Get Installed Software Remotely

Much like my 80 year old Grandmother, there is a problem I regularly run into. Fortunately in my case it doesn’t involve a car and a garage door. It’s quickly getting a list of software from a remote computer. Also in my case, running into this issue for the third time didn’t result in my driver license being revoked. But, just like my Grandmother, I thought it wise to change my approach nonetheless 🙂

Throughout my career there are times when I want to get a list of software from a computer, or number of computers. This could be due to an audit, or pure curiosity as to what that awful piece of software one of my colleagues was using. (“Rhianna’s Music Quiz”… Nice one Mitch). As always, I’m following best practice and using a non administrative account so want to also use alternative credentials when querying the remote computer.

At first glance, the best approach here I’ve determined is WMI. On initial investigation the Win32_Product class seems like the perfect fit, running it locally I get a list of software, and it seems to give me a number of useful variables. Unfortunately, it takes a long time to run.. well 30 seconds, and that’s an age for us impatient Gen Y’s. Running it remotely this can blow out to minutes. So if you want to run a command like this across multiple computers… You’ll be waiting a while, and I’ve got important things to do! (like sending my mates a Snapchat of me as a Lemur). Apparently, the issue has something to do with the Win32_Product query performing a validation on all of your software, it get’s quite technical, a zoned out reading the reasons, drooled a bit and moved on.

So enter the registry. If you query HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall you can see all of your installed software there. However, only the 64bit software. The 32bit software is buried under the Wow6432Node of the registry, and most of the subkeys have lovely GUID’s so it’s quite the job working through that manually. But, after figuring out the logic and putting a script together, it would run in seconds. A win!

The best way to query the registry in my opinion, is to use WMI as you can then specify alternate credentials. If you are on the edge of your seat reading this then treat yourself to an earlier blog covering off just this thing. It’s bloody good I tell ya…

Anyway, after some coffee, some script munging, and a lot of trial and error, I produced the below script. It will accept a ComputerName and Credentials parameters then return all 32 and 64bit software from the remote box. It also includes the UninstallString so you can easily uninstall remote software, I’ll cover that off in another post, so you can actually get rid of that annoying software from your colleagues computer…

And here is an example of it in action!

 

 

 

Get Unique Permissions on a shared Folder

I was assisting a wise bearded, bespectacled, beer brewing, bugger the other day (lets call him Burko) with a common IT problem of identifying unique permissions on a shared folder. Much like Burko himself, the folder appeared to be in a dodgy state, most likely due to cancel being clicked when permissions were being propagated, because it takes so long. If it takes longer than 2 minutes, it’s just not worth doing, pretty sure I saw that on a motivational poster somewhere.

Given the ridiculous amount of sub-folders from years of uncontrolled sprawl, I was tempted to have Burko do it all manually just to test his sanity. But being the top guy I am, I got stuck into a bit of PowerShell to better manage the process more accurately. That and I couldn’t help myself.

So without further ado (did you know that comes from Shakespeare, man I am so cultured!), here it is!

An example of this running is as follows:

Hopefully this is of use to someone!

Questions, comments, abuse are always welcome. Don’t ask about beer brewing though, I’ve been asking for years to no avail.

Setting Proxy settings in Powershell and .Net Windows Applications

There is a problem I have come across a number of times in my career that frustrates me. But I’m no closer to getting a full time barrista on tap to serve me coffee any time I need it. FML as the kids say..

There is also another problem, thats maybe more in line with my blogs so I suppose I should write about that instead!

A forward web proxy server, is a common piece of technology in most organizations where I’ve worked. It’s how we control the minions to ensure they only access the content on the internet we deem acceptable, monitor where they are going and how long they can browse a website etc.. Dance my puppets, muhahaha. I’m not going to argue the pros and cons of proxy servers, but needless to say they are prett standard.

What does bug me, is when business applications come along that say sorry our software doesn’t work through a proxy server… Oh nice one, you never though an application used by businesses may have a proxy server in the mix. Winner… Anyway, I’ve come across sites where there are holes open in the firewall for all manor of websites/ip address ranges etc. because its too hard and the easy out is to just poke a hole in the firewall and say “have at it!” Sure it’s a quick win, and gets you back on to more important things, like what the minions are browsing today. But it doesn’t cut the mustard for me (thats an odd saying, where on earth does that come from…quick google… nothing concrete.. oh well back to blog). Unbeknownst to a number of people, and even the “developers” that write these random third party desktop applications. There is a way to work with the proxy server in some scenarios using application settings.

This process has worked for me approximately 75% of the time, essentially it tells the application to use the proxy settings specified by the user. i.e. what has been configured in IE. I’ve tested it with IP, basic, and NTLM authentaction succesfully.

How to make windows desktop applications work with a proxy server

  • If it’s a modernish windows application. We can assume it has been built on the .NET Framework.
  • If you can search the internet using Internet Explorer via the proxy (that is, it has proxy settings specified somehwere), then thats another tick
  • Navigate to the program files directory. e.g. c:\program files (x86)\CrapVendor\CrapApp
  • Look for the executable (e.g. crapapp.exe)
  • An application settings file will typically have the same name as the executable but end in .config (e.g. crappapp.exe.config)
  • If one exists, great edit it
  • If one does not exist, then create a new file with that name (crapapp.exe.config)
  • Add the below settings

  • If the file already exists, then you may only need to add the defaultproxy line, just ensure its in the system.net tags
  • Save the file, and fingers crossed it now works
  • Job Done! Grab a coffee.

Cannot Cancel Meetings as the Organizer in Outlook

MFCMAPI - simple, self explanatory interface yeah?
MFCMAPI – simple, self explanatory interface yeah?

A strange issue was bought to my attention the other day where a user could not cancel a meeting they had created.

Looking in Outlook, they were listed as the organizer, yet when right clicking in Outlook the “Cancel Meeting” option was not present, only Delete. After ruling out PIBCAK, I dug a little deeper.

A search of google aluded to ActiveSync being the most likely cause of this issue. As we are running an IOS fleet using the native mail app which is ‘unsupported’ in Microsoft’s eyes. Then this may be where the problem lies. The user recently got married and changed her name, how inconsiderate of her not to think about the impact it caused me! It’s all about me you know 🙂 Anyway, to hedge my bets, the mail profile was recreated on their iDevices, an now to deal with the problematic calendar appointments.

No clear solution was online, but things were aluding to using MFCMAPI to get surgical under the hood on the users mail profile, so I rolled up my sleeves and got stuck in.

An hour later, after getting side tracked several times by stuff much more interesting than using the MFCMAPI tool (basically anything, yes even the Kardashiyans.) I found the field in particular causing an issue, made a change, and BOOM, the user can cancel all those problematic meetings to her hearts content. A win!

So.. Enough of the background.. Here is how it was done. Usual disclaimers apply #YMMV

First up grab the MFCMAPI tool from codeplex http://mfcmapi.codeplex.com/. This is a really useful tool for drilling into the details of a users mailbox, great way to mess things up too! If you’ve not used the tool before you are in for a treat, saying the layout is not userfriendly is an understatement..

So you’ve downloaded, run the exe and vomited at the shear complexity of it, give yourself a high five and perform the rest:

Oh.. Run the tool from the users computer as it needs to access their outlook profile…

  1. Close Outlook if it’s open (precaution)
  2. Click Session–>Logon
  3. Select the specific mail profile and click OK
  4. Double Click on the users Mailbox
  5. Expand Root –> Top of Information Store
  6. Double Click Calendar
  7. If you’ve got hear you’ve done well.
  8. In the top window find the dodgy meeting in question. I find sorting by the subject column useful
  9. Once found single clicl on it to highlight it
  10. In the windows below, sort by column “Named prop name”
  11. Look for id: 0x8217… (obvious yeah??)
  12. Double click this field
    If this unsigned decimal value is 3 it indicates the user is a recipient of the meeting. If it’s a 1 it indicates they are the meeting Organizer. Chances are if you have this problem its a 3, hence the wierd and wonderful bug
  13. Set this to 1 and click OK
  14. Close MFCMAPI
  15. Open Outlook and check out the problematic meeting
  16. The Cancel Meeting button should return!
  17. Job done, you are a hero

Hopefully this post is of some help to any poor soul whose stumbled across this part of the internet.

Kicking the Hedgehog – A case for Automation

Hi there, this is my first of hopefully many blogs. I thought I’d start things off talking about hedgehogs and automation, too things that go hand in hand right?? Don’t worry it will all make sense.

When trying to sell the value of automation in a business one of the key problems I say it can overcome is dealing with complacency. When you have a long, repetitive, mind numbing task to do, after performing it time and time again there is the temptation to cut corners to complete it faster. Because, let’s face it, there are other priorities you would rather focus on. Over time, this may mean skipping out essential steps just to get it over with sooner, you become complacent. This can be when bad things happen!

Time for my anecdote :).

Every night at our house I will the rubbish out to our outside bins. It’s just a short five meter walk outside, through a gate, no big deal. It’s normally dark so my process is:

  1. Find shoes
  2. Put on shoes
  3. Get rubbish
  4. go outside
  5. open gate
  6. put rubbish in bin
Exhibit A: The evil hedgehog
Exhibit A: The evil hedgehog

A simple  six step procedure right?, well, after performing this over and over, I started getting complacent. I stopped putting on shoes, as this task would take up most of my time (I have two little kids who like to hide daddy’s shoes!). Awesome!, it’s now a four step process, that’s a great return on investment. So I carried on doing this for a few weeks, until one night…

One rather mild night, I was taking the rubbish through the gate as I do every night, without shoes on,  when all of a sudden I kick something… Initially all I hear is the sound of something skimming down my driveway at pace because I hit it pretty hard. After a few seconds, the pain sets in. Sure enough, I’ve just punted a hedgehog down my driveway! The poor little thing was kind enough to leave half a dozen quills sticking out of my feet.

So, as you can see, complacency can cause bad things to happen. Now, if this procedure was automated, (which would probably require some sort of trash robot) you know it would get it right every time, because computers do exactly what you program them to do, there is no risk of complacency.

In a business environment, the risk of not following business processes correctly can be a lot worse than punting a small mammal. For important repetitive tasks within a business, automation (such as PowerShell Workflows / Azure Automation etc..) can make a big difference to ensure consistent accurate results every time.