Get ActiveSync Users

Posted on March 3, 2011 by Steve Kremer

When you have almost 30,000 mailboxes, managing ActiveSync can become a nightmare.  The nice thing about ActiveSync is that is just works.  There is not too much configuration to get it setup, but if you do not plan ahead, you can find yourself in the same predicament as us and have 1500 people connecting through some sort of mobile device without any sort of security policy.  This is a huge security risk, and to combat it we are slowy implementing security policies by agency. So the first step in my process was to get a list of all users that have connected in the last 30 days.

So this way takes a long time if you have lots of mailboxes. For example, this takes over 55 minutes to complete in our environment. But if you do not have a lot of mailboxes, then this method should work fine for you. This report will create a CSV, and list the users name, and type of device.

Get-Mailbox -ResultSize:Unlimited | ForEach {Get-ActiveSyncDeviceStatistics -Mailbox:$_.Identity -ErrorAction SilentlyContinue}| Where{$_.LastSuccessSync -gt '01/01/11'} | Sort-Object -Property DeviceType,Identity | Select-Object @{name="EmailAddress";expression={$_.Identity.ToString().Split("\")[0]}},DeviceType | Export-Csv -Path:"c:\MobileDevices.csv"

One of the bad things about the above script is it will more than likely return some dupilcates. So to combat that, I added a where statement just so I can get the devices that have synced in the last 30 days.

get-mailbox -ResultSize unlimited -Filter {EmailAddresses -like "*@email.com" } | ForEach {Get-ActiveSyncDeviceStatistics -Mailbox:$_.Identity  -ErrorAction SilentlyContinue}| where {$_.lastsuccesssync -gt '02/01/2011'} | Sort-Object -Property DeviceType,Identity | Select-Object @{name="EmailAddress";expression={$_.Identity.ToString().Split("\")[0]}},DeviceType

Ok, now here is a quick way of doing the same thing but by using a filter. I recommend always using a filter to get your results. In this example we are filtering on EmailAddresses and only listing those people that have synced a device in the last 30 days. I spent a few hours trying to figure out how to best do this, and this is the best I could come up with. Please leave a comment if you know of a better way.

get-mailbox -ResultSize unlimited -Filter {EmailAddresses -like "*@email.com" } | ForEach {Get-ActiveSyncDeviceStatistics -Mailbox:$_.Identity  -ErrorAction SilentlyContinue}| where {$_.lastsuccesssync -gt '02/01/2011'} | Sort-Object -Property DeviceType,Identity | Select-Object @{name="EmailAddress";expression={$_.Identity.ToString().Split("\")[0]}},DeviceType | Export-Csv -Path:"c:\MobileDevices_email.com.csv"
Posted in Messaging, Scripting | 1 Comment

Guest bloggers

Posted on February 17, 2011 by brian.wuchner

Good evening, I have been speaking with co-workers about this blog and a few expressed interest in blogging about their day-to-day systems administration duties. In the near future you may see some posts from Steve Kremer. Steve is a co-worker of mine who deals with Active Directory, Citrix and Enterprise Messaging. Steve brings years of experience and a wide array of knowledge.

Posted in Messaging | Leave a comment

vCheck (daily report) version 5.31

Posted on February 4, 2011 by brian.wuchner

As many of you know, I have created a vCheck feature request list (http://bit.ly/dGrNjh) using comments from the Virtu-Al.net site. I’ve been working through them as time permits.

In a post earlier in the week, I provided a solution to make ‘vCheck as a vSphere Client “Solutions and Application”‘. This post attempted to resolve feature request items #16 and #17. If you are interested, that post is available here: http://enterpriseadmins.org/blog/?p=258. It is not really a change to vCheck, but some steps that need to happen to make vCheck appear in vCenter.

Today, I’m am posting more updates to vCheck. This updated version includes feature requests #2, #11 and #51.

# Version 5.31- bwuch: Bug fix for LockdownMode
# Version 5.30- bwuch: Add check for VMtools installer connected
# Version 5.29- bwuch: Add check for VM capacity forecasting
# Version 5.28- bwuch: Change to Get-HTMLTable function for possible performance improvements

I’m sure update 5.28 was suggested in the Virtu-Al.net comments, but for some reason I couldn’t find it on the feature request list.

Update 5.29 isn’t perfect and I wanted to let everyone know. There are comments in the code, but I wanted to add them to this post for reference. Instead of looping through all of the virtual machines and adding up the amount of space used, I simply subtract the data store free space from the capacity and assume that is how much is being used. We also make the assumption that no more than 85% of a datastores capacity will be used (to reserve room for thin-provisioned growth, snapshots, changed block tracking and log files). These assumptions make the code run pretty fast, but I’ve seen some oddities in my test environment. (Like -41 virtual machines remaining in a data center I’m sure has enough free space for 1 or 2 more VMs 🙂 ) Here is what I’ve added to the comments of the script for reference:

# The disk forecast will be per datacenter instead of per cluster since
# Get-Datastore -Entity only supports VirtualMachine, VMHost, and Datacenter objects.
# To improve performance in code, we are going to make the following assumptions
#   Assumption 1.) Disk capacity - Free Space = space used by VMs
#   Assumption 2.) used space / count of VMs = Avg Space used per VM
#   Assumption 3.) we will reserve 15% of capacity for overhead

If anyone else has a better solution (fast and accurate) please let me know.

Here is version 5.31 for those interested: Download vCheck5.31.ps1.txt

Posted in Scripting, Virtualization | 20 Comments

vCheck as a vSphere Client “Solution and Application”

Posted on February 1, 2011 by brian.wuchner

I’ve always stored my vCheck report output file in “C:\ProgramData\VMware\VMware VirtualCenter\docRoot\vCheck”. I use the file name “index.html” for the output file name, which makes it the default document name for that folder. I’ve always thought this was a really cool place to put the report, because I can simply type my vCenter server name with a “/vCheck” and see the latest report [for example, http://vcenter.domain.local/vCheck]. It automatically rewrites the URL to https just like when you go to the normal vcenter.domain.local URL.

The problem is, what I really wanted all along was for it to open up in vCenter. (It is also feature request #16 and #17 on the vCheck feature request list) I looked over the instructions at http://read.virtualizeplanet.com/?p=352 and made a sample plugin. I told it to open https://vcenter.domain.local/vCheck and then placed the XML file into my local “C:\Program Files\VMware\Infrastructure\Virtual Infrastructure Client\Plugins” just for testing. Re-launching my vCenter client gave me the new tab as expected. So far, so good. When clicking my new tab it gave me an error. 

Web Browser Unable to download vCheck from vcenter.domain.local.  Unable to open this Internet site.  The requested site is either unavailable or cannot be found. Please try again later.

I double checked my plugin XML file and everything was in order. A little more digging showed that the current ‘moref’, ‘serverGuid’, ‘sessionId’ and other query strings were being passed to my document. It appears that Apache couldn’t process those query strings, so I decided to look somewhere else. A little bit of Googling found a nice write up by EMC vSpecialist @clintonskitson. The write up is avaialble here: https://community.emc.com/message/522461 I created a copy of the index.jsp from “C:\Program Files\VMware\Infrastructure\tomcat\webapps\ROOT” and named it “vCheckRedirect.jsp”. I removed nearly all of the code and made the page do a very basic META REFRESH redirect to my existing report.

I then updated my Plugin XML to use https://vcenter.domain.local:8443/vCheckRedirect.jsp. The tab now opens a Java page, which does a simple redirect, which opens my vCheck in a tab.

Thats pretty cool, but still not what I really wanted. I now have to be in the data center inventory view to see my tab. I wanted it on the home page under ‘Solutions and Applications.’ You know, where things like Capicity IQ and vCenter Update Manager appear.

The plugin XML file had an extension parent of “InventoryView.Datacenter”. A little more digging and I found the solution. The extension parent I really wanted was “HomeView.Applications”. If you want to find more really cool places you could put this, check out the VMware document showing all of your options. It can be found here: http://www.vmware.com/support/developer/vc-sdk/vcplugin/vSphere_Plugin_40_Technote.pdf

The following articles and dcouments really helped along the way:

http://read.virtualizeplanet.com/?p=352
https://community.emc.com/message/522461
http://www.vmware.com/support/developer/vc-sdk/vcplugin/vSphere_Plugin_40_Technote.pdf

In case anyone wants to try these steps out, I’ve created a zip file that contains some Instructions and the two files needed — the plugin XML and the JSP redirect page. You can get the zip file here: vCheckPlugin.

If you test it out, please post a comment below and let me know if it worked. Thanks!

Posted in Scripting, Virtualization | 3 Comments

Which Virtual Machine consoles are open?

Posted on January 26, 2011 by brian.wuchner

Ever wonder which virtual machine consoles were open? I was working on an unrelated script the other day and stumbled on the ‘NumMksConnections’ property. It is a simple integer that appears to contain the number of open Mouse-Keyboard-Screen connections to a virtual machine. A simple PowerCLI one liner will show us all of the virtual machines with more than 0 open connections.

Get-View -viewtype virtualmachine | %{if ($_.RunTime.NumMksConnections -ne 0) {write-host $_.config.name has $_.RunTime.NumMksConnections console connection`(s`) open}}

I noticed a few other properties in RunTime that I’d like to try out. Question and ToolsInstallerMounted may be worth trying to throw in the next version of vCheck.

Posted in Scripting, Virtualization | Leave a comment