Forefront Process Checker

Forefront_Process_Checker (WriteActionModuleType)

Script to perform "critcial process" checks in Forefront.

Element properties:

Member Modules:

Overrideable Parameters:

Source Code:

<WriteActionModuleType ID="Forefront_Process_Checker" Accessibility="Internal" Comment="{F59AED0C-575A-43D3-B98A-FFF0459E91AF}">

  <Configuration>

    <IncludeSchemaTypes>

      <SchemaType>MomBackwardCompatibility!System.Mom.BackwardCompatibility.AlertGenerationSchema</SchemaType>

    </IncludeSchemaTypes>

    <xsd:element xmlns:xsd="http://www.w3.org/2001/XMLSchema" name="AlertGeneration" type="AlertGenerationType"/>

    <xsd:element xmlns:xsd="http://www.w3.org/2001/XMLSchema" name="InvokerType" type="xsd:integer"/>

    <xsd:element xmlns:xsd="http://www.w3.org/2001/XMLSchema" name="Parameters" minOccurs="0">

      <xsd:complexType>

        <xsd:sequence>

          <xsd:element name="Process" type="xsd:string" minOccurs="0"/>

          <xsd:element name="TextLog" type="xsd:string" minOccurs="0"/>

        </xsd:sequence>

      </xsd:complexType>

    </xsd:element>

  </Configuration>

  <OverrideableParameters>

    <OverrideableParameter ID="Process" Selector="$Config/Parameters/Process$" ParameterType="string"/>

    <OverrideableParameter ID="TextLog" Selector="$Config/Parameters/TextLog$" ParameterType="string"/>

  </OverrideableParameters>

  <ModuleImplementation>

    <Composite>

      <MemberModules>

        <WriteAction ID="RunScriptAction" TypeID="MomBackwardCompatibility!System.Mom.BackwardCompatibility.ScriptResponse">

          <AlertGeneration>$Config/AlertGeneration$</AlertGeneration>

          <InvokerType>$Config/InvokerType$</InvokerType>

          <Body><Script>



'*******************************************************************************************

'*

'* Function:

'* ---------          

'* $File: ForefrontProcessChecker.vbs $

'* $Revision: 4 $

'* 

'* Purpose: 

'* --------	       

'* Monitors Scan Job Processes by counting them to make sure the correct number are present

'*

'* Parameters:

'* ----------- 

'* Process

'* TextLog

'*

'* Parameter definitions: 

'* ----------------------

'* 1. Process =&gt; defines the name of the Scan Job process that is being monitored

'* 2. TextLog =&gt; defines whether this scripts logs entries to a text file under the local 

'* Forefront installation folder. Possible Values are true ; false

'*

'*******************************************************************************************





On Error Resume Next

Err.Clear

    

' Constant for controlling text file operations



Const FOR_READING = 1



'Registry Constants



Const HIVE = "HKEY_LOCAL_MACHINE\"

Const REG_KEY = "SOFTWARE\Microsoft\Forefront Server Security\"

Const NAME_KEY = "SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName\"



' Service Constants

FOREFRONT_CONTROLLER= "FSCController"

FOREFRONT_STORE = "FSEStore"

FOREFRONT_IMC = "FSEIMC"

EXCH_STORE = "MSExchangeIS"

TRANSPORT_SERV = "MSExchangeTransport"



' Error Constants

INSTALL_PATH_FAIL = 9501

INTERNET_COUNT_FAIL = 9520

REALTIME_COUNT_FAIL = 9521





Public ForefrontInstallPath



' Retrieve script parameters



ProcessParameter = ScriptContext.Parameters.Get("Process")

TextLogParameter =  ScriptContext.Parameters.Get("TextLog")





ForefrontInstallPath = RetrieveRegValue (REG_KEY &amp; "Exchange Server","InstalledPath", 1)

InstalledProduct = "Exchange Server"







If IsNull(ForefrontInstallPath) Then

	WriteMOMEvent "TASK ERROR: Unable To Retrieve Forefront for Exchange Installation Path", 1, INSTALL_PATH_FAIL

	ScriptContext.Quit

End If



If TextLogParameter = "true" then

	CreateLogFolder(ForefrontInstallPath)

End If



WriteLog "NULL"

WriteLog "Beginning Execution of ScanProcessMonitor Script to check status of " &amp; ProcessParameter



Select Case ProcessParameter

	Case "FSCTransportScanner.exe"

		ExchService = TRANSPORT_SERV

	Case "FSCRealtimeScanner.exe"

		ExchService = EXCH_STORE

End Select



ForefrontService=FOREFRONT_CONTROLLER



WriteLog "Waiting to check Forefront Service: " &amp; ForefrontService &amp; " and Exchange Server: " &amp; ExchService

If CheckServiceRunning (TextLogParameter, ForefrontService, ExchService) Then

    WriteLog "Waiting to check Scan Job Hook"

	If CheckScanJobHook(TextLogParameter, ProcessParameter) Then

	    WriteLog "Waiting to check Process Number"

		If ExpectedNumProcesses (ProcessParameter, InstalledProduct, NumSG) &lt;= ActualNumProcesses (ProcessParameter) Then

			WriteLog "Process Count OK"

		Else

			Select Case ProcessParameter

				Case "FSCTransportScanner.exe"

					WriteMOMEvent "MOM detected an FSCTransportScanner.exe process may have crashed due to an exception", 1, INTERNET_COUNT_FAIL

				Case "FSCRealtimeScanner.exe"

					WriteMOMEvent "MOM detected an FSCRealtimeScanner process may have crashed due to an exception", 1, REALTIME_COUNT_FAIL

			End Select

			WriteLog "Process Count Incorrect - Possible Process Failure"

		End If

	End If

End If



WriteLog "Finished Execution of ScanProcessMonitor Script"







'***********************************************************************

'*

'* Function:          ExpectedNumProcesses()

'* 

'* Purpose: Determines expected number of process instances

'*

'***********************************************************************



Function ExpectedNumProcesses (ProcessParameter, InstalledProduct, NumSG)





    On Error Resume Next

    Err.Clear



    If ProcessParameter = "FSCTransportScanner.exe" Then

	    ExpectedNumProcesses = RetrieveRegValue (REG_KEY &amp; InstalledProduct,"InternetProcessCount", 2)

	    WriteLog "InternetProcessCount RegKey=" &amp; ExpectedNumProcesses

    Else

	    ExpectedNumProcesses = RetrieveRegValue (REG_KEY &amp; InstalledProduct,"RealtimeProcessCount", 2) 

	    WriteLog "RealtimeProcessCount RegKey = " &amp; ExpectedNumProcesses

    End If



    WriteLog "Expected Number of " &amp; ProcessParameter &amp; " Processes = " &amp; ExpectedNumProcesses



End Function	





'***********************************************************************

'*

'* Function:          ActualNumProcesses()

'* 

'* Purpose: Determines actual number of process instances

'*

'***********************************************************************



Function ActualNumProcesses (ProcessParameter)





    On Error Resume Next

    Err.Clear



    i = 0



    Set refWMI = GetObject("winMgmts:")

    strQuery = "SELECT * FROM Win32_Process WHERE Name='" &amp; ProcessParameter &amp; "'"

    Set colProcesses = refWMI.ExecQuery(strQuery)



    For Each refItem In ColProcesses

	    i = i + 1

    Next



    Set refWMI = Nothing

    Set colProcesses = Nothing



    ActualNumProcesses = i

    WriteLog "Actual Number of " &amp; ProcessParameter &amp; " Processes = " &amp; ActualNumProcesses



End Function	



'***********************************************************************

'*

'* Function:          CheckScanJobHook()

'* 

'* Purpose: Checks corresponding process is running

'*

'***********************************************************************



Function CheckScanJobHook(TextLogParameter, ProcessParameter)



    On Error Resume Next

    Err.Clear



    EnableValue = RetrieveRegValue (REG_KEY &amp; InstalledProduct,"ForefrontEnabled", 2)   '



    If ProcessParameter = "FSCTransportScanner.exe" Then

	    If EnableValue = 2 or EnableValue = 3 Then

		    CheckScanJobHook = True

	    Else

		    CheckScanJobHook = False

	    End If

    End If



    If ProcessParameter = "FSCRealtimeScanner.exe" Then

	    If EnableValue = 1 or EnableValue = 3 Then

		    CheckScanJobHook = True

	    Else

		    CheckScanJobHook = False

	    End If

    End If



    If CheckScanJobHook Then

	    WriteLog "Scan Interface Active...Process Check Proceeding"

    Else

	    WriteLog "Scan Interface Inactive...Process Check Aborting"

    End If

	

End Function



'***********************************************************************

'*

'* Function:          CheckServiceRunning()

'* 

'* Purpose: Checks corresponding process is running

'*

'***********************************************************************



Function CheckServiceRunning (TextLogParameter, strService1, strService2)

    Dim refWMI

    Dim refService

    Dim refService2

    Dim refSecurity

    Dim colListOfServices

    Dim colListOfServices2

    

    On Error Resume Next

    Err.Clear



    WriteLog "Try to create WMI object."

    Set refWMI = GetObject("winMgmts:")



    If (IsNull(refWMI) or Err&lt;&gt;0 )  Then

        WriteLog "Unable to create WMI object."

        CheckServiceRunning=False  

    Else

        WriteLog "WMI object Create Successful."

        

        strQuery="Select * from Win32_Service where Name='"+strService1+"'"

        Set refService= null

        Err.Clear

        Set colListOfServices =refWMI.ExecQuery(strQuery)

        

        If (Err &lt;&gt; 0 or IsNull(colListOfServices))Then

	        WriteLog "ERROR: Could not connect to Service: " &amp; strService1 &amp;" Process Check Aborting"

	        Set colListOfServices=Nothing

	        Set colListOfServices=null

	        CheckServiceRunning=False

	    Else

	        WriteLog "Successful connect to Service: " &amp; strService1

    	    

	        For each refService in colListOfServices

    	    

	            WriteLog "Check status of Service: " &amp; refService.Name

    	  

                If refService.State = "Running" Then

                

                   WriteLog strService1 &amp;  " Service running...Process Check Proceeding"

        			           

	               If IsNull(strService2) Then

		                WriteLog strService1 &amp; " Service running...Process Check Proceeding"

		                CheckServiceRunning = True

	               Else

    	           

		                strQuery="Select * from Win32_Service where Name='"+strService2+"'"

		                Set refService= null

		                Err.Clear

                        Set colListOfServices2 =refWMI.ExecQuery(strQuery)

                        

		                If (Err &lt;&gt; 0 or IsNull(refService)) Then

	                        WriteLog "ERROR: Could not connect to Service: " &amp; strService2 + ".... Process Check Aborting"

	                        CheckServiceRunning=False

	                        Set colListOfServices2=Nothing

	                        set colListOfServices2=null

    	                                       

	                    Else

    	                

	                        For each refService2 in colListOfServices2

    	                    

	                            WriteLog "Successful connect to Service: " &amp; refService2.Name

		                        If refService2.State = "Running" Then

			                        WriteLog strService1 &amp; " and " &amp; strService2 &amp; " Service running...Process Check Proceeding"

			                        CheckServiceRunning = True

		                        Else

			                        WriteLog strService2 &amp; " Service not running...Process Check Aborting"

			                        CheckServiceRunning = False

		                        End If

    		                    

		                    Next

    		                    

        		            

		                End If

        		        

	                End If

	            Else

                    WriteLog strService1 &amp; " Service not running...Process Check Aborting"

	                CheckServiceRunning = False

                End If 

	        Next

            	

            

         End If

            

    End If

    

    Set refService=Nothing

    Set refWMI=Nothing

End Function





'***********************************************************************

'*

'* Function:           CreateLogFolder()

'* 

'* Purpose: Creates Log subfolder under Forefront

'*

'***********************************************************************



Function CreateLogFolder (ForefrontInstallPath)



    On Error Resume Next

    Err.Clear



    Dim objFSO

    set objFSO = CreateObject ("Scripting.FileSystemObject")



    If objFSO.FolderExists(ForefrontInstallPath &amp; "\MOMLogs") = 0 then

	    objFSO.CreateFolder(ForefrontInstallPath &amp; "\MOMLogs")

    End If



    Set objFSO = Nothing



End Function





'***********************************************************************

'*

'* Function:           WriteLog()

'* 

'* Purpose: Writes script activity and errors to a log file

'*

'***********************************************************************





Function WriteLog (strLogText)



    On Error Resume Next

    Err.Clear



    Dim objfs

    Dim objf

    Dim strTimeStamp



    If TextLogParameter = "true" Then



	    On Error Resume Next

	    Err.Clear



	    Set objfs = CreateObject("Scripting.FileSystemObject")

		    Set objf = objfs.OpentextFile(ForefrontInstallPath &amp; "\MOMLogs\" &amp; "Tasks.log", 8, False)





	    ' If log file doesn't exist - create it

	    If Err.Number &lt;&gt; 0 Then

  	    Set objf = objfs.CreatetextFile(ForefrontInstallPath &amp; "\MOMLogs\" &amp; "Tasks.log", False)

  	    Err.Clear

	    End If



	    If strLogText = "NULL" then

		    objf.WriteLine("")

	    Else

		    strTimeStamp = Date &amp; " " &amp; Time &amp; " "

		    objf.WriteLine(strTimeStamp &amp; strLogText)

	    End If

    End If



    Set objfs = Nothing

    Set objf = Nothing



End Function







'********************************************************************

'*

'* Function:           RetrieveRegValue

'* 

'* Purpose: Retrieves String Value from Registry

'*

'********************************************************************



Function RetrieveRegValue (Key, strValueName, intValueType)



    ' intValueType 	-&gt; 1 = String Value

    '		-&gt; 2 = DWORD Value

     

    const HKEY_LOCAL_MACHINE = &amp;H80000002

    Dim strServerName

    Dim objReg

    Dim strRegValue





    On Error Resume Next

    Err.Clear

    Set objReg=GetObject("winmgmts:\root\default:StdRegProv") 

    If Err.Number &lt;&gt; 0 Then

  	    Err.Clear

  	    strRegValue = NULL

    Else



	    Select Case intValueType

		    Case 1

			    strErr = objReg.GetStringValue (HKEY_LOCAL_MACHINE, Key, strValueName, strRegValue)

    				

		    Case 2

			    strErr = objReg.GetDWORDValue (HKEY_LOCAL_MACHINE, Key, strValueName, strRegValue)

    		

	    End Select



	    ' if reading the registry fails via wmi return error



	    If strErr &lt;&gt; 0 then

		    strRegValue = NULL

	    End If

    End If



    Set objReg = Nothing



    RetrieveRegValue = strRegValue



End Function





'***********************************************************************

'*

'* Function:           WriteMOMEvent()

'* 

'* Purpose: Writes events to MOM EventLog

'*

'***********************************************************************



Function WriteMOMEvent(EventMessage, EventType, EventNumber)



    On Error Resume Next

    Err.Clear

    Dim objEvt

    Set objEvt = ScriptContext.CreateEvent



    objEvt.Message = EventMessage

    objEvt.EventType = EventType

    objEvt.EventNumber = EventNumber

    ScriptContext.Submit(objEvt)



    set objEvt = Nothing



End Function



</Script></Body>

          <Language>VBScript</Language>

          <Name>Forefront Process Checker</Name>

          <Parameters>

            <Parameter>

              <Name>Process</Name>

              <Value>$Config/Parameters/Process$</Value>

            </Parameter>

            <Parameter>

              <Name>TextLog</Name>

              <Value>$Config/Parameters/TextLog$</Value>

            </Parameter>

          </Parameters>

          <ManagementPackId>[Microsoft.ForeFront.Exchange,,1.0.0.1]</ManagementPackId>

        </WriteAction>

      </MemberModules>

      <Composition>

        <Node ID="RunScriptAction"/>

      </Composition>

    </Composite>

  </ModuleImplementation>

  <InputType>SystemLibrary!System.BaseData</InputType>

</WriteActionModuleType>