PowerShell for Windows Admins


August 31, 2013  6:16 AM

Travelling devices

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Disclaimer: The following is based on my personal experiences and needs that may well not match yours. Feel free to disagree with my conclusions. I offer my insights to help others decide on the devices that suit them.

I’ve been using a number of devices over the last six months or so and found they all have problems. They have seemed to settle into niches though.

Microsoft Surface RT.

The great thing about this is that it has the Microsoft Office installed. Complete versions of Word, Excel, PowerPoint and OneNote. The email client is reasonable – its the standard Windows 8 mail app. It also shares settings with my other Windows 8 devices. And best of all it has PowerShell installed. PowerShell is constrained and restricted but it is very useful. The fact that it has a full size USB port makes movign files between devices very easy. The stand is a brilliant idea that makes using it on a desk much more comfortable.

The aspect ratio is 16:9 rather than the more common 4:3 which makes using it as a reader a bit awkward. Its also too big to be used comfortably as an e-reader.

Mainly used for meetings, conferences and writing while travelling. I’ve written several chapters of my latest book on it and though the touch keyboard isn’t brilliant it is more than usable.

Number 1 choice for working.

Kindle Fire HD

This is my device of choice if I’m on holiday. Very good size as an e-reader and good email client. The apps are OK but the screen is too small to work on documents except for a quick skim read. The web browser is fast. Linking to my main laptop is easy through a USB cable which makes transferring files simple.

iPad

This is the least useful of all my devices. The Kindle app is flashy with the simulated page turning but it isn’t comfortable to hold for long periods. The fact that you have to link through itunes to move files around is a pain. It is useful reading technical books due to the screen size. The retina display that’s raved about doesn’t look any better to my eyes than any of the other devices. The email client is so-so. It still reports the number of unread messages incorrectly. The on screen keyboard isn’t very well laid out – especially the odd characters like # where you have to go to a third level. The web browser is so and unresponsive.

Apart from being another screen when researching through technical books its not used that much. Definitely the one I could live without.

The best e-reader of all for long distance flights/trains is still my simple Kindle device!

I still have a netbook that runs Windows 8. It’s used when I need a full Windows 8 device that’s got a small footprint.

August 30, 2013  11:09 AM

Filtering AD searches

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Interesting question came up regarding how you define a Filter when you are searching for particular users. With the Microsoft cmdlets you can define a filter or an ldapfilter.

In these examples we’re looking for users that don’t have email addresses. First lets look at a filter

PS> Get-ADUser -Filter {mail -notlike “*”} | select Name, objectclass | group objectclass -NoElement

Count Name
—– —-
776 user

The filter is looking for any user accounts that have a mail attribute that isn’t like any characters – in otherwords empty. The advantage of using the –Filter parameter is that the syntax is easy and is what you’re used to in other PowerShell cmdlets such as Where-Object.

The LDAP filters get a bit more complicated

PS> Get-ADUser -LDAPFilter “(&(objectCategory=user)(!mail=*))” | select Name, objectclass | group objectclass -NoElement

Count Name
—– —-
776 user

Same results but the filter is much more difficult to understand

“(&(objectCategory=user)(!mail=*))”

& means AND

! means NOT

so this reads as

objectcategory=user AND NOT(mail = anything)

The advantage to using an LDAP filter is that you can re-use it on the GUI tools or directorysearcher

You need to be careful if you use Get-ADObject instead of Get-ADUser. Using the same LDAPFilter as above is fine

PS> Get-ADObject -LDAPFilter “(&(objectCategory=user)(!mail=*))” | select Name, objectclass | group objectclass -NoElement

Count Name
—– —-
776 user

but if you change objectcategory to objectclass which seems reasonable you get very different results:

PS> Get-ADObject -LDAPFilter “(&(objectClass=user)(!mail=*))” | select Name, objectclass | group objectclass -NoElement

Count Name
—– —-
30 computer
776 user
2 msDS-ManagedServiceAcc…
1 msDS-GroupManagedServi…

Huh! – Computers?

This because computers, users and managed service accounts all derive from the same AD schema class – users BUT they have different objectcategories to separate them.

There’ll be a lot more on searching AD and LDAP filters in AD management in a month of lunches – www.manning.com/siddaway3


August 30, 2013  4:29 AM

Setting an IP address

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I need to add an IP address to an adapter. I could use the GUI or WMI but with Windows 8/2012 and above I’ve got all of the nifty networking cmdlets to play with.

Lets start with finding the adapter to use

PS>Get-NetAdapter

will show all of the adapters. Unlike ipconfig it only shows real NICs – thats physical and virtual but not stuff like “Tunnel adapter Teredo Tunneling Pseudo-Interface”

The one I’m interested in is

Name ifIndex Status
—- ——- ——
Connections 21 Up

You can find the IP addresses associated with this NIC

PS>Get-NetIPAddress -InterfaceIndex 21 -AddressFamily IPv4

IPAddress : 10.0.50.100
InterfaceIndex : 21
InterfaceAlias : Connections
AddressFamily : IPv4
Type : Unicast
PrefixLength : 24
PrefixOrigin : Manual
SuffixOrigin : Manual
AddressState : Preferred
ValidLifetime : Infinite ([TimeSpan]::MaxValue)
PreferredLifetime : Infinite ([TimeSpan]::MaxValue)
SkipAsSource : False
PolicyStore : ActiveStore

To add the IP address use:

New-NetIPAddress -InterfaceIndex 21 -AddressFamily IPv4 -IPAddress 10.0.18.100 -PrefixLength 24

Job done.

If you have to do this on a regular basis you can script finding the adapter and setting the IP address in one pass


August 29, 2013  3:03 PM

Protecting your csv files

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I’m using csv files for this example but it applies to other types of file as well. Let’s produce a csv file
Get-ChildItem -Path C:\Users\Richard\Documents -File |
select FullName, Length, LastWriteTime |
Export-Csv files.csv

This gives a small, useful set of data for the purposes of this post.
You can read the data back in:
Import-Csv .\files.csv

You have decided you need to keep a record of how these files are changing over time. You have further decided that you will create a csv file for each individual day you run the command. The individual files will carry the date as part of the name.
You can create the file name incorporating the date like this:
$file = “Files_$( (get-date -Format “s”).Split(“T”)[0]).csv”

Creating the csv file then becomes:
Get-ChildItem -Path C:\Users\Richard\Documents -File |
select FullName, Length, LastWriteTime |
Export-Csv $file

You can read the file using $file or its name
Import-Csv $file
Import-Csv Files_2013-08-29.csv

Ideally you only want to produce this file once a day and don’t want to overwrite an existing file. Rather than building your own checks you can use the –NoClobber parameter on Export-Csv. If you try to overwrite an existing file you will get an error:

£> Get-ChildItem -Path C:\Users\Richard\Documents -File | select FullName, Length, LastWriteTime | Export-Csv $file -NoClobber
Export-Csv : The file ‘C:\scripts\Files_2013-08-29.csv’ already exists.
At line:1 char:97
+ … astWriteTime | Export-Csv $file -NoClobber
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ResourceExists: (C:\scripts\Files_2013-08-29.csv:String) [Export-Csv], IOException
+ FullyQualifiedErrorId : NoClobber,Microsoft.PowerShell.Commands.ExportCsvCommand
The –Force parameter won’t override the -NoClobber
£> Get-ChildItem -Path C:\Users\Richard\Documents -File | select FullName, Length, LastWriteTime | Export-Csv $file -NoClobber -Force
Export-Csv : The file ‘C:\scripts\Files_2013-08-29.csv’ already exists.
At line:1 char:97
+ … astWriteTime | Export-Csv $file -NoClobber -Force
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ResourceExists: (C:\scripts\Files_2013-08-29.csv:String) [Export-Csv], IOException
+ FullyQualifiedErrorId : NoClobber,Microsoft.PowerShell.Commands.ExportCsvCommand

This technique is useful when you have automated processes producing your files. If the process can be run multiple times per day and you want to preserve the first set of data produced then use –NoClobber.
There are other cmdlets with a –NoClobber parameter:
£> get-help * -Parameter NoClobber

Name
—-
Import-Module
Export-Console
Export-Alias
Export-Clixml
Export-Csv
Export-FormatData
Out-File

-NoClobber isn’t infallible –for instance you could explicitly delete the file but it does add a useful level of protection.


August 29, 2013  1:22 PM

It’s the little things

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I’ve been spending some quality time with PowerShell 2.0 recently. When it was all we had it was great but there’s a bunch of things I miss from PowerShell 3.0 including:

CIM cmdlets
CIM sessions
Workflows
Module auto loading
Improved tab completion
PowerShell 3.0 ISE especially the combined input/output panes

Of them all it’s the last three that I really miss the most. You become accustomed to the new features and how they make your life easier. To quote “You don’t know what you’ve got ‘til it’s gone”.

So very true but you appreciate them more when you get back to using them.


August 29, 2013  12:26 PM

DNS zone types

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I was looking at the DNS zones for a project I’m working on. I needed to discover the conditional forwarder zone and hence the IP address of the DNS server to which the forwarding was occurring.

The zone I wanted had a ZoneType of 4 which puzzled me.

I remembered showing code to create a conditional forwarder in PowerShell in Practice (www.manning.com/siddaway)

$ip = “192.168.40.1”
$zone = [WMIClass]”\\dc02\root\MicrosoftDNS:MicrosoftDNS_Zone”
$zone.Create(“conditional.com”, 3, $true, $null, $ip)

When creating a conditional forwarder you use 3 for the zone type but when reading the zone you get a 4 as the zone type. Other zone types have similar differences

Primary zone (forward or reverse lookup) = create as type 0 and read as type 1

Stub zone = create as type 2 and read as type 3

This is another of the oddities that make WMI so much fun to work with. Easy when you know what’s happening but confusing when you don’t – just like so much with WMI. Does the W stand for Weird? :-)

The Windows Server 2012 DNS cmdlets make this sooooo much easier.


August 29, 2013  12:11 PM

AD Management MEAP–chapter 17

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

My Learn AD Management in a Month of Lunches is moving on apace with the release of chapter 17 to the Early Access Process. This one covers AD replication

www.manning.com/siddaway3

Enjoy


August 28, 2013  1:15 PM

International module

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The International module has an interesting set of cmdlets:
£> Get-Command -Module International | select Name

Name
—-
Get-WinAcceptLanguageFromLanguageListOptOut
Get-WinCultureFromLanguageListOptOut
Get-WinDefaultInputMethodOverride
Get-WinHomeLocation
Get-WinLanguageBarOption
Get-WinSystemLocale
Get-WinUILanguageOverride
Get-WinUserLanguageList
New-WinUserLanguageList
Set-Culture
Set-WinAcceptLanguageFromLanguageListOptOut
Set-WinCultureFromLanguageListOptOut
Set-WinDefaultInputMethodOverride
Set-WinHomeLocation
Set-WinLanguageBarOption
Set-WinSystemLocale
Set-WinUILanguageOverride
Set-WinUserLanguageList

£> Get-WinHomeLocation | fl *

GeoId : 242
HomeLocation : United Kingdom

£> Get-WinSystemLocale | fl *

Parent : en
LCID : 2057
KeyboardLayoutId : 2057
Name : en-GB
IetfLanguageTag : en-GB
DisplayName : English (United Kingdom)
NativeName : English (United Kingdom)
EnglishName : English (United Kingdom)
TwoLetterISOLanguageName : en
ThreeLetterISOLanguageName : eng
ThreeLetterWindowsLanguageName : ENG
CompareInfo : CompareInfo – en-GB
TextInfo : TextInfo – en-GB
IsNeutralCulture : False
CultureTypes : SpecificCultures, InstalledWin32Cultures, FrameworkCultures
NumberFormat : System.Globalization.NumberFormatInfo
DateTimeFormat : System.Globalization.DateTimeFormatInfo
Calendar : System.Globalization.GregorianCalendar
OptionalCalendars : {System.Globalization.GregorianCalendar, System.Globalization.GregorianCalendar}
UseUserOverride : True
IsReadOnly : False

Digging into the formats and calendars
£> Get-WinSystemLocale | select -ExpandProperty NumberFormat

CurrencyDecimalDigits : 2
CurrencyDecimalSeparator : .
IsReadOnly : False
CurrencyGroupSizes : {3}
NumberGroupSizes : {3}
PercentGroupSizes : {3}
CurrencyGroupSeparator : ,
CurrencySymbol : £
NaNSymbol : NaN
CurrencyNegativePattern : 1
NumberNegativePattern : 1
PercentPositivePattern : 1
PercentNegativePattern : 1
NegativeInfinitySymbol : -Infinity
NegativeSign : –
NumberDecimalDigits : 2
NumberDecimalSeparator : .
NumberGroupSeparator : ,
CurrencyPositivePattern : 0
PositiveInfinitySymbol : Infinity
PositiveSign : +
PercentDecimalDigits : 2
PercentDecimalSeparator : .
PercentGroupSeparator : ,
PercentSymbol : %
PerMilleSymbol : ‰
NativeDigits : {0, 1, 2, 3…}
DigitSubstitution : None

£> Get-WinSystemLocale | select -ExpandProperty DateTimeFormat

AMDesignator : AM
Calendar : System.Globalization.GregorianCalendar
DateSeparator : /
FirstDayOfWeek : Monday
CalendarWeekRule : FirstFourDayWeek
FullDateTimePattern : dd MMMM yyyy HH:mm:ss
LongDatePattern : dd MMMM yyyy
LongTimePattern : HH:mm:ss
MonthDayPattern : d MMMM
PMDesignator : PM
RFC1123Pattern : ddd, dd MMM yyyy HH’:’mm’:’ss ‘GMT’
ShortDatePattern : dd/MM/yyyy
ShortTimePattern : HH:mm
SortableDateTimePattern : yyyy’-’MM’-’dd’T’HH’:’mm’:’ss
TimeSeparator : :
UniversalSortableDateTimePattern : yyyy’-’MM’-’dd HH’:’mm’:’ss’Z’
YearMonthPattern : MMMM yyyy
AbbreviatedDayNames : {Sun, Mon, Tue, Wed…}
ShortestDayNames : {Su, Mo, Tu, We…}
DayNames : {Sunday, Monday, Tuesday, Wednesday…}
AbbreviatedMonthNames : {Jan, Feb, Mar, Apr…}
MonthNames : {January, February, March, April…}
IsReadOnly : False
NativeCalendarName : Gregorian Calendar
AbbreviatedMonthGenitiveNames : {Jan, Feb, Mar, Apr…}
MonthGenitiveNames : {January, February, March, April…}

£> Get-WinSystemLocale | select -ExpandProperty OptionalCalendars

MinSupportedDateTime : 01/01/0001 00:00:00
MaxSupportedDateTime : 31/12/9999 23:59:59
AlgorithmType : SolarCalendar
CalendarType : Localized
Eras : {1}
TwoDigitYearMax : 2029
IsReadOnly : False

MinSupportedDateTime : 01/01/0001 00:00:00
MaxSupportedDateTime : 31/12/9999 23:59:59
AlgorithmType : SolarCalendar
CalendarType : USEnglish
Eras : {1}
TwoDigitYearMax : 2029
IsReadOnly : False

And finally the language(s)
£> Get-WinUserLanguageList

LanguageTag : en-GB
Autonym : English (United Kingdom)
EnglishName : English
LocalizedName : English (United Kingdom)
ScriptName : Latin script
InputMethodTips : {0809:00000809}
Spellchecking : True
Handwriting : False

Now you know where to go to find the cultural and locale settings are configured. The big question though is do you use the Set-* cmdlets in this module to modify these settings? My suspicion is no because you would to modify a large number of settings to achieve consistency. The cmdlets may be useful for tweaking settings for particular tasks.


August 27, 2013  1:50 PM

Windows Error Reporting Cmdlets

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Windows Error Reporting (WER) captures software crash and hang data from Windows systems. The data is sent to Microsoft for analysis. The data captured by WER is used to identify those bugs that are affecting customers the most. Fixing those bugs benefits the whole Windows user community.

WER is an optional configuration during the installation of Windows and some other Microsoft products.

How can you tell if WER is configured on your machines?

Windows 8/2012 has a PowerShell module for working with WER configuration.

£> Get-Command -Module WindowsErrorReporting | select Name

You can view the current WER configuration:

£> Get-WindowsErrorReporting
Enabled

You can disable WER:

£> Disable-WindowsErrorReporting
True
£> Get-WindowsErrorReporting
Disabled

And you can enable WER:

£> Enable-WindowsErrorReporting
True
£> Get-WindowsErrorReporting
Enabled

These cmdlets are only available on Windows 8/2012 and above. The module is labelled as a script module but it is actually loaded as a dll so its unlikely to be portable to legacy versions of Windows.


August 27, 2013  11:38 AM

Windows 8.1/2012 R2 RTM

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Windows 8.1 & Windows Server 2012 R2 have gone RTM (Release To Manufacturing). The General Availability date is 18 October but it looks like you won’t be able to get your hands on it before then even with a TechNet/MDSN subscription.

No fair.

Why bother trying to keep up to date when Microsoft pull stunts like this. All other new versions of Windows as far back as I can remember have been made available on TechNet and MSDN within a month of RTM.

Announcing RTM and then imposing nearly 2 month delay on making it available to the technical community won’t win many friends.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: