script to stop/disable spooler service on all servers not required in regards to Print Spooler Vulnerability

 

script to stop/disable spooler service on all servers not required

regarding the Print Nightmare vulnerability,  I have deal with all 226 sql servers and 12 oracle servers on windows, so resue one of my ps script to stop /disable spooler service on all servers. this also helps to disable spooler on some of other 10000+ windows machines we have. 


Windows Print Spooler Remote Code Execution Vulnerability

 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527 

step1, create a list of servers to change in text file with one servername in a line, saved it toc:\sql\serverlist0.txt


step 2. copy below script to power script ISE

step 3. run it, see screenshot

$service = "Spooler"



$text=Get-Content C:\sql\serverlist0.txt
$TotalComputers=$text.Length
write-host "the total number of computers is $TotalComputers"
For ($i=0; $i -lt $text.Length; $i++) {
$Computer= $text[$i]
Write-Host "Working on $Computer"
if(!(Test-Connection -ComputerName $Computer -Count 1 -quiet)) {
Write-Warning "$computer : Offline"
Continue
}
try {
$ServiceObject = Get-WMIObject -Class Win32_Service -ComputerName $Computer -Filter "Name='$service'" -EA Stop
if(!$ServiceObject) {
Write-Warning "$Computer : No service found with the name $service"
Continue
}
if($ServiceObject.StartMode -eq "Disabled") {
Write-Warning "$Computer : Service with the name $service already in disabled state"
# Continue
}
Set-Service -ComputerName $Computer -Name $service -EA Stop -StartMode Disabled
Write-Host "$Computer : Successfully disabled the service $service. Trying to stop it"
if($ServiceObject.state -ne "Running") {
Write-Warning "$Computer : $service already in stopped state"
Continue
}
$retval = $ServiceObject.StopService()
if($retval.ReturnValue -ne 0) {
Write-Warning "$Computer : Failed to stop service. Return value is $($retval.ReturnValue)"
Continue
}
Write-Host "$Computer : Stopped service successfully"
} catch {
Write-Warning "$computer : Failed to query $service. Details : $_"
Continue
}


#sample serverlist0.txt
sampleServerName1
sampleServerName2
sampleServerName3



Comments

Post a Comment

Popular posts from this blog

Sysaux tablespace is too big

Image
 today I received my report alert regarding one of Oracle database tablespace SYSAUX is over 80% (I created automated job using SSIS package to check tablespace usage daily) following steps to resolve it:  /*  2021.07.08  Documentation steps for troubleshooting Sysaux tablespace is huge --85% full  */   ---1. see what uses the most select occupant_name,occupant_desc, space_usage_kbytes/1024 MB from v$sysaux_occupants where space_usage_kbytes > 0 order by space_usage_kbytes desc; ---find it is SM/Advisor Server Manageability - Advisor Framework 25GB --now look for top 10 big objects   select * from (                select bytes/1024/1024 MB, blocks, s.SEGMENT_NAME, s.partition_name, s.segment_type, s.tablespace_name                  from dba_segments s                 where owner='SYS'             ...
Read more

SQL server mdf file modifed date

SQL server mdf file modifed date the modified date of mdf, ndf (sql server database files) only changes when 1. Database turns online(server restart, new db, being restored) 2. file expanded/shrunk 3. DBCC checkdb ---will update if notice further factor to change the modified date of database data file.
Read more

Developing Nightly DBA PACKAGE for MS SQL SERVER and ORACLE

Scenario: 1 DBA, 200+ MSSQL instances (PM, VM), 1700+ MSSQL databases, version 2000-2016  10 Oracle machines(Windows, Linux, HPUX), 30 Oracle Databases. version 10g-12c to be able to manage such big amount of MSSQL and Oracle databases, an automatically monitored system is required to highlight only the instances/database to be checked every morning. Tool to be used: MSSQL, SSIS , SSAS, SSRS Data to be collected and analyzed Instance and Databases properties, hardware info, CPU, Memory, DiskIO, latency, waits, Part one: Design Database to store metric data
Read more