PowerShell for Windows Admins


May 29, 2015  10:42 AM

IPAM: 2 Reading data

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Powershell

Once you have your IPAM server configured you can start to read the data its collected.

If you are working against a remote IPAM server than you need to create a CIM session to that machine before doing anything else.

$cs = New-CimSession -ComputerName W12R2SUS

You can discover the domain you’re working against

£> Get-IpamDiscoveryDomain -CimSession $cs | fl
Name           : manticore.org
DiscoverDc     : True
DiscoverDns    : True
DiscoverDhcp   : True
PSComputerName : W12R2SUS

The IPAM server configuration

£> Get-IpamConfiguration -CimSession $cs | fl
Version            : 6.3.0.1
Port               : 48885
ProvisioningMethod : Manual
GpoPrefix          :
HMACKey            : System.Security.SecureString
PSComputerName     : W12R2SUS

The servers – DHCP, DNS and DCs that IPAM is aware of:

£> Get-IpamServerInventory -CimSession $cs
RecommendedAction   : IPAM Access Unblocked
ManageabilityStatus : Managed
IPAMAccessStatus    : Unblocked
ServerType          : {DC, DNS, DHCP}
ServerName          : server02
Name                : server02.Manticore.org
DnsSuffix           : Manticore.org
DomainName          : manticore.org
ServerStatus        : NoChange
DataRetrievalStatus : Completed
IPv4Address         : {10.10.54.201}
IPv6Address         :
PSComputerName      : W12R2SUS

The address space

£> Get-IpamAddressSpace -CimSession $cs
Name                           : Default
Type                           : ProviderAddressSpace
Owner                          :
Description                    : Default Provider IP Address Space
AssociatedProviderAddressSpace :
Tenant                         :
VMNetwork                      :
IsolationMethod                :
Ipv4PercentageUtilized         : 3.44827586206896
Ipv6PercentageUtilized         : 0
CustomConfiguration            :
PSComputerName                 : W12R2SUS

Individual subnets

£> Get-IpamSubnet -CimSession $cs -AddressFamily IPv4
Name                 : 10.10.54.0/24
NetworkId            : 10.10.54.0/24
NetworkType          : NonVirtualized
Overlapping          : False
NetworkSite          :
VmmLogicalNetwork    :
ProviderAddressSpace : Default
CustomerAddressSpace :
VlanId               :
Owner                :
PSComputerName       : W12R2SUS

and the address ranges for those subnets

£> Get-IpamRange -CimSession $cs -AddressFamily IPv4
Overlapping      : False
NetworkID        : 10.10.54.0/24
StartIPAddress   : 10.10.54.2
EndIPAddress     : 10.10.54.30
ManagedByService : MS DHCP
ServiceInstance  : server02.Manticore.org
NetworkType      : NonVirtualized
Owner            :
PSComputerName   : W12R2SUS

 

 

May 28, 2015  1:39 PM

Copy files over PS remoting sessions

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Powershell

One neat feature of the April 2015 WMF 5.0 preview is that you can copy files over a remoting session.

First create a session to a remote machine

$cs = New-PSSession -ComputerName W12R2SUS

 

Define the source and destination for the copy.  Use –ToSession to determine the remoting session you will use to determine the remote machine

Copy-Item -Path C:\Source\test.csv -Destination C:\Source\test.csv -ToSession $cs

 

You use –FromSession to copy from a remote machine

Copy-Item -Path C:\Source\srv.csv -Destination C:\Source\srv.csv -FromSession $cs

 

What you can’t do is copy from one session to another

$cs2 = New-PSSession -ComputerName server02

£> Copy-Item -Path C:\Source\*.csv -Destination C:\Source\ -FromSession $cs2 -ToSession $cs
Copy-Item : ‘-FromSession’ and ‘-ToSession’ are mutually exclusive and cannot be specified at the same time.


May 27, 2015  12:30 PM

PowerShell Summit Europe 2015 – – sold out

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Powershell

The PowerShell Summit Europe 2015 is sold out.  Please be aware that we don’t maintain a waiting list as the Summit is a benefit of  PowerShell Association membership


May 21, 2015  1:30 PM

IPAM: 1 Installation and configuration

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

IPAM stands for IP Address Management. It’s a feature in Windows Server 2012 R2 that enables you manage your DHCP and DNS servers as a whole rather than at the individual service or server level.

Installation of IPAM follows the standard approach for any Windows feature. Note that you can install IPAM on a Domain Controller but it won’t configure. IPAM is designed to be installed on a member server.

Full details on deploying IPAM server are available from here https://technet.microsoft.com/en-us/library/hh831353.aspx

I’m not going to run through the full deployment and configuration – just point out some issues and where you can use PowerShell to make things easier.

Once the IPAM feature is installed you have to provision the IPAM server. There isn’t a separate MMC for IPAM admin – you use Server Manager.  Provisioning an IPAM server can be done manually or by GPO.  Manual seemed best for lab/experiment/initial set up as can’t swap from GPO to manual. You can use Windows Internal Database (WID) or SQL Server – I used WID.

You then need to configure your DHCP servers, DNS servers and domain controllers. This involves a number of group membership changes, firewall rule changes and a registry setting.

Create a group called IPAMUG and add the IPAN server into it.

New-ADGroup -Name IPAMUG -DisplayName IPAMUG -SamAccountName IPAMUG    -Description ‘IPAM management group’ -GroupCategory Security -GroupScope Universal

Add-ADGroupMember -Identity IPAMUG -Members (Get-ADComputer -Identity W12R2SUS)

Add IPAMUG to a number of groups

Add-ADGroupMember -Identity ‘Event Log Readers’ -Members (Get-ADGroup -Identity IPAMUG)

Add-ADGroupMember -Identity ‘DHCP Users’ -Members (Get-ADGroup -Identity IPAMUG)

Add-ADGroupMember -Identity ‘DNSAdmins’ -Members (Get-ADGroup -Identity IPAMUG)

I also found I had to add the IPAM server to the domain Administrators group to get the DNS data to come through.

Modify some firewall rules

$cs = New-CimSession -ComputerName W12R2SCDC01

Enable-NetFirewallRule  -DisplayName ‘Remote Service Management (RPC)’ -CimSession $cs -PassThru
Enable-NetFirewallRule  -DisplayName ‘Remote Service Management (NP-In)’ -CimSession $cs -PassThru
Enable-NetFirewallRule  -DisplayName ‘Remote Service Management (RPC-EPMAP)’ -CimSession $cs -PassThru

Get-NetFirewallRule -DisplayGroup ‘Remote Service Management’ -CimSession $cs |
ft  DisplayName, Enabled, Direction,Profile –a

There are a bunch of firewall rules that need setting. You can find the full list in the TechNet documentation.

For DHCP servers create an audit share

New-SmbShare -Name dhcpaudit -Path ‘C:\Windows\System32\dhcp’ -ReadAccess ‘manticore\IPAMUG’
Set-SmbShare -Name dhcpaudit -Description ‘DHCP audit share for IPAM’ -Force

## restart DHCP service
Get-Service -Name DHCPServer | Restart-Service -PassThru

Enable event log monitoring on the DNS servers

$csd = Get-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\Services\EventLog\DNS Server’ -Name CustomSD |
select -ExpandProperty CustomSD
$ipamsid = (Get-ADComputer -Identity W12R2SUS | select -ExpandProperty SID).value
$csd = $csd + “(A;;0x1;;;$ipamsid)”
Set-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\Services\EventLog\DNS Server’ -Name CustomSD -Value $csd –PassThru

I also had to manually add the IPAMUG group into the security permissions for the DNS servers. Didin’t seem to be a way to automate that bit.

IPAM has a PowerShell module – IpamServer – which contains lots of cmdlets:

Add-IpamAddress
Add-IpamAddressSpace
Add-IpamBlock
Add-IpamCustomField
Add-IpamCustomFieldAssociation
Add-IpamCustomValue
Add-IpamDiscoveryDomain
Add-IpamRange
Add-IpamServerInventory
Add-IpamSubnet
Disable-IpamCapability
Enable-IpamCapability
Export-IpamAddress
Export-IpamRange
Export-IpamSubnet
Find-IpamFreeAddress
Get-IpamAddress
Get-IpamAddressSpace
Get-IpamAddressUtilizationThreshold
Get-IpamBlock
Get-IpamCapability
Get-IpamConfiguration
Get-IpamConfigurationEvent
Get-IpamCustomField
Get-IpamCustomFieldAssociation
Get-IpamDatabase
Get-IpamDhcpConfigurationEvent
Get-IpamDiscoveryDomain
Get-IpamIpAddressAuditEvent
Get-IpamRange
Get-IpamServerInventory
Get-IpamSubnet
Import-IpamAddress
Import-IpamRange
Import-IpamSubnet
Invoke-IpamGpoProvisioning
Invoke-IpamServerProvisioning
Move-IpamDatabase
Remove-IpamAddress
Remove-IpamAddressSpace
Remove-IpamBlock
Remove-IpamConfigurationEvent
Remove-IpamCustomField
Remove-IpamCustomFieldAssociation
Remove-IpamCustomValue
Remove-IpamDhcpConfigurationEvent
Remove-IpamDiscoveryDomain
Remove-IpamIpAddressAuditEvent
Remove-IpamRange
Remove-IpamServerInventory
Remove-IpamSubnet
Rename-IpamCustomField
Rename-IpamCustomValue
Set-IpamAddress
Set-IpamAddressSpace
Set-IpamAddressUtilizationThreshold
Set-IpamBlock
Set-IpamConfiguration
Set-IpamCustomFieldAssociation
Set-IpamDatabase
Set-IpamDiscoveryDomain
Set-IpamRange
Set-IpamServerInventory
Set-IpamSubnet
Update-IpamServer

Now I’ve got my IPAM server up and running its time to see what I can do with it

 

 


May 18, 2015  7:58 AM

PowerShell Summit Europe 2015–nearly sold out

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Powershell

There are a handful of places left for the PowerShell Summit Europe 2015. If you want to secure a place I recommend that you book very soon as we can’t extend capacity any further.


May 15, 2015  11:56 AM

Playing with the range operator

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Powershell

The range operator allows you to reference a range of numbers

1..10

is equivalent to

1,2,3,4,5,6,7,8,9,10

If you want anything other than numbers you’re stuck as the range operator only works with integers

though you can have a decrementing list

10..1

65..74 | foreach {[char]$psitem}

would be A – J

If you want A-Z

65..90 | foreach {[char]$psitem}

For lowercase letters (a – z)  use

97..122 | foreach {[char]$psitem}

You can even work from an array of values

$data = ‘value1′,’value2′,’value3′,’value4′,’value5′,’value6′,’value7′,’value8′,’value9′,’value10′

$data[3..6]
$data[6..3]


May 7, 2015  3:35 AM

PowerShell DSC for Linux

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
CIM, Powershell

PowerShell DSC for Linux has moved out of CTP and v1 is available for download from http://www.microsoft.com/en-us/download/details.aspx?id=46919

You will find more details at http://blogs.msdn.com/b/powershell/archive/2015/05/06/powershell-dsc-for-linux-is-now-available.aspx

You will need to download OMI version 1.0.8-1 which is available from https://collaboration.opengroup.org/omi/documents.php?action=show&dcat=&gdid=32721

OMI has to be installed on the Linux box before the DSC package

A useful getting started guide is available https://technet.microsoft.com/en-us/library/mt126211.aspx

I demonstrated DSC for Linux at the recent PowerShell Summit NA 2015

https://www.youtube.com/watch?v=X5igUenOJiU&index=30&list=PLfeA8kIs7CochwcgX9zOWxh4IL3GoG05P

though things have changed a bit since I built that demo environment using the DSC for Linux CTP. I’m going to rebuild my Linux box with the new bits and give it a whirl.

Being able to manage Windows and Linux environments through the same techniques, and in some cases the same DSC configurations is a big step forward


May 6, 2015  7:08 AM

WMF 5.0 April 2015 preview – – software inventory logging

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Powershell

A software inventory module is now included with the April 2015 WMF 5.0 preview

£> Get-Command -Module SoftwareInventoryLogging | select Name

Name
—-
Get-SilComputer
Get-SilComputerIdentity
Get-SilData
Get-SilLogging
Get-SilSoftware
Get-SilUalAccess
Get-SilWindowsUpdate
Publish-SilData
Set-SilLogging
Start-SilLogging
Stop-SilLogging

Windows updates are always a good place to start poking into your systems

£> Get-Command Get-SilWindowsUpdate -Syntax

Get-SilWindowsUpdate [[-ID] <string[]>] [-CimSession <CimSession[]>]
[-ThrottleLimit <int>] [-AsJob] [<CommonParameters>]

£> Get-SilWindowsUpdate
ID          : KB3055381
InstallDate : 4/30/2015

etc

The parameters for Get-SilWindowsUpdate look like those I’d expect from a CDXML module. Inspection of C:\Windows\System32\WindowsPowerShell\v1.0\modules\SoftwareInventoryLogging\

shows  a number of cdxml files

MsftSil_Computer.cdxml
MsftSil_ComputerIdentity.cdxml
MsftSil_Data.cdxml
MsftSil_ManagementTasks.psm1
MsftSil_Software.cdxml
MsftSil_UalAccess.cdxml
MsftSil_WindowsUpdate.cdxml
Msft_MiStreamTasks.cdxml

The WMF 5,0 release notes supply a link to further data of software inventory logging – interestingly its flagged as a Windows Server 2012 R2 page.

Trying the cmdlet against a Windows Server 2012 R2 system running WMF 4.0 (with the November 2014 roll up)

$cs = New-CimSession -ComputerName W12R2SUS
Get-SilWindowsUpdate -CimSession $cs

£> Get-SilWindowsUpdate -CimSession $cs
ID             : KB3006193
InstallDate    : 1/5/2015
PSComputerName : W12R2SUS

etc

This means the class is on our Windows Server 2012 R2 box so we could use it directly

£> Get-CimInstance -Namespace root/InventoryLogging -ClassName  MsftSil_WindowsUpdate | Format-Table -a

ID                  InstallDate                                PSComputerName
—                   ———–                                 ————–
KB3006193 1/5/2015 12:00:00 AM
KB2894856 9/14/2014 12:00:00 AM

etc

This module supplies a useful way to find out the software installed on our systems – I’ll be digging into this over a few more posts


May 5, 2015  12:44 PM

WMF 5.0 April 2015 preview – – creating guid

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Powershell

Creating a GUID has always been possible with PowerShell – you just had to drop into .NET

£> [System.Guid]::NewGuid()

Guid
—-
46c130ca-39ff-463c-b7fb-ed728a1c134f

With the latest WMF 5.0 preview life gets easier:

£> Get-Command New-Guid -Syntax

New-Guid [<CommonParameters>]

£> New-Guid

Guid
—-
112866a5-1662-4265-b851-f9086607bcb2

The New-Guid cmdlet happily creates a GUID for you – and you don’t have to remember the >NET syntax.

If you want the GUID in a variable as a string

£> $guid = New-Guid | select -ExpandProperty Guid
£> $guid
5c832d40-0ea4-4b42-b0bd-b228da008c9d


May 1, 2015  4:30 AM

WMF 5.0 April 2015 preview – – Format-Hex

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Powershell

Have you ever needed to generate a hex representation of a string or binary data?

Say you have a string – ‘PowerShell Rocks’

And you want to go the hex representation which is

50 6f 77 65 72 53 68 65 6c 6c 20 52 6f 63 6b 73

You would have to do something like this

$hexary = @()
$chars = ‘PowerShell Rocks’ -split ”

foreach ($char in $chars) {
if ($char -ne ”) {
$hexary += [convert]::ToString(([byte][char]$char),16)
}
}

$hexary -join ‘ ‘

Split the string into an array of strings each of a single character. If the string is not empty convert it to a [char] then a [byte] and finally a string formatted as hex.

The April 2015 WMF 5.0 preview simplifies that process

£> ‘PowerShell Rocks’ | Format-Hex
00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F

00000000   50 6F 77 65 72 53 68 65 6C 6C 20 52 6F 63 6B 73  PowerShell Rocks

You can also view binary files such as Word documents in .doc format


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: