PowerShell for Windows Admins

February 25, 2013  1:29 PM

Advanced Functions webcast

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Quick reminder that the UK PowerShell group is hosting a Live Meeting webcast on PowerShell Advanced functions tomorrow – details from


February 25, 2013  1:26 PM

PowerShell in Depth–nearly there

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

PowerShell in Depth is rapidly approaching its publication date – see www.manning.com/jones2 for details

February 25, 2013  12:55 PM

New book

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

My latest book has been released on the Manning Early Access Program (MEAP). Active Directory Management in a Month of Lunches takes the newcomer to AD through the tasks they need to perform to manage their organization’s AD.

it assumes no knowledge of AD and shows how to perform the common management tasks from the GUI (AD Administrative Center & the venerable AD Users & Computers) as well as PowerShell (using the Microsoft cmdlets). 

Chapters 1-7 are currently available from www.manning.com\siddaway3 with more to come soon

February 21, 2013  1:54 PM

Creating a Windows 2012 Domain Controller

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I decided to replace one of the DCs in my test environment with a Windows 2012 Server Core machine. Server Core has really come of age in Windows 2012 – its easy to configure.

I’ve covered configuring a server before but to recap:

  • Rename the machine – use Rename-Computer
  • Set Network – use Set-NetIPInterface (address) & et-DnsClientServerAddress( dns address) & Rename-netAdapter
  • Join to domain – use Add-Computer

To create the domain controller use the ADDSDeployment module. You’ll only find this on servers where you’ve installed the AD Domain Services feature which you do like this:

Install-WindowsFeature -Name AD-Domain-Services -Confirm:$false


Import the module

Import-Module ADDSDeployment
Get-Command -Module ADDSDeployment

Create the Domain Controller. This is the equivalent of running DCPROMO in earlier versions. Even better you don’t need the answer file. Everything is a parameter on the cmdlet.

Install-ADDSDomain Controller -DomainName "manticore.org" -InstallDns -Credential (Get-Credential manticore\richard) -ApplicationPartitionsToReplicate *

Thats it!  Just wait for replication to happen.

You can also demote a domain controller

$cred = Get-Credential
Uninstall-ADDSDomainController -Credential $cred -RemoveApplicationPartitions -Confirm:$false

Restart the machine and uninstall AD & DNS

Uninstall-WindowsFeature -Name AD-Domain-Services, DNS -Confirm:$false
Restart-Computer -ComputerName dc02

Leave the domain

$cred = Get-Credential manticore\richard
Remove-Computer -UnjoinDomainCredential $cred -Workgroup Test

Trash the VM.

And best of all it works over remoting.  You will need to recreate the session for restarts & changes but it is really easy.

Server Core is now a much friendlier option.

February 18, 2013  4:32 PM

CIM cmdlets and remote access

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

When you used the WMI cmdlets

Get-WmiObject -Class Win32_logicalDisk -ComputerName RSLAPTOP01

You were using DCOM to access the remote machine. Even if you accessed the local machine you were using DCOM.

This changes in PowerShell v3 when using the CIM cmdlets.

If you don’t use a computername

Get-CimInstance -ClassName Win32_logicalDisk

You use DCOM to access the local machine.

If you use –computername

Get-CimInstance -ClassName Win32_logicalDisk -ComputerName RSLAPTOP01

You use WSMAN to access the machine named – irrespective of if it is local or remote

A further complication is that the named machine has to be running WSMAN 3.0 i.e. PowerShell v3 is installed.

If you try to access a PowerShell v2 (WSMAN 2.0) machine with the CIM cmdlets you will get an error. The way round that is to create a CIMsession using DCOM as the transport protocol. If you want to learn how to do that you’ll have to wait until after my session at the PowerShell Summit in April or buy a copy of PowerShell and WMI from www.manning.com/siddaway2

I saw a number of people using the CIM cmdlets in the scripting games without thought to connectivity issues like this.

February 18, 2013  1:58 PM

UK PowerShell Group–Advanced functions

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

When: Tuesday, Feb 26, 2013 7:30 PM (GMT)

Where: Virtual


Advanced functions give you ability to create functions that act like cmdlets. Learn how to get the most from this powerful part of the PowerShell functionality


Richard Siddaway has invited you to attend an online meeting using Live Meeting.
Join the meeting.
Audio Information
Computer Audio
To use computer audio, you need speakers and microphone, or a headset.
First Time Users:
To save time before the meeting, check your system to make sure it is ready to use Microsoft Office Live Meeting.
Unable to join the meeting? Follow these steps:

1. Copy this address and paste it into your web browser:

2. Copy and paste the required information:
Meeting ID: G79DNP
Entry Code: 9$t#&PK#8
Location: https://www.livemeeting.com/cc/usergroups

If you still cannot enter the meeting, contact support

Microsoft Office Live Meeting can be used to record meetings. By participating in this meeting, you agree that your communications may be monitored or recorded at any time during the meeting.

February 18, 2013  1:37 PM


Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I’ve been grading the scripts in the warm up events for the Scripting Games and noticed a lot of people doing this:

Get-WmiObject -Class Win32_LogicalDisk | where {$_.DriveType -eq 3}

Ok now it works but there are a couple of things wrong with this approach.

Firstly, you are ignoring the built in capabilities of the get-wmiobject cmdlet

PS> Get-Command Get-WmiObject -Syntax

Get-WmiObject [-Class] <string> [[-Property] <string[]>] [-Filter <string>] [-Amended] [-DirectRead] [-AsJob]
[-Impersonation <ImpersonationLevel>] [-Authentication <AuthenticationLevel>] [-Locale <string>]
[-EnableAllPrivileges] [-Authority <string>] [-Credential <pscredential>] [-ThrottleLimit <int>] [-ComputerName
<string[]>] [-Namespace <string>] [<CommonParameters>]

Get-WmiObject [[-Class] <string>] [-Recurse] [-Amended] [-List] [-AsJob] [-Impersonation <ImpersonationLevel>]
[-Authentication <AuthenticationLevel>] [-Locale <string>] [-EnableAllPrivileges] [-Authority <string>] [-Credential
<pscredential>] [-ThrottleLimit <int>] [-ComputerName <string[]>] [-Namespace <string>] [<CommonParameters>]

Get-WmiObject -Query <string> [-Amended] [-DirectRead] [-AsJob] [-Impersonation <ImpersonationLevel>] [-Authentication
<AuthenticationLevel>] [-Locale <string>] [-EnableAllPrivileges] [-Authority <string>] [-Credential <pscredential>]
[-ThrottleLimit <int>] [-ComputerName <string[]>] [-Namespace <string>] [<CommonParameters>]

Get-WmiObject [-Amended] [-AsJob] [-Impersonation <ImpersonationLevel>] [-Authentication <AuthenticationLevel>]
[-Locale <string>] [-EnableAllPrivileges] [-Authority <string>] [-Credential <pscredential>] [-ThrottleLimit <int>]
[-ComputerName <string[]>] [-Namespace <string>] [<CommonParameters>]

Get-WmiObject [-Amended] [-AsJob] [-Impersonation <ImpersonationLevel>] [-Authentication <AuthenticationLevel>]
[-Locale <string>] [-EnableAllPrivileges] [-Authority <string>] [-Credential <pscredential>] [-ThrottleLimit <int>]
[-ComputerName <string[]>] [-Namespace <string>] [<CommonParameters>]

Notice the filter parameter in the first parameter set.

When you run Get-WMIObject in effect you are running a WQL query

“SELECT * FROM Win32_LogicalDisk”

if you move the filter into the query it changes to

“SELECT * FROM Win32_LogicalDisk WHERE DriveType = 3”

This is coded in the cmdlet as

Get-WmiObject -Class Win32_LogicalDisk -Filter "DriveType = 3"

Why is this better?

Because you are doing less work against the WMI repository – therefore more efficient.

Also if you are running against a remote machine filtering in the WMI query means you bring less data back across the network which makes you whole process more efficient.

Bottom line – filter as early as you sensibly can and preferably on the remote machine.

February 13, 2013  1:35 PM

PowerShell Workflow–the complete series

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The series of articles on PowerShell workflows that are appearing on the Scripting Guy blog is now complete.

The articles in the series that have been published are:









The series is complete for now but as workflow is such a new topic expect more on it in the future.

Until then Enjoy!

February 5, 2013  1:45 PM

Scripting Games warm up

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

As a warm up for this years Scripting Games a two event Winter Scripting Camp has been organised.  Details from  http://powershell.org/games/

January 30, 2013  4:06 PM

PowerShell and Active Directory recording

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The recording, slides and demo script from yesterday’s PowerShell and Active Directory session can be found here:


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: