New PAM version

I’ve added the 0.6 release of the PowerShell Admin Modules to codeplex – http://psam.codeplex.com/

This release adds two modules

PAMADSNAPSHOT – functions for work with AD snapshots in Windows 2008 & 2008 R2

PAMLOAD – loads all of the PAM modules in one command

Import-Module PAMLOAD –Force

Further releases are planned during the year

Testing network connectivity

One of the standard troubleshooting tasks when investigating a problem is deciding if the machine can communicate on the network. The approach is usually

• ping the loop back address to check TCP/IP is working
• ping the machines own address
• ping the default gateway
• ping other servers

This means running ipconfig to discover some of the information and  then running pings

We can simplify this action.  Use WMI to get the data (I’m assuming we are doing this on a client) from the DHCP enabled NIC. I added the filter for IPEnabled to filter out BlueTooth adapters.

We can then use Test-Connection to perform the pings.  The various results are labelled accordingly if we use the –verbose switch

test-networkconnectivity -Verbose

PowerShell in Action

The second edition of Bruce Payette’s PowerShell in Action is available. It  can be ordered from http://www.manning.com/payette2/.  The electronic version includes a free electronic version of the first edition.

This is “THE” book on the PowerShell language – why it works the way it does and how some of the design decisions were reached.  I’ll post a full review later.

BE WARNED – This is NOT a book for beginners to PowerShell.

Method definitions

When we are dealing with .NET objects we have methods and properties to deal with. Properties are easy.

lets create a simple object

$str = "QWERTYUIOP"

put our string object into get-member to see the properties

$str | Get-Member -MemberType property

In this case we get one property.

Methods we can get like this

$str | Get-Member -MemberType method

and we find there are 33 of them on a string object.  Some of the methods can be used in different ways i.e. have different definitions. For instance the substring method has a couple of definitions

PS> $str.substring.OverloadDefinitions
string Substring(int startIndex)
string Substring(int startIndex, int length)

When we look at the output of get-member for a method such as Replace we get this

Replace          Method     string Replace(char oldChar, char newChar), string Replace(string oldValue, string newVa…

Ideally we want to be able to see all of the definitions.  We could use

$str | Get-Member -MemberType method | Format-Table –wrap

but its not easy to read.  If you want to dig into the method definitions try this

We can use string substitution to get the method name into the string and then run it with Invoke-Expression.  Note how we use single quotes on the first part of the string to prevent substitution.  Our output for the replace method becomes

Replace
string Replace(char oldChar, char newChar)
string Replace(string oldValue, string newValue)

which is easy to read. 

The function could be extended to accept a method name to avoid displaying everything.

Updated PowerShell help

The PowerShell team have been updating the online help files since PowerShell v2 was released. Unfortunately your local help files haven’t been updated. This now changes with the release of a CHM file containing the updated help  files – http://blogs.msdn.com/b/powershell/archive/2011/05/17/download-the-updated-core-help-chm.aspx

This won’t update the files you access through get help but it does give access to the up to date information.

Scripting Games Commentary: XIII ping

How many times have you done this when testing network connectivity?

ping 127.0.0.1

If all we want is a test of connectivity ping works fine. We can ping using WMI or .NET classes from within PowerShell. This has the advantage of returning an object rather than text which means we can work with it much easier.

Using .NET

$ping = New-Object -TypeName System.Net.NetworkInformation.Ping
$ping.Send("127.0.0.1")

This could be condensed to

$ping = (New-Object -TypeName System.Net.NetworkInformation.Ping).Send("127.0.10.1")

and we get the results in the ping variable.

The WMI solution is like this

Get-WmiObject -Class Win32_PingStatus -Filter "Address=’127.0.0.1′"

We can make this even easier because PowerShell 2 wraps this WMI class in a cmdlet

Test-Connection -ComputerName 127.0.0.1

if you don’t want to type all that then create an alias

Set-Alias -Name p -Value Test-Connection
p 127.0.0.1

just don’t use the alias in scripts

Managing Active Directory with Windows PowerShell

Author: Jeffery Hicks

Publisher: Sapien Press

ISBN: 978-0-9821314-4-2

I have three main criteria for judging a book:

· Is it technically accurate?

· Does deliver the material it claims to deliver?

· Is worth the cost of purchase and the time I spend reading it?

Before diving into the review I have to point out a vested interest in the book in that I was involved in the technical review process for the book. I have a lot of experience writing, blogging and using PowerShell against Active Directory so this was one in which I took a very keen interest.

At 383 pages this isn’t a massive book but it is packed with informative chapters:

1. Fundamentals

2. Users

3. Passwords

4. Contacts

5. Groups

6. Computers

7. OUs and Containers

8. Group Policy

9. Security and Permissions

10. Recycle Bin and Recovered Objects

11. AD PSDrive Provider

12. Managed Service Accounts

13. AD Infrastructure

14. Appendix – Local Users and Groups

15. Appendix – AD, PowerShell and ADSI

You will get the most from the book if you are running Windows Server 2008 R2 Active Directory. The usefulness decreases slightly to Windows Server 2008 and again to Windows Server 2003. This isn’t the books issue it is the fact that some functionality just isn’t available in these legacy versions.

The chapters concentrate on using the Microsoft and Quest Active Directory cmdlets. Each chapter covers the topic with examples from both sets of cmdlets. This can seem a bit repetitive if you read the whole book. I suspect that most people concentrate on one or the other and could skip the bits that don’t interest them. This would be a mistake as there are some things that are easier to perform with one set of cmdlets compared to other. I would look at both parts of each section so that you find the methods that best suit your needs.

Is the book technically accurate? Yes it is. This is the second edition of this book and Jeffery definitely knows his subject. I would have preferred to see more on scripting using ADSI because I think knowing how to perform tasks the long way enables you get the most out of the cmdlets. Does that detract from the book? NO! This says that it will concentrate on the cmdlets and it does just that. The comparisons between the two sets of cmdlets are very useful.

Does it deliver the material it claims to deliver? Yes it does. Setting “Protection from Accidental Deletion” for existing objects isn’t covered in an obvious manner and there isn’t anything on using AD snapshots which would have been useful. It covers all of the basics of administering Active Directory to a very good level. After reading this book there is no excuse for not being able to automate your Active Directory administration.

Is it worth the cost and time spent reading it? Yes. The information is presented in a logical manner that makes it easy to follow and work out what is happening. The examples are real and quite easy to adapt to your test environment if you want to work your way through them.

I do have one gripe with the book and that is the fault of the publisher not Jeffery. I have looked at a few Sapien books and I find their typesetting style very hard to read. There isn’t sufficient differentiation between the text, the code and headings to make the book easy to read. Come on Sapien you can do better.

Jeffery and his writing get 5 stars (out of 5) but Sapien only get 3.

If you work with PowerShell and Active Directory (or you want to start doing so) I strongly recommend that you get a copy of this book, read it and start using it. This is one that stays with arms reach of my work area so I can refer to it when I need to check something.

PowerShell UK User Group–May meeting slides and recording

Thanks again to Jonathan Medd for an excellent session on PowerShell modules. As promised the slides and demo scripts are available on Jonathan’s blog

http://www.jonathanmedd.net/2011/05/slides-from-uk-powershell-user-group-session-on-modules.html

The session recording will be available for the next 365 days from:

Richard Siddaway has invited you to view a Microsoft Office Live Meeting recording.
View Recording
Recording Details
Subject: PowerShell Modules
Recording URL: https://www.livemeeting.com/cc/usergroups/view
Recording ID: 8TWQGF
Attendee Key: 6NB,TJm(m

This Office Live Meeting invitation is a personal invitation meant only for you. It should not be forwarded. If you received this email by mistake or require Live Meeting Assistance, please refer to the Live Meeting Assistance Center at http://r.office.microsoft.com/r/rlidLiveMeeting?p1=12&p2=en_US&p3=LMInfo&p4=support

PowerShell UK User Group–June meeting

Details of the next meeting of the UK PowerShell User Group

When: Tuesday, Jun 21, 2011 7:30 PM (BST)

Where: Virtual
*~*~*~*~*~*~*~*~*~*

Session will look at using PowerShell to automate Microsoft Office – Word, Excel, Visio, Access and more

Notes

Richard Siddaway has invited you to attend an online meeting using Live Meeting.
Join the meeting.
Audio Information
Computer Audio
To use computer audio, you need speakers and microphone, or a headset.
First Time Users:
To save time before the meeting, check your system to make sure it is ready to use Microsoft Office Live Meeting.
Troubleshooting
Unable to join the meeting? Follow these steps:

1. Copy this address and paste it into your web browser:
   https://www.livemeeting.com/cc/usergroups/join
2. Copy and paste the required information:
   Meeting ID: Z7FFBT
   Entry Code: TC%f8)D(2
   Location: https://www.livemeeting.com/cc/usergroups

If you still cannot enter the meeting, contact support

Notice
Microsoft Office Live Meeting can be used to record meetings. By participating in this meeting, you agree that your communications may be monitored or recorded at any time during the meeting.

Scripting Games Commentary: X Aliases

Having stirred up a bit of discussion with my comments about object creation its time to tackle a particular hot button of mine – aliases.

Before I state anything else this is how I use aliases:

1. at the command line I may use an alias or the full cmdlet name as the mood strikes – though i don’t use % or ? at all
2. in scripts, functions and anything I publish I try to always use the full cmdlet name
3. in scripts I always use the full parameter name
4. the exception to (2) is that I don’t use select-object I use select; I don’t use sort-object I use sort; I don’t use where-object or foreach-object I use where and foreach respectively. Group-Object tends to be group and measure-object gets its full name because I don’t use it very often

Not 100% consistent but internally consistent and I tend to stick with this style.

Item 2 on the list is the important one. Using the full cmdlet name makes a script more understandable. PowerShell is designed to be easily understood if you use the full cmdlet names and parameter names. The tab completion/intellisense in the Powershell editors makes it easy to use the full names.

Also if you create your own aliases and use them in scripts – your scripts will fail if exported to a machine where the aliases aren’t defined. In the games that is especially true of a judge’s machine. When we have over 1600 scripts to grade if it fails – oops no points.

Keep aliases where they belong – on the command line.