VMware Cloud Community
vin01
Expert
Expert
‎06-11-2018 02:19 AM

Not Writing invoke output

I am trying to fetch the patch,AV and application service status using invoke cmdlet. Its failing to write the output.

If I try to get McAfee and Service status its displaying the output but for the third script which is failing to write output($hotfixinfo).

If I log in to the VM manually and execute it I can get the output.

$script = @' 
if([IntPtr]::Size -eq 8){
    $text = Get-ItemProperty -Path "HKLM:\SOFTWARE\WOW6432Node\Network Associates\ePolicy Orchestrator\Agent\" -ErrorAction SilentlyContinue |
        %{"$($_.AgentGUID)"}
}
elseif([IntPtr]::Size -eq 4){
    $text = Get-ItemProperty -Path "HKLM:\SOFTWARE\Network Associates\ePolicy Orchestrator\Agent\" -ErrorAction SilentlyContinue |
        %{"$($_.AgentGUID)"}
}
if(-not $text){
    $text = Get-Service -Name "McAfee Framework Service" -ErrorAction SilentlyContinue | %{"$($_.Name) is $($_.Status)"}
    if(-not $text){
        $text = Get-Service -Name wuauserv | Select -First 1 |
            %{"$($_.Name) is $($_.Status)"}
    }
}
$cbout = Get-Service -Name "CarbonBlack" -ErrorAction SilentlyContinue | Select -first 1 | %{"$($_.Name) is $($_.Status)"} 
if(-not $cbout){ 
    $cbout = Get-Service -Name wuauserv | Select -first 1 | %{"$($_.Name) is $($_.Status)"} 
}
$hotfixinfo=@()
[reflection.assembly]::LoadWithPartialName("System.Version")
$os = Get-WmiObject -class Win32_OperatingSystem
$osName = $os.Caption
$s = "%systemroot%\system32\drivers\srv.sys"
$v = [System.Environment]::ExpandEnvironmentVariables($s)
If (Test-Path "$v")
    {
    Try
        {
        $versionInfo = (Get-Item $v).VersionInfo
        $versionString = "$($versionInfo.FileMajorPart).$($versionInfo.FileMinorPart).$($versionInfo.FileBuildPart).$($versionInfo.FilePrivatePart)"
        $fileVersion = New-Object System.Version($versionString)
        }
    Catch
        {
       $hotfixinfo+= "Unable to retrieve file version info, please verify vulnerability state manually."
        Return
        }
    }
Else
    {
   $hotfixinfo+= "Srv.sys does not exist, please verify vulnerability state manually."
    Return
    }
if ($osName.Contains("Vista") -or ($osName.Contains("2008") -and -not $osName.Contains("R2")))
    {
    if ($versionString.Split('.')[3][0] -eq "1")
        {
        $currentOS = "$osName GDR"
        $expectedVersion = New-Object System.Version("6.0.6002.19743")
        } 
    elseif ($versionString.Split('.')[3][0] -eq "2")
        {
        $currentOS = "$osName LDR"
        $expectedVersion = New-Object System.Version("6.0.6002.24067")
        }
    else
        {
        $currentOS = "$osName"
        $expectedVersion = New-Object System.Version("9.9.9999.99999")
        }
    }
elseif ($osName.Contains("Windows 7") -or ($osName.Contains("2008 R2")))
    {
    $currentOS = "$osName LDR"
    $expectedVersion = New-Object System.Version("6.1.7601.23689")
    }
elseif ($osName.Contains("Windows 8.1") -or $osName.Contains("2012 R2"))
    {
    $currentOS = "$osName LDR"
    $expectedVersion = New-Object System.Version("6.3.9600.18604")
    }
elseif ($osName.Contains("Windows 8") -or $osName.Contains("2012"))
    {
    $currentOS = "$osName LDR"
    $expectedVersion = New-Object System.Version("6.2.9200.22099")
    }
elseif ($osName.Contains("Windows 10"))
    {
    if ($os.BuildNumber -eq "10240")
        {
        $currentOS = "$osName TH1"
        $expectedVersion = New-Object System.Version("10.0.10240.17319")
        }
    elseif ($os.BuildNumber -eq "10586")
        {
        $currentOS = "$osName TH2"
        $expectedVersion = New-Object System.Version("10.0.10586.839")
        }
    elseif ($os.BuildNumber -eq "14393")
        {
        $currentOS = "$($osName) RS1"
        $expectedVersion = New-Object System.Version("10.0.14393.953")
        }
    elseif ($os.BuildNumber -eq "15063")
        {
        $currentOS = "$osName RS2"
   $hotfixinfo+="No need to Patch. RS2 is released as patched. "
        return
        }
    }
elseif ($osName.Contains("2016"))
    {
    $currentOS = "$osName"
    $expectedVersion = New-Object System.Version("10.0.14393.953")
    }
elseif ($osName.Contains("Windows XP"))
    {
    $currentOS = "$osName"
    $expectedVersion = New-Object System.Version("5.1.2600.7208")
    }
elseif ($osName.Contains("Server 2003"))
    {
    $currentOS = "$osName"
    $expectedVersion = New-Object System.Version("5.2.3790.6021")
    }
else
    {
   $hotfixinfo+="Unable to determine OS applicability, please verify vulnerability state manually."
    $currentOS = "$osName"
    $expectedVersion = New-Object System.Version("9.9.9999.99999")
    }
#Write-Host "`n`nCurrent OS: $currentOS (Build Number $($os.BuildNumber))" -ForegroundColor Cyan
#Write-Host "`nExpected Version of srv.sys: $($expectedVersion.ToString())" -ForegroundColor Cyan
#Write-Host "`nActual Version of srv.sys: $($fileVersion.ToString())" -ForegroundColor Cyan
If ($($fileVersion.CompareTo($expectedVersion)) -lt 0)
    {
    $hotfixinfo+= "`n`n"
    $hotfixinfo+= "System is NOT Patched" 
    }
Else
    {
    $hotfixinfo+= "`n`n"
    $hotfixinfo+= "System is Patched"
    }
$outputarray=@()
$outputarray+=$hotfixinfo
$outputarray+=$cbout 
$outputarray+=$text
$outputarray -join ';'
'@
 $obj = foreach($vm in (Get-VM |  Where-Object {$_.PowerState -eq "Poweredon" -and $_.ExtensionData.Config.GuestFullName -like "*Microsoft*"})) {
 $out1 = Invoke-VMScript -VM $vm.Name -GuestUser "administrator" -GuestPassword "" -ScriptText $script -ScriptType Powershell -ErrorAction Stop | Select -ExpandProperty ScriptOutput 
    
 New-Object PSObject -Property (
    [ordered]@{
        Name   = $vm.Name
        OS     = $vm.Guest.OSFullName
        IP     = ($vm.Guest.IPAddress | Where {($_.Split(".")).length -eq 4}) -join (",")
        Cluster=$vm.VMHost.Parent.Name
        RP     = $vm.ResourcePool.Name
        Out1   = $out1
  })
} 
$obj 
#|Export-Csv -Path 'C:\My Data\CSV Output\report.csv' -NoTypeInformation -NoClobber
Regards Vineeth.K
0 Kudos
8 Replies
LucD
Leadership
Leadership
‎06-11-2018 05:31 AM

Are you sure you are not hitting one of the return statements?

Perhaps try adding a different value on each return (e,g,return 6), that way you should be able to get an idea where the script exits.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

0 Kudos
vin01
Expert
Expert
‎06-11-2018 06:31 AM

When I try to execute this inside the guest os(manually). I can see the output but its not writing while using (Invoke-VMScript -VM $vm.Name -GuestUser "administrator" -GuestPassword "" -ScriptText $script -ScriptType Powershell -ErrorAction Stop | Select -ExpandProperty ScriptOutput)

if([IntPtr]::Size -eq 8){
    $text = Get-ItemProperty -Path "HKLM:\SOFTWARE\WOW6432Node\Network Associates\ePolicy Orchestrator\Agent\" -ErrorAction SilentlyContinue |
        %{"$($_.AgentGUID)"}
}
elseif([IntPtr]::Size -eq 4){
    $text = Get-ItemProperty -Path "HKLM:\SOFTWARE\Network Associates\ePolicy Orchestrator\Agent\" -ErrorAction SilentlyContinue |
        %{"$($_.AgentGUID)"}
}
if(-not $text){
    $text = Get-Service -Name "McAfee Framework Service" -ErrorAction SilentlyContinue | %{"$($_.Name) is $($_.Status)"}
    if(-not $text){
        $text = Get-Service -Name wuauserv | Select -First 1 |
            %{"$($_.Name) is $($_.Status)"}
    }
}
$cbout = Get-Service -Name "CarbonBlack" -ErrorAction SilentlyContinue | Select -first 1 | %{"$($_.Name) is $($_.Status)"} 
if(-not $cbout){ 
    $cbout = Get-Service -Name wuauserv | Select -first 1 | %{"$($_.Name) is $($_.Status)"} 
}
$hotfixinfo=&{
[reflection.assembly]::LoadWithPartialName("System.Version")
$os = Get-WmiObject -class Win32_OperatingSystem
$osName = $os.Caption
$s = "%systemroot%\system32\drivers\srv.sys"
$v = [System.Environment]::ExpandEnvironmentVariables($s)
If (Test-Path "$v")
    {
    Try
        {
        $versionInfo = (Get-Item $v).VersionInfo
        $versionString = "$($versionInfo.FileMajorPart).$($versionInfo.FileMinorPart).$($versionInfo.FileBuildPart).$($versionInfo.FilePrivatePart)"
        $fileVersion = New-Object System.Version($versionString)
        }
    Catch
        {
        Write-Host "Unable to retrieve file version info, please verify vulnerability state manually." -ForegroundColor Yellow
        Return
        }
    }
Else
    {
    Write-Host "Srv.sys does not exist, please verify vulnerability state manually." -ForegroundColor Yellow
    Return
    }
if ($osName.Contains("Vista") -or ($osName.Contains("2008") -and -not $osName.Contains("R2")))
    {
    if ($versionString.Split('.')[3][0] -eq "1")
        {
        $currentOS = "$osName GDR"
        $expectedVersion = New-Object System.Version("6.0.6002.19743")
        } 
    elseif ($versionString.Split('.')[3][0] -eq "2")
        {
        $currentOS = "$osName LDR"
        $expectedVersion = New-Object System.Version("6.0.6002.24067")
        }
    else
        {
        $currentOS = "$osName"
        $expectedVersion = New-Object System.Version("9.9.9999.99999")
        }
    }
elseif ($osName.Contains("Windows 7") -or ($osName.Contains("2008 R2")))
    {
    $currentOS = "$osName LDR"
    $expectedVersion = New-Object System.Version("6.1.7601.23689")
    }
elseif ($osName.Contains("Windows 8.1") -or $osName.Contains("2012 R2"))
    {
    $currentOS = "$osName LDR"
    $expectedVersion = New-Object System.Version("6.3.9600.18604")
    }
elseif ($osName.Contains("Windows 8") -or $osName.Contains("2012"))
    {
    $currentOS = "$osName LDR"
    $expectedVersion = New-Object System.Version("6.2.9200.22099")
    }
elseif ($osName.Contains("Windows 10"))
    {
    if ($os.BuildNumber -eq "10240")
        {
        $currentOS = "$osName TH1"
        $expectedVersion = New-Object System.Version("10.0.10240.17319")
        }
    elseif ($os.BuildNumber -eq "10586")
        {
        $currentOS = "$osName TH2"
        $expectedVersion = New-Object System.Version("10.0.10586.839")
        }
    elseif ($os.BuildNumber -eq "14393")
        {
        $currentOS = "$($osName) RS1"
        $expectedVersion = New-Object System.Version("10.0.14393.953")
        }
    elseif ($os.BuildNumber -eq "15063")
        {
        $currentOS = "$osName RS2"
        "No need to Patch. RS2 is released as patched. "
        return
        }
    }
elseif ($osName.Contains("2016"))
    {
    $currentOS = "$osName"
    $expectedVersion = New-Object System.Version("10.0.14393.953")
    }
elseif ($osName.Contains("Windows XP"))
    {
    $currentOS = "$osName"
    $expectedVersion = New-Object System.Version("5.1.2600.7208")
    }
elseif ($osName.Contains("Server 2003"))
    {
    $currentOS = "$osName"
    $expectedVersion = New-Object System.Version("5.2.3790.6021")
    }
else
    {
    Write-Host "Unable to determine OS applicability, please verify vulnerability state manually." -ForegroundColor Yellow
    $currentOS = "$osName"
    $expectedVersion = New-Object System.Version("9.9.9999.99999")
    }
Write-Host "`n`nCurrent OS: $currentOS (Build Number $($os.BuildNumber))" -ForegroundColor Cyan
Write-Host "`nExpected Version of srv.sys: $($expectedVersion.ToString())" -ForegroundColor Cyan
Write-Host "`nActual Version of srv.sys: $($fileVersion.ToString())" -ForegroundColor Cyan
If ($($fileVersion.CompareTo($expectedVersion)) -lt 0)
    {
    Write-Host "`n`n"
    Write-Host "System is NOT Patched" -ForegroundColor Red
    }
Else
    {
    Write-Host "`n`n"
    Write-Host "System is Patched" -ForegroundColor Green
    }
}
$outputarray=@()
$outputarray+=$hotfixinfo
$outputarray+=$cbout 
$outputarray+=$text
$outputarray -join ';'

Output Inside the guest OS:

this be excluded in the script - Current OS,Expected Version,Actual Version in the script. If that is causing the issue while writing output.

I need only information system is patched or not.

pastedImage_1.png

Regards Vineeth.K
0 Kudos
LucD
Leadership
Leadership
‎06-11-2018 06:38 AM

So wait, 2 out 3 VMs return the expected output, and one doesn't?

What is actually returned for these 3 VMs when done through Invoke-VMScript?


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

0 Kudos
vin01
Expert
Expert
‎06-11-2018 06:53 AM

So wait, 2 out 3 VMs return the expected output, and one doesn't?

No VM returned output. When I try to invoke this script.

This is the Output returned when I do Invoke-VM. But If i login to the VM and open powershell and execute the script manually. I can get the output.

Name    : VM1

OS      : Microsoft Windows Server 2008 R2 (64-bit)

IP      : 153.71.23.25,192.168.111.137

Cluster : LABS_13

RP      : Resources

Out1    :

Name    : VM2

OS      : Microsoft Windows Server 2008 R2 (64-bit)

IP      : 192.168.111.135,153.71.23.23

Cluster : LABS_13

RP      : Resources

Out1    :

Name    : VM3

OS      : Microsoft Windows Server 2008 R2 (64-bit)

IP      : 192.168.111.134,153.71.23.22

Cluster : LABS_13

RP      : Resources

Out1    :

Name    : VM4

OS      : Microsoft Windows Server 2008 R2 (64-bit)

IP      : 192.168.111.133,153.71.23.21

Cluster : LABS_13

RP      : Resources

Out1    :

Regards Vineeth.K
0 Kudos
LucD
Leadership
Leadership
‎06-11-2018 06:58 AM

Ok, no output when running via Invoke-VMScript.
Let me check


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

0 Kudos
vin01
Expert
Expert
‎06-11-2018 09:14 AM

OK. Thanks Sir.

I think the output in $hotfixinfo variable contains multiple lines as below so its failing to write via invoke-vmscript.

pastedImage_0.png

Regards Vineeth.K
0 Kudos
vin01
Expert
Expert
‎06-14-2018 09:50 AM

Hello LucD,

Have you had a chance to look into this script.

Regards Vineeth.K
0 Kudos
LucD
Leadership
Leadership
‎06-14-2018 11:30 AM

I have the impression those Return lines might have something to do with it.
But I can't really explain why.

If you use this script, it returns the text

$script = @'

write-host "Hello world!"

'@

If you use this, nothing is returned

$script = @'

write-host "Hello world!"

return

'@

Best bet would be to restructure the script in such a way that return is not needed.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

0 Kudos