Faster Than Light – The Reboot Watcher Script

Foreword

Today I want to introduce you to one of my favorite scripts. With this script I can be sure that in daily business I also get those “short” server restarts (why every they just happen…), without having to rely on any monitoring solution.

Especially nowadays, server restarts are usually so fast that modern monitoring solutions would have to be very fine-tuned to report this immediately.

Most of the time, however, this is not the case and monitoring solutions are configured so that they only report after a certain time, which is also understandable, since otherwise every short CPU spike would trigger a message immediately.

In any case, in the past I often had the experience that I connected to a server and suddenly the beautiful, well-known message appeared according to the motto “Hello – I was restarted and now I’m back“, without anyone knowing about it.

Windows updates, virtual environments that smear or other jokes that happen and nobody knows about it.

At some point this number of oddities was so high that I thought to myself – “Shouldn’t I be able to get everything as a system admin and am I really dependent on monitoring?”

The idea was born here. I will monitor my restarts myself and simply have everything sent to me directly via email.

And as always, this should be done with the least possible effort.




First of all – creating the Script

Ok, first we need to create the script we will deploy to all servers and put it into our Netlogon on our Domain Controllers to publish this globally.

So I created the “RebootWatcher.ps1” in the Netlogon. You can place this everywhere you want as long as you can access it from anywhere in your environment to publish this to all server.

Whats in the Script now?

As a good Powershell Designer you will start with the Script Description like

#Publisher: Tom's IT Blog
#Last Change: DateOfLastChange
#Description: Send a Mail Notification on Server Reboots to xxx@maildomain.com

#BEGIN SCRIPT


After that the Script can start with its few Code lines

$ServerName=$env:computername
$CurrentDate=Get-Date


And now we have nearly have it. Now we enter the “Send Mail” Code lines.

#SEND MAIL
$messageParameters = @{
Subject = "Server $ServerName was rebooted on $CurrentDate"
Body = "The Server $ServerName was rebooted. If you expected this reboot, please ignore this Mail."
From = "RebootWatcher@domain.com"
To = "TomsItBlog@domain.com"
SmtpServer = "mail.server@domain.com"
}
Send-MailMessage @messageParameters

#END SCRIPT


And all looks like this


The Second Shot – Deploying the Script with Group Policy Task and File Deployment

Ok, now we created the script. Now we need to deploy it to every Server. In my case I use Group Policy for such things since they are pretty fast and simple for such cases.

So you need to connect to your Group Policy Management Editor Console (directly on a Domain Controller or just with your Tools you are normally editing Group Policies).

In my case I use structured Group Policy Names and collect same Group Policies in I call it “Function Policies” where I just collect all Settings and Deploy it directly over Group Policy Preferences (I will talk about this Topic in another Blog Post in Future).


So it looks like this:

In my productive Environment I often need enforced Group Policies when I want to deploy Policies to every kind of object because of many layers of Organizational Units with blocked Group Policy Inheritance. But I would recommend to everyone not to “play” this like I do. 


I configured the Group Policy with default Settings, but, if you really want to, you can choose other Security Filtering or WMI Filtering.

Now to the fine configuration of the Group Policy Object.

First: Folder Deployment

Open your Group Policy and navigate to “Computer Configuration” – “Preferences” – “Windows Settings” – “Folders”

Now create a new Folder with Right-Click – “New” – “Folder”.

Fill it out like this

Now create another Folder and enter the information like:

And now you ask “Why Hidden? Why pushing out this Deployment to every computer?”. This is just in my case. I publish a few more Scripts to Clients and Server and I do not allow Client Computers to see hidden files. So this was the “easy way” to realize it. You can just change the Item Level Targeting under “Common” if you want to publish this folder more restricted to just Server or what you prefer.

Second: File Deployment


Now move to “Files” and create a new File with Right-Click – “New” – “File”

Fill out the information like:

And now move to “Common” – “Item-level targeting” and click on “Targeting…”

Specify the information you wish to filter the script deployment. In my case it is:

Third: Scheduled Task Deployment


As last step in the Group Policy Task Deployment is to deploy the Scheduled Task itself.

Move to “Computer Configuration” – “Preferences” – “Control Panel Settings” – “Scheduled Tasks”

Create a new Scheduled Task (At least Windows 7) and fill it with the following information:

General Tab

Triggers Tab

Actions Tab

Conditions Tab

Settings Tab

Common Tab

And now you are good to go. Now you can move to Part three, which is basically just testing.


All good things come in threes – Testing the Storm


At this point you can do it like you wish. Connect to a Server, do a gpupdate /force and reboot it to see if you are receiving Mails regarding the Server Reboot.

The Mail should look like this



Finishing Words


Thank you for reading my first Blog Post. If you wish to see more of them or if you want to see specific content just let me know in the comment section below. If you have any problems with the task above just let me know and I will explain it a bit better.


I hope I was able to help some IT Guys out there with my post.


If you like this post please support me and share this to other Administrators.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

code