Get GeoLocation with PowerShell and set NTP Server in a GPO

Using Powershell to locate your Geographical Location with the help of GeoLocation (IP-Address) is quite easy, cool and useful!

When we build Private and Hybrid Clouds across the globe in various countries and continents I want to make sure the Active Directory PDC Emulator is using a valid time source based on that location.

GeoLocation with Powershell

So with this small script (it’s using multiple WebServices to cycle through until it gets an answer) we can get a rough location for where we are and in my case it’s usually enough to know what country the datacenter is in.

That can then be used as you see fit. Though for me, I’m using it to update the Group Policy being applied to the PDC Emulator to point to the country specific NTP Pool with the generic pool as backup value.

That’s how easy it’s to modify a Group Policy object.

Please share any solutions using GeoLocation in the comments. It might give me some nice new ideas too!

 

How to delete files in a userprofile with Group Policy Preferences

As a follow up to my post about How to automatically Hide “Configure this local server” in Server Manager. I mentioned it’s possible to remove the individual user.config files in various ways to reset the behavior and hide the Welcome Tile. You can easily do that with a GPO like this;

Paths:

It’s a Group Policy being applied to all Server Admins utilizing Group Policy Preferences to delete two files (one for Windows Server 2012R2 and one for Windows Server 2016). But it’s only doing it once to make sure that if a admin does any changes to the file it won’t be deleted again. The idea is that it will be deleted once to reset settings to the one in ServerManager.exe.config but not repeatedly after that if the administrator saves any other changes.

 

How to automatically Hide “Configure this local server” in Server Manager

After you have installed a couple of hundred servers, you may start to feel that you have seen this text a couple of times too many and start to wonder how to get rid of it…

Hide Welcome Tile

You can obviously click the “Hide” button to hide the “Configure this local server” box, which is also called “Welcome Tile”.

Show Welcome Tile

And if you would ever want to get it back, you can find it in the “View Menu”. BUT… How do you disable the Welcome Tile by default for all users?

There is unfortunately no GPO (Group Policy) to control that. Just to set if Server Manager should auto-start or not. Which does not help in this case.

The settings in Server Manager is stored in a version folder in this location:

The configuration for Server Manager is stored in a file called user.config with the interesting bits highlighted here;

WelcomeTileVisibility

So you want to Modify the “WelcomeTileVisibility” setting in that file which can be done in numerous ways. But a easier solution is to just name and copy a file with this content to that folder.

user.config

That file only contains new default WelcomeTileVisibility setting, hiding the Welcome tile for you when you launch Server Manager. And if you do any changes in Server Manager, the new settings will be saved to that file too.

But that’s a per user setting and it has to be copied to the profile after it’s been created etc etc. Making it all a bit more complicated.
Luckily there is a better and easier way to do it, where you also help your co-workers at the same time!

In your reference image, or in your Server deployment script or with PowerShell or with Group Policies or any other way you find worthy. Just use the same information as above, but save it in this path to be machine wide;

Hide Welcome Tile for everyone

Notice that it’s still the exact same content of the file;

But it’s now stored together with the ServerManager.exe file in the system32 folder making it server wide. It’s a lot easier to copy it there just once so it’s applied to everyone rather than try to get the config file into each persons profile.

Notice: If you already have a user.config file in your Profile, it may override the settings from serverManager.exe.config so delete your user.config file to verify your new setup is working as expected.

In our environment, we are deploying the file in our Server Deployment solution, and also copying it to all server with a Group Policy Preference just in case someone installed a server manually for some unknown reason.

 

Disable ASUS Mini Bar (AsPowerBar.exe)

asusminibarNot 100% work related but computer related. I reinstalled my home PC last week and also installed the ASUS AI Suite 3 tools to make it easier with overclocking and handling the fans and pump for my custom liquid cooling system.

One annoying thing is the ASUS Mini Bar (also called ASPowerBar.exe if you check in Task Manager) that automatically starts. When you logon to Windows. Easy to remove I thought and just downloaded one of the best (and free!) tools ever, called Sysinternals Autoruns which makes it super easy to see and disable all programs that automatically starts for various reasons including the ones launched form Task Manager or as Shell Extensions.

But there was no reference at all to be found related to the Asus Mini Bar. Ehh?  Well turned out that it was a lot easier than that.

asus

Just right click on the Asus AI Suite icon in the systray and remove the checkbox for ASUS Mini Bar! It’s the AI Suite tool that launches the Mini Bar…

I hope it can help someone else who’s like me digging through the Registry and Autorun folders and what ever else.

 

DVBLogic channel logos for Kodi

I’ve used Kodi (xbmc) as frontend for my DVBLogic (DVBLink) TV-Server backend. Which is working great, but I wanted to enhance the experience a bit and get channel logos for all my channels to show in the tv-listing and in EPG view.

There were unfortunately no packs of Swedish channel logos available, so I made a small powershell script that reads the channel logo URL’s from the EPG Guides and downloads them to a country specific folder. They can then be assigned in DVBLink to the right channels.

The part that took the longest to make was to find a way to download the latest Windows (Win32) version of XMLTV from Sourceforge.

The Script is Downloading Windows (Win32) version on XMLTV.exe from Sourceforge https://sourceforge.net/projects/xmltv/
It’s then unpacking the Zip file to a Directory in c:\temp\xmltv
It will run XMLTV.EXE with –configure where you will be prompted for a location of the cache and which Channels to download information for. Either manually select each channel you want logos for or select all.
XMLTV.EXE will in the next step download information to tvzon.xml. I’ve set the timespan to 0, to make the download size minimal. Meaning, if you want more EPG data, you may want to change “–days 0” to “–days 14”.
The Script is then rading tvzon.xml and downloads all Logos to a country specific folder, based on the filename.
You can now copy the folder structure into your DVBLink server installation under “Program Files (x86)\DVBLogic\DVBLink\share\channel_logos” and you can keep the folder structure.

Link if you just want to download my pack: https://www.dropbox.com/s/elmoomsiyahxc4q/SwedishChannelLogos.zip?dl=0

 

 

Addition to new-wifimac address script

A reader asked if there was a way to reset the mac-address to the original value after using my script to set a random MAC address. But also if it’s possible to schedule the script to run every XX minutes as the local coffee shop restricts internet access to 15 minutes per custo…ehh sorry, per MAC Address!

Here is a small function to reset the mac-address, by changing it to 00-00-00-00-00-00 windows will use the default hardware MAC Address of your card.

Regarding the automatic scheduling of the script. There are a couple of different ways to do that with pros and cons. It’s for example possible to start the script with Windows Task Scheduler ever X minute or let it automatically run, sleep for XX minutes and then execute again, over and over again until you stop it.

It’s even possible to have Windows Task Scheduler monitor the Event log for new Wifi Connections and if there is a connection to the Coffee House WiFi network, then start the script.

But for now, I’ve just added a very basic Loop, which you can add to the script and execute. It will generate a new random MAC Address every 13 minute (13*60 = 780 seconds) and do that 4 times before you have to restart it or you can just adjust the numbers.

Change MAC Address with PowerShell of a Wireless Adapter

As I mentioned in my post a week ago, I’m commuting each day and there is a 200MB Quota on the Wireless Network. Luckily it’s based on the MAC Address of the WiFi Card, so it’s quite easy to get another 200MB Quota if you want  😉

wifi1

Here is my small powershell script that automatically Releases the IP Address, set’s a new random MAC Address and Re-Connects to the SSID, all done in a second or two.
Yay! Another 200MB Quota to burn.

 

I’m using a Window 10 client with Hyper-V, and I’ve created a Virtual NIC for the WiFi adapter, that’s why it’s called ‘vEthernet (External Wi-Fi)’.  But you should be able to use the script with a normal WiFi Adapter too.

I’m using a Virtual WiFi Adapter, to be able to give my Virtual Machines access to internet also when I’m without a LAN.

Here is the script for creating a Virtual WiFi NIC;

 

 

Block a Service (BITS) when on Wireless and specific Subnet

I’m commuting by train each day, working. The train has a free wireless network, but it’s limited to 200MB traffic, and is then reduced to snail speed. Luckily, it’s restricted by MAC-Address so it’s quite easy to get another 200MB when you run out 😉
Though, yesterday, I ran out of my 200MB quota in less than 7 minutes, which made me confused. A quick check confirmed what I suspected. Yepp, a new build of Windows 10 – fast ring is being downloaded and eating my quota.

Quick solution; create a Windows Firewall rule that blocks BITS from downloading stuff when on Wireless and using the trains subnet.

fw1

Here is the PowerShell syntax to create a similar rule.

Yay! No more problems with eating the quota while on the train.

Geek Week – Building Datacenter and Private Cloud

Yours truly and @mikael_nystrom  are teaching a 5 day training called “Geek Week – Building Datacenter and Private Cloud“.
It’s a quite cool concept, where we are always at least 2 teachers (Mike and me, and sometimes members from our team) with a lot of real-life experience, teaching students how to build a Software Defined Private Cloud/Datacenter on Microsoft Technology in just 5 days. We have been doing this training about 4 times so far and each time got top score !

The training is covering things like; Software Defined Storage, Networking Compute, Bare Metal Deployment, SCVMM, SCOM, SCOR, Powershell(!), Azure Pack, Backup/Restore, Operational Insight, AD Design for your Fabric, GPO’s, Patch Management and a lot more!

So instead of just learning one product, you will learn the full stack, the concept, how to design, build and of course manage it.

We’ve made a short promo video with details here:

You will of course also keep the Lab Server and all the scripts!
We are both staying at the same hotel as the students, so you will have – almost 24h access to our knowledge, experience and brains during breakfast, daytime and in the bar in the evenings, Sunday-Friday.

We have delivered the training only in Sweden so far, due to the huge hardware requirements,  but have had participants from several other countries, including students from US (and doing the training in English than).

Unfortunately, for you but great for us, the next training in October, is SOLD OUT!
The next opportunity will probably be in February or March in Sweden, so talk to your manager and sign up while there are seats left.
http://www.labcenter.se/Labs#!lab=Geek_Week_-_Building_Datacenter_and_Private_Cloud  (Unfortunately only in Swedish)

Send me a mail if you have any questions: markus . lassfolk at truesec . se

The Interactive Services Detection service terminated with the following error: Incorrect function.

This morning I noticed that one of the Hyper-V Hosts at a customer were logging this error regularly in the system Eventlog;

The full detailed entry:

It looks like the events are happening every  30 minutes, and at the same time as Windows is for some (so far) unknown reason doing a reinstall of a lot of MSI packages, and the above Interactive Service is triggered at the same time as it’s reinstalling the DHCPExt.msi

I can so far unfortunately not find anything that’s logging why Windows is reconfiguring all MSI Packages on the server every 30 minutes.

It does look like it’s the DHCP Server extension that’s causing the Interactive Service errors, as they always happen at the same time. Though, the DHCP Server extension shouldn’t be reconfiguring in the first place.

We always enable the Reliability History on all servers whireliabilitych can be handy at times to see when a problem begun happening.
Check this Out!

It looks like the problem started on April 28 at 8:42 PM.

As the Reliability History tool is disabled by default, I’ll make another blogpost showing how you can enable this feature for all your servers.

Weventloghen I wanted to see what had happened around April 28th. I noticed that was the oldest entries in the Application log. When the log has become full, it has removed the oldest entries according to the settings.

So I don’t think I’ll get any more details that way, and it does look like this problem has gone on for quite some time.

I’ll just reinstall the Hyper-V Host as it’s done in a few minutes compared to spending hours trying to fix the problem.
AND… I’ll create a Group Policy that will increase the Eventlog Size to x10 the default. So the next time something like this happens, I’ll have information to dig deeper.

Updated 2015-05-19 09:08:

After doing some more digging, it seems according to this KB Article (KB974524 : Event log message indicates that the Windows Installer reconfigured all installed applications) that this problem can happen if one of the following is true:

  • You have a group policy with a WMIFilter that queries Win32_Product class.
  • You have an application installed on the machine that queries Win32_Product class.

As the problem is not happening every 90-120 minute which would be true if it was GPO Triggered, I would say it’s an application that uses the Win32_Product class. And after doing some digging, it turns out it’s a known problem with VMM which will be fixed in UR7. Or hopefully earlier with a hotfix.

Updated 2015-05-19 10:12:

Wow, I got a hotfix for the issue within 15 minutes after contacting the VMM Team.
I’ve just installed it in our test environment and will later install it in the customers production environment.

Unfortunately I don’t have a KB or Hotfix ID for this, but if you contact Premier Support I think you can mention that you need a hotfix for Engine.Adhc.Operations.dll which gives support for RegKey: UpdateDHCPExtension
That info should make them able to find the correct hotfix.