Problems signing Powershell Scripts

Similar Messages

• Signed Powershell Script

  Hello,
  I have trouble with self signed Powershell scripts.
  I've created a CodeSign Certificate from the internal CA in my Domain.
  After that I've used this Certificate to sign PS scripts.
  When I call these scripts in a running shell I get this message:
  Do you want to run software from this untrusted publisher?
  File z:\Applications\Scripts\HelloWorld.ps1 is published by CN=Administrator, CN=Users, DC=contoso, DC=com
  and is not trusted on your system. Only run scripts from trusted publishers.
  [V] Never run  [D] Do not run  [R] Run once  [A] Always run  [?] Help (default is "D")
  I've imported this certificate to the Trusted Root Store of the Server and the current User Account.
  So I can't explain why this is not working!
  Has anyone a hint for me?
  Thanks!

  Hi AbuNael,
  After you trust the file, the script can be run. The first time you run the script, if it's digitally signed but the publisher isn't trusted, you will be prompted to add the publisher among the trusted publishers, and you can choose
  the "Always run" option, the code signing certificate will be added to the "Trusted Publishers" in your certificate store, and you will no longer be prompted the next time you execute a script signed with that certificate.
  Refer to:
  How to Sign a PowerShell script 
  If there is anything else regarding this issue, please feel free to post back.
  Best Regards,
  Anna Wang
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact
  [email protected]

• Problems with PowerShell script

  Hi guys.
  Using this powershell scripts:
  http://gallery.technet.microsoft.com/office/Lync-Environment-Report-cbc6fb1a
  I have already a opened thread on MS TECHNET FORUM:
  http://social.technet.microsoft.com/Forums/office/en-US/a23ffdf8-fb10-4386-b21b-9f06cda84bdd/lync-environment-report-draw-pictures-in-visio?forum=lyncdeploy
  unable to solve the error for powershell script: New-LyncEnvDiagram.
  Is there any of you Power$hell Mai$ter$ able to understand why the script ain't working?
  with best regards,
  bostjanc

  Hi Bostjanc,
  Since we have no test enviroment, and this is difficult for us to debug the script.
  Maybe you can try to leave a comment to ask the author chris for helps:
  http://emptymessage.com/?p=149
  If you have any feedback on our support, please click here.
  Best Regards,
  Anna Wang
  TechNet Community Support

• Problem with powershell script

  Hello All
   I have the following Script that doesnt run, note that Im new at Ps and it is modified from another one seen in other post
  $Parameters = Import-Csv C:\Parameters.csv
  ForEach($Parameter in $Parameters)
  { $Server = ($Parameter.Server)
   $Port = ($Parameter.Port)
      If ( Test-Connection $Server -Count 1 -Quiet) {
          try {
              $null = New-Object System.Net.Sockets.TCPClient -ArgumentList $Server,$Port
              $props = @{
                  Server = $server
                  PortOpen = 'Yes'
          catch {
              $props = @{
                  Server = $Server
                  PortOpen = 'No'
      Else {
          $props = @{
              Server = $server
              PortOpen = 'Server did not respond to ping'
      New-Object PsObject -Property $props
  However when I try to run it in the Powershell ISE I get the following error.
  PS C:\Windows\system32> C:\PorVerification\PortVerification.Ps1
  Test-Connection : Cannot validate argument on parameter 'ComputerName'. The argument is null or empty. Supply an argument that is not null or empty and then try the command again.
  At C:\PorVerification\PortVerification.Ps1:9 char:25
  +     If ( Test-Connection <<<<  $Server -Count 1 -Quiet) {
      + CategoryInfo          : InvalidData: (:) [Test-Connection], ParameterBindingValidationException
      + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.TestConnectionCommand
  New-Object : Cannot validate argument on parameter 'Property'. The argument is null or empty. Supply an argument that is not null or empty and then try the command again.
  At C:\PorVerification\PortVerification.Ps1:35 char:34
  +     New-Object PsObject -Property <<<<  $props
      + CategoryInfo          : InvalidData: (:) [New-Object], ParameterBindingValidationException
      + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.NewObjectCommand
  Any Clue on what could it be? Im running this in Windows 7. Any help will be highly apretiated.

  This is because you're not getting any data for the $Server variable.
  This may be due to bad data in the CSV file, or misspelled header name (first row)
  You can add an if statement like:
  $Parameters = Import-Csv C:\Parameters.csv
  ForEach($Parameter in $Parameters)
  { $Server = ($Parameter.Server)
  $Port = ($Parameter.Port)
  if ($Server)
  If ( Test-Connection $Server -Count 1 -Quiet) {
  try {
  $null = New-Object System.Net.Sockets.TCPClient -ArgumentList $Server,$Port
  $props = @{
  Server = $server
  PortOpen = 'Yes'
  catch {
  $props = @{
  Server = $Server
  PortOpen = 'No'
  Else {
  $props = @{
  Server = $server
  PortOpen = 'Server did not respond to ping'
  New-Object PsObject -Property $props
  else {
  "No data received for '$Server'"
  So, the "if ($server)" line and its corresponding "else" will point out when you're not getting a value for $server.
  I would also add some error checking for the presence of the CSV file..
  Sam Boutros, Senior Consultant, Software Logic, KOP, PA http://superwidgets.wordpress.com (Please take a moment to Vote as Helpful and/or Mark as Answer, where applicable) _________________________________________________________________________________
  Powershell: Learn it before it's an emergency http://technet.microsoft.com/en-us/scriptcenter/powershell.aspx http://technet.microsoft.com/en-us/scriptcenter/dd793612.aspx

• Global Conditions - Powershell Script - Script is not signed (Error: 87D00327; Source: CCM)

  I failed to use any Powershell script in Global Conditions with error 87D00327. The script is signed and tested without problem. Setting execution policy doesn't change the result at all.
  Error message as below:
  In-line script returned error output: File C:\Windows\CCM\SystemTemp\e7001c04-3966-46a7-9622-26c36d9c45de.ps1 cannot
  be loaded. The file C:\Windows\CCM\SystemTemp\e7001c04-3966-46a7-9622-26c36d9c4
  5de.ps1 is not digitally signed. The script will not execute on the system. Ple
  ase see "get-help about_signing" for more details..
  At line:1 char:2
  + & <<<< 'C:\Windows\CCM\SystemTemp\e7001c04-3966-46a7-9622-26c36d9c45de.ps1'
  + CategoryInfo : NotSpecified: (:) [], PSSecurityException
  + FullyQualifiedErrorId : RuntimeException
  ScriptProvider 6/23/2014 1:45:06 PM 2516 (0x09D4)
  ScriptProvider::CreateInstanceEnumAsync - Script Execution Returned :1, Error Message:File C:\Windows\CCM\SystemTemp\e7001c04-3966-46a7-9622-26c36d9c45de.ps1 cannot
  be loaded. The file C:\Windows\CCM\SystemTemp\e7001c04-3966-46a7-9622-26c36d9c4
  5de.ps1 is not digitally signed. The script will not execute on the system. Ple
  ase see "get-help about_signing" for more details..
  At line:1 char:2
  + & <<<< 'C:\Windows\CCM\SystemTemp\e7001c04-3966-46a7-9622-26c36d9c45de.ps1'
  + CategoryInfo : NotSpecified: (:) [], PSSecurityException
  + FullyQualifiedErrorId : RuntimeException
  ScriptProvider 6/23/2014 1:45:06 PM 2516 (0x09D4)
  Failed in discovering instance.
  Script is not signed (Error: 87D00327; Source: CCM) ScriptProvider 6/23/2014 1:45:06 PM 2516 (0x09D4)
  Failed to do HandleExecQueryAsync().
  Script is not signed (Error: 87D00327; Source: CCM) ScriptProvider 6/23/2014 1:45:06 PM 2516 (0x09D4)
  Failed to process CScriptProvider::GExecQueryAsync.
  Script is not signed (Error: 87D00327; Source: CCM) ScriptProvider 6/23/2014 1:45:06 PM 2516 (0x09D4)
  I can't figure out a way to capture the temp script file mentioned in the error message so I can't verify the script locally.
  Any help will be appreciated.
  Sean
  Regards, Sean

  Hi, Sean.
  There was a product issue with signed PowerShell detection method scripts that has been fixed in R2 CU2. I just noticed it's not mentioned in the KB article for CU2. I'm not sure what happened here but I'll have somebody look into this.
  Anyway, there's a couple of caveats to consider regarding this fix in your scenario. Firstly if you're creating a PowerShell script detection method you must not copy/paste the script text -- you need to "Open" it. Secondly, if you have any previously created
  PowerShell script detection methods with signed scripts, you will need to re-add the detection script (again using "Open"). Finally, you must use an administrator console that's been updated to CU2 and a client that's been updated to CU2 for this fix to be
  effective.
  I hope this helps resolve the issue for you.
  Check out my Configuration Manager blog at http://aka.ms/ameltzer

• Problem with a package that calls powershell script

  The long story short: I'm trying to schedule a SSIS package, with SQL Server Agent, that runs a powershell script/command via a proxy account. The problem seems to be that proxy account didn't have the required permissions to run a .ps1 script, so I've
  changed the execution policy to "Unrestricted" of everything that could be changed (from ps command prompt):
  Scope ExecutionPolicy
  MachinePolicy Unrestricted
  UserPolicy Unrestricted
  Process Undefined
  CurrentUser Unrestricted
  LocalMachine Unrestricted
  So far, so good! But when I try to execute the SSIS package that calls the powershell script like this:
  powershell.exe -file D:\script.ps1 -FileName testme
  I get the error:
  AuthorizationManager check failed.
  + CategoryInfo : SecurityError: (:) [], ParentContainsErrorRecord
  Exception
  + FullyQualifiedErrorId : UnauthorizedAccess
  And when I try something more simple like:
  powershell.exe -Command &{Get-ExecutionPolicy}
  I get this:
  Get-ExecutionPolicy : Access denied At line:1 char:3
  + &{Get-ExecutionPolicy}
  + ~~~~~~~~~~~~~~~~~~~
  + CategoryInfo : NotSpecified: (:) [Get-ExecutionPolicy], Managem
  entException
  + FullyQualifiedErrorId : System.Management.ManagementException,Microsoft.
  PowerShell.Commands.GetExecutionPolicyCommand
  It's worth mentioning that I can call the regular cmdlets: dir; get-content, whoami, so powershell.exe is working fine! Anyone with an idea what's going on here?

  Check to make sure Windows Management Instrumentation service (WMI) is Enabled and running. If it’s disabled, try enabling it and starting it to see if that clears the error.
  If all else fails, go to the path noted in the error and delete the PowerShell profile file.
  Arthur
  MyBlog
  Twitter

• How to sign a powershell script to be used for distribution

  Hi,
  I am new to powershell so if I'm missing out on any detail, please let me know.
  We have some powershell scripts we send over to the clients to execute. Their powershell enviroment has execution policy set to 'remote signed'
  Now I have read multiple blogs for how to sign the powershell script to be used at different execution levels, but my understanding is signing is for my environment only.
  http://www.hanselman.com/blog/SigningPowerShellScripts.aspx
  http://blogs.technet.com/b/heyscriptingguy/archive/2010/06/17/hey-scripting-guy-how-can-i-sign-windows-powershell-scripts-with-an-enterprise-windows-pki-part-2-of-2.aspx
  I'm probably missing out on something obvious and I'll appreciate if someone can explain me how to sign my script so that client can use it in their environment with any execution level set.
  Thanks in advance!

  Here's a bit more information on the subject:
  http://technet.microsoft.com/en-us/library/hh847874.aspx
  http://msdn.microsoft.com/en-us/library/ms537361.aspx
  You can get code signing certificates from the major vendors.
  Don't retire TechNet! -
  (Don't give up yet - 13,085+ strong and growing)

• Signing a powershell script

  Hello,
  I am new to powershell so please be kind :) I have a .ps1 that I want to run on a Windows 2008 web server. It runs fine when I set execution policy to Unrestricted but I do not want to do that. I guess what I want to do is sign the .ps1 script with a cert.
  I have created a self signed cert that is used with a CDN. Can I use that cert? If so how do I sign the .ps1 script with that cert (is that the correct terminology)? I saw many a pages that describe using the makecert command but that is not found on my server.
   Isn't there any easier way to do this?
  Any help is appreciated. Thanks
  Joe

  I was hoping to not have to install a large package on my production web server just to get the commands to create the cert and sign the script. Thanks for the link, however we have a Windows 2008 server and that page is for 2012 server. I am able to create
  a self-signed cert in IIS but I am not sure how to sign a script with it. 
  Thanks.
  Joe

• Problem with signed tcl scripts

  Hi All,
  Im having some difficulties getting signed scripts to work on a router.
  Ive got openssl 0.9.8h installed on a FreeBSD 6.2 box, and following the documentation located below, word for word, I cant seem to get any scripts to run properly. The router just seems to continually fail to verify the digital signature.
  http://www.cisco.com/en/US/docs/ios/12_4t/netmgmt/configuration/guide/sign_tcl.html#wp1079441
  When trying to run a script I usually end up with the following error messages:
  Invalid Signature
  May 10 04:54:30.845: ../cert-c/source/p7spprt.c(614) : E_VERIFY_ASN_SIGNATURE : error verifying digital signature
  May 10 04:54:30.849: CRYPTO_PKI: status = 0x725(E_VERIFY_ASN_SIGNATURE : error verifying digital signature): pkcs7 verify data returned status
  May 10 04:54:30.849: CRYPTO_PKI: status = 0x725(E_VERIFY_ASN_SIGNATURE : error verifying digital signature): failed to verify
  May 10 04:54:30.849: CRYPTO_PKI: unlocked trustpoint scriptsigning, refcount is 0
  May 10 04:54:30.849: %SYS-6-SCRIPTING_TCL_INVALID_OR_MISSING_SIGNATURE: tcl signing validation failed on script signed with trustpoint name scriptsigning, cannot run the signed TCL script.
  But when I try signing the example script in the document mentioned above it seems to work fine:
  #tclsh flash:hello.tcl
  hello
  argc = 0
  argv =
  argv0 = flash:hello.tcl
  tcl_interactive = 0
  May 10 03:58:00.408: CRYPTO_PKI: self-signed cert within the pkcs7.
  May 10 03:58:00.408: CRYPTO_PKI: Added x509 peer certificate - (1073) bytes
  May 10 03:58:00.408: CRYPTO_PKI: chain received from the peer has been reduced to one already trusted cert
  May 10 03:58:00.408: CRYPTO_PKI: validation path has 0 certs
  May 10 03:58:00.408: CRYPTO_PKI: unable to get cert attributesfor AAA list authorization.
  May 10 03:58:00.408: CRYPTO_PKI: chain cert was anchored to trustpoint scriptsigning, and chain validation result was: CRYPTO_VALID_CERT
  May 10 03:58:00.412: CRYPTO_PKI: Success on PKCS7 verify!
  May 10 03:58:00.412: CRYPTO_PKI: unlocked trustpoint scriptsigning, refcount is 0
  In both cases I used the exact same private key and CA certificate to sign both scripts.
  Does anyone have any clues, tips, or pointers for doing this successfully?
  Cheers,
  Tom

  I found your problem. The ORIGINAL script ended in a blank line. Therefore, you need TWO lines before the signature. I took the pkcs7 file you sent, your latest cert, and then added the signature to a clean btest.tcl with a trailing newline. The result worked perfectly.
  I'm attaching the signed btest.tcl along with the exact same cert and pkcs7 file you sent (I'm not attaching the private key for obvious reasons, but it is the same).
  All I did was take your pkcs7 file and:
  xxd -ps btest_sig.tcl.pk7 > btest.hex
  (I added a newline to the top of btest.hex, added the signature header, and commented each subsequent line)
  cat btest.tcl btest.hex > btest_sig.tcl
  I loaded your cert into my router, then loaded the signed script:
  Loading btest_sig.tcl from 14.32.100.33 (via FastEthernet0/0): !
  [OK - 5618 bytes]
  Bandwidth is 8434.

• SCOM 2012 Maintenance Mode PowerShell Script Problems

  I've seen other questions about this topic before, but none of them seem to address my specific problem, so I am starting a new thread.
  I am writing a script to put a single server (not a group) into maintenance mode.   Here is the command that it ultimately tries to call:
   Start-SCOMMaintenanceMode-Instance$Instance-EndTime$EndTime-Reason$Reason-Comment$Comment     
  So an exmaple would look like this:
  Start-SCOMMaintenanceMode -Instance "$Instance -EndTime "02/03/2014 15:26:00" -Reason "PlannedOther" -Comment "Testing Maintenance Mode"
  When my script tries to run this command, this is the error message that I get:
  Start-SCOMMaintenanceMode : Start time must be before end time for maintenance mode.
  Parameter name: startTime
  At C:\users\x036036\Desktop\Start-SCOMMaintenanceModeForServer.ps1:143 char:21
  +                     Start-SCOMMaintenanceMode -Instance $Instance -EndTime $EndT ...
  + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      + CategoryInfo          : NotSpecified: (Microsoft.Syste...anceModeCommand:StartSCMaintenanceModeCommand) [Start-SCOMMaintenance
     Mode], ArgumentOutOfRangeException
      + FullyQualifiedErrorId : ExecutionError,Microsoft.SystemCenter.OperationsManagerV10.Commands.StartSCMaintenanceModeCommand
  I've tried to look at Start-SCOMMaintenanceMode help online, but I don't see that "startTime" is a parameter.  So what is this error message talking about?  What am I missing?  

  Thanks for your help.   I didn't see your response until just now, but I have been playing around with this all since my last response.   I got it to work.  I wish I could pinpoint what exactly I changed to get it to work, but I
  feel like I've been changing so much stuff that I'm not sure any more.
  Just in case anyone finds it useful, here is the code.
  [CmdletBinding(SupportsShouldProcess=$true)]
  param
  [Parameter(Mandatory=$True,
  ValueFromPipeline=$True,
  ValueFromPipelineByPropertyName=$True,
  HelpMessage='What is the server you want to put in Maintenance Mode?')]
  [Alias("Server")]
  [string[]]$ServerName,
  [Parameter(Mandatory=$True,
  ValueFromPipeline=$false,
  ValueFromPipelineByPropertyName=$True,
  HelpMessage='Specifies the time the maintenance will end. The minimum amount of time a resource can be in maintenance mode is 5 minutes. This is a required parameter. Format is 1/29/2014 8:59:26 AM')]
  [Datetime]$end,
  [Parameter(Mandatory=$False,
  ValueFromPipeline=$True,
  ValueFromPipelineByPropertyName=$True,
  HelpMessage='PlannedOther, UnplannedOther, PlannedHardwareMaintenance, UnplannedHardwareMaintenance, PlannedHardwareInstallation, UnplannedHardwareInstallation, PlannedOperatingSystemReconfiguration, UnplannedOperatingSystemReconfiguration, PlannedApplicationMaintenance, ApplicationInstallation, ApplicationUnresponsive, ApplicationUnstable, SecurityIssue, LossOfNetworkConnectivity')]
  [string]$Reason,
  [Parameter(Mandatory=$False,
  ValueFromPipeline=$True,
  ValueFromPipelineByPropertyName=$True,
  HelpMessage='Allows you to type a comment about the maintenance activity.')]
  [string]$Comment,
  [switch]$EventLog
  set-strictmode -version latest
  #$start=Get-Date
  #$currentlog = $start.ToString()
  Write-Verbose "Starting $($myinvocation.mycommand)"
  Write-Verbose "Ready to put ServerName $ServerName in Maintenance Mode"
  Function Start-SCOMMaintenanceModeForServer
  [CmdletBinding(SupportsShouldProcess=$true)]
  param
  [Parameter(Mandatory=$True,
  ValueFromPipeline=$True,
  ValueFromPipelineByPropertyName=$True,
  HelpMessage='What is the server you want to put in Maintenance Mode?')]
  [Alias("Server")]
  [string[]]$ServerName,
  [Parameter(Mandatory=$True,
  ValueFromPipeline=$false,
  ValueFromPipelineByPropertyName=$True,
  HelpMessage='Specifies the time the maintenance will end. The minimum amount of time a resource can be in maintenance mode is 5 minutes. This is a required parameter. Format is 1/29/2014 8:59:26 AM')]
  [Datetime]$end,
  [Parameter(Mandatory=$False,
  ValueFromPipeline=$True,
  ValueFromPipelineByPropertyName=$True,
  HelpMessage='PlannedOther, UnplannedOther, PlannedHardwareMaintenance, UnplannedHardwareMaintenance, PlannedHardwareInstallation, UnplannedHardwareInstallation, PlannedOperatingSystemReconfiguration, UnplannedOperatingSystemReconfiguration, PlannedApplicationMaintenance, ApplicationInstallation, ApplicationUnresponsive, ApplicationUnstable, SecurityIssue, LossOfNetworkConnectivity')]
  [string]$Reason,
  [Parameter(Mandatory=$False,
  ValueFromPipeline=$True,
  ValueFromPipelineByPropertyName=$True,
  HelpMessage='Allows you to type a comment about the maintenance activity.')]
  [string]$Comment,
  [switch]$EventLog
  Begin
  Write-Verbose "Starting Function Start-SCOMMaintenanceModeForServer"
  #Check for minumum Maintenance mode period of 5 mins.
  $start = Get-Date
  $5MinFromNowTime = $start.AddMinutes(5)
  #$end = [datetime]$end
  $end = $end.AddSeconds(5)
  if($end -lt $5MinFromNowTime)
  Write-Error "The time span for the maintenance mode should be at least 5 minutes." -ErrorAction Stop
  Write-Verbose "Following server will be put in Maintenance Mode: $ServerName"
  $MSs = Get-SCOMManagementServer
  } #End Begin
  Process
  Write-Verbose "Checking if server $ServerName is a Management Server"
  #Write-Verbose ($MSs | Select DisplayName)
  if(($MSs | Select DisplayName) -eq $ServerName)
  Write-Verbose "We don't want to put a Management Server in Maintenance Mode. Skipping"
  else
  Write-Verbose "Let's put server $ServerName in Maintenance Mode"
  $Instance = Get-SCOMClassInstance -Name $ServerName
  if ($PSCmdlet.ShouldProcess("Putting $ServerName in Maintenance Mode until $($end).") )
  Write-Verbose ("Start-SCOMMaintenanceMode -Instance " + $Instance + " -EndTime " + $end + " -Reason " + $Reason + " -Comment " + $Comment)
  Start-SCOMMaintenanceMode -Instance $Instance -end $end -Reason $Reason -Comment $Comment
  }#End of whatif
  }#End of else
  if ($PSBoundParameters['EventLog'])
  write-eventlog -LogName "Operations Manager" -Source "OpsMgr SDK Service" -EventID 999 -message "The following Objects are put into in Maintenance Mode until $($end) : $($ServerName)"
  }#End if
  } #End Process
  End
  Write-Verbose "Finished Function Start-SCOMMaintenanceModeForServer Function"
  #Main
  try
  if ($PSBoundParameters['EventLog'])
  write-eventlog -LogName "Operations Manager" -Source "OpsMgr SDK Service" -EventID 998 -message "The $($myinvocation.mycommand) is used to put Objects in Maintenance Mode"
  Write-Verbose "Checking if OperationsManager Module is loaded"
  #Check if OperationsManager Module is loaded.
  if(!(Get-Module OperationsManager))
  Write-Verbose "Importing OperationsManager Module"
  Import-Module OperationsManager -ErrorAction Stop
  Write-Verbose "Checking for OM2012 environment"
  #Check if OM2012 is being used.
  if(!(Get-Module OperationsManager).Description -eq "Operations Manager OperationsManagerV10 Module")
  Write-Error "This script is only for OM2012"
  #Call Function
  if ($PSBoundParameters['EventLog'])
  Start-SCOMMaintenanceModeForServer -ServerName $ServerName -end $end -Reason $Reason -Comment $Comment -EventLog
  else
  Start-SCOMMaintenanceModeForServer -ServerName $ServerName -end $end -Reason $Reason -Comment $Comment
  } #End Try
  catch [System.IO.FileNotFoundException]
  "OperationsManager Module not found"
  $_.Exception.Message
  catch
  Write-Warning "Oops something went wrong"
  $_.Exception.Message
  $end=Get-Date
  Write-Debug ("Total processing time {0}" -f ($end-$start).ToString())
  Write-Verbose "Ending $($myinvocation.mycommand)"
  There is one remaining problem with this script.   It does not correctly check to see if something is a management server. We have two management servers. These are the applicable lines, which I still haven't gotten to work yet. First, this retrieves
  the list of my Management servers:
  $MSs=Get-SCOMManagementServer     
  Next, these lines are supposed to check if the server I specified is a management server:
  if(($MSs | Select DisplayName) -eq $ServerName)
  Write-Verbose "We don't want to put a Management Server in Maintenance Mode. Skipping"
  Thanks to the Intellisense pop-up deal, I can see that $MSs does get my two management servers. And I can clearly see that there is a DisplayName column. And I can also see that the $ServerName does match what I put in my command line.   But it doesn't
  seem to catch them if they are actually equal to each other. I don't know if it's because there's two Management Servers, and it doesn't know how to compare like that? Any idea? Is there some sort of loop I need to write so that it compares is to the DisplayName
  for EACH Management Server it finds? Any help would be greatly appreciated.

• Using Echo Command in PowerShell Script for Configuration Item

  Hello All,
  Before you tell me to post my PowerShell question to the PowerShell Forum, please know that the PowerShell portion of my task works just fine. It is the SCCM portion of my task that keeps failing, so that is why I am here. To give some background...
  There are two servers in our SCCM test environment. Both the SCCM server and SQL DB server are 2012, patched and updated.
  Test servers in my Device Collection being used for running Baselines and Reports against are 2008R2 and 2012, patched and updated.
  I have created a Configuration Item that checks to see if the FTP Server Role Feature has been installed on a 2008 or 2012 server. To do the check, I am using the following PowerShell script:
  (get-windowsfeature -Name Web-Ftp-Server).Installed
  When I log into my 2008R2 and 2012 test servers, and run this command directly on the server, it will return a "True" if the FTP Server Role Feature is installed on either server, and a "False" if it is not installed. Basically,
  it works as advertised.
  When I setup my Configuration Item and then deploy my Baseline, or run a report against my device collection of test servers, SCCM will return a correct response (True or False) for the 2012 test server, but throws the following error for the 2008R2
  server:
  0x87df00329 application requirement evaluation or detection failed
  Google searches for this have not been very helpful.
  Now, when I created the Configuration Item and referenced PowerShell, the configuration screen has the following note:
  "Specify the script to find and return the value to be assessed for compliance on client devices. Use the echo command to return the script value to Configuration Manager."
  Since I did not include an echo command in my PowerShell script above, I figured that was my problem, so I did the following:
  Logging onto both of my test servers (2008R2 & 2012) I was able to successfully run the following PowerShell commands and get the expected responses of True or False:
  (get-windowsfeature -Name Web-Ftp-Server).Installed | echo
  (get-windowsfeature -Name Web-Ftp-Server).Installed | write-output (http://technet.microsoft.com/en-us/library/hh849921.aspx)
  (get-windowsfeature -Name Web-Ftp-Server).Installed | write-host (http://technet.microsoft.com/en-us/library/ee177031.aspx)
  However, when I use any of these PowerShell commands in my Configuration Item, NEITHER of my test servers returns a response to the SCCM server.
  When I check the report, both servers show as "Unknown" and when I click on the number 2 (as in 2 servers unknown), the following report page (List of unknown assets for a configuration baseline) has absolutely no data/information at all.
  So...I am at a loss.
  SCCM tells me to use an echo command to return a script value to Configuration Manager. The PowerShell scripts above, with the various echo related commands, work just fine on the servers themselves, but they return no information when run via SCCM.
  What am I missing?
  Any help will be appreciated.
  Thanks in advance for your time.

  Sorry for my ignorance, but I don't understand. (I forgot to mention that I am new at both PowerShell and SCCM.)
  After I change the PowerShell script to add the echo/write-output/write-host cmdlet, I open the ConFig Item and "Clear" the PowerShell script and then re-add it. When I do that, it correctly shows the change in the ConFig Item.
  Next I open the Baseline, then open the ConFig Item within the Baseline to make sure the change is reflected there as well, which it is.
  I then deploy the Baseline to my Device Collection. After that, I run a report against the Baseline and Device Collection and it returns the "Unknown" result.
  If I open the PowerShell script and remove the echo/write-output/write-host cmdlet, then go through the rest of the process of updating and reporting, the result it returns changes, showing one server in compliance and the other server out of compliance,
  which leads me to think that all changes have taken correctly.
  Does that sound right? If I manually deploy the Baseline, is that the same as the client retrieving policies from the management point?
  Sorry to be so thick but I'm learning as I go.
  Thanks again for your help.

• Trying to deploy a batch or powershell script unsuccessful

  I've deployed a .cmd file out that contains a WMI script to uninstall all instances of an application called "VirtViewer". The script looks like this:
  taskkill /F /IM remote-viewer.exe /T
  wmic product where "name like 'VirtViewer%%'" call uninstall /nointeractive
  exit /B %EXIT_CODE%
  Previously, I had used MSI product codes for the uninstall, and got the same result. My original problem, is that there are currently 9 different versions of this app out there, so i am ripping them all out and replacing with 1 version. Installing over an
  old version does not overwrite the older one, it instead installs a new instance.
  Reading through the execmgr.log on the client, everything looks as it should.
  The end result, is that nothing happens. I had originally set the program to run as hidden, but then changed it to normal but still do not see it run. The application is right where i left it, untouched. If i run the script locally it works fine, but not
  when deployed. Am i missing something??
  <![LOG[Service startup.]LOG]!><time="16:09:31.647+300" date="01-12-2015" component="execmgr" context="" type="1" thread="248" file="execmgr.cpp:135">
  <![LOG[A user has logged on.]LOG]!><time="16:09:43.507+300" date="01-12-2015" component="execmgr" context="" type="1" thread="4256" file="execreqmgr.cpp:4911">
  <![LOG[Requesting content from CAS for package VNT00018 version 21]LOG]!><time="16:11:13.649+300" date="01-12-2015" component="execmgr" context="" type="1" thread="124" file="contentaccesshelper.cpp:246">
  <![LOG[Policy arrived for parent package VNT00018 program Uninstall Script]LOG]!><time="16:11:13.649+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2528" file="execreqmgr.cpp:6893">
  <![LOG[Raising client SDK event for class CCM_Program, instance CCM_Program.PackageID="VNT00018",ProgramID="Uninstall Script", actionType 6l, value NULL, user NULL, session 4294967295l, level 0l, verbosity 30l]LOG]!><time="16:11:13.665+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2528" file="event.cpp:405">
  <![LOG[Successfully created a content request handle {B2BA42EE-5988-47F4-BF44-ADAAC975994B} for the package VNT00018 version 21]LOG]!><time="16:11:13.665+300" date="01-12-2015" component="execmgr" context="" type="1" thread="124" file="contentaccesshelper.cpp:331">
  <![LOG[Program Uninstall Script change to state STATE_ADVANCED_DOWNLOAD content available]LOG]!><time="16:11:13.665+300" date="01-12-2015" component="execmgr" context="" type="2" thread="124" file="executionrequest.cpp:3663">
  <![LOG[Execution Request for advert VNT20014 package VNT00018 program Uninstall Script state change from NotExist to AdvancedDownload]LOG]!><time="16:11:13.665+300" date="01-12-2015" component="execmgr" context="" type="1" thread="124" file="executionrequest.cpp:501">
  <![LOG[Raising client SDK event for class CCM_Program, instance CCM_Program.PackageID="VNT00018",ProgramID="Uninstall Script", actionType 1l, value , user NULL, session 4294967295l, level 0l, verbosity 30l]LOG]!><time="16:11:13.665+300" date="01-12-2015" component="execmgr" context="" type="1" thread="124" file="event.cpp:405">
  <![LOG[Raising event:
  [SMS_CodePage(437), SMS_LocaleID(1033)]
  instance of SoftDistProgramOfferReceivedEvent
  AdvertisementId = "VNT20014";
  ClientID = "GUID:E306FF26-C884-4E36-9C03-C19523A17F40";
  DateTime = "20150112211113.665000+000";
  MachineName = "VM-WIN7-MIKE";
  ProcessID = 1788;
  SiteCode = "VNT";
  ThreadID = 2528;
  ]LOG]!><time="16:11:13.665+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2528" file="event.cpp:715">
  <![LOG[Mandatory execution requested for program Uninstall Script and advertisement VNT20014]LOG]!><time="16:11:13.680+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2564" file="execreqmgr.cpp:3527">
  <![LOG[Creating mandatory request for advert VNT20014, program Uninstall Script, package VNT00018]LOG]!><time="16:11:13.680+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2564" file="execreqmgr.cpp:3653">
  <![LOG[An existing MTC token was not supplied, using ExecutionRequest's Id as MTC token and this execution request is the owner of resultant MTC task.]LOG]!><time="16:11:13.696+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2564" file="executionrequest.cpp:8942">
  <![LOG[Request a MTC task for execution request of package VNT00018, program Uninstall Script with request id: {D52026A7-5735-402B-868C-EF9791656512}]LOG]!><time="16:11:13.696+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2564" file="executionrequest.cpp:8966">
  <![LOG[Execution Request for advert VNT20014 package VNT00018 program Uninstall Script state change from WaitingDependency to Ready]LOG]!><time="16:11:13.712+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2564" file="executionrequest.cpp:501">
  <![LOG[MTC task with id {D52026A7-5735-402B-868C-EF9791656512}, changed state from 0 to 4]LOG]!><time="16:11:13.712+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2164" file="execreqmgr.cpp:6288">
  <![LOG[Raising client SDK event for class CCM_Program, instance CCM_Program.PackageID="VNT00018",ProgramID="Uninstall Script", actionType 1l, value , user NULL, session 4294967295l, level 0l, verbosity 30l]LOG]!><time="16:11:13.712+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2564" file="event.cpp:405">
  <![LOG[MTC signaled SWD execution request with program id: Uninstall Script, package id: VNT00018 for execution.]LOG]!><time="16:11:13.743+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2164" file="execreqmgr.cpp:6406">
  <![LOG[Sending ack to MTC for task with id: {D52026A7-5735-402B-868C-EF9791656512}]LOG]!><time="16:11:13.743+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2164" file="executionrequest.cpp:9005">
  <![LOG[Executing program VirtViewerUninstall.cmd in Admin context]LOG]!><time="16:11:13.743+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2164" file="executionrequest.cpp:3239">
  <![LOG[Execution Request for advert VNT20014 package VNT00018 program Uninstall Script state change from Ready to NotifyExecution]LOG]!><time="16:11:13.743+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2164" file="executionrequest.cpp:501">
  <![LOG[Raising client SDK event for class CCM_Program, instance CCM_Program.PackageID="VNT00018",ProgramID="Uninstall Script", actionType 1l, value , user NULL, session 4294967295l, level 0l, verbosity 30l]LOG]!><time="16:11:13.759+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2164" file="event.cpp:405">
  <![LOG[Checking content location C:\Windows\ccmcache\1c for use]LOG]!><time="16:11:13.774+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2164" file="executioncontext.cpp:1663">
  <![LOG[Successfully selected content location C:\Windows\ccmcache\1c]LOG]!><time="16:11:13.774+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2164" file="executioncontext.cpp:1719">
  <![LOG[Executing program as a script]LOG]!><time="16:11:13.774+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2164" file="executionengine.cpp:82">
  <![LOG[Successfully prepared command line "C:\Windows\ccmcache\1c\VirtViewerUninstall.cmd"]LOG]!><time="16:11:13.774+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2164" file="scriptexecution.cpp:650">
  <![LOG[Command line = "C:\Windows\ccmcache\1c\VirtViewerUninstall.cmd", Working Directory = C:\Windows\ccmcache\1c\]LOG]!><time="16:11:13.774+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2164" file="scriptexecution.cpp:352">
  <![LOG[Running "C:\Windows\ccmcache\1c\VirtViewerUninstall.cmd" with 32bitLauncher]LOG]!><time="16:11:13.774+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2164" file="scriptexecution.cpp:370">
  <![LOG[Created Process for the passed command line]LOG]!><time="16:11:13.852+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2164" file="scriptexecution.cpp:513">
  <![LOG[Raising event:
  [SMS_CodePage(437), SMS_LocaleID(1033)]
  instance of SoftDistProgramStartedEvent
  AdvertisementId = "VNT20014";
  ClientID = "GUID:E306FF26-C884-4E36-9C03-C19523A17F40";
  CommandLine = "\"C:\\Windows\\ccmcache\\1c\\VirtViewerUninstall.cmd\"";
  DateTime = "20150112211113.852000+000";
  MachineName = "VM-WIN7-MIKE";
  PackageName = "VNT00018";
  ProcessID = 1788;
  ProgramName = "Uninstall Script";
  SiteCode = "VNT";
  ThreadID = 2164;
  UserContext = "NT AUTHORITY\\SYSTEM";
  WorkingDirectory = "C:\\Windows\\ccmcache\\1c\\";
  ]LOG]!><time="16:11:13.852+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2164" file="event.cpp:715">
  <![LOG[Raised Program Started Event for Ad:VNT20014, Package:VNT00018, Program: Uninstall Script]LOG]!><time="16:11:13.852+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2164" file="executioncontext.cpp:459">
  <![LOG[Raising client SDK event for class CCM_Program, instance CCM_Program.PackageID="VNT00018",ProgramID="Uninstall Script", actionType 1l, value NULL, user NULL, session 4294967295l, level 0l, verbosity 30l]LOG]!><time="16:11:13.852+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2164" file="event.cpp:405">
  <![LOG[Raising client SDK event for class CCM_Program, instance CCM_Program.PackageID="VNT00018",ProgramID="Uninstall Script", actionType 1l, value , user NULL, session 4294967295l, level 0l, verbosity 30l]LOG]!><time="16:11:13.868+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2164" file="event.cpp:405">
  <![LOG[MTC task with id {D52026A7-5735-402B-868C-EF9791656512}, changed state from 4 to 5]LOG]!><time="16:11:13.884+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2164" file="execreqmgr.cpp:6288">
  <![LOG[Program exit code 0]LOG]!><time="16:11:17.571+300" date="01-12-2015" component="execmgr" context="" type="1" thread="4128" file="scriptexecution.cpp:676">
  <![LOG[Looking for MIF file to get program status]LOG]!><time="16:11:17.571+300" date="01-12-2015" component="execmgr" context="" type="1" thread="4128" file="executionstatus.cpp:282">
  <![LOG[Script for Package:VNT00018, Program: Uninstall Script succeeded with exit code 0]LOG]!><time="16:11:17.571+300" date="01-12-2015" component="execmgr" context="" type="1" thread="4128" file="executionstatus.cpp:262">
  <![LOG[Raising event:
  [SMS_CodePage(437), SMS_LocaleID(1033)]
  instance of SoftDistProgramCompletedSuccessfullyEvent
  AdvertisementId = "VNT20014";
  ClientID = "GUID:E306FF26-C884-4E36-9C03-C19523A17F40";
  DateTime = "20150112211117.571000+000";
  MachineName = "VM-WIN7-MIKE";
  PackageName = "VNT00018";
  ProcessID = 1788;
  ProgramName = "Uninstall Script";
  SiteCode = "VNT";
  ThreadID = 4128;
  UserContext = "NT AUTHORITY\\SYSTEM";
  ]LOG]!><time="16:11:17.587+300" date="01-12-2015" component="execmgr" context="" type="1" thread="4128" file="event.cpp:715">
  <![LOG[Raised Program Success Event for Ad:VNT20014, Package:VNT00018, Program: Uninstall Script]LOG]!><time="16:11:17.587+300" date="01-12-2015" component="execmgr" context="" type="1" thread="4128" file="executioncontext.cpp:483">
  <![LOG[Execution is complete for program Uninstall Script. The exit code is 0, the execution status is Success]LOG]!><time="16:11:17.587+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2564" file="execreqmgr.cpp:4165">
  <![LOG[Raising client SDK event for class CCM_Program, instance CCM_Program.PackageID="VNT00018",ProgramID="Uninstall Script", actionType 10l, value Result:TRUE ,SDKCallerId:, user NULL, session 4294967295l, level 0l, verbosity 30l]LOG]!><time="16:11:17.602+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2564" file="event.cpp:405">
  <![LOG[Requesting MTC to delete task with id: {D52026A7-5735-402B-868C-EF9791656512}]LOG]!><time="16:11:17.618+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2564" file="executionrequest.cpp:9036">
  <![LOG[MTC task with id: {D52026A7-5735-402B-868C-EF9791656512} deleted successfully.]LOG]!><time="16:11:17.618+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2564" file="executionrequest.cpp:9065">
  <![LOG[Raising client SDK event for class CCM_Program, instance CCM_Program.PackageID="VNT00018",ProgramID="Uninstall Script", actionType 1l, value , user NULL, session 4294967295l, level 0l, verbosity 30l]LOG]!><time="16:11:17.618+300" date="01-12-2015" component="execmgr" context="" type="1" thread="2564" file="event.cpp:405">

  I just tried using powershell to accomplish the same task, and got the same result. Script ran fine, but nothing resulted. 0 errors in the execmgr.log on the client.
  Program options:
  Command Line: Powershell.exe -executionpolicy Bypass -file .\VirtUninstall.ps1
  the powershell script looks like this:
  $app = Get-WmiObject -Class Win32_Product | Where-Object {$_.Name -match "VirtViewer*"}
  $app.Uninstall()
  exit /B
  Again, the script runs great when launched locally, but not wehen deployed

• An unknown error occurred while executing the PowerShell script:

  Hello all,
  Not the most descriptive title, granted. I'm hoping this may prompt the next version toprovide additional valuable content.
  Kindly requesting any help on this problem. I'm running VMM 2012 R2 version 3.2.7668
  When I try to look at properties of an existing Private Cloud, I get this error, only if I "look" at certain attributes. If I stay away from the specific attributes, everything is hunky dory. For reasons unknown, after I get this error, I have
  to exit and go back into VMM in order to get anything else to run.
  The text in the error dialogue box is not entirely applicable because I was connected to the VMM server and will connect again, when I exit/relaunch.
  An unknown error occurred while executing the PowerShell script:
  The connection to the VMM management server scvmm2.mmmmmm.com was lost.
  Ensure that scvmm2.mmmmmm.com is online and that you can access the server remotely from your computer. Then connect to scvmm2.mmmmmm.com and try the command again using the new connection. Or, you can ensure that the Virtual Machine Manager service is started
  on scvmm2.mmmmmm.com. Then connect to scvmm2.mmmmmm.com and try the command again using the new connection. If the command fails again because of a connection failure, restart the Virtual Manager service and then try the operation again.
  Try the operation again. If the issue persists, contact Microsoft Help and Support.
  ID: 27235
  This is what I get in Events
  Warning 4/9/2015 3:27:04 PM PowerShell (Microsoft-Windows-PowerShell) 4100 Executing Pipeline
  Log Name:      Microsoft-Windows-PowerShell/Operational
  Source:        Microsoft-Windows-PowerShell
  Date:          4/9/2015 3:27:04 PM
  Event ID:      4100
  Task Category: Executing Pipeline
  Level:         Warning
  Keywords:      None
  User:          mmmmmm\paufra
  Computer:      tools-francis.mmmmmm.com
  Description:
  Error Message = The connection to the VMM management server scvmm2.mmmmmm.com was lost. (Error ID: 1610)
  Ensure that scvmm2.mmmmmm.com is online and that you can access the server remotely from your computer. Then connect to scvmm2.mmmmmm.com and try the command again using the new connection. Or, you can ensure that the Virtual Machine Manager service is started
  on scvmm2.mmmmmm.com. Then connect to scvmm2.mmmmmm.com and try the command again using the new connection. If the command fails again because of a connection failure, restart the Virtual Manager service and then try the operation again.
  Fully Qualified Error ID = 1610,Microsoft.SystemCenter.VirtualMachineManager.Cmdlets.GetSCReplicationGroupCmdlet
  Recommended Action = Ensure that scvmm2.mmmmmm.com is online and that you can access the server remotely from your computer. Then connect to scvmm2.mmmmmm.com and try the command again using the new connection. Or, you can ensure that the Virtual Machine Manager
  service is started on scvmm2.mmmmmm.com. Then connect to scvmm2.mmmmmm.com and try the command again using the new connection. If the command fails again because of a connection failure, restart the Virtual Manager service and then try the operation again.
  Context:
          Severity = Warning
          Host Name = Default Host
          Host Version = 4.0
          Host ID = 94963cd4-5979-4786-9da2-c8814de8c7c3
          Host Application = C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\Bin\VmmAdminUI.exe
          Engine Version = 4.0
          Runspace ID = 359d7a46-3752-4929-8c09-0de4152d10e4
          Pipeline ID = 16
          Command Name = Get-SCReplicationGroup
          Command Type = Cmdlet
          Script Name =
          Command Path =
          Sequence Number = 91
          User = mmmmmm\paufra
          Shell ID = Microsoft.PowerShell
  User Data:
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
      <Provider Name="Microsoft-Windows-PowerShell" Guid="{A0C1853B-5C40-4B15-8766-3CF1C58F985A}" />
      <EventID>4100</EventID>
      <Version>1</Version>
      <Level>3</Level>
      <Task>106</Task>
      <Opcode>19</Opcode>
      <Keywords>0x0</Keywords>
      <TimeCreated SystemTime="2015-04-09T22:27:04.993655700Z" />
      <EventRecordID>285</EventRecordID>
      <Correlation ActivityID="{48059811-1A63-41E1-9057-7498D0E4FC20}" />
      <Execution ProcessID="2344" ThreadID="4076" />
      <Channel>Microsoft-Windows-PowerShell/Operational</Channel>
      <Computer>tools-francis.mmmmmm.com</Computer>
      <Security UserID="S-1-5-21-4008432563-1984933819-4238309236-2721" />
    </System>
    <EventData>
      <Data Name="ContextInfo">        Severity = Warning
          Host Name = Default Host
          Host Version = 4.0
          Host ID = 94963cd4-5979-4786-9da2-c8814de8c7c3
          Host Application = C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\Bin\VmmAdminUI.exe
          Engine Version = 4.0
          Runspace ID = 359d7a46-3752-4929-8c09-0de4152d10e4
          Pipeline ID = 16
          Command Name = Get-SCReplicationGroup
          Command Type = Cmdlet
          Script Name =
          Command Path =
          Sequence Number = 91
          User = mmmmmm\paufra
          Shell ID = Microsoft.PowerShell
  </Data>
      <Data Name="UserData">
      </Data>
      <Data Name="Payload">Error Message = The connection to the VMM management server scvmm2.mmmmmm.com was lost. (Error ID: 1610)
  Ensure that scvmm2.mmmmmm.com is online and that you can access the server remotely from your computer. Then connect to scvmm2.mmmmmm.com and try the command again using the new connection. Or, you can ensure that the Virtual Machine Manager service is started
  on scvmm2.mmmmmm.com. Then connect to scvmm2.mmmmmm.com and try the command again using the new connection. If the command fails again because of a connection failure, restart the Virtual Manager service and then try the operation again.
  Fully Qualified Error ID = 1610,Microsoft.SystemCenter.VirtualMachineManager.Cmdlets.GetSCReplicationGroupCmdlet
  Recommended Action = Ensure that scvmm2.mmmmmm.com is online and that you can access the server remotely from your computer. Then connect to scvmm2.mmmmmm.com and try the command again using the new connection. Or, you can ensure that the Virtual Machine Manager
  service is started on scvmm2.mmmmmm.com. Then connect to scvmm2.mmmmmm.com and try the command again using the new connection. If the command fails again because of a connection failure, restart the Virtual Manager service and then try the operation again.
  </Data>
    </EventData>
  </Event>

  Hi Sir,
  First , please try to run the VMM configuration analyzer on that computer :
  http://www.microsoft.com/en-us/download/details.aspx?id=41555
  In addition , please try to use "VMMTrace" mentioned in following article to collect trace log and find some useful information :
  http://blogs.technet.com/b/jonjor/archive/2011/01/07/vmmtrace-simplified-scvmm-tracing.aspx
  Best Regards,
  Elton Ji
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] .

• Need some help in building a PowerShell Script

  I am in the process of setting up continuous self-auditing on a set of computers that are on a Domain. My company has a restriction on use of USB devices as well as CDs/DVDs. The domain pushes patches but we have been seeing some users that are using (or
  trying to) the network without becoming a part of the domain. My aim is to run a PowerShell script periodically (say, hourly) on each computer on the domain and dump certain parameters to XML / XHTML and then load these onto a web-server that can display the
  results in a (sort of) dashboard to flag anomalies like unauthorised USB use etc.
  I know there must be some commercial products for this but the boss says "No" to a purchase. 
  Am I on the right track or do I need to change my approach? Also, is there a starting scirpt available somewhere so that I can study it for techniques? My major problem is the display part. I am able to dump it into XML and (sort of ) format it but how do
  I collate the data and display it as a web-page is what is bothering me. Help would be deeply appreciated.

  @JRV:
  Users don't have to be domain administrators
  to be able to install software. Local admin is more than enough. ie: I am no admin in the domain of my customer but am allowed to install software
  Although I agree with you, in the sense it would be easier to restrict the users, it doesn't mean that a company has to do it that way; and it certainly doesn't represent the intelligence of an individual. 
  @SarabRSingh:
  What you are asking for is a lot of work, to get the script right (considering the special demands, ie. AV update checking is different depending on the SW) and it might require a lot of resources on the client.
  From what you describe, you want to prevent any USB/Optical Media use. You should consider Group Policies to manage that. http://technet.microsoft.com/en-us/library/bb742376.aspx
  The only part I would script (based on my work environment) is the checking of AV updates (gets tricky because our SW has a hard time forcing the user to update when connected by VPN).
  user log in / out --> group policy: logon/off script writing appending timestamp to a file
  has he/she used any USB device --> if you want to block it: GPO, if you only want to track it: powershell
  Get-WmiObject Win32_USBControllerDevice
  has any new application / software been installed: restrict installation completely with user permissions or: http://social.technet.microsoft.com/Forums/en-US/f4dc8ab9-370b-423e-b65d-1fa46fa9bcc4/powershell-script-to-remotely-audit-computers-on-lan?forum=ITCG
  was the AV: no idea on what you are using (maybe: http://serverfault.com/questions/129611/how-to-detect-when-antivirus-is-out-of-date-with-powershell
  OS updated: WSUS http://technet.microsoft.com/en-us/library/cc708519(v=ws.10).aspx
  If you found this post helpful, please "Vote as Helpful". If it answered your question, remember to "Mark as Answer"
  MCC & PowerShell enthusiast
  http://oliver.lipkau.net/blog

• Disable Static IP in Windows 8.1 and Windows 7 or Powershell Script to get network "connected to" value

  Hi,
  I´m in a situation where I need to disable static IP option on all Domain machines (workstations). I have found many different forum topics about that but nothing is suitable for me. Let me describe a situation:
  * In our environment every computer have specific IP configured in DHCP (specific MAC = specific IP). Machines Must be configured DHCP enabled!
  * In our environment all developers are local admins in their computers. This can´t be changed as we are IT corporation and this is our policy.
  * As every IP have specific rights in Firewall to access different places then some IT guys are quite smart to change their IP to static IP that have more access then they should have.
  This last thing is my main problem! We have working PKI and NPS in both WLAN and LAN so only domain and certified computers can have access to our local network. My mission is to prevent local admins to change IP addressess by themselves but I can´t find
  a good solution for doing that. I have tought about Powershell script that is published by SCCM or GPO to all workstations and script idea is to find network card that is "connected to" our "domain.com" network. If this is true then automatically
  DHCP will be enabled for that interface (Set-NetIPInterface -Dhcp Enabled). I know that here is an open window for some moment when script will be ran again or GPO policy will be refreshed but it´s better then nothing. In this script I have one problem - I
  can´t find a solution about how to find network interface that is connected to our "domain.com"? It seems that there is no easy way to do that. 
  Is there any other and better solution to accomplished this situation. Any good ideas will be appreciated.
  Best Regards,
  Taavi

  Hi,
  the real answer is the one you don't want to hear: don't make your users local admninistrators.
  Local administrators will always be able to get araound any security measurement you put in place. For gpo's for example, they can identify the involved registry key, configure it to their desired value and
  remove privileges for everyone but themselves to write the key. Upcoming 'gpupdate' will not be able to write the values...
  For your script, I would recommend to just configure all adapters to dhcp on the client computers. After all the location detection depends on the network Location Awareness service. If your users disable that one (an rermove the appropriate privileges from
  registry ;) ) your script would again be useless.
  That being said, as you post to the security forums my answer is focussed on the security off your solution. if you need assistance in creating this script, I would advice to post back in the Scripting guys forums (and leave out the why as you will otherwise
  agin be pointed on the flawed security ;) )
  I think get-connectionprofile might already be helpull on 8.1
  MCP/MCSA/MCTS/MCITP