PowerShell for Windows Admins


March 29, 2012  2:57 PM

UK PowerShell Group March 2012 meeting recording

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

 

The recording, slides and demo script from the session on CIM cmdlets – Tuesday 27 March is available

https://skydrive.live.com/?cid=43cfa46a74cf3e96#cid=43CFA46A74CF3E96&id=43CFA46A74CF3E96%212955

Enjoy

March 26, 2012  11:38 AM

PowerShell Deep Dive 2012 Agenda

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The agenda for the PowerShell Deep Dive next month has just been published on the PowerShell team blog

http://blogs.msdn.com/b/powershell/archive/2012/03/26/schedule-for-the-upcoming-powershell-deep-dive-and-a-few-videos-from-frankfurt.aspx

If you are already booked to go – looking forward to meeting you.  If you’re thinking of going last years event was amazing. If you are interested in PowerShell it is the place to be


March 25, 2012  5:09 AM

UG meeting reminder – March 2012

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Quick reminder that the UK user group meeting is on Tuesday 27 March @ 7.30 BST.  Details from

http://msmvps.com/blogs/richardsiddaway/archive/2012/03/06/uk-powershell-group-march-2012.aspx

 

The meeting is on the new CIM functionality in PowerShell v3.  This is a need to know technology as much of the new PowerShell functionality in Windows Server 8 is based on this.

Please double check the time as the UK switched to daylight saving time this weekend.


March 21, 2012  4:32 PM

PowerShell Deep Dive

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I heard at the beginning of the week that I’ve been granted a speaker slot at the PowerShell Deep Dive next month – http://www.theexpertsconference.com/us/2012/

I’ll be speaking on creating cmdlets from WMI objects using a new feature in PowerShell v3 that is so cool it could start a new Ice Age

Look forward to seeing you there


March 21, 2012  3:14 PM

Folder sizes

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Question on the forums related to folder sizes and last write time

Get-ChildItem -Path "C:\PersonalData\MyBooks\PowerShell and WMI" -Recurse |             
where { $_.PSIsContainer} |            
foreach {            
 $size = Get-ChildItem -Path $_.FullName | measure -Sum Length | select -ExpandProperty Sum            
             
 Add-Member -InputObject $($_) -MemberType NoteProperty -Name Size -Value $size            
            
 $_ | select Fullname, LastWriteTime, @{N="Size(MB)"; E={[math]::Round(($_.Size/1mb), 2)}}            
} | Format-Table -AutoSize -Wrap

Unfortunately the object returned by get-ChildItem doesn’t include folder size. So we loop through each folder & get the sum of its contents. The size value is added to the folder object and Fullname, LastwriteTime and size displayed.  The size is recalculated to megabytes. Substitute your favourite size


March 19, 2012  4:33 PM

Reading registry values with CIM

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

In this post

http://msmvps.com/blogs/richardsiddaway/archive/2012/03/10/migrating-to-cim-doh.aspx

and its predecessors we saw how to enumerate registry sub-keys. But how do we read a registry value?

function get-CIMRegValue{             
[CmdletBinding(DefaultParameterSetName="UseComputer")]             
            
param (             
 [parameter(Mandatory=$true)]            
 [ValidateSet("HKCR", "HKCU", "HKLM", "HKUS", "HKCC")]            
 [string]$hive,            
            
 [parameter(Mandatory=$true)]            
 [string]$key,            
            
 [parameter(Mandatory=$true)]            
 [string]$value,            
            
 [parameter(Mandatory=$true)]            
 [string]            
 [Validateset("DWORD", "EXPANDSZ", "MULTISZ", "QWORD", "SZ")]            
 $type,            
            
  [parameter(ValueFromPipeline=$true,            
   ValueFromPipelineByPropertyName=$true)]            
 [parameter(ParameterSetName="UseComputer")]             
 [string]$computer="$env:COMPUTERNAME",            
             
 [parameter(ValueFromPipeline=$true,            
   ValueFromPipelineByPropertyName=$true)]            
 [parameter(ParameterSetName="UseCIMSession")]             
 [Microsoft.Management.Infrastructure.CimSession]$cimsession            
             
)             
BEGIN{}#begin             
PROCESS{            
            
switch ($hive){            
"HKCR" { [uint32]$hdkey = 2147483648} #HKEY_CLASSES_ROOT            
"HKCU" { [uint32]$hdkey = 2147483649} #HKEY_CURRENT_USER            
"HKLM" { [uint32]$hdkey = 2147483650} #HKEY_LOCAL_MACHINE            
"HKUS" { [uint32]$hdkey = 2147483651} #HKEY_USERS            
"HKCC" { [uint32]$hdkey = 2147483653} #HKEY_CURRENT_CONFIG            
}            
            
switch ($type) {            
"DWORD"     {$methodname = "GetDwordValue"}            
"EXPANDSZ"  {$methodname = "GetExpandedStringValue"}            
"MULTISZ"   {$methodname = "GetMultiStringValue"}            
"QWORD"     {$methodname = "GetQwordValue"}            
"SZ"        {$methodname = "GetStringValue"}            
}            
$arglist = @{hDefKey = $hdkey; sSubKeyName = $key; sValueName = $value}            
            
switch ($psCmdlet.ParameterSetName) {            
 "UseComputer"    {$result = Invoke-CimMethod -Namespace "root\cimv2" -ClassName StdRegProv -MethodName $methodname  -Arguments $arglist -ComputerName $computer}            
 "UseCIMSession"  {$result = Invoke-CimMethod -Namespace "root\cimv2" -ClassName StdRegProv -MethodName $methodname  -Arguments $arglist -CimSession $cimsession }            
 default {Write-Host "Error!!! Should not be here" }            
}            
            
switch ($type) {            
"DWORD"     {$result | select -ExpandProperty uValue}            
"EXPANDSZ"  {$result | select -ExpandProperty sValue}            
"MULTISZ"   {$result | select -ExpandProperty sValue}            
"QWORD"     {$result | select -ExpandProperty uValue}            
"SZ"        {$result | select -ExpandProperty sValue}            
}            
             
}#process             
END{}#end            
            
<# 
.SYNOPSIS
Displays a registry value

.DESCRIPTION
Displays a registry value using WSMAN or DCOM 
to access remote machines 

.PARAMETER  hive
Hive Name. One of "HKCR", "HKCU", "HKLM", "HKUS" or "HKCC"
The name is validated against the set

.PARAMETER  key
The registry key - without the hive name e.g.
"SYSTEM\CurrentControlSet\Services\BITS"

.PARAMETER value
The specific registry value to return for the 
given key

.PARAMETER  type
The type of registry value to return.
Must be one of
"DWORD", "EXPANDSZ", "MULTISZ", "QWORD", "SZ"

.PARAMETER  computer
Name of a remote computer. Connectivity will be by WSMAN.

.PARAMETER  cimsession
An object representing a cimsession. Connectivity is controlled 
by the CIM session and can be WSMAN or DCOM

.EXAMPLE                                                                                       
get-CIMRegValue -hive HKLM -key "SYSTEM\CurrentControlSet\services\BITS" -value DelayedAutoStart -type DWORD

.EXAMPLE
get-CIMRegValue -hive HKLM -key "SYSTEM\CurrentControlSet\services\BITS" -value ObjectName -type SZ  

.EXAMPLE
get-CIMRegValue -hive HKLM -key "SYSTEM\CurrentControlSet\services\BITS" -value DependOnService -type MULTISZ 

.EXAMPLE
get-CIMRegValue -hive HKLM -key "SYSTEM\CurrentControlSet\services\BITS" -value ImagePath -type EXPANDSZ

.EXAMPLE
get-CIMRegValue -hive HKLM -key "SYSTEM\CurrentControlSet\services\BITS" -value DelayedAutoStart -type DWORD -computer "."

.EXAMPLE
$cs = New-CimSession -ComputerName Win7test  
get-CIMRegValue -hive HKLM -key "SYSTEM\CurrentControlSet\services\BITS" -value DelayedAutoStart -type DWORD -cimsession $cs   

.EXAMPLE
$opt = New-CimSessionOption -Protocol Dcom                                                                                                          
$csd = New-CimSession -ComputerName server02 -SessionOption $opt                                                                                    
get-CIMRegValue -hive HKLM -key "SYSTEM\CurrentControlSet\services\BITS" -value DelayedAutoStart -type DWORD -cimsession $csd

.NOTES


.LINK

#>            
            
}

Parameters define the hive, key, value to be read and the type of value.

Registry values come in a number of types:

  • DWORD and QWORD are 32 & 64 bit numbers
  • SZ is a string
  • EXPANDSZ is a string containing environmental variables that gets expanded
  • MULTISZ is a multi-valued string

Parameters to define a computer name or CIM Session are also present

The numeric value for the hive is set in a switch statement. The data type is used to define the method name – each data type has its own method.

The argument list is populated and the method is invoked using a computer name or CIM session as appropriate

The results are decoded according to type.

Full help is provided on the function.


March 18, 2012  2:30 PM

Get Global Catalog from DNS

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

One option for finding global catalog servers is often overlooked – DNS.  In an AD environment DNS stores the SRV records that advertise the services domain controllers can deliver

$dnsserver = "dc02"            
Get-WmiObject -Namespace 'root\MicrosoftDNS' -Class  MicrosoftDNS_SRVType `
-ComputerName $dnsserver -Filter "ContainerName = 'Manticore.org'" |             
Where {$_.OwnerName -like "_gc*"} |            
select TextRepresentation

We are interested in the ‘root\MicrosoftDNS’ name space and the MicrosoftDNS_SRVType records. We want the manticore.org zone and all records where the Ownername is like “_gc*”

The results look like this

_gc._tcp.Site1._sites.Manticore.org IN SRV 0 100 3268 dc02.manticore.org.

_gc._tcp.Site1._sites.Manticore.org IN SRV 0 100 3268 server02.manticore.org.  
_gc._tcp.Manticore.org IN SRV 0 100 3268 dc02.manticore.org.                                                     
_gc._tcp.Manticore.org IN SRV 0 100 3268 server02.manticore.org. 


March 16, 2012  4:24 PM

Up coming User group sessions

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The sessions for the next few months are:

  • 27 March – PowerShell v3 CIM cmdlets and “cmlets over objects”
  • April – Managing Windows Server 8 with PowerShell
  • May – Managing Windows Server 8 with PowerShell

No thats not a mistake – there is so much new PowerShell functionality in Windows server 8 that two sessions will just scratch the surface.  I’m delivering the April session and PowerShell MVP Jonathan Medd is delivering the May session.

Details on March’s sessions from

http://msmvps.com/blogs/richardsiddaway/archive/2012/03/06/uk-powershell-group-march-2012.aspx

As always the session will be recorded and made available afterwards.


March 15, 2012  4:25 PM

Active Directory WMI provider

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I stumbled on this namespace on my domain controller – root\directory\ldap – which appears to be a WMI provider for AD. From the information at http://technet.microsoft.com/en-us/library/hh831568.aspx it appears that it is being deprecated in Windows Server 8. This means it will be removed in a future version. In the mean time we have more toys to play with. Managing AD with the PowerShell cmdlets is going to be the best way to do it but we have an opportunity to experiment and discover other ways of doing things.

The namespace is huge so getting a full listing of classes is problematic.

Some quick observations

Get-WmiObject -Namespace root/directory/ldap -Class ds_grouppolicycontainer | select DS_displayName

gets a list of group policies

The domain security policy can be exposed like this

Get-WmiObject -Namespace root/directory/ldap -Class ds_domain | select DS_lockoutDuration, DS_lockOutObservationWindow, DS_lockoutThreshold, DS_maxPwdAge, DS_minPwdAge, DS_minPwdLength, DS_pwdHistoryLength, DS_pwdProperties

DS_lockoutDuration          : -600000000
DS_lockOutObservationWindow : -600000000
DS_lockoutThreshold         : 25
DS_maxPwdAge                : -36288000000000
DS_minPwdAge                : 0
DS_minPwdLength             : 7
DS_pwdHistoryLength         : 24
DS_pwdProperties            : 1

It will be worth poking around a bit more in this namespace


March 13, 2012  12:11 PM

PowerShell–Good Scripts guide

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Ed Wilson, the Microsoft Scripting Guy, wrote recently http://blogs.technet.com/b/heyscriptingguy/archive/2012/03/08/2012-scripting-games-judging-criteria-revealed.aspx

about the judging for the 2012 games.

At the top of that post there is a section labelled General criteria for good Windows PowerShell scripts.

I would strongly recommend everyone who is working with PowerShell, whether you intend to enter the games or not, to read that section and apply it to every script you produce.

The advice doesn’t get better than that!


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: