PowerShell for Windows Admins

December 13, 2013  2:09 PM

Manning offer for Monday 16 December 2013

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

On Monday 16 December Manning are offering 50% off all ebooks using code dot1216au at www.manning.com

Check http://deals.manningpublications.com/countdown2014.html for other deals between now and the end of the year

December 12, 2013  9:00 AM

Deleting domain specific profiles

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I had a question regarding these posts:



The question came from someone needing to clean up a set of domain specific profiles.

You can adapt the code in the articles to identify the domain specific profiles like this:

$domain = “mydomain”
Get-CimInstance -ClassName Win32_UserProfile -Filter “Special = ‘$false'” |
select LocalPath, SID, LastUseTime,
@{N=”User”; E={Get-CimInstance -Class Win32_UserAccount -Filter “SID = ‘$($_.SID)'” | select -ExpandProperty Caption}} |
where User -Like “$domain\*”

Once you’ve identified them and ensured that your filters are giving you the correct results you can run this:

$domain = “mydomain”
Get-CimInstance -ClassName Win32_UserProfile -Filter “Special = ‘$false'” |
select LocalPath, SID, LastUseTime,
@{N=”User”; E={Get-CimInstance -Class Win32_UserAccount -Filter “SID = ‘$($_.SID)'” | select -ExpandProperty Caption}} |
where User -Like “$domain\*” |
foreach {
Get-CimInstance -ClassName Win32_UserProfile -Filter “SID = ‘$($_.SID)'” |
Remove-CimInstance -WhatIf


NOTICE I’ve left –whatif on the Remove-CimInstance.  It gives you an additional check before you finally commit to deleting the profiles

Alternatively, and better still, put the first set of code into an advanced function and then you can do this:

function get-domainprofile{
param (
[string]$domain = “mydomain”
Get-CimInstance -ClassName Win32_UserProfile -Filter “Special = ‘$false'” |
select LocalPath, SID, LastUseTime,
@{N=”User”; E={Get-CimInstance -Class Win32_UserAccount -Filter “SID = ‘$($_.SID)'” | select -ExpandProperty Caption}} |
where User -Like “$domain\*”

get-domainprofile | foreach {
Remove-CimInstance -Query “Select * FROM Win32_UserProfile WHERE SID = ‘$($_.SID)'” -WhatIf

Again I’ve left –whatif in place. Remove it when you’re happy with the tests

December 11, 2013  1:57 PM

Final MEAP for AD Lunches

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The final MEAP for AD Management in a Month of Lunches has been released. The book is on a half price offer today so still time for a Christmas bargain if you’re quick


December 10, 2013  8:47 AM

December 11–Deal of the Day AD Month of Lunches

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Deal of the Day December 11:

Half off my book Learn Active Directory Management in a Month of Lunches.

Use code dotd1211au at www.manning.com/siddaway3/

Also available:

Learn SQL Server Administration in a Month of Lunches (www.manning.com/jones5/)

Learn SCCM 2012 in a Month of Lunches (www.manning.com/bannan/)

December 10, 2013  4:09 AM

Scripting Games countdown

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The countdown to the 2014 Winter Scripting Games has started. The ideal way to brighten up the depths of winter.

This Games is for teams of least two. You can learn more by downloading and reading the players guide:


The games start January 2014 so don’t go looking for events just yet. Now would be a good time to look at the events from past games and get in some practice.

December 8, 2013  3:58 PM

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

On a Windows Server 2012 or 2012 R2 system you can install the ServerManager module and use the Get-WindowsFeature cmdlet to discover the installed features. They can be managed with Install-WindowsFeature and Uninstall-WindowsFeature .

These cmdlets don’t exist on Windows 8/8.1

However the Dism (Deployment Image Servicing and Management) module can help out. The Dism module is mainly concerned with managing wim files and virtual disks for deployment scenarios but it also contains these cmdlets:




To discover the installed features

Get-WindowsOptionalFeature -Online | Format-Table –AutoSize

The output looks like this

FeatureName                                                             State

———–                                                                      —–

Microsoft-Hyper-V-All                                           Enabled

Microsoft-Hyper-V-Tools-All                                Enabled

Microsoft-Hyper-V                                                  Enabled

Microsoft-Hyper-V-Management-Clients           Enabled

Microsoft-Hyper-V-Management-PowerShell    Enabled

Printing-Foundation-Features                               Enabled

Printing-Foundation-LPRPortMonitor                Disabled

Printing-Foundation-LPDPrintService                 Disabled

Printing-Foundation-InternetPrinting-Client     Enabled


For all of these cmdlets use –Online to access the local machine rather than an image.

Individual features can be enabled or disabled

Enable-WindowsOptionalFeature -FeatureName TelnetClient –Online

Disable-WindowsOptionalFeature -FeatureName TelnetClient –Online

Feature names are case sensitive.

December 8, 2013  8:20 AM

Transferring modules from Windows 8 or 8.1 to Windows 7

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Windows 7 shipped with PowerShell 2.0 installed.  Windows 8 brought PowerShell 3.0 and Windows 8.1 brings PowerShell 4.0.

Windows 8 and 8.1 also have a lot of modules installed. This extra functionality widens PowerShell reach immensely – the networking modules alone are a significant step forward.

When you install PowerShell 3.0 or 4.0 on Windows 7 you don’t most of the new modules. This has puzzled many people and I’m often asked how those Windows 8/8.1 modules can be made available on Windows 7.

The short answer is that you can’t.

The long answer is that you can’t because, for the most part, those modules are based on CIM (WMI) classes that were introduced in Windows 8 or 8.1. A lot of the system management functionality you see in modern Windows is based on CIM classes that then use the CDXML approach to create PowerShell modules.

Installing the new CIM classes on Windows 7 is not possible – so you can’t get the modules on which they are based.

If you want the new functionality you have to upgrade to Windows 8.1

December 6, 2013  9:45 AM

Future thoughts

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I spent last night configuring a new Windows 8.1 device – finally retired my venerable HP laptop. One thing that struck me as I was working through the various installs was where my data was.  The last time I’d configured a new machine all of the data was held locally and I’d needed to copy the data onto the new machine. A cross over cable was used if I remember correctly.

This time the majority of my data is on my SkyDrive. Logging into Windows 8.1 with a Microsoft Live id means I get immediate access to SkyDrive content. SkyDrive is an integral part of Windows 8.1 rather than being an additional install.

The SkyDrive appeared. The configuration is good in that you can move the SkyDrive position on your local disk – open up the Location tab on the SkyDrive properties.

What did surprise me and start me thinking is that by default under Windows 8.1 SkyDrive data is not automatically downloaded to your local disk.  You get a stub file that when you click on it triggers the download of the contents. In previous versions as soon as you configured the SkyDrive app on your local machine it would start analysing your data and download.

Its easy enough to trigger a download for everything, or just some folders – right click the appropriate folder with your SkyDrive area on the local disk and select  Make available off-line.

This started me thinking – with SkyDrive defaulting to online content and Microsoft Office being able to save to SkyDrive – how long before all of our data is in the cloud. I wouldn’t be surprised to see future machines with much smaller disks than we assume are necessary today – enough to store the OS and applications. Though with web based Office applications available through Office 365 there could be a lot of people who only need a thin OS – sort of like a chrome book but that actually usable.

The only data you will store locally will be those files you are working on.

This change will require much better network support than we receive today. The broadband offerings in the UK are not up to supporting this approach and until there is consistent, fast broad band connectivity everywhere it will remain a pipe dream.

December 5, 2013  2:33 PM

CDXML–scripting creation

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

So far you’ve seen how to create CDXML files by hand – though you probably used cut and paste rather than typing everything from scratch.

Its time to bring a bit of automation to creating CDXML files. The XML is fairly simple and you’re only changing a couple of values so you can do this:

function new-cdxml {


param (



[string]$namespace = ‘ROOT\cimv2′,

[string]$path = “C:\Scripts\Modules\Hardware”


$code = @”

<?xml version=’1.0′ encoding=’utf-8’?>

<PowerShellMetadata xmlns=’http://schemas.microsoft.com/cmdlets-over-objects/2009/11′>

<Class ClassName=’$namespace\$class’>




<GetCmdletParameters DefaultCmdletParameterSet=’DefaultSet’>






$file = Join-Path -Path $path -ChildPath “$class.cdxml”

Write-Verbose -Message $file

Set-Content -Path $file -Value $code


I saved this as NewCDXML.ps1. This will eventually become the basis of a CDXML file creation module. I set defaults on the namespace and the path – feel free to change them if required.

The function is run as:

new-cdxml -class Win32_DiskDrive -noun PhysicalDisk

which produces this CDXML file

<?xml version=’1.0′ encoding=’utf-8’?>

<PowerShellMetadata xmlns=’http://schemas.microsoft.com/cmdlets-over-objects/2009/11′>

<Class ClassName=’ROOT\cimv2\Win32_DiskDrive’>




<GetCmdletParameters DefaultCmdletParameterSet=’DefaultSet’>





The Hardware.psd1 file needs to be altered:

# Modules to import as nested modules of the module specified in RootModule/ModuleToProcess

NestedModules = @(‘Win32_BIOS.cdxml’,





# Functions to export from this module

FunctionsToExport = @(‘Get-Bios’,




The module now looks like this:

£> Get-Command -Module Hardware

CommandType Name

———–             —-

Function            Get-Bios

Function             Get-ComputerSystem

Function            Get-PhysicalDisk

This makes creating additional components for your module much easier.

December 2, 2013  12:01 PM

CDXML: Add a cmdlet for computer system

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Continuing the creation of a Hardware investigation module – its a simple matter to add a cmdlet to retrieve the computer system data ie Win32_ComputerSystem


First create a CDXML file like this:


<?xml version=”1.0″ encoding=”utf-8″?>

<PowerShellMetadata xmlns=”http://schemas.microsoft.com/cmdlets-over-objects/2009/11″>

<Class ClassName=”ROOT\cimv2\Win32_ComputerSystem”>




<GetCmdletParameters DefaultCmdletParameterSet=”DefaultSet”>





The only difference from the Win32_BIOS.cdxml is the WMI class and the default noun

Save in your Hardware module folder as Win32_ComputerSystem.cdxml

Modify the hardware.psd1 file in two places –

NestedModules = @(‘Win32_BIOS.cdxml’,

‘Win32_ComputerSystem.cdxml’ )



FunctionsToExport = @(‘Get-Bios’,



Save the hardware.psd1 file.

Now when you open up PowerShell

£> Get-Command -Module Hardware

CommandType Name ModuleName

———– —- ———-

Function Get-Bios Hardware

Function Get-ComputerSystem Hardware

£> Get-ComputerSystem | Format-List


Domain : Manticore.org

Manufacturer : Microsoft Corporation

Model : Virtual Machine

Name : WIN81

PrimaryOwnerName : Richard

TotalPhysicalMemory : 1857605632


Note default display is a table.

For now we’ll keep adding investigative cmdlets to our module – though there are some methods on Win32_ComputerSystem we’ll be adding to our module later.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: