Meet Scripting's Everyman

IT veteran Tory Skyers explains his "get-it-done" approach to Windows scripting


While Microsoft points toward Windows PowerShell as the next generation of Windows scripting, most systems and network administrators and IT managers are more concerned with getting today's tasks done by using the tools at hand--writing scripts by using Windows batch files or VBScript. IT pro Tory Skyers, a network administrator for Prudential Fox & Roach, Realtors (an independently owned and operated member of The Prudential Real Estate, Affiliates, Inc.) is a longtime scripter who's written dozens of scripts to automate many aspects of Windows administration, such as deployments and end-user PC backup and restore. Although Tory calls his scripts "hamfisted," inelegant or not, they've done a lot of useful work and made his job easier. In a recent conversation with Senior Editor Anne Grubb, Tory talked about his passion for scripting and some of the scripts he's written to help manage the 1500-plus-machine IT environment he oversees.

You're basically an all-around IT person. What sparked your interest in scripting?

I started scripting on a Commodore 64 when I was about 10 years old, although I didn't know then that it was scripting. Later I got into OS/2 and REXX, and now I write primarily VBScript and also some bash shell \[Linux\] scripts. But what really got me going was Windows IT Pro 's scripting CD. We have something from your publications, or from someone who contributed to the magazine, in just about every one of our scripts. Most of what I write is straight-up, play-with-it-'til-it-works scripting. A lot of it comes from the community-- Windows IT Pro, resources I find on Google--which I customize to fit the task.

Talk about some of the scripts you've written to automate IT tasks.

Well, the one I'm most proud of--because it took forever to write--is what I call a computer-finishing script. We don't use Microsoft infrastructure to deploy images, so I built a script that imports registry entries to change particular aspects of applications, install applications, and put shortcuts on the desktop, then launches our antivirus installation and inventory applications and joins the machine to a domain, all before the machine gets deployed. We used this script for about a year until we started using another imaging system.

Another script that I use a lot is my "are you alive" script. I manually use CSVDE to export a CSV file containing the names of computers in the domain from Active Directory (AD) and copy it into a text file. (I'd like to use DSFind or's AdFind to export from AD, but I haven't gotten around to that yet.) Then the script pings every computer that's in the CSV file and writes the output to either an "alive" or a "dead" file. It tells me whether or not a machine is active, so I can query users who own inactive machines.

I've also written some backup scripts. The most interesting one uses PKZIP to back up the My Documents folder, email, and a few other things to a .zip file on a local system, then copies the .zip file to a network share, using the time and date of whenever you last ran the script as the \[backup\] filename. The user can either run the script manually or as a scheduled task. The restore script looks for the filenames, asks you which do you want to restore, and copies it either to the original destination or another destination that the user chooses. The really useful thing about this method is that the backup files are browsable--they're not in a proprietary format, as are other local backup solutions I've seen. You can just browse through the .zip file, double-click the document you want, and restore it.

Are there some tasks you've found too complicated to script?

Enforcing policies and permissions. Windows environments typically grow organically; they're not really planned. You know, we need a domain... well, let's add a domain. When that happens, it gets harder for IT to enforce policies and manage Group Policy. To enforce policies, we use ScriptLogic's Active Administrator, which lets me apply permissions by using a template. I can create a template of a permission for a particular user, then apply individual templates to a group, and add users to the group. Removing the permission is as easy as turning off the template. The product also provides reports, so we can keep track of what permissions were set, and creates change logs that let you see every change you've made to an AD object.

What do you think of Windows PowerShell?

I downloaded it and took a look but haven't played with it enough. It's definitely a culture shock coming from Windows Script Host (WSH) and going to PowerShell, only because PowerShell does so much. With WSH, you had to find kludgy workarounds; it just lent itself to simplicity. With PowerShell, as a WSH scripter, I'm looking at it and wondering, where do I start? What's an object? What I'd like to see in Longhorn is something similar to the "script this" feature in SQL Server 2005 Management Studio's Generate SQL Server Scripts Wizard. It automatically creates a script of everything you've done via the Microsoft Management Console, and lets you go in and tweak the scripts to do what you need.

You seem to be the quintessential Windows scripter: You're resourceful about finding code to help you script a particular admin task, and you tweak those scripts and add your own code to fit your needs.

I don't know about "quintessential," but the rest fits me! I often wish, though, that I had time to go back and stick more features into the scripts I've written. But the fact is that once I've saved myself that initial block of time, I'm on to the next project that I've freed up time to do as a result of the script I just wrote!

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.