As mentioned earlier in this chapter, it is critical that maintenance tasks be carried out regularly and consistently. Traditionally, the bane of consistency has been human interaction. People get distracted. People get interrupted . Scripting basic maintenance tasks is an excellent way to ensure that the maintenance procedures are followed in exactly the same way each and every time. These scripts can be as simple as a batch file that clears out a temp directory: C: Cd temp Del *.* /s /y Or the scripts can be as complex as a Visual Basic script that parses a text file to create mail enabled contacts regularly: [View full width] Set RootDSE = GetObject("LDAP://RootDSE") DomainName = RootDSE.Get("RootDomainNamingContext") Set oConnection = CreateObject("ADODB.Connection") oConnection.Provider = "ADsDSOObject" oConnection. Open "DS Query" Set oCommand = CreateObject("ADODB.Command") Set oCommand.ActiveConnection = oConnection oCommand.Properties("searchscope") = 2 Set objContainer = GetObject("LDAP://OU=Contacts," + DomainName) 'Set objContainer = GetObject("LDAP://OU=Scripts,OU=Test," + DomainName) Set FSO = CreateObject("Scripting.FileSystemObject") Set ContactList = FSO.OpenTextFile("Contacts.csv",1,False) on error resume next Do While NOT ContactList.AtEndOfStream Line = ContactList.ReadLine Data = Split(Line,",") ' LastName = Data(0) ' FirstName = Data(1) ' DisplayName = Data(2) ' LogonName = Data(3) DisplayName = Data(1) LogonName = Data(2) EMail = Data(3) oCommand.CommandText = "Select ADsPath,cn From 'LDAP://" & DomainName & "' Where DisplayName='" + DisplayName + "'" Set rs = oCommand.Execute If rs.EOF Then wscript.echo DisplayName Set oContact = objContainer.Create("contact", "CN=" & LogonName) oContact.DisplayName = DisplayName oContact.SetInfo Set oRecip = oContact oRecip.MailEnable EMail oRecip.Mail = Right(EMail, Len(EMail) - 5) oRecip.SetInfo Set oContact = Nothing Set oRecip = Nothing Line = Null Data = Null LastName = Null FirstName = Null DisplayName = Null LogonName = Null If Err.Number <> 0 Then wscript.echo vbTab + "Error occured" Err.Clear Else wscript.echo vbTab + "Contact created" End If End If Set rs = Nothing Loop ContactList.Close Set ContactList = Nothing Set FSO = Nothing Set RootDSE = Nothing Taking Advantage of Command Line InterfacesOne of the great things about Windows 2003 is that almost anything that can be done from a graphical user interface can also be done from the command line. This drastically simplifies the automation of maintenance tasks. Rather than manually deleting a group of users at the end of the week based on a hire/fire list, you can automate this process. You can write a script using a simple Net User command: "Net User username /DELETE" . That's the same as opening Computer Management, highlighting the user, and pressing Delete. You don't even have to be an experienced scripter to take advantage of command-line tricks. Take your list of users you want to delete and import them into Microsoft Excel. Add a cell to the left of the usernames. In the first cell type Net User . Copy that value down through the last username. Now add a cell to the right or the usernames and type /delete . Copy that down as well. You will notice that the format looks similar to Net User username /DELETE . Now export it back into a test file. Call it "deleteusers.bat". Run the batch file to bulk delete the names of several user accounts. If you want to back up the WINS database each week as part of your maintenance, you could open the MMC, add the WINS snap-in, and highlight your server. Then choose Action, Backup Database, select a directory, and click OK. Or you could have a prebuilt script using a quick Net Stop wins command. Type xcopy wins.mdb to move a copy of the WINS database to a location of your choice. Then follow up the process with a Net Start "wins" and run the whole process with a single command. Better yet, you can schedule the task to run weekly and never have to touch it. You can even have it e-mail you to let you know that it ran successfully. Leverage the command-line version of common tools to automate and schedule tasks that don't require human interaction. Now don't go crazy and schedule a defragmentation of your Exchange databases each week and trust that the services will be running when you get in on Monday. Something that important requires human interaction to react to any problems that arise. But simple batch tasks like importing users from a foreign mail system nightly or resetting passwords for test users on your training systems could easily be scripted and scheduled by taking advantage of command-line interfaces to common GUI tools. Customizing the MMC ViewOne way to speed and simplify maintenance tasks is to create a customized MMC view that contains the interfaces for the subsystems that you will access for your tasks. If you are in charge of checking DHCP scope availability and WINS integrity, you can create an MMC view with just those snap-ins. This makes it very easy to complete your tasks as you can simply go from the top down and go from task to task. This will help you save time and effort. Ensuring Consistency with ChecklistsThis chapter has covered a large number of recommended maintenance tasks. It has also talked about strategies to take the human factor out of the equation in order to ensure consistent maintenance practices. Creating checklists is absolutely vital to ensuring that tasks are completed regularly. A checklist should exist for each and every server in your environment. This checklist should be located next to the server and it should be regularly audited by someone other than the person doing the maintenance. By having an easy-to-follow list of tasks with a signoff you can ensure that tasks are being completed. If problems arise the checklist can be critical to determining exactly what was done to a system, when it was done, and by whom.
|