Problem: The task image is corrupt or has been tampered with.

Opening Task Scheduler you receive this error:

Task [taskname]: The task image is corrupt or has been tampered with.

there is a workaround on http://support.microsoft.com/kb/2305420/en-us to follow for solve the problem:

Step 1: Locate the corrupted task references in the registry and in Task Scheduler
Step 2: Create a temporary copy of the corrupted task file
Step 3: Clean up the corrupted task
Step 4: Re-create the task by using the temporary backed-up copy

More details are on http://support.microsoft.com/kb/2305420/en-us

Posted in Computers and Internet | Tagged | Leave a comment

How to Backup AD forest with Powershell

Inside a disaster recovery plan for our AD a wrote a script that lunch the winbackup on each DCs:

Param(
  [string]$DomainController,
  [String]$BackupPath
      )

#read-host -assecurestring | convertfrom-securestring | out-file ADTest_securestring.txt
$username = "backupserviceaccount@myad.test"
$password = cat D:\scripts\ADTest_Backup\ADTest_securestring.txt | convertto-securestring
$testCred = new-object -typename System.Management.Automation.PSCredential -argumentlist $username, $password
      
Function Adbackup($BackupPath){
      
    Import-Module servermanager
    #Check if Windows feature is installed- if not attempts to install Windows backup and tools features
    $FeatureStatus=(Get-WindowsFeature backup).Installed
    If($FeatureStatus -eq $False){
        Add-windowsfeature backup -OutVariable results
        Add-WindowsFeature backup-tools
        #Confirm sucessful feature installation
        foreach($result in $results){
            If($result.success){
                Write-Host "Windows Backup and tools installed successfully on $env:Computername" -ForegroundColor "Green" }
            Else{ Write-Host "Windows Backup and tools installation failed on $env:Computername" -ForegroundColor "Red"}
        }
    }
        #Add powershell Windows Backup snap in into PowerShell environment 
    add-pssnapin windows.serverbackup -ea silentlycontinue
    
    #Create a new policy backup 
    $policy = New-WBPolicy 
    #Add system state into the policy 
    #Add-WBSystemState -Policy $policy 
    Add-WBBareMetalRecovery -Policy $policy
    #Declare backup location based on folder name 
    #$backupLocation = New-WBBackupTarget -network $BackupPath -credential $cred  
    $backupLocation = New-WBBackupTarget -VolumePath $BackupPath
    #Add backup location into the policy 
    Add-WBBackupTarget -Policy $policy -Target $backupLocation -force
    
    #Start the Backup
    Start-WBBackup -Policy $policy
}

#list of servers to query
$servers = (Get-ADForest -Server myad.test -Credential $testCred).Domains | %{ Get-ADDomainController -Credential $testCred -Filter * -Server $_ }  | select-object -expand Name

#query the servers in the list
foreach ($server in $servers){
      $DomainController = $server
      Write-Host "Preparing backup of $DomainController...." -ForegroundColor Green
      invoke-command -Credential $testCred -ComputerName $domaincontroller -ScriptBlock ${Function:Adbackup} -ArgumentList $backupPath
}

First store the password of the account you will use for backup (in my case “backupserviceaccount@myad.test”) with this command:

read-host -assecurestring | convertfrom-securestring | out-file ADTest_securestring.txt

Then configure the script changing:

‘$username = “backupserviceaccount@myad.test“‘ with the account to use for backup

‘$password = cat D:\scripts\ADTest_Backup\ADTest_securestring.txt‘ with the path where you store the encrypted password for backup account

‘$servers = (Get-ADForest -Server myad.test -Credential $testCred).Domains’ with the AD forest DNS name (in my case myad.test)

Then schedule this script on you management server with the same user you used for encrypt backup account password.

Note: winrm is necessary and well configured on all DCs for running this script.


For check the backup status on each DCs, here you find a script that publish a report on sharepoint or send an email:

#read-host-assecurestring |convertfrom-securestring | out-file ADTest_securestring.txt
$username = "backupserviceaccount@myad.test"
$password = cat D:\scripts\ADTest_Backup\ADTest_securestring.txt | convertto-securestring
$testCred = new-object-typename System.Management.Automation.PSCredential -argumentlist $username, $password

#mail settings
$from = "mgmserver@myad.test"
$to = "me@myad.test"
$emailsubject = "Backup Status - myad.test"
$mailbody = ""

function Publish-File {
	param (
		[parameter( Mandatory = $true, HelpMessage="URL pointing to aSharePoint document library (omit the '/forms/default.aspx' portion)." )]
		[System.Uri]$Url,
		[parameter( Mandatory = $true,ValueFromPipeline = $true, HelpMessage="One or more files to publish. Use 'dir' to produce correct object type." )]
		[System.IO.FileInfo[]]$FileName,
		[system.Management.Automation.PSCredential]$Credential
	)
	$wc = new-object System.Net.WebClient
	if ( $Credential ) { $wc.Credentials = $Credential }
	else { $wc.UseDefaultCredentials = $true }
	$FileName |ForEach-Object {
		$DestUrl = "{0}{1}{2}"-f $Url.ToString().TrimEnd("/"), "/", $_.Name
		Write-Verbose "$( get-date-f s ): Uploading file: $_"
		$wc.UploadFile( $DestUrl , "PUT", $_.FullName )
		Write-Verbose "$( get-date -f s ): Upload completed"
	}
	
}

$a = "<style>"
$a = $a + "BODY{background-color:white;}"
$a = $a + "TABLE{border-width: 1px;border-style: solid;border-color: black;border-collapse: collapse;}"
$a = $a + "TH{border-width: 1px;padding: 5px;border-style: solid;border-color: lightgray;background-color:white}"
$a = $a + "TD{border-width: 1px;padding: 5px;border-style: solid;border-color: lightgray;background-color:white}"
$a = $a + "</style>"

$dateRun = get-date

#list of servers to query
 $servers = (Get-ADForest -Server myad.test -Credential $testCred).Domains | %{ Get-ADDomainController -Credential $testCred -Filter * -Server $_ }  | select-object -expand Name
 $report = @()

#query the servers in the list
foreach ($server in $servers){
    $props=@{
        ComputerName=$server
        LastBackupTime=$null
        LastBackupResultDetailedHR=$null
        IsAlive=$false
    }

    if($result=Invoke-Command -Credential $testCred -computername $server -ScriptBlock {add-pssnapin windows.serverbackup; get-wbsummary} -Ea 0){
        $props.LastBackupTime=$result.LastBackupTime
        $props.LastBackupResultDetailedHR=$result.LastBackupResultDetailedHR
        $props.IsAlive=$true
    }
    $report += New-Object PsObject -Property $props
}

#send the email
#Send-MailMessage -From $from -To $to -Subject $emailsubject -SmtpServer "smtp.kiongroup.net" -Body $report

#Sharepoint publication
$b = $report | Sort-Object ComputerName
$outfile = $b | ConvertTo-HTML -head $a -body "<H2>$emailsubject</H2><P>This page was generated by a Script at $dateRun</P>" -PreContent " " -PostContent " "
$outfile | Out-File D:\scripts\ADTest_Backup\WorkingFolder\Test_Environment_Backup.html
Dir D:\scripts\ADTest_Backup\WorkingFolder\Test_Environment_Backup.html | Publish-File -Url "https://teams01.myad.test/ced/000001/AD Wiki/Pages/"

The configuration is quite identical of backup script:

Configure the ‘#Mail Setting” at the beginning of script

Configure the AD forest DNS name in ‘$servers = (Get-ADForest -Server myad.test -Credential $testCred).Domains’

Configure the temporary path and sharepoint URL at the end of script.

Posted in Computers and Internet | Tagged , , , | Leave a comment

How to create a subfolder for each file and move the file into it

This is the Windows shell command for do it:

FOR %i IN (*.*) DO (IF NOT EXIST "%~ni" MD "%~ni") & (MOVE "%i" "%~ni")
Posted in Computers and Internet | Tagged , | Leave a comment

How to enable/disable Remote Desktop via Command Line

Some days ago I had the need to work via RDP on a workstation with “Remote Desktop” disabled.

The quickest way is to use psexec and run this command on remote workstation:

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f

To disable again the “Remote Desktop”:

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 1 /f

Keep in mind that reboot or logoff is not necessary :-)

Posted in Computers and Internet | Tagged , , | Leave a comment

How to check Windows Local Groups from command line

To check/manage your client/server local groups, an old command line tool still surviving.

If you want to check the member of “Administrators” group on your workstation:

net localgroup administrators

This command work also for AD groups… just add “/domain”

Posted in Computers and Internet | Tagged , | Leave a comment

How to install CRS (Carta Regionale dei Servizi) on FEDORA

This is the “translated” post you find here , for Fedora.

Install opensc:

yum install opensc

My smart card (Alcor Micro AU9520) work fine with pcsc-lite-ccid.

Then configure Firefox to use smart card reader. On Firefox Preferences/Advanced click on Security Devices and load this lib:

/usr/lib64/opensc-pkcs11.so

Enjoy e-gov.

Posted in Computers and Internet | Tagged , | Leave a comment

How to Burn DVDs with Brasero on Fedora

On Fedora the /tmp folder is mounted on tmpfs and quoted to 2Gb.

By default Brasero use /tmp for store temporary CD/DVD images.
The correct folder for that is: /var/tmp

Bracero_tmp

Posted in Computers and Internet | Tagged | Leave a comment