-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathRemovePkgFromDP.ps1
239 lines (229 loc) · 8.8 KB
/
RemovePkgFromDP.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
# Look up the site code for the SMS Provider, given a server name
Function GetSiteCode($tSiteServer){
# Dynamically obtain SMS provider location based only on server name
$tSiteCode = (Get-WmiObject -ComputerName $tSiteServer -Class SMS_ProviderLocation -Namespace root\sms).NamespacePath
# Return only the last 3 characters of the NamespacePath property, which indicates the site code
return $tSiteCode.SubString($tSiteCode.Length - 3).ToLower()
}
# Move Package files to Temporary Backup Location
Function BackupPKG($BDP, $PKGID){
$blankdirAcl = New-Object System.Security.AccessControl.DirectorySecurity
$blankdirAcl.SetOwner([System.Security.Principal.NTAccount]'BUILTIN\Administrators')
$DirACL = New-Object System.Security.AccessControl.DirectorySecurity
$DirACL.SetAccessRuleProtection($False, $True) #(Block Inheritance, Copy Parent ACLs)
$Folder = "\\$BDP\C$\SMSPKGC$\$PKGID"
If($BDPWrkFldr){
If(Test-Path "\\$BDP\C$\BdpTmpWrkFldr"){
if(!(Test-Path "\\$BDP\C$\SCCMBackup")){New-Item -ItemType directory -Path "\\$BDP\C$\SCCMBackup" | out-null}
$wrkfldr = Get-ChildItem "\\$BDP\C$\BDPTmpWrkFldr" -ErrorAction SilentlyContinue -ErrorVariable err | ? {$_.PSIsContainer}
if($err -and (!$wrkfldr -eq $null)){
Service $BDP "CCMExec" "Stop"
Service $BDP "BITS" "Stop"
$command = 'cmd /c "$CurrentDir\psexec.exe" \\' +$BDP+' takeown /f "C:\BDPTmpWrkFldr" /r /a /d y'
Invoke-Expression -command $command
icacls "\\$BDP\C$\BDPTmpWrkFldr" /reset /T > $null #Don't write to screen
$wrkfldr = Get-ChildItem "\\$BDP\C$\BDPTmpWrkFldr"
$err.Clear()
}
if($wrkfldr -ne $Null){
Move-Item "\\$BDP\C$\BDPTmpWrkFldr\$WrkFldr" "\\$BDP\C$\SCCMBackup"
Rename-Item "\\$BDP\C$\SCCMBackup\$WrkFldr" $PKGID
If($Restrict){
$arg = "/S /Z /MIR /IPG:1200 /r:5 /w:10 \\SR2MS001\SCCMPKG$\SMSPKG\$PKGID \\$BDP\C$\SCCMBackup\$PKGID"
Start-Process robocopy $arg
}else{
$arg = "/S /Z /MIR /r:5 /w:10 \\SR2MS001\SCCMPKG$\SMSPKG\$PKGID \\$BDP\C$\SCCMBackup\$PKGID"
Start-Process robocopy $arg
}
}
}
}Else{
If(Test-Path $Folder){
if(!(Test-Path "\\$BDP\C$\SCCMBackup")){New-Item -ItemType directory -Path "\\$BDP\C$\SCCMBackup" | out-null}
try{
Move-Item $Folder "\\$BDP\C$\SCCMBackup" -ErrorAction SilentlyContinue -ErrorVariable err
If($err){
write-host -fore Yellow "$(Get-Date -format yyyyMMdd-hh:mm:ss): WARNING $err - Unable to Backup Package, trying to take ownership of package."
$err.Clear()
$command = 'cmd /c "$CurrentDir\psexec.exe" \\' +$BDP+' takeown /f "$Folder" /r /a /d y'
Invoke-Expression -command $command
icacls "$Folder" /reset /T > $null #Don't write to screen
Move-Item $Folder "\\$BDP\C$\SCCMBackup\$PKGID"
}else{
write-host "$(Get-Date -format yyyyMMdd-hh:mm:ss): Successfully backed up Package $PKGID on $BDP"
}
}catch{
write-host "$(Get-Date -format yyyyMMdd-hh:mm:ss): FATAL Error $_ ,Unable to Backup Package"
}
}else{
write-host -fore red "$(Get-Date -format yyyyMMdd-hh:mm:ss): $Folder does not exist"
}
}
}
# Remove PKG From Distribution Point
Function RemovePKGFromDP($BDP){
$tSysQuery = "select * from SMS_DistributionPoint WHERE PackageID='" + $PKGID + "'"
$tWmiNs = "root\sms\site_" + $SccmSiteCode
$Resources = Get-WmiObject -ComputerName $SccmServer -Namespace $tWmiNs -Query $tSysQuery
if ($Resources -eq $null) {
write-host "Can't find any resources"
return
}else {
foreach($resource in $resources){
If($($resource.ServerNALPath).Contains($BDP)){
try{
$resource.Delete()
write-host -fore Cyan "$(Get-Date -format yyyyMMdd-hh:mm:ss): Successfully removed $PKGID from $BDP"
}catch{
write-host "Unable to Remove $PKGID from $BDP"
}
}
}
}
}
# Restore Package files from Temporary Backup Location
Function RestorePKG($BDP, $PKGID){
Move-Item "\\$BDP\C$\SCCMBackup\$PKGID" "\\$BDP\C$\SMSPKGC$\$PKGID" -ErrorAction SilentlyContinue -ErrorVariable err
If($err){
write-host -fore Red "Error $err - Unable to Restore Package"
$err.Clear()
}else{
write-host "$(Get-Date -format yyyyMMdd-hh:mm:ss): Successfully restored $PKGID on $BDP"
}
}
# Add PKG To Distribution Point
Function AddPKGToDP($BDP){
$Namespace = "root\sms\site_" + $SccmSiteCode
$Query = "select NALPath from SMS_DistributionPointInfo WHERE ServerName='" + $BDP + "'"
$DPInfo = Get-WmiObject -ComputerName $SccmServer -Namespace $Namespace -Query $Query
$DPClass = [wmiclass] "\\$SccmServer\root\sms\site_$($SccmSiteCode):SMS_DistributionPoint"
$DPClass = $DPClass.CreateInstance()
$DPClass.ServerNALPath = $DPInfo.NALPath
$DPClass.PackageID = $PKGID
$DPClass.SiteCode = "ILB"
$DPClass.Put() > $null
Write-host -fore white "$(Get-Date -format yyyyMMdd-hh:mm:ss): Successfully added $PKGID to $BDP"
}
# Download Machine Policy on BDP's
Function DownloadMachinePolicy($BDP){
$Status = Service $BDP "CCMExec" "Status"
If($Status -ne 'Running'){
Service $BDP "CCMExec" "Start"
write-host "Starting CCMExec and waiting 45 seconds for it to start."
Sleep 45
}
$SMSCli = [wmiclass] "\\$BDP\root\ccm:SMS_Client"
If($SMSCli){
$SMSCli.RequestMachinePolicy() | out-null
}
write-host "$(Get-Date -format yyyyMMdd-hh:mm:ss): Successfully downloaded machine policy on $BDP"
}
# Prestage content on BDP's
Function Prestage($BDP, $PKGID){
Copy-Item "\\SR2MS001\SCCMPKG$\SMSPKG\$PKGID" "\\$BDP\C$\SCCMBackup" -recurse
write-host "$(Get-Date -format yyyyMMdd-hh:mm:ss): Prestaging package from: \\SR2MS001\SCCMPKG$\SMSPKG\$PKGID"
}
# Take Action/Retrieve Info about a service
Function Service($PCName,$SvcName,$Action){
$svc = get-service -ComputerName $PCName -Name $SvcName
If($Action -eq 'Start'){
$svc.Start()
}ElseIf($Action -eq 'Stop'){
$svc.Stop()
}Else{
$svc.$Action
}
}
# Determine Action to take against BDP's
Function BDPAction{
If(Test-path "\\$BDP\c$\SMSPKGC$\$PKGID"){
$SMSPKG = "Exists"
}Else{
$SMSPKG = "Does Not Exist"
}
If(Test-Path "\\$BDP\c$\SCCMBackup"){
$folders = get-childitem "\\$BDP\c$\SCCMBackup" | ? {$_.PSIsContainer}
If($folders.count -gt 0){
If(Test-Path "\\$BDP\c$\SCCMBackup\$PKGID"){
$SCCMBackup = "Exists"
}Else{
$SCCMBackup = "Dirty Folder"
}
}Else{
$SCCMBackup = "Empty"
}
}Else{
$SCCMBackup = "Does Not Exist"
}
write-host $BDP " - Backup Folder" $SCCMBackup " - SMSPKG Folder" $SMSPKG
Add-Content $CurrentDir\exist.csv -value $BDP","$($SCCMBackup)","$($SMSPKG)
}
# Check for PKG Delete Events
Function CheckEvent($BDP, $PKGID){
get-content "\\$BDP\C$\Windows\SysWow64\CCM\Logs\PeerDPAgent.log" | ForEach-Object {
if (-not($_.endswith('">'))){
$string += $_
$frag= $true
}Else{
$string += $_
$frag =$false
}
if (-not($frag)){
$msg = ($string -Split 'LOG')[1].trimstart('[').trimend(']')
$msg = ($msg -Split 'PDPPkgDeleteEvent')[1]
$time = ($msg -Split 'DateTime')[1]
$msg = ($msg -Split 'PackageID')[1]
$msg = ($msg -Split ';')[0]
$msg = $msg -replace "=",""
$msg = $msg -replace """",""
$msg = $msg -replace " ",""
$time = ($time -Split ';')[0]
$time = ($time -Split ".", 0, "simplematch")[0]
$time = $time -replace "=",""
$time = $time -replace """",""
$time = $time -replace " ",""
If($msg -eq $PKGID){
# write-host "Package Remove Time: $time"
# write-host "Script Started Time: $CurrentTime"
If($time -gt $CurrentTime){
# write-host "Package removal entry found in log."
Remove-Variable string
Return $TRUE
}else{
}
}
Remove-Variable string
}
}
}
$CurrentDir=Split-Path -Path $MyInvocation.MyCommand.Path -Parent
$PKGList = Get-Content $CurrentDir'\PKGList.txt'
$Prestage = $FALSE
$BDPWrkFldr = $FALSE
$Restrict = $FALSE
$BDPList = Get-Content $CurrentDir'\RemovePkgFromDP.txt'
$SccmServer = 'SR1MS001'
$SccmSiteCode = GetSiteCode $SccmServer
ForEach($BDP in $BDPList){;
If($BDP.StartsWith("#")){
continue
}
ForEach($PKGID in $PKGList){
BDPAction
If($Prestage){ Prestage $BDP $PKGID }else{ BackupPKG $BDP $PKGID }
$CurrentTime = ((Get-Date).ToUniversalTime()).ToString("yyyyMMddHHmmss")
RemovePKGFromDP $BDP
Start-Sleep 45
DownloadMachinePolicy $BDP
While(!(CheckEvent $BDP $PKGID)){
write-host "$(Get-Date -format yyyyMMdd-hh:mm:ss): Sleeping for 20 seconds to wait until $PKGID is removed from $BDP."
Start-Sleep 20
}
RestorePKG $BDP $PKGID
AddPKGToDP $BDP
write-host "$(Get-Date -format yyyyMMdd-hh:mm:ss): Sleeping for 45 seconds to wait for package to be added to $BDP."
Start-Sleep 45
DownloadMachinePolicy $BDP
write-host -fore magenta "--------------------------------------------------------------------------------------------------------"
}
}