PoshCode Archive  Artifact Content

Artifact bdfb2367d8c8d81a91745b7f53f773b6c3e82b3d2190d5cca3bc2619d0063021:

  • File sophos_mrupdate.ps1 — part of check-in [c5d9dbd836] at 2018-06-10 13:21:23 on branch trunk — A script for updating the message relay server used by a Sophos client. (user: tojo2000 size: 4639)

# encoding: ascii
# api: powershell
# title: sophos_mrupdate.ps1
# description: A script for updating the message relay server used by a Sophos client.
# version: 0.1
# type: script
# author: tojo2000
# license: CC0
# x-poshcode-id: 3160
# x-archived: 2012-01-15T04:48:54
# x-published: 2012-01-10T17:05:00
#
#
<#
.SYNOPSIS
   Updates the Sophos Message Relay configuration.
.DESCRIPTION
   Points the local Message Router service to a new parent relay server.
.PARAMETER mrinit
   The mrinit.conf file to use.
.PARAMETER loglevel
   The current loglevel (used by the Log function).  
   Defaults to 'information' (debug messages will not be printed).
   Valid values are 'debug', 'information', 'warning', and 'error'.
.EXAMPLE
   # Update settings using the configuration in the file AMW_mrinit.conf
   sophos_mrupdate.ps1 -mrinit AMW_mrinit.conf
#>
param([Parameter(Mandatory=$true)][string]$mrinit,
      [Parameter(Mandatory=$false)][string]$loglevel=1)

# LOGGING #####################################################################

# Set severity constants
$MSG_DEBUG = 0
$MSG_INFORMATION = 1
$MSG_WARNING = 2
$MSG_ERROR = 3
$MSG_SEVERITY = @('debug', 'information', 'warning', 'error')

if ($MSG_SEVERITY -notcontains $loglevel.ToLower()) {
  Write-Error ('Invalid loglevel!  ' +
               'Must be debug, information, warning, or error.')
  exit 1
} else {
  foreach ($index in (0..($MSG_SEVERITY.Count - 1))) {
    if ($MSG_SEVERITY[$index] -eq $loglevel) {
      $loglevel = $index
    }
  }
}

# Set configurable settings for logging
$LOG_FILE = 'c:\windows\temp\sophos_mrupdate.log'
$SMTP_TO = 'sophos-virusalerts@company.com'
$SMTP_SERVER = 'smtp.company.com'
$SMTP_SUBJECT = 'Sophos MRUpdate Error'
$SMTP_FROM = 'sophos-mrupdate@company.com'


function Log {
<#
.SYNOPSIS
   Writes a message to the Log.
.DESCRIPTION
  Logs a message to the logfile if the severity is higher than $loglevel.
.PARAMETER severity
   The severity of the message.  Can be Information, Warning, or Error.
   Use the $MSG_XXXX constants.
   Note that Error will halt the script and send an email.
.PARAMETER message
   A string to be printed to the log.
.EXAMPLE
   Log $MSG_ERROR "Something has gone terribly wrong!"
#>
  param([Parameter(Mandatory=$true)][int]$severity,
        [Parameter(Mandatory=$true)][string]$message,
        [Parameter()][switch]$sendmail)

  if ($severity -ge $loglevel) {
    $timestamp = Get-Date -Format 'yyyy-MM-dd hh:mm:ss'
    $output = ("$timestamp`t$($env:computername)`t" +
               "$($MSG_SEVERITY[$severity])`t$message")
    Write-Output $output >> $LOG_FILE


    if (($severity -ge $MSG_ERROR) -or $sendmail) {
      Send-MailMessage -To $SMTP_TO `
                       -SmtpServer $SMTP_SERVER `
                       -Subject "$SMTP_SUBJECT on $($env:computername)" `
                       -Body $output `
                       -From $SMTP_FROM
      exit 1
    }
  }
}


# MAIN ########################################################################

# The path to the Remote Management System files
$CURRENT_PATH = $pwd
$RMS_PATH = 'C:\Program Files (x86)\Sophos\Remote Management System\'

if (-not (Test-Path $RMS_PATH)) {
  $RMS_PATH = 'C:\Program Files\Sophos\Remote Management System\'
  
  if (-not (Test-Path $RMS_PATH)) {
    Log $MSG_ERROR "The path '$RMS_PATH' could not be found!"
  }
}

#Copy over the new mrinit.conf file
Log $MSG_DEBUG "Copying file '$mrinit'..."

if (Test-Path ".\$mrinit") {
  try {
    Copy-Item -Path ".\$mrinit" -Destination ($RMS_PATH + 'mrinit.conf') -Force
  } catch {
    LOG $MSG_ERROR "Unable to copy $mrinit to the RMS directory!" 
  }
} else {
  LOG $MSG_ERROR "File '$mrinit' missing!  Check the SCCM package."
  exit 1
}

Log $MSG_DEBUG "Changing directory to $RMS_PATH..."
cd $RMS_PATH

# Get the backup copies of mrinit.conf out of the way.  For some reason
# RMS will inexplicably use the backup copy instead of the new one if you don't
Log $MSG_DEBUG 'Renaming mrinit.conf.orig to mrinit.conf.orig.old'

try {
  Rename-Item '.\mrinit.conf.orig' '.\mrinit.conf.orig.old' `
              -Force `
              -ea SilentlyContinue
} catch {
  Log $MSG_ERROR "Unable to rename the file 'mrinit.orig'!"
}

# This is the command that actually grabs the new mrinit.conf file and makes
# the important updates to the system.
.\ClientMRInit.exe

# Let's restart the Message Router
net stop "Sophos Message Router"
net start "Sophos Message Router"

cd $CURRENT_PATH
# Voila!  We're done.