Tools/Scripts

Powershell

SCRIPT: Check ICA Listener response

Last week I was troubleshooting at a customer which was experiencing some “random” periods in which end users could not login at all. When looking at the Load Evaluator I noticed the least loaded server in those periods were the same. When trying to logon to the server through ICA, the server sits forever at connecting…

Instantly I opened a DOS prompt and did a telnet to the servers ICA port (1494).  The server responded and a connection was made, but when I was expecting to see the ICA heartbeat the telnet session stayed blank, this told me the ICA listener is corrupted. I rebooted the server and I came up perfectly. Problem solved you think, not quiet yet.

The infrastructure consisted of 100+ XenApp servers which are provisioned by Citrix Provisioning Services. So potentially more XenApp servers were having a corrupted ICA listener. But entering a telnet session for each server manually was not an option. and scripting a powershell script which launches an external (telnet) process did was not sufficient either. (because is does not report, the telnet output back to powershell). That’s why I searched the internet how to read a “telnet” sessions output. while searching I stumbled upon a blog that needed to do some telnet magic on Cisco devices. I decided to adapt the script for my own needs

After some alteration I ended up with a script that connects to the ICA port (1494) and reports it’s output. I’ve tested it and it work really fine, but you might have to change the TimeOut settings. When a server reports a potential issue you can test it against a manual telnet session.

  •  Test a Single Computer
  • Test-ICA -ComputerName <your computername here> -TimeOut <Time Out in ms>
  •  Test Multiple Computers
  •  101..190 |% {.\Test-ICA.ps1 -ComputerName CTX$_ -TimeOut <Time Out in ms>}

You can also filter output for your needs. Let me know if you appreciate the script.

Download Test-ICA (2301)

 

Powershell

SCRIPT: Automatically Change Proxy Settings

When you’re in the consulting business, you travel a lot between companies. That what I consider the beautiful part of the job. Downside is that every company has it’s own policy for Internet usage. A lot of companies regulate their internet access through so called proxy servers. When you visit a lot of companies you have to change the internet settings multiple times a day to match the desired settings for that company. Therefore I wrote a powershell script that detects the DNS suffix of the company you’re at and matches the proxy settings according to the configured settings read from a XML file.

What does the script do:

  • Change Proxy Server settings for Internet Explorer and Chrome
  • Add Proxy Exceptions to bypass the proxy
  • When connected to multiple networks a known location takes presence
  • When a location is not known, the configuration defaults to “Direct Connection”
  •  Notifies you which settings are used.

What the script does NOT do:

  • Detect networks based on IP Address (Never will, too general way of checking)
  • Change Proxy settings for FireFox (#1 on my wishlist)
  • Detect network changes dynamically.

Installation/Configuration

Copy the PS1 and XML to a convinient location (eg. C:\Windows). Configure the XML file for use with proxy servers. Each location must be in its own <Sites> node.

<Name>  The name for your location is must be in the Name node.
<DNSDomain> The DNS Domain that should be checked is in this node
<ProxyServer> In this node you enter the proxy server name
<ProxyPort> In this node you enter the proxy port that should be used
<ProxyOverRide> All exceptions that should bypass the proxy server are entered in this node, each exception should be separated with a semi column.

Example Configuration

<Sites>
 <Name>My Location</Name>
 <DNSDomain>company-a.com</DNSDomain>
 <ProxyServer>www-proxy.company-a.com</ProxyServer>
 <ProxyPort>8080</ProxyPort>
 <ProxyOverRide>intranet.company-a.com;dev.company-a.com;</ProxyOverRide>
 </Sites>

Each location should look like the above example, you can append multiple sites to the <Global> node. I’ve tested the script on Windows 7 (x64) but it should work on Windows XP as well. to hide the Powershell command-box you can start the powershell script with:

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -WindowStyle “Hidden” C:\Windows\SetProxy.ps1

I’ve created a scheduled task that executes the script on login and unlock, that covers it for me. additionaly you can create a shortcut on your desktop to launch the script manually.

Please let me know what you think.

Download :  Set Proxy (3110)

Powershell

SCRIPT: Check your WAN IP and get Notified on change

One of the first powershell scripts I wanted to share is a script that checks your WAN ip and notifies you by e-mail when it changes.

Background:

I’ve used to sign up with a dynamic DNS provider but my router stopped updating my ip address to that DynDNS provider. After a while I received an e-mail that my host was being deleted from the database if I did not take action. A few e-mail later I decided to say goodbye to that DynDNS provider because my IP-Address does not change that much at all (I still have the same address as a year ago). So I wrote a script that checks the IP address of your FQDN and uses the automation page of  WhatisMyIP.com  to read you current WAN ip address and sends you an e-mail when it has changed.

Code Break down:

This is where you put your router’s FQDN

$TargetDomain = "Your Host FQDN" #Enter your FQDN that is linked to your WAN ip address

This function takes care of sending the e-mail

Function SendMail {
$EmailFrom = "from@yourdomain.com" #Enter the e-mail address it should send the message from.
$EmailTo = "to@yourdomain.com" #Enter the e-mail address it should send the message to.
$Subject = "External IP Address Has Changed ($Current_WAN_IP)" #Enter your subject the e-mail message should contain.
$Body = "Please Update your DNS records to $Current_WAN_IP" #Enter the message that the e-mail should contain.
$SMTPServer = "SMTP SERVER FQDN" #Enter the FQDN of your SMTP server eg. smtp.gmail.com
$SMTPClient = New-Object Net.Mail.SmtpClient($SmtpServer, 587) #Enter your SMTP Port eg. 587
$SMTPClient.EnableSsl = $true # Change to $false if you don't want to use SSL
$SMTPClient.Credentials = New-Object System.Net.NetworkCredential("your smtp username", "your smtpserver password") #Comment line with '#' if you don't need authentication
$SMTPClient.Send($EmailFrom, $EmailTo, $Subject, $Body)
}

Here is where the magic happens, this code checks your WAN IP and executes the correct action

# Do not change anything below this line.
$DNS_WAN_IP = [System.Net.Dns]::GetHostAddresses("$TargetDomain") | select-object IPAddressToString -expandproperty IPAddressToString
Write-host "Resolved IP Address of $TargetDomain = $DNS_WAN_IP"
$Current_WAN_IP = (New-Object System.Net.WebClient).DownloadString("http://automation.whatismyip.com/n09230945.asp")
Write-host "Current WAN IP Address = $Current_WAN_IP"
if ($Current_WAN_IP -ne $DNS_WAN_IP) {
 if ((@([Byte[]][char[]]$Current_WAN_IP -eq 46).Count)-ne 3) {write-host "No Valid IP Address Retrieved";Exit}
 Write-Host "IP Address Has Changed, Sending e-mail"
 SendMail
 exit
 }
 Else {write-host "No IP Address Change Detected";Exit}

This script is tested with Powershell V2 but should work in V1 as well. I’ll Hope you like the script full version can be downloaded here: CheckWANIP (1338)

Visio Stencils for Citrix Products

When I was drawing an architectual document in visio, I needed some stencils after a quick search on google I found some and bundled them for my convinience hopefully you like them as well.  Visio Stencils for Citrix Products (1157)

Flexible Active/Idle Session Timeout

Yesterday I was asked to implement a time-out on active citrix sessions. The purpose for the script was to limit the maximum active session time for the user. The HKLM\System\CurrentControlSet\Control\Terminal Server\WinStations\ICA-TCP\MaxActiveSession registry key was not flexible enough and I couldn’t find a ready made solution. I decided to develop my own script based on information in the XenApp Management SDK and on CDN. After some time of scripting I found the following script working and flexible enough to meet the demands of the customer. Basically you schedule the command with the following parameter “cscript <filename.wsf> min <time-out in minutes>”

XX minutes before the session if logged off the user is send an message, the XX minutes is defined by the WarnThreshold value in the script. the Message can be customized by editing the strMsg + strTitle value.

The script can be easily adjusted to be used for a flexible Idle Time-out . the only property that has to be adjusted is Session.LogonTime into Session.LastInputTime

All warnings are logged to a logfile which you can set in the script. Make sure the account used for running the script is a XenApp Administrator.

Off course the usage of the script is based on own risk.

Download file here: Active Session Time-out (851)

Changelog:

V.1.1 

  • Changed calculation logic
  • Changed MessageType to SystemModal + Warning

V.1.0

  • Initial Release

Change NIC Configuration by command-line

Last week I was looking for a way to configure certain NIC  options by command-line/script. Options like binding order and disable services on nic’s. Initially I found it hard to find any scripts/tools. Eventually I was pointed (thanks Edwin) to a tool called NVSPBind.

To get help run “nvspbind.exe /?”

C:\>nvspbind /?

Hyper-V Network VSP Bind Application 6.1.7690.0.
Copyright (c) Microsoft Corporation. All rights reserved.

Usage: nvspbind option NIC protocol

Options:
/n display NIC information only
/u unbind switch protocol from specified nic(s)
/b bind switch protocol to specified nic(s)
/d disable binding of specified protocol from specified nic(s)
/e enable binding of specified protocol to specified nic(s)
/r repair bindings on specified nic(s)
/o show NIC order for specified protocol
/+ move specified NIC up in binding order for specified protocol
/- move specified NIC down in binding order for specified protocol
/++ move specified NIC up to top of binding order for specified protocol
/– move specified NIC down to bottom of binding order for specified protocol

There are three variations available here:

Microsoft_Nvspbind_package.EXE is the standard 64 bit version for server core.
32bit_Nvspbind_package.EXE is a 32 bit version that works on Vista and newer.
XP_Nvspbind_package.EXE is a reduced functionality 32 bit version that works on XP and newer.