PowerShell for Windows Admins

September 6, 2014  2:57 AM

LAST CALL for European PowerShell Summit 2014

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

This is the last call for attendee registration for the European PowerShell Summit 2014.

The Summit is in Amsterdam – 29 September to 1 October 2014. Details from the events page http://powershell.org/wp/community-events/summit/.

Due to a change in circumstances beyond our control we have to close public registration on 10 September 2014.

If you contact us by 10 September and ask to be able to perform a funds transfer rather than paying on line you have until 15 September 2014 to complete that transaction. No monies or registrations will be accepted after 15 September. We will not accept any new request for paying by money transfer after 10 September.

Apologies for the change in dates (the web site states registration is open until 15 September) but our hands have been forced on this.

There are still a number of places available so please register quickly if you want to attend. The more attendees we have the better chance we have of staging a European PowerShell Summit in 2015.

September 5, 2014  3:03 PM

Finding a file version

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Interesting question on the forum – how to find the file version of IE on remote machines?

Get-CimInstance -ClassName CIM_DataFile -Filter “Name = ‘C:\\Program Files\\Internet Explorer\\iexplore.exe'”  | select -ExpandProperty Version

Use the CIM_dataFile class.  Its one of the few CIM_ classes that doesn’t have a Win32_ equivalent.

In this case you know the path to the file – note the \\ as you have to escape a single \ in WMI filters

September 5, 2014  1:48 AM

WMF 5.0 September 2014 preview now available

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Another preview for WMF 5.0, and PowerShell 5.0, is available for download. Details from:


September 4, 2014  1:07 PM

OneNote and XML–finding notebooks

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

When OneNote first came out there wasn’t an API for it as you get for Word or Excel. A community module enabled you to work with the XML that formed the OneNote note books but it wasn’t updated after Office 2007 and doesn’t really work with later versions of OneNote.

I was looking at the Office developer site and noticed that there was some information on OneNote http://msdn.microsoft.com/en-us/library/office/jj680118(v=office.15).aspx.  This series will investigate how to script against OneNote and also explain how to use Select-XML and XPath on the way.

A good starting point would be to discover the OneNote notebooks:

$onenote = New-Object -ComObject OneNote.Application
$scope = [Microsoft.Office.Interop.OneNote.HierarchyScope]::hsPages
[ref]$xml = ”

$onenote.GetHierarchy($null, $scope, $xml)

$schema = @{one=”http://schemas.microsoft.com/office/onenote/2013/onenote”}
$xpath = “//one:Notebook”
Select-Xml -Xml (

$xml.Value) -Namespace $schema -XPath $xpath |
foreach {

The starting point – like all good Office applications – is a COM object that exposes the OneNote object model.  As an aside isn’t time office moved away from COM and we had a proper .NET API or even better a PowerShell module.

You also need to define the scope – in this case get all pages. The enumeration is described here http://msdn.microsoft.com/en-us/library/office/jj680119(v=office.15).aspx

You also need to create a [ref] object to hold the output.

The GetHierarchy() method is used to read through the notebooks. The $null argument means start at the top.

The schema can be found inside the XML produced so to avoid a circular argument I’ll set that in a variable – it has to be a hash table as shown.

Define the XPath – in this case get the nodes labelled one:Notebook.

Select-XML will extract the required nodes – notice how the object has to be presented.

A simple foreacch iterates over the nodes which look like this

name             : Personal (Web)
nickname         : Personal (Web)
ID               : {F8CC78D5-9CC3-40C8-847B-96B15E3D6AD2}{1}{B0}
path             :
https://<a path>  (Web)/
lastModifiedTime : 2014-09-04T17:48:07.000Z
color            : #FFD869
Section          : {Quick Notes, Unfiled Notes, PowerShell Summit}
SectionGroup     : SectionGroup

And you can select the name of the notebook.

August 29, 2014  2:29 PM

Grains of rice on a chess board

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

There is a story about the inventor of chess being rewarded by putting 1 grain of rice on the first square of the board; 2 on the second and so on. How much rice does that come to?

The total number of grains is 1.84467440737096E+19

At 25mg per grain that’s 461168601842739 kilogrammes of rice

Which in more understandable terms is:

461,168,601,842.739 metric tonnes


453,886,749,619.642 tons

That’s a lot of rice.

If you want to play around with the numbers the calculations are:

[double]$result = 0

1..64 |
foreach {

$square = [math]::Pow(2, ($psitem -1))
$result += $square


$wt = 0.025

$totalweight = ($wt * $result)/1000

$mtwt = $totalweight /1000

$tons = $totalweight * 0.00098421

August 29, 2014  1:00 PM

Event Log Providers

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

An event log provider is writes to an event log.  I’ve used WMI in the past to get these but while looking for somethign else discovered that Get-WinEvent can also find this information.

Get-WinEvent -ListProvider * | ft Name, LogLinks -AutoSize –Wrap

Provides a nice long list of all of the providers and the event logs they write to.

Usually I’m only interested in what’s writing to a particular event log. And that’s where things get a bit more messy.

The loglinks are supplied as a System.Collections.Generic.IList[System.Diagnostics.Eventing.Reader.EventLogLink] LogLinks  object that doesn’t play nicely with –in or –contains

So we need a bit of PowerShell manipulation to get what we want

$log = ‘System’

Get-WinEvent -ListProvider * |
foreach {

if ($log -in ($psitem | select -ExpandProperty Loglinks | select -ExpandProperty Logname)){
New-Object -TypeName psobject -Property @{
Name = $psitem.Name
Log = $log

The trick here is that the loglinks are a collection of objects so you need to expand them twice to get to the name. Not pretty but it works

August 28, 2014  12:56 PM

Patching Server Core

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I’ve been rebuilding my test lab after installing a SSD into the machine running it in place of the SATA drive.  Huge improvement in load speed of virtual machines – well worth the cost.

I usually have a number of server core machines in the lab and use WSUS for patching.  One issue I’d never really resolved was patching those server core machines  – the control panel fro Windows Update isn’t available!

Finally found a solution in the Windows Update PowerShell module from


Install the module and then you can install your patches using

Get-WUInstall –AcceptAll

I’m running Windows 2012 R2 on all my servers so the modules auto load

August 28, 2014  11:26 AM

European Summit deadline approaching

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

There are just over two weeks left for you to register for the European PowerShell Summit. At the moment we are still short of the number that would enable us to repeat a European Summit in 2015.  We had a lot of comments from people stating they wanted a Summit in Europe.  Now is the time to step up and support that idea.

Hope to see you there

August 28, 2014  6:15 AM

DSC Resource Kit–wave 6

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The next wave of the DSC resource kit is available with some new resources and updates to old favourites.

Details from:


August 21, 2014  2:04 AM

Learning, always learning

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

PowerShell is going mainstream amongst the administrator community – it may seem slow but the last couple of years has definitely seen a sustained upswing in adoption in my experience. As more people are demonstrating the benefits we see more people asking how they can learn PowerShell.

Two good ways come to mind. First is go on a course delivered by a recognized expert – if you’re thinking of attending a PowerShell course find out who is delivering it and look them up. If they don’t seem like an expert look for another course. There is s lot of bad practice being communicated and you rally want to cut through that and learn from a master of the subject.

if you don’t like, or can’t attend, a course then your best bet is Don Jones’ book – Learn PowerShell in a Month of Lunches – http://www.manning.com/jones3/

That completes the first part of your action. The second part is learning how to use PowerShell to administer the technology, or technologies, you work with.  Assuming you understand how to administer the underlying technology you need something to help you learn how to apply PowerShell to that technology. These are books I’d recommend:

For Active Directory

Learn Active Directory in a Month of Lunches – http://www.manning.com/siddaway3/


Learn IIS in a Month of Lunches  – http://www.manning.com/helmick/

For more general administration

PowerShell in Practice – http://www.manning.com/siddaway/

PowerShell and WMI – http://www.manning.com/siddaway2/

For VMware

VMware vSphere PowerCLI Reference: Automating vSphere Administration

Managing VMware Infrastructure with Windows PowerShell

These are books that I’ve used or worked on in one form or another and that I’m prepared to recommend. There are books on other administration through PowerShell topics but not having read them I can’t recommend for or against.

I’ll update this post periodically as I work through more technologies.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: