PowerShell for Windows Admins


September 15, 2016  2:20 PM

Deadline for proposal submissions fast approaching

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Powershell

The deadline for proposal submissions for the 2017 PowerShell and DevOps Global Summit is fast approaching.

A list of possible topics is available here

https://powershell.org/2016/09/06/nearing-last-call-for-powershell-summit-topic-proposals-topic-ideas/

as well as the original call for topics

https://powershell.org/2016/08/01/powershell-and-devops-global-summit-2017-call-for-topics/

If you do decide to submit session proposals please submit multiple proposals. if we can get a speaker who’ll deliver 2 good sessions they’re more likely to be accepted

September 14, 2016  1:29 PM

How many domain admins do you need?

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
IT security

I was working on a book chapter this afternoon and  something I was reading made me  stop and think for a moment. How many people are members of your domain admins group – or even worse the enterprise admins or schema admins groups.

Many of the organisations where I’ve reviewed their AD have 15, 20, 50 or even 70 people in the domain admins group – this is for a single domain!

Is this necessary?

Most often the answer is no, no and no again.

Way back in NT times you had to be a domain admin to do practically any administration. Now things are different.

You can be much more granular in assigning permissions  -remember the principal of least privilege – there a a whole raft of groups for administering facets of your environment.

You can use tools like JEA and PowerShell to delegate permissions rather than lumping everyone in domain admins

In this day and age there is no excuse for having a domain admins group with huge numbers of members unless you prescribe to the “that’s how we’ve always done it” school of thought. If you do then expect problems sooner rather than later


September 5, 2016  6:29 AM

using help proactively

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Powershell

I was reading a thread on the forum about using a particular cmdlet and it occurred to me that the person posing the question hadn’t actually looked at the help file for the cmdlet.

One of the first things I do when coming across a new cmdlet – either in some code or when I need to perform a new task – is to read the FULL help file for the cmdlet.

Either

Get-Help Get-Process –Full

or

Get-Help Get-Process –Online

The online version tends to be updated quicker than the downloadable version.

Two areas to concentrate on.

The parameter list shows you what parameters are available, the input and relevant information

The examples section is possibly the most useful as you’ll find how you can actually use the cmdlet.

The detailed description and notes a re worth a read – especially for a cmdlet you’ve not used before

Think about the PowerShell experts you’ve come across. How did they get to be experts? A lot of it was reading the help files.


September 3, 2016  12:14 PM

Open source PowerShell and OMI

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
CIM, Open source, Powershell

OMI – the Open Source CIM server is available on github

https://github.com/Microsoft/omi

This appears to be a later version than currently shown on the open group web site

Combine this with open source PowerShell

https://github.com/PowerShell/PowerShell

and the DSC on Linux

https://github.com/Microsoft/PowerShell-DSC-for-Linux

And you have your basis for managing Linux machines


September 1, 2016  6:31 AM

Does Microsoft hate wireless?

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Windows 10, Windows Server 2016

Not having a lot of success with Windows new builds and wireless adapters this year.

First off Windows 2016 TP5 didn’t work with wireless – needed to install a patch to get it working. It still drops the connection when machine is powered down but while a pain is easy to remedy.

Windows 10 preview build 14195 appeared yesterday. Installed it and my wireless adapter stopped working. Looks to be a similar issue to Windows 2016 – oops.  In this case just rolled back to the previous build

What’s really funny about the Windows 10 issue is that I’m using a Surface Pro 2 built by – wait for it – Microsoft. So a Microsoft OS kills Microsoft hardware. I’ve seen this in the past with OS/2 and IBM kit but thought we were past those sort of errors


August 31, 2016  3:11 PM

DevOps and IT fashions

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
DevOps

DevOps is the latest IT fashion.

That statement is more than likely viewed as a heresey by many people in IT. A few years ago Cloud could have been the first word in the sentence and a few years before that virtualisation.

IT has a long history of jumping on band wagons and deciding that X is the solution to all our problems.

The reality is that sometimes it is and sometimes it just isn’t.

Many people state that in a DevOps environment  your servers become throw away objects because you have to  rebuild them so fast to keep up with application changes.

Really

With some applications this is perfectly true and a DevOps infrastructure as code/continuous delivery mechanism is exactly what you need to rebuild every week, every day or even every hour.

Do I want to rebuild my mail servers on that schedule? What about database servers, your CRM system or your big file servers.

No thanks I’ll rebuild those when I need to.

DevOps has some great concepts and the PRINCIPLES of DevOps should be absorbed by every IT department but that doesn’t mean you treat every server the same and treat as expendable.

Some servers really are special and need a more traditional approach


August 31, 2016  12:01 PM

Windows 10 updates

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
Windows 10

With the anniversary update delivered the Windows 10 development carries on with new updates becoming available – now up to build 14915

Not much in the way of PowerShell goodies though  🙁


August 31, 2016  10:02 AM

Access functions

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I had a request for the Access functions I wrote about in this post

https://richardspowershellblog.wordpress.com/2009/12/18/access-functions/

They are now available from

https://onedrive.live.com/?id=43CFA46A74CF3E96%2179699&cid=43CFA46A74CF3E96


August 30, 2016  12:26 PM

Optimising WMI calls–part 3

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
CIM, Powershell, WMI

The next change just uses 1 call to get the disk information instead of 2

Measure-Command -Expression {

$srvs = ‘W16TP5TGT01’, ‘W16TP5TGT02′

for ($i=1; $i -le 150; $i++){

foreach ($srv in $srvs) {
$cs = New-CimSession -ComputerName $srv
$bootupMemory = Get-CimInstance -Query “SELECT * FROM Win32_OperatingSystem” -CimSession $cs
$cpuLoad = Get-CimInstance -Query “SELECT * FROM Win32_Processor” -CimSession $cs

$tSessions = Get-CimInstance -Query “SELECT * FROM Win32_TerminalService” -CimSession $cs

$sfilt = “Name=’imaservice’ OR Name=’mfcom’ OR Name=’cpsvc’ OR Name=’msmq'”
$reqserv = Get-CimInstance -ClassName Win32_Service -Filter $sfilt -CimSession $cs

$ima = $reqserv | where Name -eq ‘imaservice’
$mfcom = $reqserv | where Name -eq ‘mfcom’
$ctxPrintMgr = $reqserv | where Name -eq ‘cpsvc’
$msmqstatus = $reqserv | where Name -eq ‘msmq’

$dfilt = “Deviceid=’c:’ OR Deviceid=’D:'”
$drives = Get-CimInstance -ClassName Win32_Logicaldisk -Filter $dfilt -CimSession $cs

$cDrive = $drives | where deviceid -eq ‘c:’
$dDrive = $drives | where deviceid -eq ‘d:’
Remove-CimSession -CimSession $cs
}
}
}

Time now becomes

Days              : 0
Hours             : 0
Minutes           : 6
Seconds           : 36
Milliseconds      : 923
Ticks             : 3969235528
TotalDays         : 0.00459402260185185
TotalHours        : 0.110256542444444
TotalMinutes      : 6.61539254666667
TotalSeconds      : 396.9235528
TotalMilliseconds : 396923.5528

Not such a dramatic change but overall we’re now taking 26.4% less time to run the code.


August 30, 2016  11:41 AM

Optimising WMI calls–part 2

Richard Siddaway Richard Siddaway Profile: Richard Siddaway
CIM, Powershell, WMI

Last time we looked at using CIM sessions to make a set of WMI calls run quicker. This time we’ll reduce the number of calls.  I’m deliberately just reducing the number of calls to the Win32_Service class.  We’ll look at the disks another time

Our code becomes

Measure-Command -Expression {

$srvs = ‘W16TP5TGT01’, ‘W16TP5TGT02′

for ($i=1; $i -le 150; $i++){

foreach ($srv in $srvs) {
$cs = New-CimSession -ComputerName $srv
$bootupMemory = Get-CimInstance -Query “SELECT * FROM Win32_OperatingSystem” -CimSession $cs
$cpuLoad = Get-CimInstance -Query “SELECT * FROM Win32_Processor” -CimSession $cs

$tSessions = Get-CimInstance -Query “SELECT * FROM Win32_TerminalService” -CimSession $cs

$sfilt = “Name=’imaservice’ OR Name=’mfcom’ OR Name=’cpsvc’ OR Name=’msmq'”
$reqserv = Get-CimInstance -ClassName Win32_Service -Filter $sfilt -CimSession $cs

$ima = $reqserv | where Name -eq ‘imaservice’
$mfcom = $reqserv | where Name -eq ‘mfcom’
$ctxPrintMgr = $reqserv | where Name -eq ‘cpsvc’
$msmqstatus = $reqserv | where Name -eq ‘msmq’

$cDrive = Get-CimInstance -Query “SELECT * FROM Win32_Logicaldisk WHERE deviceid=’c:'” -CimSession $cs
$dDrive = Get-CimInstance -Query “SELECT * FROM Win32_Logicaldisk WHERE deviceid=’d:'” -CimSession $cs
Remove-CimSession -CimSession $cs
}
}
}

The change is to create a filter that pulls back JUST the services we want. Use that to create a collection of Win32_Service objects and then populate the variables with the required service data

Time drops dramatically

Days              : 0
Hours             : 0
Minutes           : 6
Seconds           : 50
Milliseconds      : 133
Ticks             : 4101339515
TotalDays         : 0.0047469207349537
TotalHours        : 0.113926097638889
TotalMinutes      : 6.83556585833333
TotalSeconds      : 410.1339515
TotalMilliseconds : 410133.9515

Total time goes from 539.42 seconds to 410.13 seconds.  That’s reduced the time by 23.96%

These are just simple coding changes remember- we’re not performing any clever parallel processing here


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: