ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. wrx7m
    • Profile
    • Following 2
    • Followers 3
    • Topics 140
    • Posts 3040
    • Best 677
    • Controversial 1
    • Groups 0

    wrx7m

    @wrx7m

    890
    Reputation
    3448
    Profile views
    3040
    Posts
    3
    Followers
    2
    Following
    Joined Last Online
    Location SoCal Age 44

    wrx7m Unfollow Follow

    Best posts made by wrx7m

    • PSWindowsUpdate - Use PowerShell (and other tools) to Automate Windows Updates

      I was searching for a way to further automate new Windows system deployments. One thing I kept running into was Windows updating.

      I have refined and added automation to my process over the past several years. For Windows 10 clients, my current deployment process involves an MDT/WDS server that has a stock Windows 10 wim file. To customize the deployments, I have a collection of GPOs and PDQDeploy packages for software installation and some other GPOs for policies.

      I recognized that one of the consistent pain points was related to getting Windows updates going. I had previously just had a GPO to specify some of the settings for Windows updates, such as, the WSUS server URL/port number and how often to check for updates. I reorganized my WSUS server from quite a few groups, to a much simpler grouping by OS version. With that, I created GPOs that applied to systems based on OS version, using WMI filtering that would automatically add the computer to the respective WSUS OS group.

      That helped... but I still had a considerable wait for Windows to start its automatic check-in with WSUS. I also found that even logging directly into the new system and forcing a check for updates would yield a lot of waiting and false reporting that there were no updates available. I found that if you deleted the C:\Windows\SoftwareDistribution folder, it would almost always force the client to recognize that there were new updates to install, although the check seemed to take a considerable amount of time. After all that, I still had to wait for the installations to finish and reboot and recheck.

      All that to say, I started down a rabbit hole of PowerShell commandlets and scripts to try and trigger Windows to check for updates, install the approved updates and reboot the system. I came up with 3 scripts that can be run in sequence or used separately, depending on if it is a completely new deployment or you just want to trigger Windows updates to install on established systems.

      First, this will speed up the new system deployment process by deleting the contents of the Software Distribution folder-

      Stop-Service -Name wuauserv
      Get-ChildItem C:\Windows\SoftwareDistribution -Recurse | Remove-Item -Recurse -Force
      Start-Service -Name wuauserv
      

      Second, install PSWindowsUpdate (Learn more here: https://www.powershellgallery.com/packages/PSWindowsUpdate/2.1.1.2). Essentially, PSWindowsUpdate allows you to run windows update and control certain parameters of how updates are downloaded and applied and if reboots are performed and even rechecks for updates after the first round of updates have been installed.

      Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
      Install-Module PSWindowsUpdate -Force
      

      Third, run PSWindowsUpdate. This command tells it to accept (download and install) all approved updates from the WSUS server, automatically reboot, and repeat.

      Import-Module PSWindowsUpdate
      Get-WindowsUpdate -Install -AcceptAll -RecurseCycle 2 -AutoReboot
      

      There are several parameters to allow you to customize how you want to handle the updates. For instance, you can have it download only, or don't have it automatically reboot.

      I added these scripts as packages in my PDQ Deploy server and into the sequences that are run during the initial setup of my newly-deployed systems. I have also started using them on servers cloned from VM templates in vCenter Server. Next, I will be using the 2nd and 3rd to help with automating my routine server patching processes. No more logging into each server, wasting nights and weekends, to check for updates, download and install and reboot; just a couple clicks via PDQ Deploy, the rest is machine time.

      EDIT: I should also add, it looks like you need to have PowerShell 5.1.

      EDIT-2: If you have problems with Server 2016 (maybe even 2019) going out to Microsoft's public update server on the internet, instead of your WSUS server, you can see this post (https://mangolassi.it/topic/19993/server-2016-force-default-update-server-to-wsus-server) on how to make sure your GPO will force the system to use your WSUS server as its default.

      posted in IT Discussion powershell pswindowsupdate windows server windows 10 windows updates wsus pdq deploy
      wrx7m
      wrx7m
    • RE: Firmware update for HP printers bans third-party ink

      If I could, I would throw all of our printers into the recycle bin, after taking a bat, Office Space-style, to every last mother effing one of them.

      posted in News
      wrx7m
      wrx7m
    • RE: Group Policy isn't working after Ransomware Attack

      @dafyre said in Group Policy isn't working after Ransomware Attack:

      This sounds like the AD Servers were restored from a backup and got out of sync... Could that be the case?

      Yeah, it does. I am pretty sure that if you have an issue that you need to restore AD, you would bring down all DCs and restore a single DC, then add new DCs. But, I am thinking this would be better to do a completely new AD environment. Too many ghosts.

      posted in IT Discussion
      wrx7m
      wrx7m
    • RE: What Are You Doing Right Now

      @tim_g said in What Are You Doing Right Now:

      @thwr said in What Are You Doing Right Now:

      Hit by a truck - that's how I feel like. Guess I catched a cold.

      Rebuilding a patch panel, looks like the incarnation of the spaghetti monster right now. Should look like this when it's done:

      Patch panel
      48 port switch
      Patch panel
      Cable management panel
      Patch panel
      48 port switch
      Patch panel

      ... and so on. A lot of work, but it's worth the effort.

      You don't have a full rack of patch panels, then a full rack of switches?

      I do it that way now too...
      0_1516123863847_image-20170927_144723.jpg

      posted in Water Closet
      wrx7m
      wrx7m
    • RE: Miscellaneous Tech News

      I thought this was interesting. I received a notification from the CentOS team about some infra downtime. I would have thought they would have redundant servers/cluster hosting this stuff. They don't even have hot-swappable HDDs.
      0_1527181270294_Screenshot_20180524-084755_Email.jpg

      posted in News
      wrx7m
      wrx7m
    • RE: Replacing the Dead IPOD, SAN Bit the Dust

      I have to carve out an hour and a half to watch the two SAM presentations posted earlier in this thread...

      posted in IT Discussion
      wrx7m
      wrx7m
    • RE: What Are You Doing Right Now

      Wondering why this Dell SMB rep took it upon himself (without asking) to use my reward dollars to send me a monitor I don't want or need. He did it a month ago and sent me a printer. I am sending this one back and demanding a refund.

      posted in Water Closet
      wrx7m
      wrx7m
    • Snipe-IT - How Do You Manage Subscription/Maintenance/SaaS?

      I have been using the hosted version of Snipe-IT for almost a year. Currently, I am on v4.2.0 build 3479. I am adding assets as I get them and back-filling as time permits/necessary. In adding licenses, I am having trouble with the how I should manage the added maintenance agreements for software, subscription-based software licensing (especially, Office 365, as mid-term adds will push the renewal date for the entire license class back) and SaaS,

      Should I create a new license instance each time I renew? Or would I just modify the dates on the existing license instance?How would you recommend doing it?

      Also, is anyone using it to track domain registrations?

      posted in IT Discussion
      wrx7m
      wrx7m
    • RE: Windows 10 goes to sleep outside listed sleep times

      @WrCombs said in Windows 10 goes to sleep outside listed sleep times:

      @wrx7m said in Windows 10 goes to sleep outside listed sleep times:

      @scottalanmiller said in Windows 10 goes to sleep outside listed sleep times:

      @wrx7m said in Windows 10 goes to sleep outside listed sleep times:

      For the record, at home, I use the actual hibernation on 3 desktops ALL THE TIME. I never actually use shutdown. I can wake them up using my phone from anywhere. When I am done, I hibernate. That isn't to say that I don't reboot them from time to time.

      While I generally hate it, I can make somewhat obvious cases for why actual hibernate would exist. I don't want it in any business because Windows seems unstable with it. It creates all kinds of support issues. But there is a reason for it to exist. But this weird half assed hibernation where the apps are shut down? That's useless.

      Exactly. I disable hibernation at work. Sleep also creates all sorts of issues that a reboot will fix. All desktops have any type of sleep/hibernate disabled because there is no need and it potentially introduces all sorts of issues.

      sleep and hibernation cause issues with My current Job.

      Lack of sleep causes issues with my current job. 😉

      posted in IT Discussion
      wrx7m
      wrx7m
    • Ubiquiti WAP Spotted at Guinness Brewery in Dublin, Ireland

      Hi all,

      Just wanted to post that l was in Ireland last month for a fantastic vacation (first real vacation since I started this job almost 7 years ago)! While there, I spotted a Ubiquiti WAP at the Guinness brewery in Dublin. I thought that was kinda cool, so I am posting a pic 🙂

      0_1500495047231_20170622_141838.jpg

      posted in Water Closet
      wrx7m
      wrx7m

    Latest posts made by wrx7m

    • RE: Unlock RDS User Profile Disk (Network Profile)

      @dbeato Good thing to have. I just recently migrated to RDS with UPD. Have you checked out Sidder?
      https://gallery.technet.microsoft.com/Sidder-Quickly-see-which-fa6360b3

      posted in IT Discussion
      wrx7m
      wrx7m
    • RE: What's the status on DMARC?

      I run DMARC (SPF and DKIM). I would recommend setting it up. DMARC, itself, is easy to setup. Just make sure that any services that you use to send out email are factored in when planning. For instance, some CRM SaaS products support SPF, but don't support DKIM. Obviously, DMARC allows you to handle SPF and DKIM separately, but I would recommend auditing the capabilities of all the systems/services that send email prior to deciding if/how you configure DMARC.

      posted in IT Discussion
      wrx7m
      wrx7m
    • RE: Softphones - complaints

      @JaredBusch said in Softphones - complaints:

      @wrx7m said in Softphones - complaints:

      Could be that their home internet is shite and saturated. Both, on their WLAN and the ISP side.

      This is also a real concern now. I have a great home network and WiFi setup.

      But randomly, my calls are simply shit anymore.

      Why? Because everyone is home. It is filling up the ISP pipe to the various nodes.

      I have people complaining to me about network-related issues. I can't really do anything about it. I show them that there are other people that have been connected to the VPN for days. A couple users with the same ISP were having issues connecting to our remote desktop server. I had them try connecting to their phones via hotspot and it connected to the RD server. Obviously, this isn't a solution, just proving the point that the issue is with the home connection, not the company services/equipment.

      posted in IT Discussion
      wrx7m
      wrx7m
    • RE: Softphones - complaints

      Could be that their home internet is shite and saturated. Both, on their WLAN and the ISP side.

      posted in IT Discussion
      wrx7m
      wrx7m
    • RE: Dovecot error:140760FC

      Date/Time issue?

      posted in IT Discussion
      wrx7m
      wrx7m
    • RE: Video Conference equipment to integrate with MS Teams ...

      @Grey lol

      posted in IT Discussion
      wrx7m
      wrx7m
    • RE: Video Conference equipment to integrate with MS Teams ...

      @Doyler3000 said in Video Conference equipment to integrate with MS Teams ...:

      We've recently started to use a Meeting Owl

      I have never seen this before. Interesting.

      posted in IT Discussion
      wrx7m
      wrx7m
    • RE: Large File Sharing

      @Obsolesce said in Large File Sharing:

      @Kyle said in Large File Sharing:

      @hobbit666 Large files, 200-900 Gb design files.

      Then file sharing is the wrong term here.

      OK. I will bite. What is the correct term?

      posted in IT Discussion
      wrx7m
      wrx7m
    • RE: Sysadmin opening at Automox - Boulder, CO

      @Nic said in Sysadmin opening at Automox - Boulder, CO:

      It's local only, since there's a lot of in-office duties

      We shall see if it remains local only.

      posted in Job Postings
      wrx7m
      wrx7m
    • RE: Large File Sharing

      @JaredBusch said in Large File Sharing:

      Correct moving to online editing is the only solution. Get away from legacy sharing concepts is what is required.

      Piggy-backing. What if these files are larger media files like, psd, ai, jpg, raw and even video? Do you know of something that works well (for at least the still image media)?

      posted in IT Discussion
      wrx7m
      wrx7m