ConfigMgr Client TCP Port Tester

This is a little tool I created for testing the required TCP ports on SCCM client systems. It will check that the required inbound ports are open and that the client can communicate to its management point, distribution point and software update point on the required ports. It also includes a custom port checker for testing any inbound or outbound port.

The default ports are taken from the Microsoft documentation, but these can be edited in the case that non-default ports are being used, or additional ports need to be tested.

The tool does not currently test UDP ports.

Requirements

  • Windows 8.1 + / Windows Server 2012 R2 +
  • PowerShell 5
  • .Net Framework 4.6.2 minimum

Download

Download from the Technet Gallery.

Usage

To use the tool, extract the ZIP file, right-click the ‘ConfigMgr Client TCP Port Tester.ps1′ and run with PowerShell.

Checking Inbound Ports

Select Local Ports in the drop-down box and click GO to test the required inbound ports.

Checking Outbound Ports

Select the destination in the drop-down box (ie management point, distribution point, software update point).

Enter the destination server name if not populated by the defaults and click GO. The tool will test ICMP connectivity first, then port connectivity.

Custom Port Checking

To test a custom port, select Custom Port Test from the drop-down box. Enter the port number, direction (ie Inbound or Outbound) and destination (Outbound only). Click Add to add the test to the grid. You can add several tests. Click GO.

Adding Default Servers

You can pre-populate server names by editing the Defaults.xml file found in the defaults directory. For example, to add a default management point:

<ConfigMgr_Port_Tester>
  <ServerDefaults>
    <ManagementPoint>
      <Value>SCCMMP01</Value>
    </ManagementPoint>

Editing / Adding Default Ports

You can also edit, add or remove the default ports in the Defaults.xml file. For example, to add port 5985 in the default local port list:

<PortDefaults>
  <LocalPorts>
    <Port Name="80" Purpose="HTTP Communication"/>
    <Port Name="443" Purpose="HTTPS Communication"/>
    <Port Name="445" Purpose="SMB"/>
    <Port Name="135" Purpose="Remote Assistance / Remote Desktop"/>
    <Port Name="2701" Purpose="Remote Control"/>
    <Port Name="3389" Purpose="Remote Assistance / Remote Desktop"/>
    <Port Name="5985" Purpose="WinRM"/>
  </LocalPorts>

Source Code

Source code can be found in my GitHub repo.

New Tool: Delivery Optimization Monitor

Delivery Optimization Monitor is a tool for viewing Delivery Optimization data on the local or a remote PC.

It is based on the built-in Delivery Optimization UI in Windows 10 but allows you to view data graphically from remote computers as well.

The tool uses the Delivery Optimization PowerShell cmdlets built in to Windows 10 to retrieve and display DO data, including stats and charts for the current month, performance snapshot data and data on any current DO jobs.

Requirements

  • A supported version of Windows 10 (1703 onward)
  • PowerShell 5 minimum
  • .Net Framework 4.6.2 minimum
  • PS Remoting enabled to view data from remote computers.

This WPF tool is coded in Xaml and PowerShell and uses the MahApps.Metro and LiveCharts open source libraries.

Download

Download the tool from the Technet Gallery.

Use

To use the tool, extract the ZIP file, right-click the Delivery Optimization Monitor.ps1 and run with PowerShell.

To run against the local machine, you must run the tool elevated. To do so, create a shortcut to the ps1 file. Edit the properties of the shortcut and change the target to read:

PowerShell.exe -ExecutionPolicy Bypass -File “<pathtoPS1file>”

Right-click the shortcut and run as administrator, or edit the shortcut properties (under Advanced) to run as administrator.

For completeness, you can also change the icon of the shortcut to the icon file included in the bin directory.

Delivery Optimization Statistics

There are 3 tabs – the first displays DO data for the current month together with charts for download and upload statistics.

The second tab displays PerfSnap data and the third displays any current DO jobs.

Shout Out

Shout out to Kevin Rahetilahy over at dev4sys.com for blogging about LiveCharts in PowerShell.

Source Code

Source code can be found on GitHub.

New Tool: ConfigMgr Client Notification

Today I whipped-up a very simple tool for ConfigMgr admins and support staff. It allows you to send client notifications (using the so-called fast channel), such as downloading the computer policy, collecting hardware inventory, checking compliance etc, to remote computers from your local workstation independently of the ConfigMgr console.

CNT

The tool connects to your ConfigMgr site server using a Cimsession and PSSession, so you need WsMan operational in your environment. You simply provide some computer name/s in the text box, enter your site server name, select which client notification you want to send and click GO. The tool will get the online status of the clients from the SMS Provider to give you an indication of which systems will receive the client notification. Then it will trigger the client notification on online systems from the site server.

The tool is coded in PowerShell / Xaml and uses the MahApps Metro libraries for WPF styling.

Download

Download the tool from here.

Installation

I decided not to package the tool this time but just to release the files as they are, so if you need to tweak something for it to work in your environment, such as a non-default WsMan port, you can do that. Download and extract the zip file, right-click the ‘ConfigMgr Client Notification Tool.ps1’ and run with PowerShell.

Requirements

– Dot Net 4.6.2 minimum

  • PowerShell 5 minimum

  • WSMan remote access to the ConfigMgr Site server on the default port

  • Appropriate RBAC permissions for performing client operations

  • A version of ConfigMgr that supports the client notifications

Feel free to leave any feedback.

Create a Custom Splash Screen for a Windows 10 In-Place Upgrade

A while back I wrote a blog with some scripts that can be used to improve the user experience in a Windows 10 in-place upgrade. The solution included a simple splash screen that runs at the beginning of the upgrade to block the screen to the user and discourage interaction with the computer during the online phase of the upgrade. Since then, I made some improvements to the screen and styled it to look more like the built-in Windows update experience in Windows 10. Using this splash screen not only discourages computer interaction during the upgrade, but also creates a consistent user experience throughout the upgrade process, for a user-initiated upgrade.

The updated screen contains an array of text sentences that you can customise as you wish. Here is an example of what it could look like:

The splash screen is not completely foolproof in that it is still possible to use certain key combinations, like ctrl-alt-del and alt-tab etc, but the mouse cursor is hidden and mouse buttons will do nothing. The intention is simply to discourage the user from using the computer during the online phase. If the computer is locked, it will display the splash screen again when unlocked. If you wish to block user interaction completely, you might consider a more hardcore approach like this or this.

To use the splash screen, download all the files in my GitHub repository here (including the bin directory). Create a standard package in ConfigMgr containing the files (no program needed) and distribute. Then add a Run PowerShell Script step in the beginning of your in-place upgrade task sequence that looks like the following (reference the package you created):

ts

Once the splash screen has been displayed, the task sequence will move on to the next step – the screen will not block the task sequence.

How does it work?

The Invoke-PSScriptAsUser.ps1 simple calls the Show-OSUpgradeBackground.ps1 and runs it in the context of the currently logged-on user so that the splash screen will be visible to the user (task sequences run in SYSTEM context so this is necessary).

The Show-OSUpgradeBackground.ps1 determines your active screens, creates a runspace for each that calls PowerShell.exe and runs the Create-FullScreenBackground.ps1 for each screen.

The Create-FullScreenBackground.ps1  does the main work of displaying the splash screen. It will hide the task bar, hide the mouse cursor and display a full screen window in the Windows 10 update style. I’ve used the excellent MahApps toolkit to create the progress ring. The text displayed in the screen can be defined by placing short sentences in the $TextArray variable. The dispatcher timer will cycle through each of the these every 10 seconds (or whatever value you set) ending with a final sentence “Windows 10 Upgrade in Progress” which will stay on the screen until the computer is restarted into the next phase of the upgrade.

You can test the splash screen before deploying it simply by running the Show-OSUpgradeBackground.ps1 script.

Remember to deselect the option Show task sequence progress in the task sequence deployment to avoid having the task sequence UI show up on top of the window.

Find Windows 10 Upgrade Blockers with PowerShell

This morning I saw a cool post from Gary Blok about automatically capturing hard blockers in a Windows 10 In-Place Upgrade task sequence. It inspired me to look a bit further at that, and I came up with the following PowerShell code which will search all the compatibility xml files created by Windows 10 setup and look for any hard blockers. These will then be reported either in the console, or you can write them to file where you can copy them to a central location together with your SetupDiag files, or you could stamp the info to the registry or a task sequence variable as Gary describes in his blog post. You could also simply run the script against an online remote computer using Invoke-Command.

The script is not the one-liner that Gary likes, so to use in a task sequence you’ll need to wrap it in a package and call it.

The console output looks like this:

HardBlock

You should remove the FileAge property if using it in a task sequence as that’s a real-time value and is a quick indicator of when the blocker was reported.

If you use my solution here for improving the user experience in an IPU, you could also report this info to the end user by adding a script using my New-WPFMessageBox function, something like this…


$Stack = New-Object System.Windows.Controls.StackPanel
$Stack.Orientation = "Vertical"

$TextBox = New-Object System.Windows.Controls.TextBox
$TextBox.BorderThickness = 0
$TextBox.Margin = 5
$TextBox.FontSize = 14
$TextBox.FontWeight = "Bold"
$TextBox.Text = "The following hard blocks were found that prevent Windows 10 from upgrading:"

$Stack.AddChild($TextBox)

Foreach ($Blocker in $Blockers)
{
    $TextBox = New-Object System.Windows.Controls.TextBox
    $TextBox.BorderThickness = 0
    $TextBox.Margin = 5
    $TextBox.FontSize = 14
    $TextBox.Foreground = "Blue"
    $TextBox.Text = "$($Blocker.Title): $($Blocker.Message)"
    $Stack.AddChild($TextBox)
}

$TextBox = New-Object System.Windows.Controls.TextBox
$TextBox.BorderThickness = 0
$TextBox.Margin = 5
$TextBox.FontSize = 14
$TextBox.Text = "Please contact the Helpdesk for assistance with this issue."

$Stack.AddChild($TextBox)

New-WPFMessageBox -Title "Windows 10 Upgrade Hard Block" -Content $Stack -TitleBackground Red -TitleTextForeground White -TitleFontSize 18

…which creates a message box like this:

wpf

Thanks to Gary and Keith Garner for the inspiration here!

Create Interactive Charts with WPF and PowerShell

So I’m not a big Twitter fan, but I do admit – as an IT professional you can find a lot of useful and pertinent information there. One example was this morning when I happened to notice a tweet from Microsoft about their opensource projects on Github. After a quick perusal, I happened across an interesting project called Interactive Data Display for WPF. According to its description:

Interactive Data Display for WPF is a set of controls for adding interactive visualization of dynamic data to your application. It allows to create line graphs, bubble charts, heat maps and other complex 2D plots which are very common in scientific software. Interactive Data Display for WPF integrates well with Bing Maps control to show data on a geographic map in latitude/longitude coordinates. The controls can also be operated programmatically.

There are some nice-looking chart examples there such as:

sinline

markers

barchart (1)

Since there are no native charting controls in WPF this was of interest, so I fired up my PowerShell ISE and tried to get this working.

I created the following simple example using a bar chart. You can change the X or Y values then click Plot to update the chart.

Chart

The nice thing with this control is that it’s interactive – you can scroll the mouse wheel to zoom in and out, as well as move the axis left and right, and double-click to re-center.

barchartinteractive

Here’s the POSH code for the example:

There are a number of dependency libraries that the script will download for you, or you can also install them via the NuGet gallery as indicated in the project’s readme.

This is just a quick demo, but it’s a pretty cool control!

Create a Custom Toast Notification with WPF and PowerShell

In this quick post I will demonstrate a custom toast notification created using WPF and PowerShell. This is not the built-in Windows 10 toast notification created using the [Windows.UI.Notifications] namespace (check out the excellent BurntToast module for that), but simply to demonstrate how to create something similar in code that would also work in older operating systems like Windows 7, and that is completely customisable without any predefined style templates.

toast

To add an image I recommend to convert the image to a base64 string. This means you can include the image in the script and distribute it without having to include any additional files. To create a base64 string from an image file, use the following code, then use Out-File to save the $Base64 variable to a text file. You can then copy and paste the content of the text file into the $Base64 variable in the notification script.


$File = "C:\Users\tjones\Pictures\smsagent.png"
$Image = [System.Drawing.Image]::FromFile($File)
$MemoryStream = New-Object System.IO.MemoryStream
$Image.Save($MemoryStream, $Image.RawFormat)
[System.Byte[]]$Bytes = $MemoryStream.ToArray()
$Base64 = [System.Convert]::ToBase64String($Bytes)
$Image.Dispose()
$MemoryStream.Dispose() 

You can customise a few parameters such as height and width, image size and text content at the top of the script.  In the example, I have set the property ‘IsHitTestVisible’ to $False on the textboxes so that you can click anywhere on the notification to open the webpage, but the beauty here is you can customise this as you like:

  • perform whatever action you want or none at all
  • add your own custom content to the notification, including any WPF element
  • change the animation style

There are a couple of limitations:

  • I haven’t added support for touch devices, ie swipe to dismiss
  • The notification won’t move to the Action Center in Windows 10 on expiry

Here’s the code: