I need to contact a user who is using a particular PC, but they don’t respond. Mostly, I need to contact them to inform about something, or get them to reboot, or install something etc. There are some cases which it is not possible, such as :

• They use a generic account which is shared, so we can’t find who exactly is using that PC
• They are logged off from IM
• They don’t respond to IM or just ignore them.

In these kind of cases, it is easier if we have some way to forcefully push a message to the PC. I found an easy solution from internet that can do this in every computer that you have admin access.

Open a text editor and add the following in it, then save it with .ps1 extension.

Function remote_message{

$server = read-host -prompt ‘Input PC name’;
$message = read-host -prompt ‘Enter the message’;

Invoke-WmiMethod -Class win32_process -ComputerName $server -Name create -ArgumentList  “c:\windows\system32\msg.exe * $message” }

remote_message

To run this, open powershell, then navigate to the saved location and run. And follow the input prompt.

No matter who is logged in the remote PC, they will get the message pop up on top of all their windows.