This is script is the culmination of many hours of work at night and on the weekends. This has been a personal goal of mine was to automate as much of the daily job that I can. And this is where I chose to start. This will allow me to start becoming Proactive instead of reactive.
So here I go! I give you the ability to do full monthly or weekly or daily update cycles of your clone pools from start to finish 100% scripted. Yes, you are reading that right. With this you are able to do software installs based on SCCM and/or Windows updates, Do 3rd Party patching, shut down the VM take a snapshot, clean out the old snaps, power it back on and prepare for the process to start next month all while updating ServiceNow Incident and Change. Yes, that sounds like a ton of stuff and it really is.
Currently, this has been tested and is running on production systems Windows 7, 8, and 10 64bit systems only. I have also tested the code on Horizon 7.4,7.5,7.6, and 7.7. Also tested with vSphere 6.5 and 6.7. Anything outside of this has not been tested.
Time to get down to the features. What is does this script do? Well, here you go: Captures Service accounts and passwords for Horizon, and Service Now Connects to the Horizon Connection server and pulls an inventory of pools and get the info for the Master Images, Pool Names, vCenter Info. Create a ServiceNow Incident and a ServiceNow Change. Builds out Installation and Shutdown script on a Share location that distributes the scripts to the VDI Master images. Runs the Install Updates function. Runs a report of what the current installed 3rd party software is before updating Install updates from SCCM Install 3rd Party from SCCM (Requires Automatic install of Software) Install Windows updates (If not managed by SCCM) Install 3rd Party updates (If not managed by SCCM, and requires you to find appropriate scripts to install updates. There are many things on GitHub for the installs.) Run a report of what the current installed 3rd party software is after updating. Run a report of what the installed updates are since the last recompose Create or Update a custom registry key to store the Corporate Build Date. Create or Update a custom registry key to store the Last Recompose Date Create or Update a custom registry key to store the Last Update Date. Create or Update a custom registry key to store the Pool Assignment Type. Create or Update a custom registry key to store the Pool Name. Create or Update a custom registry key to store the Pool Provision Type Create or Update a custom registry key to store the Pool Type. Create or Update a custom registry key to store the Pool Name. Create or Update a custom registry key to store the Windows Build Version. Create or Update a custom registry key to store the Windows Revision. Create or Update a custom registry key to store the Windows Version. Reboot the master image, it will run the cleanup script. This will clean up the master and make it ready to be cloned. Checks the version of windows. (This is used for the optimizer at the end.) Create or Update a custom registry key to store the current Windows Core Build Version. Runs Disk Cleanup Runs Defragment Pre-Compile .NET Framework Runs SEP update, Scan, Forced Check-in, and Clone Prep. Runs VMware Optimizer based on what OS version you are on and what templates you have defined. (Beings its ran via CMD there are no rolling back changes, it’s a bug/Feature in the Optimizer) Disables or Stops Services like Windows Updates, SCCM, Adaptiva. AppVolumes Clean out Downloads Cache folder Clean out Windows Prefetch Clear the event logs Releases IP Addresses Clears DNS Shutdown the VM Connect to each of the vCenters. Create a snapshot of each of the Masters in there Powered Off State. Update the VM Notes in vCenter to show Last Recomposed date, Last Update Date, Windows Core Build Version, Pool Type. and Pool Name based off the custom Registry Keys Will remove the old snapshots past X number of days old. Will Power the Master VMs back on. Start the SCCM and Windows Update services. Copy's the log files from each VDI Master back to the central share. It will connect to the Horizon View Connection servers. Recompose or do image Push to the Pools, Varying the times based on if they are Production or Test. During this entire process, we will update notes in ServiceNow. All logs generated by this task will be updated in the change.
There a few requirements for this script. Must be running Powershell v5.1 or newer on the Scripting Server and the Master VMs The account you are running the script as has to have admin rights to the Master Images, Rights to do recompose or image push in Horizon, and appropriate rights in vCenter to take Snapshot, delete snapshots, and write notes. Must have a folder share setup with the Read and Write rights to the user you will run the script as. I set up the following directories like this. \ShareLocation\VDI_Tools Logs (This is where all the log files will be saved) Scripts (Save this script and run it from this location) CloneTools (Place your VMware Optimizer and templates in that location. The VMware Modules must be installed on the Scripting Server. (Out of laziness I just enable them all.) Must install the HV-Helper module on the Scripting Server. The code can be found HERE. Click the green Clone or download button and then click Download ZIP. Extract the zip file and copy the advanced functions Hv.Helper folder to a modules directory. Check your PowerShell $env: PSModulePath variable to see which directories are in use: User-specific: %UserProfile%\Documents\WindowsPowerShell\Modules Systemwide: C:\Program Files\WindowsPowerShell\Modules Unblock the advanced functions to allow them to be executed. In a PowerShell prompt (as Administrator), run the following command, tailoring the path to where you copied the VMware.Hv.Helper folder: dir ‘C:\Program Files\WindowsPowerShell\Modules\VMware.HvHelper\’ | Unblock-File This only works on Horizon 7.0.2 and newer deployments! So if you are not there yet get to updating. If you want to run VMware OS Optimization Tool Fling you must have it downloaded and installed in the "CloneTools" share directory, with your custom Templates. For example, this is my configuration. All VDI Master Images must be domain joined. It uses domain authentication to do the remote PowerShell. Enable-PSRemoting must be enabled on All the VDI Master Images.
ServiceNow: Looking at the Service Now bits its a bit overwhelmed on the number of variables you need fill out. But from what I have found its what’s needed for my workflow, you are more than welcome to customize it. The function of the Service Now the piece is that it will open an Incident, and open a change with the Incident as the parent. It will fill out all the change notes with the text from the log files, including what updates were installed, what 3rd party updates were installed and the complete logs of the script.
There are a couple known bugs: One is running this more than one time a day will create two snapshots with the same name, and then try to recompose or push the image and get confused as there are two snaps of the same name. So it will fail to update the recompose or push part fo the script. Workaround: Remove the previous snaps for the same day before running the script again. I chose not to put this as the core code as it could delete a running snapshot. Running the script late in the day, like the last hour of the day. When it runs the script its date dependent. If the script is kicked off on the 12-4-2018 there is a possibility that the snaps might be taken on 12-5-2018, and when the recompose or Push happens it will be looking for a snap from 12-4-2018. In turn, erroring out and failing the Recompose or Push for those pools. Workaround: Run the script early in the day or morning to avoid running into the next day. On at minimum, the script takes 17 mins to run Per Pool. Please plan accordingly. If the credentials that you use to run the script have expiring passwords it will error out and fail the script and not prompt for new creds. (Might be an added feature soon.) Workaround: Use service account with a non-expiring password or delete the password file from the Script Server when you reset your password. Multi-Domain issues. If your scripting server is in a different domain than your VDI master images you will run into some DNS lookup issues. As in the script, we are not using FQDN to connect to the master Images we are just using hostname. Sorry if this causes an issue. Workaround: Can be fixed pretty simple by adding a domain variable and appending most of the $VMline variables in the script. (Can not promise when I get to fixing this one.)