[fixed]The task XML contains a value which is incorrectly formatted or out of range Duration:P99999999DT23H59M59S


Hi All,

When I am trying to create a scheduled task in windows server 2016, I was getting the below error.

The task XML contains a value which is incorrectly formatted or out of range.

(8,42):Duration:P99999999DT23H59M59S

+ CategoryInfo : NotSpecified: (PS_ScheduledTask:Root/Microsoft/..

.S_ScheduledTask) [Register-ScheduledTask], CimException

+ FullyQualifiedErrorId : HRESULT 0x80041318,Register-ScheduledTask

+ PSComputerName : AZWEPSSCBTXPFE1.partners.extranet.microsoft.com

After looking online, found this issue with [timespan]::MaxValue property that used in the script

This was my script.

$mycredentials = Get-Credential

Invoke-Command -ComputerName “Server1” -Credential $mycredentials -ScriptBlock {

$Action = New-ScheduledTaskAction -Execute ‘powershell.exe’ -Argument ‘-command “D:\PS_Jobs\PS_Job1.ps1” -ExecutionPolicy RemoteSigned -NoProfile’

$Trigger = New-ScheduledTaskTrigger -Once -At 9am -RandomDelay (New-TimeSpan -Minutes 30) -RepetitionDuration ([timespan]::MaxValue) -RepetitionInterval (New-TimeSpan -Minutes 60)

$Task = New-ScheduledTask -Action $Action -Trigger $Trigger -Settings (New-ScheduledTaskSettingsSet)

$Task | Register-ScheduledTask -TaskName ‘Job1 Task’

}

As the issue with [timespan]::MaxValue, I made some changes to include the time span for only 3 years to run the script.

This is the updated and working script.

Invoke-Command -ComputerName “Server1” -Credential $mycredentials -ScriptBlock {

$dt= ([DateTime]::Now)

$timespan = $dt.AddYears(3) -$dt;

$Action = New-ScheduledTaskAction -Execute ‘powershell.exe’ -Argument ‘-command “D:\PS_Jobs\PS_Job1.ps1” -ExecutionPolicy RemoteSigned -NoProfile’

$Trigger = New-ScheduledTaskTrigger -Once -At 9am -RandomDelay (New-TimeSpan -Minutes 30) -RepetitionDuration $timespan -RepetitionInterval (New-TimeSpan -Minutes 60)

$Task = New-ScheduledTask -Action $Action -Trigger $Trigger -Settings (New-ScheduledTaskSettingsSet)

$Task | Register-ScheduledTask -TaskName ‘Job1 Task’

}

Regards,

Chaitanya

Advertisements

Cricket Score Notifications using PowerShell


Hi All,

I have prepared the below script to fetch the cricket scores. It will take ESPN CricInfo feed and run for every 2 minutes.

You have to pass the team that you are interested to look for scores. Here I took India and it will give the balloon notifications in your desktop.

It is Useful when doing the work and wanted to know the score for every 2 minutes and if any wicket falls, it will give the notification.

Script :

param(

[Parameter(Position=0, Mandatory=$false)][String]$Team = "india"

)

[void] [System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms")

#region WriteLog function

function WriteLog($LogMessage, $LogDateTime, $LogType)

{

write-host

"$LogType, ["+
$LogDateTime +"]: "+ $LogMessage | Add-Content -Path $LogFilepath

}

#endregion

# Get Start Time

$startTime = (Get-Date)

$RunTime =get-date -Format "MMdyyyhhmmss"

# Get build folder parent directory

$scriptpath = $MyInvocation.MyCommand.Path

$ScriptDir = Split-Path $scriptpath

# Get Application folder path in the build folder

$LogFolderPath = $ScriptDir + "\" + "Logs"

# Check if Log folder already exists. If not create a folder for logging purposes

if(!(Test-Path $LogFolderPath))

{

New-Item -ItemType directory -Path $LogFolderPath

}

[string] $logdate =get-date -Format "yyyyMMdd"

$LogFolderFilepath =$LogFolderPath + "\" + "$logdate"

if(!(Test-Path $LogFolderFilepath))

{

New-Item -ItemType directory -Path $LogFolderFilepath

}

# creating logfile path string

$LogFilepath =$LogFolderFilepath +"\"+ "Logfile.txt"

$LogDateTime = get-date

WriteLog "***Getting the Scores for $Team" $LogDateTime "Information"

write-host "***Getting the Scores for $Team" -ForegroundColor Yellow

TRY

{

$PreviousScore = $null;

while($true)

{

[xml]$data = (Invoke-WebRequest ‘http://static.cricinfo.com/rss/livescores.xml‘).Content

if($?)

{

$CurrentScore = "";

$finalScore = "";

$wickdown = "";

$currWicket = "";

$PrevWicket = "";

foreach ($xnode in $data.rss.channel.childnodes)

{

if(($xnode.title -like "*$($Team)*") -and ($xnode.title -match "[0-9]"))

{

$CurrentScore = $CurrentScore + $xnode.title + "`n"

}

}

function WicketDown($CurrentScore,$PreviousScore)

{

$currWicket = ($CurrentScore.Split("/")[1]).split(" ")[1]

$PrevWicket = ($PreviousScore.Split("/")[1]).split(" ")[1]

if($currWicket -ne $PrevWicket)

{

return 1;

}

else

{

return 0;

}

}

if ([string]::IsNullOrEmpty($PreviousScore))

{

$PreviousScore = $CurrentScore;

$finalScore = $CurrentScore;

}

elseif (($PreviousScore -eq $CurrentScore ) -and (-not([string]::IsNullOrEmpty($PreviousScore))))

{

$finalScore = $null;

}

elseif (($PreviousScore -ne $CurrentScore ) -and (-not([string]::IsNullOrEmpty($PreviousScore))))

{

$PreviousScore = $CurrentScore;

$finalScore = $CurrentScore;

$wickdown = WicketDown($CurrentScore,$PreviousScore)

}

else

{

}

$objNotifyIcon = New-Object System.Windows.Forms.NotifyIcon

$objNotifyIcon.Icon = [System.Drawing.SystemIcons]::Information

$objNotifyIcon.BalloonTipIcon = "Info"

if($finalScore -and $wickdown -ne ‘1’)

{

$objNotifyIcon.BalloonTipText = $finalScore

$objNotifyIcon.BalloonTipTitle = "Cricket Score:"

$objNotifyIcon.Visible = $True

$objNotifyIcon.ShowBalloonTip(30000)

}

if($finalScore -and $wickdown -eq ‘1’)

{

$objNotifyIcon.BalloonTipText = $finalScore

$objNotifyIcon.BalloonTipTitle = "Cricket Score:"

$objNotifyIcon.BalloonTipIcon = "Error" ;

$objNotifyIcon.Visible = $True

$objNotifyIcon.ShowBalloonTip(30000)

}

else

{

$LogDateTime = get-date

WriteLog "***Could not find the Score for $team" $LogDateTime "Information"

write-host "***Could not find the Score for $team" -ForegroundColor Yellow

}

}

$objNotifyIcon.Dispose();

Start-Sleep -seconds 120

}

}

Catch

{

$ErrorOccured = $true

#region log exception in log file

$LogMessage = $_.Exception.Message

$LogDateTime = get-date

WriteLog $LogMessage $LogDateTime "Error"

WriteLog "$Action failed with Error" $LogDateTime "Error"

$ErrorActionPreference="Continue"

#endregion

}

Finally

{

$LogDateTime = get-date

WriteLog "*** Script exection stoppped " $LogDateTime "Information"

}

Happy scripting

Regards,

Chaitanya

Sql server Database Restore History


Hi All,

Below is the query for that.

SELECT rs.[restore_history_id]

,rs.[restore_date]

,rs.[destination_database_name]

,bmf.physical_device_name

,rs.[user_name]

,rs.[backup_set_id]

,CASE rs.[restore_type]

WHEN ‘D’ THEN ‘Database’

WHEN ‘I’ THEN ‘Differential’

WHEN ‘L’ THEN ‘Log’

WHEN ‘F’ THEN ‘File’

WHEN ‘G’ THEN ‘Filegroup’

WHEN ‘V’ THEN ‘Verifyonlyl’

END AS RestoreType

,rs.[replace]

,rs.[recovery]

,rs.[restart]

,rs.[stop_at]

,rs.[device_count]

,rs.[stop_at_mark_name]

,rs.[stop_before]

FROM [msdb].[dbo].[restorehistory] rs

inner join [msdb].[dbo].[backupset] bs

on rs.backup_set_id = bs.backup_set_id

INNER JOIN msdb.dbo.backupmediafamily bmf

ON bs.media_set_id = bmf.media_set_id

order by rs.[restore_date] desc

GO

Check if the Server is Clustered or not


Hi All,

Below is the simple PowerShell snippet, which could check if the server is cluster or not

$ServerName=’Server1’

$sObj = Get-WmiObject -Class Win32_SystemServices -ComputerName $ServerName

if ($sObj | select PartComponent | where {$_ -like "*ClusSvc*"})

{

Write-Output "$ServerName is Clustered"

}

else

{

Write-Output "$server is Not clustered"

}

Regards,

Chaitanya

CU 2 is now available for BizTalk Server 2016


Hi All,

CU 2 is now available for BizTalk Server 2016. Below is the official Microsoft link for the details.

https://support.microsoft.com/en-us/help/4021095/cumulative-update-2-for-microsoft-biztalk-server-2016

regards,

Chaitanya

BizTalk Health monitor V4 released


Hi All,

BizTalk Health monitor V4 released. Below is the link where you can find more information

https://blogs.msdn.microsoft.com/biztalkhealthmonitor/2016/12/16/biztalk-health-monitor-v4-0-released/

New features.

§ Monitoring Profiles with UI based configuration (Old “Monitoring Profile” is now renamed with “Health Check Profile”)

§ Schedule your report collection with a Windows service (Windows Task option is still available)

§ New “Trace Log” node to quickly display the log of an analyze. Build to show insights in report collection failures.

§ Compatible with and Updated for BizTalk Server 2016

§ Better user experience by allowing Queries and Rules lists to be displayed in full screen mode.

§ Improved repositories auto-update feature

§ More robust. Fixed crash issue on MMC termination.

Download link for BHMv4 – https://www.microsoft.com/en-us/download/details.aspx?id=43716

Regards,

Chaitanya

IIS Web Server Learning Series -Part 12 – Some Random learnings in IIS Web server


Worker PROCESS:

When IIS starts, the Web Administration Service initializes the http.sys namespace routing table with one entry for each application. This routing table determines to which application pool an application should be routed. When http.sys receives a request, it asks WAS to start up one or more worker processes to handle that application pool. This isolation of processes makes the web server as a whole more stable.

What is the Role of Http.Sys in IIS ?

HTTP.SYS is the kernel level components of IIS. All client request comes from client hit the HTTP.Sys of Kernel level. HTTP.SYS then makes a queue for each and every request for each and individual application pool based on the request.

Whenever we create any application pool IIS automatically registers the pool with HTTP.SYS to identify the particular during request processing.

APPLICATION POOL

Application pools are used to separate sets of IIS worker processes that share the same configuration and application boundaries. Application pools used to isolate our web application for better security, reliability, and availability and performance and keep running without impacting each other . The worker process serves as the process boundary that separates each application pool so that when one worker process or application is having an issue or recycles, other applications or worker processes are not affected.

One Application Pool can have multiple worker process Also

IIS: it has the websites and websites are working under the application pools.

for every site different application pool will be there or default app pool will be there.

if there are issues with app pool it will impact only one website, else if issues is for default app pool it will impact the all the sites..

we can set the logging for the sites at the server level for the IIS

http redirect: it is the future used to re direct to a page for a site in the downtimes.

authentication:

here we have some authentications

Anonymous authentication:

asp.net impersonation:

Another important security feature is the ability to control the identity under which code is executed. Impersonation is when ASP.NET executes code in the context of an authenticated and authorized client. By default, ASP.NET does not use impersonation and instead executes all code using the same user account as the ASP.NET process, which is typically the ASPNET account. This is contrary to the default behavior of ASP, which uses impersonation by default. In Internet Information Services (IIS) 6, the default identity is the NetworkService account.

If you enable impersonation, ASP.NET can either impersonate the authenticated identity received from IIS or one specified in the application’s Web.config file.

•Impersonation is disabled. This is the default setting. For backward compatibility with ASP, you must enable impersonation and change the ASP.NET process identity to use the Local System account. In this instance, the ASP.NET thread runs using the process token of the application worker process regardless of which combination of IIS and ASP.NET authentication is used. By default, the process identity of the application worker process is the ASPNET account. For more information, see ASP.NET Process Identity.

Copy<identity impersonate="false" />

•Impersonation enabled. In this instance, ASP.NET impersonates the token passed to it by IIS, which is either an authenticated user or the anonymous Internet user account (IUSR_machinename).

Copy<identity impersonate="true" />

•Impersonation enabled for a specific identity. In this instance, ASP.NET impersonates the token generated using an identity specified in the Web.config file.

Copy<identity impersonate="true"

userName="domain\user"

password="password" />

basic authentication

forms authentication

windows authentication

ASP.NET Delegation

Impersonation enables ASP.NET to execute code and access resources in the context of an authenticated and authorized user, but only on the server where ASP.NET is running. To access resources located on another computer on behalf of an impersonated user requires authentication delegation (or delegation for short). You can think of delegation as a more powerful form of impersonation, as it enables impersonation across a network.

IIS first checks to make sure the incoming request comes from an IP address that is allowed access to the domain. If not it denies the request.

Next IIS performs its own user authentication if it configured to do so. By default IIS allows anonymous access, so requests are automatically authenticated, but you can change this default on a per – application basis with in IIS.

If the request is passed to ASP.net with an authenticated user, ASP.net checks to see whether impersonation is enabled. If impersonation is enabled, ASP.net acts as though it were the authenticated user. If not ASP.net acts with its own configured account.

Finally the identity from step 3 is used to request resources from the operating system. If ASP.net authentication can obtain all the necessary resources it grants the users request otherwise it is denied. Resources can include much more than just the ASP.net page itself you can also use .Net’s code access security features to extend this authorization step to disk files, Registry keys and other resources.

The windows Authentication provider lets you authenticates users based on their windows accounts. This provider uses IIS to perform the authentication and then passes the authenticated identity to your code. This is the default provided for ASP.net.

The passport authentication provider uses Microsoft’s passport service to authenticate users.

The forms authentication provider uses custom HTML forms to collect authentication information and lets you use your own logic to authenticate users. The user’s credentials are stored in a cookie for use during the session.

<authentication mode="windows">

authentication mode="passport">

<authentication mode="forms">

How the SSL works:

When you open website like facebook.com or gmail.com, first it creates TCP connection to web server of that site.

If we send the password of this accounts, there might be chance of it getting hacked.

In this case, we will be using the cryptography method.

In this, we will encrypt the data using the key and decrypt it using the same key. This is called symmetric key

This is not a good option as we would use same key for to decrypt it.

What if , we use one key for encryption and another key for decryption. This is called asymmetric key.

We will do the public key to encrypt the data and private key to decrypt the data.

Here is how the SSL hand shake works

After TCP connection established, then the process of SSL hand shake starts

For this hand shake, first client sends client hello message which contains client highest SSL version, ciphers /compressions and random data

And server responds with the SSL version that will be used ,ciphers/compressions and random data and session id for the session.

After this, server sends the digital certificate and this certificate serves 2 purposes,

1. Public key and also chain of certificates.

2. It establishes the identify of server, from where it is coming.

Then server sends server hello done message

Then client sends certificate verified message

Client again sends change cipher messages means from now on wards , the data sends over this http session will be encrypted

Browser sends finished message with all the messages that exchanged till now, to check none of the messages have been tampered

Server sends the change cypher messages

Server sends finished message with all the messages that exchanged till now, to check none of the messages have been tampered

At this point, ssl hand shake is set to be complete and the browser can generate Asymmetric secret key that will be used by session to encrypt and decrypt.

This key is only decrypted by server.

If the some validations failed, SSL connection will be terminated and browser shows the error.

Server certificates:

what are the certificates installed at the server level.

edit permissions for the site is used to give the permissions for the site and share it etc.

ssl settings : we have settings here for the client certificate

to see the certificate i.e. binded to site.. go to site and right click and edit bindings and edit it so that u can see the certificate…

if we want to add/remove the services we can use the server manager, roles->web services and do the things.

regards,

Chaitanya

IIS Web Server Learning Series -Part 11 – Best Practices for IIS Architecture


Best Practices for IIS Architecture:

Web farm-> load balancing

Multiple types of clusters are there

1. Windows cluster: where we see the node A and node B sharing the storage area network(SAN)

Only active node is working at a time and another one is passive

Copy of SAN is placed in 2 machined, if one server is down another one is pointed to this

We have nodes that have SAN and for these nodes requests are coming using NLB mgr

we have environment like

las Vegas

a,b,c,d nodes with ip address 1 and NLB,

new York

e,f,g,h, nodes with ip address 2 and NLB ,then in dns, these 2 IP address register for the http://www.nuggetlab.com

so some people will go to las Vegas network and some people will go to new York network

this is the large sites will build

Firewalls will block the traffic that comes through the ports

IIS is behind the firewall, so attacking on iis will be reduced as the firewall is there

Another way to reduce attacks on iis is don’t install the roles what you don’t need

Go to iis thru server manager, check the best practice analyzer

Scan that role every time and check what you missed some roles

if any malware is there, we can find it through IIS SEO toolkit

regards,

Chaitanya

IIS Web Server Learning Series -Part 10 – Network load balancer


Network load balancer:

It is installed on many web servers with same iis configuration and iis contents

1. Over view of architecture

2. Installation

3. configuring

4. content replication and configuration replication

For every web server the network adapter is there and it is assigned with some IP address

And every computer is having unique mac address and ip address

Here Network adapter uses the MAC address for communication

When NLB is installed it will create a virtual mac address and it is attached to network adapter

in addition to NIC mac address there will be another MAC address i.e. Virtual MaC Address (Fake)

if you install NLB on different servers, then all the servers are in same NLB cluster then then all the servers are having same virtual MAC address

When the request came to virtual IP address then the all the computers that having the virtual MAC address will pick the request and NLB will decide the which server needs to process. and other server requests will be discarded.

When any server is not responding other servers in NLB is take care of the requests

Installation: go to server manager, features, add feature and check the nlb , install it

after installation go to nlbmgr from run and create new cluster with name as localhost as it takes local configuration, click on next and create a cluster IP address, give the ip address , use the subnet mask ,click on next, it have network address it is the MAC Address

NLB will operate on all ports.

we can add/edit rule

we can allow the requests from ports from our interest like 80 to 80 or 80 to 443.

By default, NLB allows all ports.

Affinity is Single

We have many webservers serving the request. When the user sends the request and session is created and session id is send to browser along with content

after that if user requested again with the same session id , then nlb routes the request to other server where the session is not stored, then web page comes for user to re login.

Its issue, so affinity is having 3 modes

1. NONE: every time user requested the requested to redirected to new server

this is the best performance mode; it is not compatible with in memory session state

But we can access the session by keeping the session ids in database

2.Single:this is done on clients IP address, at first time clients request, NLB remembers the ip address , after that every requests from that IP address NLB sends to same server

session state is stored in Memory, moderate performance

if the clients are going through proxy address where the clients are from the large network, then client will send requests from 2 or 3 ip address. so at that time it will be a problem

s

for intranet where the proxies are not used, it is fine

3. Network: worst performance

Whenever client comes from some network, it is routed to one server,

If the requests are coming from same network, then the requests ARE routed to same server

It is used for internet connections

If we have web farm, we need the iis configurations sync with all servers

We can use XCOPY or Robocopy to do the configuration.

When we do the configuration change for one iis, we can manually replicate these changes in the other servers using XCOPY, robocopy

or we can have the shared configuration in one place and it is shared by multiple servers

Another option is MSDeploy.exe tool for content replication and Sync IIS settings and it is free.

For commercial products, go to repliweb.com

Repliweb.com web deployment tool

Regards,

Chaitanya

IIS Web Server Learning Series -Part 9 – Performance Tuning and Monitoring


Performance Tuning and Monitoring

Performance is low due to the user code

So we can find out that thing using the below

Http .sys listener in kernel mode is passing the requests to websites app pools and worker process of app pool will execute the requests.

if the worker process will get the requests of type html pages, then the performance will be high.

This is best case for iis.

IIS will be worst when executing the following

ASp.net code

asp code

php

CGI

fast CGI

ISAPI extensions

IIS performance will be fast when it executes the MS code

It will be slow when it executes the user code

Means Bad performance in IIS is not iis fault, its developer fault.

When the server configured for iis is also having the sql server, my sql, active directory etc… Then the iis needs to share the memory with them

Tools:

1…WCAT: it will send the numerous static web page requests to IIS

we can do test like this

Check the sermon’s and by running wcat tool to send requests to IIS

and do the test in the other server

when u r running wcat , don’t use asp,asp.net,php etc.. only use html static request

in the perfmon.msc add the counter like w3wp, wap (app pool) and checks the performance

in the other server check the performance for user code , if there is huge difference ask the dev team to fix the code

2… IIS SCOM PACK:

—->check the graph in the perfmon.msc, if processor is taking high and iis is taking low then it means processor not enough to handle the iis request or there are some other resources to that are using processors

check the task manager check the processes that are consuming more memory than worker processes

%d bloggers like this: