Add routes remotely Via Powershell

I have csv file that contains computer name and defaultipgateway i need to add the routes on this servre but i am receiving error while doing it remotely below is my script
$ADDs = Import-Csv .\gateway2.csv
foreach ($add in $adds) {
$computer =$add.name
$gateway = $add.DefaultipGateway
Write-Output "working on $computer in $gateway"
Invoke-Command -ComputerName $computer -ScriptBlock {route add -p 22.175.0.0 mask 254.246.0.0 $gateway; route print}
Th error is below
+ CategoryInfo : NotSpecified: (:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError
Manipulates network routing tables.
ROUTE [-f] [-p] [-4|-6] command [destination]
[MASK netmask] [gateway] [METRIC metric] [IF interface]
-f Clears the routing tables of all gateway entries. If this is
used in conjunction with one of the commands, the tables are
cleared prior to running the command.
-p When used with the ADD command, makes a route persistent across
boots of the system. By default, routes are not preserved
when the system is restarted. Ignored for all other commands,
which always affect the appropriate persistent routes. This
option is not supported in Windows 95.
-4 Force using IPv4.
-6 Force using IPv6.

Thanks for the reply it worked with little modification i specified CSV path directly instead of using split
i have few question what is the use of split-path and $pscommandoath parameter why do we use args [0].once again thanks for the help
below is the script
$FileData = Import-Csv -Path excel.csv
$Object = @()
Foreach ($Entry in $FileData) {
$Object += New-Object PSObject -Property @{
Name = $Entry.Name
Gateway = $Entry.DefaultipGateway
Foreach ($Obj in $Object) {
Invoke-Command -ComputerName $Obj.Name -ScriptBlock {
Write-Output -Verbose $env:COMPUTERNAME
Write-Output -Verbose $args[0]
#route add -p 25.175.0.0 mask 255.246.0.0 $args[0]
#route print
} -ArgumentList $Obj.Gateway

Similar Messages

Installing SQL Server 2012 remotely via Powershell using Invoke-Command

I am trying to perform a SQL Server 2012 command line installation using Powershell Invoke-Command on Windows 2012 Datacenter.
The code I am using is as follows:
$ret = Invoke-Command -ComputerName $COMPUTER -ArgumentList $MEDIA,$ACTION,$FEATURES,$INSTALLDIR,$INSTANCEID,$INSTANCENAME,$SQLDATADRIVE,$SQLLOGDRIVE,$DOMAIN,$SQLSERVERSERVICEUSER,$SQLSERVICEPASSWORD,$PRODUCTKEY,$SQLSERVERSA,$username,$ADMINPASSWD
-Credential $cred -ScriptBlock {
  param($MEDIA,
     $ACTION,
     $FEATURES,
     $INSTALLDIR,
     $INSTANCEID,
     $INSTANCENAME,
     $SQLDATADRIVE,
     $SQLLOGDRIVE,
     $DOMAIN,
     $SQLSERVERSERVICEUSER,
     $SQLSERVICEPASSWORD,
     $PRODUCTKEY,
     $SQLSERVERSA,
     $USERNAME,
     $PASSWD)
  Set-Location $MEDIA
  Import-Module ServerManager
  if (-not [IO.Directory]::Exists($MEDIA)){
   $hn = hostname
   return 0,"Failed to find SQL Server Installer at $MEDIA on $hn"
  $tran = ""
  Try{
   & $MEDIA\setup.exe /ACTION=$ACTION /Q /FEATURES=$FEATURES /IACCEPTSQLSERVERLICENSETERMS /UPDATEENABLED=False /INSTALLSHAREDDIR="$INSTALLDIR\Program Files\Microsoft SQL Server" /INSTALLSHAREDWOWDIR="$INSTALLDIR\Program Files
(x86)\Microsoft SQL Server" /RSINSTALLMODE="FilesOnlyMode" /INSTANCEID="$INSTANCEID" /INSTANCENAME="$INSTANCENAME" /INSTANCEDIR="$INSTALLDIR\Program Files\Microsoft SQL Server" /ENU="True" /AGTSVCSTARTUPTYPE="Automatic"
/SQLSVCSTARTUPTYPE="Automatic" /NPENABLED=1 /TCPENABLED=1 /RSSVCStartupType="Automatic" /ERRORREPORTING=0 /SQMREPORTING=0 /INDICATEPROGRESS /INSTALLSQLDATADIR="$SQLDATADRIVE\DATA" /SQLUSERDBDIR="$SQLDATADRIVE\DATA" /SQLUSERDBLOGDIR="$SQLLOGDRIVE\LOG"
/ASDATADIR="$SQLDATADRIVE\OLAP\DATA" /ASLOGDIR="$SQLLOGDRIVE\OLAP\Log" \ASBACKUPDIR="$SQLDATADRIVE\OLAP\Backup" \ASTEMPDIR="$SQLDATADRIVE\OLAP\Temp" /ASCONFIGDIR="$SQLDATADRIVE\OLAP\Config" /ASCOLLATION="Latin1_General_CI_AS"
/SQLCOLLATION="SQL_Latin1_General_CP1_CS_AS" /SQLSVCACCOUNT="$DOMAIN\$SQLSERVERSERVICEUSER" /SQLSVCPASSWORD="$SQLSERVICEPASSWORD" /AGTSVCACCOUNT="$DOMAIN\$SQLSERVERSERVICEUSER" /AGTSVCPASSWORD="$SQLSERVICEPASSWORD"
/ASSVCACCOUNT="$DOMAIN\$SQLSERVERSERVICEUSER" /ASSVCPASSWORD="$SQLSERVICEPASSWORD" /RSSVCACCOUNT="$DOMAIN\$SQLSERVERSERVICEUSER" /RSSVCPASSWORD="$SQLSERVICEPASSWORD" /FTSVCACCOUNT="NT AUTHORITY\LOCAL SERVICE"
/INDICATEPROGRESS > $out
  } Catch [System.Exception] {
   return 0,$_.Exception.ToString()
  if ($tran -ne ""){
   $out += $tran
  return 1,$out
The media resides on the server that I am remoting to in powershell and the server is on the same domain. The credentials I pass are for a Domain Admin, but SQL Server fails to validate the credentials for the passed parameter for the sql service user with
a Access Denied.
If I run the same command with the same user directly on the server it works fine.
My guess is that the elavated privs for Administrator are not being set when using Invoke-Command? Is there a way to utilize powershell to install SQL Server 2012 with command line option using the invoke-command and passing credentials? Or is this a limitation
to the SQL Server installer. If there is can a example be provided?

Ok, so with the help of some friends, we found a fix that works!
Prior to running the Invoke-Command I now run:
# enable CredSSP on a client computer; this command allows the client credentials to be delegated to the server01 computer.:
Enable-WsManCredSSP -Role Client -DelefateComputer server.some.domain.com
Then I add the -Authentication option to my Invoke-Command with option Credssp.
The install the works fine. Hope this helpes all.

Trying to add Admin account in project server 2010 via powershell

Dear All
Unfortunately some one removed admin account from PWA 2010 so i have tried to add admin account via powershell command
New-SPProjectSiteAdministrator -AdminAccount "dir\santosh" -Url "https://myserver/PWA"
New-SPProjectSiteAdministrator : <nativehr>0x80070005</nativehr><nativestack></nativestack> At line:1 char:31 + New-SPProjectSiteAdministrator <<<< -AdminAccount "dir\santosh"
-Url "https://myserver/PWA" + CategoryInfo : InvalidData: (Microsoft.Offic...ewAdministrator:PSCmdletNewAdministrator) [New-SPProjectSiteAdministrator], Unaut
horizedAccessException + FullyQualifiedErrorId : Microsoft.Office.Project.Server.Cmdlet.PSCmdletNewAdministrator
Getting above error
Help me
Regards
Santhu

Hello,
Can't you log in with an account that is already in the Administrators group then add the new account? I think you will need to run the command with a user account that already has admin access to PWA - I don't currently have an environment to test this
on.
Paul
Paul Mather | Twitter |
http://pwmather.wordpress.com | CPS

[Forum FAQ] How to install and configure Windows Server Essentials Experience role on Windows Server 2012 R2 Standard via PowerShell locally and remotely

As we all know,
the Windows Server Essentials Experience role is available in Windows Server 2012 R2 Standard and Windows Server 2012 R2 Datacenter. We can add the Windows Server
Essentials Experience role in Server Manager or via Windows PowerShell.
In this article, we introduce the steps to install and configure Windows
Server Essentials Experience role on Windows Server 2012 R2 Standard via PowerShell locally and remotely. For better analyze, we divide this article into two parts.
Before installing the Windows Server Essentials Experience Role, please use
Get-WindowsFeature
PowerShell cmdlet to ensure the Windows Server Essentials Experience (ServerEssentialsRole) is available. (Figure 1)
Figure 1.
Part 1: Install Windows Server Essentials Experience role locally
Add Windows Server Essentials Experience role
Run Windows PowerShell as administrator, then type
Add-WindowsFeature ServerEssentialsRole cmdlet to install Windows Server Essentials Experience role. (Figure 2)
Figure 2.
Note: It is necessary to configure Windows Server Essentials Experience (Post-deployment Configuration). Otherwise, you will encounter following issue when opening Dashboard.
(Figure 3)
Figure 3.
2. Configure Windows Server Essentials Experience role
(1) In an existing domain environment
Firstly, please join the Windows Server 2012 R2 Standard computer to the existing domain through the path:
Control Panel\System\Change Settings\”Change…”\Member of. (Figure 4)
Figure 4.
After that, please install Windows Server Essentials Experience role as original description. After installation completed, please use the following command to configure Windows
Server Essentials:
Start-WssConfigurationService –Credential <Your Credential>
Note: The type of
Your Credential should be as: Domain-Name\Domain-User-Account.
You must be a member of the Enterprise Admin group and Domain Admin group in Active Directory when using the command above to configure Windows Server Essentials. (Figure 5)
Figure 5.
Next, you can type the password for the domain account. (Figure 6)
Figure 6.
After setting the credential, please type “Y” to continue to configure Windows Server Essentials. (Figure 7)
Figure 7.
By the way, you can use
Get-WssConfigurationStatus
PowerShell cmdlet to
get the status of the configuration of Windows Server Essentials. Specify the
ShowProgress parameter to view a progress indicator. (Figure 8)
Figure 8.
(2) In a non-domain environment
Open PowerShell (Run as Administrator) on the Windows Server 2012 R2 Standard and type following PowerShell cmdlets: (Figure 9)
Start-WssConfigurationService -CompanyName "xxx" -DNSName "xxx" -NetBiosName "xxx" -ComputerName "xxx” –NewAdminCredential $cred
Figure 9.
After you type the commands above and click Enter, you can create a new administrator credential. (Figure 10)
After creating the new administrator credential, please type “Y” to continue to configure Windows Server Essentials. (Figure 11)
After a reboot, all the configurations will be completed and you can open the Windows Server Essentials Dashboard without any errors. (Figure 12)
Figure 12.
Please click to vote if the post helps you. This can be beneficial to other community members reading the thread.

Part 2: Install and configure Windows Server Essentials Experience role remotely
In an existing domain environment
In an existing domain environment, please use following command to provide credential and then add Server Essentials Role: (Figure 13)
Add-WindowsFeature -Name ServerEssentialsRole
-ComputerName xxx -Credential DomainName\DomainAccount
Figure 13.
After you enter the credential, it will start install Windows Server Essentials role on your computer. (Figure 14)
Figure 14.
After the installation completes, it will return the result as below:
Figure 15.
Next, please use the
Enter-PSSession
cmdlet and provide the correct credential to start an interactive session with a remote computer. You can use the commands below:
Enter-PSSession –ComputerName
xxx –Credential DomainName\DomainAccount (Figure 16)
Figure 16.
Then, please configure Server Essentials Role via
Add-WssConfigurationService cmdlet and it also needs to provide correct credential. (Figure 17)
Figure 17.
After your credential is accepted, it will update and prepare your server. (Figure 18)
Figure 18.
After that, please type “Y” to continue to configure Windows Server Essentials. (Figure 19)
Figure 19.
2. In a non-domain environment
In my test environment, I set up two computers running Windows Server 2012 R2 Standard and use Server1 as a target computer. The IP addresses for the two computers are as
below:
Sevrer1: 192.168.1.54
Server2: 192.168.1.53
Run
Enable-PSRemoting –Force on Server1. (Figure 20)
Figure 20.
Since there is no existing domain, it is necessary to add the target computer (Server1) to a TrustedHosts list (maintained by WinRM) on Server 2. We can use following command
to
add the TrustedHosts entry:
Set-Item WSMan:\localhost\Client\TrustedHosts IP-Address
(Figure 21)
Figure 21.
Next, we can use
Enter-PSSession
cmdlet and provide the correct credential to start an interactive session with the remote computer. (Figure 22)
Figure 22.
After that, you can install Windows Server Essentials Experience Role remotely via Add-WindowsFeature ServerEssentialsRole cmdlet. (Figure 23)
Figure 23.
From figure 24, we can see that the installation is completed.
Figure 24.
Then you can use
Start-WssConfigurationService cmdlet to configure Essentials Role and follow the steps in the first part (configure Windows Server Essentials Experience in a non-domain environment) as the steps would be the same.
The figure below shows the status of Windows Server Essentials.
Figure
25.
Finally, we have successfully configured Windows Server Essentials on Server1. (Figure 26)
Figure 26.
More information:
[Forum
FAQ] Introduce Windows Powershell Remoting
Windows Server Essentials Setup Cmdlets
Please click to vote if the post helps you. This can be beneficial to other community members reading the thread.

Can you add delegate access to a user's calendar or mailbox folder via powershell?

Basically I want to know if you can grant a user delegate access to another user's calendar or meeting room using native powershell commands?
I know you can do this via method 1, listed below, however when you grant permissions in this way and if a user wants to see who has delegate access to their calendar or inbox by going to delegate access in outlook they will not see user's who have access
to their calendar or inbox.
Method 1:
Add-MailboxFolderPermission -Identity "userA:\Calendar" -User UserB -AccessRights editor
The above is a nice and simple way of granting userB EDITOR access to UserA's calendar.
But as stated above as you are using mailboxFolderPermissions and not DelegateAccess, this applies directly to this folder and if userA goes to their delegate access view in Outlook, they will not see that userB has access to their calendar.
I know that you can use the below commands to see a list of user's who have delegate access to you calendar:
Get-Mailbox userA | Get-CalendarProcessing | select resourcedelegates
I am new to powershell and don't know if there is a way of setting delegate access to a user's calendar or inbox/folder via powershell commands, similar to the above.
Any help with this query would be much appreciated!
thanks

Delegate access is simply a combination of folder rights (which you've described) and Send As right, which is conferred by Add-MailboxPermission or Send On Behalf of right, which I'm not sure if you can confer with PowerShell. Set-CalendarProesssing applies
to resource mailboxes like conference rooms, not to user mailboxes.
Update: "Send on Behalf of" is conferred this way:
Set-Mailbox UserMailbox -GrantSendOnBehalfTo UserWhoSends
Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

How to Add Multiple Driver Packages Using Reference File via PowerShell

Hey All -
I've got a task I'm working on which would be much easier via PowerShell. I tried figuring it out, but couldn't so thought I'd post.
The Task
I need to create about 50 new, empty driver packages (most are in the same folder in the console) and am trying to find a method of doing so where I may use a source text file / csv file as reference in the command line. Each package has a unique name
and source path. Here are examples:
- Latitude E5440 Win7 x86 [A01] \\server\drivers\5440x86
- Latitude E5440 Win7 x64 [A01] \\server\drivers\5440x64
The Structure
All of the ones I want to add via PowerShell will go into the same folder in the console. They will be in the folder "root\New Drivers\Dell CAB Drivers"
Any ideas or will this just take more time than it's worth for 50? Thanks!
Ben K.

Also, the creation of the driver package won't be your biggest challenge, as it's as simple as New-CMDriverPackage (see:
http://technet.microsoft.com/en-us/library/jj821724(v=sc.20).aspx).
The biggest challenge is relating your models to a share name (unless they're all Latitude).
My Blog: http://www.petervanderwoude.nl/
Follow me on twitter: pvanderwoude

Add Multiple Domains as an External Relay via powershell from a list

Hello,
I have a requirement to add a few hundred external domains as a relay and would like to accomplish this via powershell. I'm familiar with the command to submit 1 at a time but would like to have it read them all in from a list if possible. Any help would
be great!
Thank you,
Eric

Hello Eric,
Just replied similar question in a thread, you can refer to that...
http://social.technet.microsoft.com/Forums/exchange/en-US/b84cd2e7-5fb3-4a1d-9bcc-41acdb7142a2/adding-multiple-accepted-domains-with-importcsv?forum=exchangesvrdeploy

How to add "Computer Description" locally to 300 Servers in our domain via PowerShell.

I'd like to use Powershell to add "Computer Description" locally to 300 Servers in domain.
I found a solution here which works but it adds "Computer Description" only to a single computer.
http://social.technet.microsoft.com/Forums/windowsserver/en-US/a777f07c-f9be-4eb5-8788-de7e5c068411/changing-computer-descriptions-remotely-using-powershell?forum=winserverpowershell
I do have a CSV file with two column headers "Server" and "Description" containing Computer Description for all 300 Servers.
I'm new to Powershell and would appreciate a step by step method.
Thanks.
st

Hi Mike Laughlin,
Your Script worked beautifully on most Servers.
There were some Servers on which it did not work. It showed this error in red color:
Get-WmiObject : The RPC server is unavailable. (Exception from HRESULT:
0x800706BA)
At line:2 char:17
+ $OSValues = Get-WmiObject -Class Win32_OperatingSystem -ComputerName
$_.Serv ...
+
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [Get-WmiObject], COMExcept
ion
+ FullyQualifiedErrorId : GetWMICOMException,Microsoft.PowerShell.Commands
.GetWmiObjectCommand
Property 'Description' cannot be found on this object; make sure it exists and
is settable.
At line:3 char:5
+ $OSValues.Description = $_.Description
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : PropertyNotFound
You cannot call a method on a null-valued expression.
At line:4 char:5
+ $OSValues.Put()
+ ~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull
Hi tommymaynard,
Should I now try your Script ?

Cisco ASA 5505 VPN connection issue ("Unable to add route")

I'm trying to get IPSec VPN working onto a new Cisco ASA5505. Pretty standard configuration.
Setup:
* Cisco VPN client on Windows 7 (v5.0.07.0290 x64 on Laptop1 and v5.0.07.0440 x64 on Laptop2)
* PPPoE/NAT and internal DHCP on the ASA were configured with the Startup Wizard in ASDM
NATting is working fine - internal PCs get an IP address in the 192.168.2.0/24 range and can all access the Internet.
I wanted to be able to connect from anywhere to the ASA in order to reach one of the internal servers. Should be pretty basic.
First I tried with the built-in ASDM IPSec Wizard, instructions found here.
VPN clients can connect to the ASA, are connected (until they're manually disconnected), but cannot reach the internal network nor the Internet. Note VPN client can connect fine to a different VPN site (not administered by myself).
Client logs show following error messages:
1 15:53:09.363 02/11/12 Sev=Warning/3     IKE/0xA300005F
Firewall, Cisco Intrusion Prevention Security Agent, is not running, the client will not send firewall information to concentrator.
2 15:53:13.593 02/11/12 Sev=Warning/2     CVPND/0xE3400013
AddRoute failed to add a route with metric of 0: code 160
Destination     192.168.1.255
Netmask     255.255.255.255
Gateway     172.16.1.1
Interface     172.16.1.101
3 15:53:13.593 02/11/12 Sev=Warning/2     CM/0xA3100024
Unable to add route. Network: c0a801ff, Netmask: ffffffff, Interface: ac100165, Gateway: ac100101.
4 15:54:30.425 02/11/12 Sev=Warning/2     CVPND/0xA3400015
Error with call to IpHlpApi.DLL: CheckUpVASettings: Found IPADDR entry addr=172.16.1.101, error 0
5 15:54:31.433 02/11/12 Sev=Warning/2     CVPND/0xA3400015
Error with call to IpHlpApi.DLL: CheckUpVASettings: Found IPADDR entry addr=172.16.1.101, error 0
6 15:54:32.445 02/11/12 Sev=Warning/2     CVPND/0xA3400015
Error with call to IpHlpApi.DLL: CleanUpVASettings: Was able to delete all VA settings after all, error 0
7 20:50:45.355 02/11/12 Sev=Warning/3     IKE/0xA300005F
Firewall, Cisco Intrusion Prevention Security Agent, is not running, the client will not send firewall information to concentrator.
8 20:50:50.262 02/11/12 Sev=Warning/2     CVPND/0xE3400013
AddRoute failed to add a route with metric of 0: code 160
Destination     192.168.1.255
Netmask     255.255.255.255
Gateway     172.16.1.1
Interface     172.16.1.100
9 20:50:50.262 02/11/12 Sev=Warning/2     CM/0xA3100024
Unable to add route. Network: c0a801ff, Netmask: ffffffff, Interface: ac100164, Gateway: ac100101.
I've already tried the suggestions from this link, although the problem is different there (as the user can still access the internet, even without split tunneling, which I cannot).
A show run shows the following output (note in the below I have tried a different VPN network: 192.168.3.0/24 instead of 172.16.1.0/24 seen in the Client log)
Result of the command: "sh run"
: Saved
ASA Version 8.2(5)
hostname AsaDWD
enable password kLu0SYBETXUJHVHX encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address 192.168.2.254 255.255.255.0
interface Vlan2
nameif outside
security-level 0
pppoe client vpdn group DW-VPDN
ip address pppoe setroute
ftp mode passive
access-list inside_nat0_outbound extended permit ip any 192.168.3.0 255.255.255.240
pager lines 24
logging enable
logging asdm informational
mtu outside 1500
mtu inside 1500
ip local pool DWD-VPN-Pool 192.168.3.5-192.168.3.15 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 0.0.0.0 0.0.0.0
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 192.168.2.0 255.255.255.0 inside
http 0.0.0.0 0.0.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh timeout 5
console timeout 0
vpdn group DW-VPDN request dialout pppoe
vpdn group DW-VPDN localname fa******@SKYNET
vpdn group DW-VPDN ppp authentication pap
vpdn username fa******@SKYNET password *****
dhcpd auto_config outside
dhcpd address 192.168.2.5-192.168.2.36 inside
dhcpd domain DOMAIN interface inside
dhcpd enable inside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
group-policy DWD internal
group-policy DWD attributes
vpn-tunnel-protocol IPSec
username test password ******* encrypted privilege 0
username test attributes
vpn-group-policy DWD
tunnel-group DWD type remote-access
tunnel-group DWD general-attributes
address-pool DWD-VPN-Pool
default-group-policy DWD
tunnel-group DWD ipsec-attributes
pre-shared-key *****
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:3e6c9478a1ee04ab2e1e1cabbeddc7f4
: end
I've installed everything using the CLI as well (after a factory reset). This however yielded exactl the same issue.
Following commands have been entered:
ip local pool vpnpool 172.16.1.100-172.16.1.199 mask 255.255.255.0
username *** password ****
isakmp policy 1 authentication pre-share
isakmp policy 1 encryption 3des
isakmp policy 1 hash sha
isakmp policy 1 group 2
isakmp policy 1 lifetime 43200
isakmp enable outside
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map outside_dyn_map 10 set transform-set ESP-3DES-SHA
crypto dynamic-map outside_dyn_map 10 set reverse-route
crypto dynamic-map outside_dyn_map 10 set security-association lifetime seconds 288000
crypto map outside_map 10 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map interface outside
crypto isakmp nat-traversal
sysopt connection permit-ipsec
sysopt connection permit-vpn
group-policy dwdvpn internal
group-policy dwdvpn attributes
vpn-tunnel-protocol IPSec
default-domain value DWD
tunnel-group dwdvpn type ipsec-ra
tunnel-group dwdvpn ipsec-attributes
pre-shared-key ****
tunnel-group dwdvpn general-attributes
authentication-server-group LOCAL
default-group-policy dwdvpn
Unfortunately I'm getting the same "AddRoute failed to add a route with metric of 0: code 160" error message.
I'm very confused as this should be a pretty standard setup. I tried to follow the instructions on the Cisco site to the letter...
The only "differences" in my setup are an internal network of 192.168.2.0 (with ASA IP address 192.168.2.254) and PPPoE with DHCP instead of no PPPoE at all.
Does anyone know what's going on?

Yes, I have tried from a different laptop - same results. Using that laptop I can connect to a different IPSec site without issues.
Please find my renewed config below:
DWD-ASA(config)# sh run: Saved:ASA Version 8.2(5) !hostname DWD-ASAenable password ******* encryptedpasswd ****** encryptednames!interface Ethernet0/0 switchport access vlan 2!interface Ethernet0/1!interface Ethernet0/2!interface Ethernet0/3!interface Ethernet0/4!interface Ethernet0/5!interface Ethernet0/6!interface Ethernet0/7!interface Vlan1 nameif inside security-level 100 ip address 192.168.2.254 255.255.255.0 !interface Vlan2 nameif outside security-level 0 pppoe client vpdn group DWD ip address pppoe setroute !ftp mode passiveaccess-list inside_nat0_outbound extended permit ip any 192.168.50.0 255.255.255.224 pager lines 24logging asdm informationalmtu inside 1500mtu outside 1500ip local pool vpnpool 192.168.50.10-192.168.50.20 mask 255.255.255.0icmp unreachable rate-limit 1 burst-size 1no asdm history enablearp timeout 14400global (outside) 1 interfacenat (inside) 0 access-list inside_nat0_outboundnat (inside) 1 0.0.0.0 0.0.0.0timeout xlate 3:00:00timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolutetimeout tcp-proxy-reassembly 0:01:00timeout floating-conn 0:00:00dynamic-access-policy-record DfltAccessPolicyhttp server enablehttp 192.168.2.0 255.255.255.0 insidehttp 0.0.0.0 0.0.0.0 outsideno snmp-server locationno snmp-server contactsnmp-server enable traps snmp authentication linkup linkdown coldstartcrypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac crypto ipsec security-association lifetime seconds 28800crypto ipsec security-association lifetime kilobytes 4608000crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAPcrypto map outside_map interface outsidecrypto isakmp enable outsidecrypto isakmp policy 10 authentication pre-share encryption 3des hash sha group 2 lifetime 86400telnet timeout 5ssh 0.0.0.0 0.0.0.0 outsidessh timeout 5console timeout 0vpdn group DWD request dialout pppoevpdn group DWD localname *****@SKYNETvpdn group DWD ppp authentication papvpdn username *****@SKYNET password ***** dhcpd auto_config outside!dhcpd address 192.168.2.10-192.168.2.40 insidedhcpd enable inside!threat-detection basic-threatthreat-detection statistics access-listno threat-detection statistics tcp-interceptwebvpn enable outside svc enablegroup-policy DfltGrpPolicy attributes vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpngroup-policy dwdipsec internalgroup-policy dwdipsec attributes vpn-tunnel-protocol IPSec default-domain value DWDDOMusername user1 password ***** encrypted privilege 0username user1 attributes vpn-group-policy dwdipsectunnel-group dwdipsec type remote-accesstunnel-group dwdipsec general-attributes address-pool vpnpool default-group-policy dwdipsectunnel-group dwdipsec ipsec-attributes pre-shared-key *****tunnel-group dwdssl type remote-accesstunnel-group dwdssl general-attributes address-pool vpnpool!class-map inspection_default match default-inspection-traffic!!policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect ip-options !service-policy global_policy globalprompt hostname context no call-home reporting anonymousCryptochecksum:f5c8dd644aa2a27374a923671da1c834: endDWD-ASA(config)#

Issues updating/setting multi value lookup columns via powershell

Hi All,
I have an issue updating multi values in a lookup field via powershell
I can update a single value lookup field as below but can't get to update if its multi value.
As stated below when I hardcode it. It works.
No idea what 'm missing. Any help will be appreciated.
#Hardcoded works below as you can see i'm setting 3 values
$array = @($realval.Split(';'))
for ($i = 0; $i -lt $array.Count - 1; $i += 2)
$word = $array[$i].Trim('#')
$number = $array[$i+1].Trim('#')
"$number $word"
$lookupvalue1 = GetLookUpValues -val $number
[Microsoft.SharePoint.SPFieldLookupValueCollection] $itemValues = New-Object Microsoft.SharePoint.SPFieldLookupValueCollection
[Microsoft.SharePoint.SPFieldLookupValue] $lookupvalue = New-Object Microsoft.SharePoint.SPFieldLookupValue
[Microsoft.SharePoint.SPFieldLookupValue] $lookupvalue2 = New-Object Microsoft.SharePoint.SPFieldLookupValue
[Microsoft.SharePoint.SPFieldLookupValue] $lookupvalue3 = New-Object Microsoft.SharePoint.SPFieldLookupValue
$lookupvalue.LookupId = 1
$lookupvalue2.LookupId = 2
$lookupvalue3.LookupId = 6
$itemValues.Add($lookupvalue)
$itemValues.Add($lookupvalue2)
$itemValues.Add($lookupvalue3)
#$itemValues.Add($lookupvalue)
$CMRSItems["Event Type"] = $itemValues;
Write-Host "items:" $itemValues
$CMRSItems.Update()
# This works when its updating only one value but when it needs to update multivalue it only updates the last one
#so for example with the lookupvalue above only 6 gets updated below
$array = @($realval.Split(';'))
for ($i = 0; $i -lt $array.Count - 1; $i += 2)
$word = $array[$i].Trim('#')
$number = $array[$i+1].Trim('#')
#$number
"$number $word"
#send param to GetLoolValues func to return records as SPFieldLookupValue
$lookupvalue1 = GetLookUpValues -val $number
#I can view the lookupvalue returned successfully
#Write-Host $lookupvalue1
[Microsoft.SharePoint.SPFieldLookupValueCollection] $itemValues = New-Object Microsoft.SharePoint.SPFieldLookupValueCollection
#This LookupId returns 3 values like on the hardcoded one above like so :1,2,6
$lookupvalue.LookupId = $number
$itemValues.Add($lookupvalue)
$CMRSItems["Event Type"] = $itemValues;
#I can view the items returned successfully
Write-Host "items:" $itemValues
$CMRSItems.Update()

The problem I can see with your code is that the below line of code, you are instantiating inside the for loop. This should have been outside the for loop as by keeping it inside the loop you are overriding the value.
[Microsoft.SharePoint.SPFieldLookupValueCollection] $itemValues = New-Object Microsoft.SharePoint.SPFieldLookupValueCollection
Please have a look at the below solution and modify your code as per your requirement. What I am trying to achieve in the below code is that I have a listA in which one of the field is being used as a multi-lookup in my listB.
$lookupCollection = $something.split(";")
$LookupMasterList=$web.Lists["ListA"]
[Microsoft.SharePoint.SPFieldLookupValueCollection] $lookupValueCollection = New-Object Microsoft.SharePoint.SPFieldLookupValueCollection
#Get the Lookup Item from Parent List
foreach($item in $lookupCollection){
IF([string]::IsNullOrEmpty($item.trim())) {
continue;
$LookupItem = $LookupMasterList.Items | Where-Object { $_.Item("FieldInternalName") -eq $item.trim()}
if($LookupItem -ne $null)
$myLookup = New-Object Microsoft.Sharepoint.SPFieldLookupValue($LookupItem.ID,$item.trim())
$lookupValueCollection.Add($myLookup);
#Set the Lookup field value
if([string]::IsNullOrEmpty($lookupValueCollection)){
continue;
else{
$newItem["Lookupfieldinternalname"] = $lookupValueCollection
The above logic has no hard coding and it fetches the lookup information directly from the master list and generates a collection based on that. You can modify the above code as per your requirement.
Geetanjali Arora | My blogs |

How do I connect Keynote Remote via Blue Tooth NOT a WiFi network

Being a novice, at best, "What are the "steps" to connect Keynote Remote, via BlueTooth MacBook Pro and I-Pad

Thank you for the reply.
ctrl B makes the top bar (File. Edit. View. Controls. Store. Help.) appear and disappear.
ctrl S makes a side bar appear on the left side of iTunes. It shows the library which has Music. Movies. TV Shows. Apps. Playlists. Ect.
When I did the steps you suggested, my iPhone did not show up in that list.
I checked my firewall settings again, and they seem to be okay. My firewall is the only thing that I am not 100% sure of. If I go to Control Pannel>System and Security>Windows Firewall>Allow an app through Windows Firewall. It shows that iTunes is allowed. I'm not sure if something else might need to be allowed as well though. I have a few Remote options that are not allowed such as, Remote Event Log Management, Remote Scheduled Tasks Management, Remote Shutdown, Remote Volume Management, and Routing and Remote Access. I'm not sure if any of these need to be allowed or not, or if they are even affiliated with iTunes.

Adding a shared mailbox to a user's Outlook profile, who has reviewer rights only, via PowerShell

Hello Everyone,
I'm working on trying to create something like a knowledge base for my company, and what I'm trying to accomplish is to create a shared mailbox on 365, add users to have read-only rights to the Inbox (which I can achieve via PowerShell) so they can't delete
the articles, but it seems that by just adding Reviewer permission to a user, it doesn't force the mailbox to open on the end-user's Outlook profile - it only seems to automatically populate if I go through the exchange admin console and allow Full Access
through User Delegation.
Is there a way, via PowerShell, to open a shared mailbox in a user's Outlook profile?
Thanks for all the help!

Hi,
We can create a PRF file that modifies the existing Outlook profile to add the shared mailbox.
Please have a look at this thread which discussed a similar issue:
http://social.technet.microsoft.com/Forums/systemcenter/en-US/374e5a31-1732-45b8-afdd-7c0987e04a7e/how-to-add-additional-mailboxes-in-outlook-for-exchange
For more information about Customize Outlook profiles by using an Outlook Profile (PRF) file, see:
http://technet.microsoft.com/en-us/library/cc179062(v=office.14).aspx
Hope this helps.
Regards,
Steve Fan
TechNet Community Support

Assign applications to MakeModel via Powershell

I am attempting to script adding Multiple make an models via PowerShell. I need to know if I can add a LTI application to the makemodel ID via PowerShell assuming I have the application's GUID.

Looks like that does no work either:
PS C:\Users\Administrator\Documents> New-MDTMakeModel -make 'VMware, Inc. 001' -model 'VMware Virtual Platform' -settings @{Application001="5da3d622-c936-4ccc-836e-f5833da0d416"}
Exception calling "ExecuteScalar" with "0" argument(s): "Invalid column name 'A
pplication001'."
At C:\Users\Administrator\Downloads\mdtdb\MDTDB.psm1:1177 char:43
+         $null = $settingsCmd.ExecuteScalar <<<< ()
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : DotNetMethodException
Added settings for the specified make model
The Make and Model get added but the applications are not assigned. I had copied the guid directly from the workbench. What is interesting is that when something successfully is imported the list of all available options appear, however Application
is not one of them.

DELETE Windows Agents (agent monitored computers) via Powershell - HOW??

It's really ridiculous that I have to ask this question, but as the shaft
has clearly not given the countless scom customers of the world this information in an easy straightforward manner, I will ask the question.
As bazillions of you have discovered through days of endless googling, there is NO easy way to simply delete windows agents (AGENT MANAGED COMPUTERS) from the scom console via powershell by using something as crazy and far out there as a ............cmdlet
I could RING the necks of the shaft personnel who have not supplied the countless scom customers with this simple AND VERY NEEDED functionality - this is ground zero functionality, NOWHERE TO BE FOUND. I did find old 2007 scripts, and scripts that
just don't work, or poorly documented methods, etc.
So I wanted to ask if anyone out there has a straightforward, WORKING solution to do the following:
completely DELETE windows agents (AGENT MANAGED COMPUTERS) from the scom console using
powershell AND a provided text list file of servers (I.E. C:\TEMP\serverlist.txt )
On behalf of the entire world, thanks in advance.

There is no need to install anything, these commands will work on any server that has SCOM installed.
This is a powershell script.
If you need to use this to read from a text file with one server per line (let's say C:\temp\agentlist.txt ), what you could do is copy this into a .ps1 file :
function global:Delete-SCOMAgent([System.String[]] $agentNames)
$administration = (get-scommanagementgroup).getadministration()
$agentManagedComputerType = [Microsoft.EnterpriseManagement.Administration.AgentManagedComputer]
$genericListType = [System.Collections.Generic.List``1]
$genericList = $genericListType.MakeGenericType($agentManagedComputerType)
$agentlist = new-object $genericList.FullName
foreach ($agentName in $agentNames)
$agent = Get-SCOMAgent -dnshostname $agentname*
$agentlist.add($agent)
$genericReadOnlyCollectionType = [System.Collections.ObjectModel.ReadOnlyCollection``1]
$genericReadOnlyCollection = $genericReadOnlyCollectionType.MakeGenericType($agentManagedComputerType)
$agentReadOnlyCollection = new-object $genericReadOnlyCollection.FullName @(,$agentList)
$administration.DeleteAgentManagedComputers($agentReadOnlyCollection)
$agentlist = Get-Content C:\temp\agentlist.txt foreach ($agent in $agentlist) {
Delete-SCOMAgent $agent }
and then run this from a powershell prompt with the command ./nameofthescript.ps1

Creating enhanced detection method via powershell

Hi folks,
im trying to automate the application creation process and so far I got a lot of usefull hints and tipps from technet forum etc.pp.
I would like to set an registry detection method via powershell.
Since I am not used to C# I found a nice approach translating a C# script into PS script.
http://social.technet.microsoft.com/Forums/de-DE/93bddee4-6aee-4641-b104-170968ad1549/automating-application-creation?prof=required
Unfortunately I can't get it to work... (same error as descriped in the link above "generic Error from the Put()-Function.") When I am using e.g. an MSI productcode as detection method in my script, I am able to create an application with
deploymenttype and detectionmethod.
Has anyone a solution for this problem ? Or was anyone able to set a registry detection via powershell ? Is it possible ?
Any help will be appreciated.

Any time I've seen a Put() error, the problem has been I've been missing a needed property.
If you are using Config Manager 2012 R2 (Not sure about previous versions), you can use the built in cmdlet Add-CMDeploymentType. This is the command I use. For a PS detection type, change ScriptType to Powershell and $Script will be your detection
script.
$param = @{ApplicationName=$Name
               DeploymentTypeName=$ScriptName
               InstallationProgram=$Install
               ScriptType="VBScript"
               ScriptContent=$Script
               InstallationBehaviorType="InstallForSystem"
               ContentLocation=$SourceLocation
               UninstallProgram = $Uninstall
               LogonRequirementType="WhetherOrNotUserLoggedOn"
               InstallationProgramVisibility="Hidden"
       Add-CMDeploymentType @param -ScriptInstaller -ManualSpecifyDeploymentType -DetectDeploymentTypeByCustomScript

Add routes remotely Via Powershell

Similar Messages

Maybe you are looking for