Friday
Apr162010

Generating a system list from Active Directory

DateFriday, April 16, 2010 at 1:13PM

Having a large number of workstations or servers within an enterprise brings a host of challenges in trying to maintain them. We are constantly having to reach out and perform an action on a set of boxes. Relying on your own or someone else's outdated system list is not an option. A quick and easy fix is to go straight to the source. Dsquery is a command-line too that allows us to query Active Directory based on criteria we feed into it. Today we are going to focus on one common criteria used, dsquery computer, which finds computers in the directory that matches our search patterns. Here's the syntax:

dsquery computer [{<StartNode> | forestroot | domainroot}] [-o {dn | rdn | samid}] [-scope {subtree | onelevel | base}] [-name <Name>] [-desc <Description>] [-samid <SAMName>] [-inactive <NumberOfWeeks>] [-stalepwd <NumberOfDays>] [-disabled] [{-s <Server> | -d <Domain>}] [-u <UserName>] [-p {<Password> | *}] [-q] [-r] [-gc] [-limit <NumberOfObjects>] [{-uc | -uco | -uci}]

So to pull a list of workstations from OU Test we can simply run:

C:\> dsquery computer "OU=Test,DC=testdomain,DC=com" -limit 0 -o rdn

"workstation1"
"workstation2"
"workstation3"

So if we break that command down we see that we are querying the Test OU in our domain for computers, -limit 0 means give me everything found, and in an output specifed as rdn. RDN displays the relative distinguished name of each entry. This will allow us to parse it in a for loop and run commands against it.

So let's say we want to ping those machines to see which ones are up:

C:\> for /f %w in ('dsquery computer "OU=Test,DC=testdomain,DC=com" -limit 0 -o rdn') do (
more? ping -n 1 %w
more? )

Pretty easy right!

So what if you don't know what OU a workstation is in? Well dsquery can find out that too! Lets suppose your workstations are called WORKSTATION1, WORKSTATION2, and so on. We can use a portion of the name to find out where they are:

C:\> dsquery computer -limit 0 | find "WORK"

Here's a quick example of a bat file I threw together taking advantage of dsquery.

@echo off
title Build WKS List
rem --------------------------------------------
rem ScriptName: build_wks_list.bat
rem
rem Usage:
rem    build_wks_list.bat wks_OU output_dir
rem
rem Example:
rem    build_wks_list.bat Test c:\admin
rem
rem Change History:
rem    DATE    DEVELOPER    CHANGE
rem    19MAR10    shaun hess    Initial Creation
rem --------------------------------------------
IF %1.==. GOTO USAGE
IF %2.==. GOTO USAGE

setlocal
set HOSTLIST=%2\%1_wkslist.txt
set HOSTLISTTEMP=%2\%1_wkslist.tmp
rem Modify the variable below to include OU's you
rem want to run against when passing the arg "All"
set SITELIST=Test, Engineering, Production
set OU=%1
set OUTPUT_DIR=%2
set ERRORLOG=%2\build_wks_list_error.log

echo.
if exist %HOSTLISTTEMP% del /f /q %HOSTLISTTEMP%
if exist %HOSTLIST% del /f /q %HOSTLIST%

if /I %1 == all (
   for %%i in (%SITELIST%) do (
   @echo Building workstation list for OU=%%i
   dsquery computer "OU=%%i,DC=testdomain,DC=com" -limit 0 -o ^
      rdn >> %HOSTLISTTEMP% 2> %ERRORLOG%
   for /f "delims=" %%a in (%HOSTLISTTEMP%) do echo %%~a >> %HOSTLIST%
   del /f /q %HOSTLISTTEMP%
   @echo Workstation List: %HOSTLIST%
) else (
   @echo Building workstation list for OU=%1
   dsquery computer "OU=%1,DC=testdomain,DC=com" -limit 0 -o ^
      rdn >> %HOSTLISTTEMP% 2> %ERRORLOG%
   for /f "delims=" %%a in (%HOSTLISTTEMP%) do echo %%~a >> %HOSTLIST%
   del /f /q %HOSTLISTTEMP%
   @echo Workstation List: %HOSTLIST%
)
goto done

:USAGE
echo.
echo Usage:
echo.
echo build_wks_list.bat wks_OU output_dir
echo.
echo Ex: build_wks_list.bat Test c:\admin
echo.
echo You may also pass the argument "All" for
echo the OU field if your sitelist is setup.
echo.

:done
echo.
if not "%ERRORLEVEL%"=="0" (
   echo Please see %ERRORLOG% for details.
   echo.
   echo Script failed with return code %ERRORLEVEL%
   echo.
) else (
   echo Script completed successfully.
)
endlocal

exit /b

Some other useful arguments to dsquery computer are:

-name <Name>

Searches for computers whose name attributes (value of CN attribute) matches <Name>. For example, "jon*" or "*ith" or "j*th".

-desc <Description>

Searches for computers whose description attributes match <Description>. For example, "jon*", "*ith", or "j*th".

-inactive <NumberOfWeeks>

Searches for computers that have been inactive (stale) for the number of weeks thatou specify.

-stalepwd <NumberOfDays>

Searches for computers whose passwords have not changed for the number of days that you specify.

-disabled

Searches for all computers whose accounts are disabled.


If you have other handy ways to build system lists feel free to share in the comments. If not give dsquery a try!

AuthorShaun Hess | CommentPost a Comment | Reference1 Reference |
tagged , , , , , in , , ,
Sunday
Dec202009

DNS Benchmark. And the winner is....

DateSunday, December 20, 2009 at 11:33PM

When was the last time you thought about how fast your DNS queries were occurring? I will be the first to tell you that it hadn't crossed my mind in a while, but after Google recently announced a public DNS service I was curious to see how it stacked up against my current provider, Comcast. I must admit I almost changed my DNS settings blindly and was glad I didn't after running a few benchmarks.

Now a few of you may be asking why do I care and Google provides a great answer "The DNS protocol is an important part of the web's infrastructure, serving as the Internet's phone book: every time you visit a website, your computer performs a DNS lookup. Complex pages often require multiple DNS lookups before they start loading, so your computer may be performing hundreds of lookups a day." Google's pitch to try their service is based on the expectations that you will get a speed improvement, better security, and absolutely no redirection. I will leave the security claim to others and agree they have no redirection. My main focus was, can it make my browsing experience faster?

Now everyone's results will vary so before you decide to start changing your DNS servers make sure you see who offers the best performance and offers the services, availability, etcetera that you expect. Below are my results for comparison and to see what to expect.

My local providers (Comcast) DNS services outperformed the closest competitor (OpenDNS) by 29%. As you can see from the results Google wasn't even in the top 5! I had anticipated a better showing from a performance perspective from the Google offerings. Even without the performance impact you may wish to use a DNS server outside of your ISP for other reasons, such as URL blocking. Now this is a very narrow test, using only 15,052 URLs to lookup and was limited to a small window of time. I would be curious to see this test executed over a longer period of time and see if the results stick.

The DNS protocol is an important part of the web's infrastructure, serving as the Internet's phone book: every time you visit a website, your computer performs a DNS lookup. Complex pages often require multiple DNS lookups before they start loading, so your computer may be performing hundreds of lookups a day.

Why should you try Google Public DNS?

By using Google Public DNS you can:
AuthorShaun Hess | Comment1 Comment | Reference3 References |
tagged , , , , , , in ,
Saturday
Dec122009

Using SQLIOSim to simulate SQL Server activity

DateSaturday, December 12, 2009 at 11:40AM

The SQLIOSim utility from Microsoft simulates the read patterns, the write patterns, and the problem identification techniques of SQL Server. To perform these tasks, the SQLIOSim utility simulates the user activity and the system activity of a SQL Server system. The SQLIOSim utility performs this simulation independent of the SQL Server engine, meaning you can simulate I/O performance prior to deploying a full blown installation of SQL Server.

The download package contains two executable files, SQLIOSim.com and SQLIOSim.exe. Both executable files provide identical simulation capabilities. SQLIOSim.com is a command-line tool that you can configure to run without user interaction. To do this, you can use command-line parameters, a configuration file, or a combination of both of these methods. SQLIOSim.exe is a graphical application that accepts no command-line parameters. However, SQLIOSim.exe does load default configuration data from configuration files.

When you run the SQLIOSim utility, make sure that you specify the same file location that you use for your SQL Server database files. When you do this, the utility simulates the same I/O path as your SQL Server database.

For more info on SQLIOSim and download

To learn more about SQL Server I/O Patterns

AuthorShaun Hess | CommentPost a Comment | Reference2 References |
tagged , , , , in , ,
Page 1 2 3 4 5 ... 7 Next 3 Entries ยป