PowerShell for Windows Admins

August 28, 2013  1:15 PM

International module

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The International module has an interesting set of cmdlets:
£> Get-Command -Module International | select Name


£> Get-WinHomeLocation | fl *

GeoId : 242
HomeLocation : United Kingdom

£> Get-WinSystemLocale | fl *

Parent : en
LCID : 2057
KeyboardLayoutId : 2057
Name : en-GB
IetfLanguageTag : en-GB
DisplayName : English (United Kingdom)
NativeName : English (United Kingdom)
EnglishName : English (United Kingdom)
TwoLetterISOLanguageName : en
ThreeLetterISOLanguageName : eng
ThreeLetterWindowsLanguageName : ENG
CompareInfo : CompareInfo – en-GB
TextInfo : TextInfo – en-GB
IsNeutralCulture : False
CultureTypes : SpecificCultures, InstalledWin32Cultures, FrameworkCultures
NumberFormat : System.Globalization.NumberFormatInfo
DateTimeFormat : System.Globalization.DateTimeFormatInfo
Calendar : System.Globalization.GregorianCalendar
OptionalCalendars : {System.Globalization.GregorianCalendar, System.Globalization.GregorianCalendar}
UseUserOverride : True
IsReadOnly : False

Digging into the formats and calendars
£> Get-WinSystemLocale | select -ExpandProperty NumberFormat

CurrencyDecimalDigits : 2
CurrencyDecimalSeparator : .
IsReadOnly : False
CurrencyGroupSizes : {3}
NumberGroupSizes : {3}
PercentGroupSizes : {3}
CurrencyGroupSeparator : ,
CurrencySymbol : £
NaNSymbol : NaN
CurrencyNegativePattern : 1
NumberNegativePattern : 1
PercentPositivePattern : 1
PercentNegativePattern : 1
NegativeInfinitySymbol : -Infinity
NegativeSign : –
NumberDecimalDigits : 2
NumberDecimalSeparator : .
NumberGroupSeparator : ,
CurrencyPositivePattern : 0
PositiveInfinitySymbol : Infinity
PositiveSign : +
PercentDecimalDigits : 2
PercentDecimalSeparator : .
PercentGroupSeparator : ,
PercentSymbol : %
PerMilleSymbol : ‰
NativeDigits : {0, 1, 2, 3…}
DigitSubstitution : None

£> Get-WinSystemLocale | select -ExpandProperty DateTimeFormat

AMDesignator : AM
Calendar : System.Globalization.GregorianCalendar
DateSeparator : /
FirstDayOfWeek : Monday
CalendarWeekRule : FirstFourDayWeek
FullDateTimePattern : dd MMMM yyyy HH:mm:ss
LongDatePattern : dd MMMM yyyy
LongTimePattern : HH:mm:ss
MonthDayPattern : d MMMM
PMDesignator : PM
RFC1123Pattern : ddd, dd MMM yyyy HH’:’mm’:’ss ‘GMT’
ShortDatePattern : dd/MM/yyyy
ShortTimePattern : HH:mm
SortableDateTimePattern : yyyy’-‘MM’-‘dd’T’HH’:’mm’:’ss
TimeSeparator : :
UniversalSortableDateTimePattern : yyyy’-‘MM’-‘dd HH’:’mm’:’ss’Z’
YearMonthPattern : MMMM yyyy
AbbreviatedDayNames : {Sun, Mon, Tue, Wed…}
ShortestDayNames : {Su, Mo, Tu, We…}
DayNames : {Sunday, Monday, Tuesday, Wednesday…}
AbbreviatedMonthNames : {Jan, Feb, Mar, Apr…}
MonthNames : {January, February, March, April…}
IsReadOnly : False
NativeCalendarName : Gregorian Calendar
AbbreviatedMonthGenitiveNames : {Jan, Feb, Mar, Apr…}
MonthGenitiveNames : {January, February, March, April…}

£> Get-WinSystemLocale | select -ExpandProperty OptionalCalendars

MinSupportedDateTime : 01/01/0001 00:00:00
MaxSupportedDateTime : 31/12/9999 23:59:59
AlgorithmType : SolarCalendar
CalendarType : Localized
Eras : {1}
TwoDigitYearMax : 2029
IsReadOnly : False

MinSupportedDateTime : 01/01/0001 00:00:00
MaxSupportedDateTime : 31/12/9999 23:59:59
AlgorithmType : SolarCalendar
CalendarType : USEnglish
Eras : {1}
TwoDigitYearMax : 2029
IsReadOnly : False

And finally the language(s)
£> Get-WinUserLanguageList

LanguageTag : en-GB
Autonym : English (United Kingdom)
EnglishName : English
LocalizedName : English (United Kingdom)
ScriptName : Latin script
InputMethodTips : {0809:00000809}
Spellchecking : True
Handwriting : False

Now you know where to go to find the cultural and locale settings are configured. The big question though is do you use the Set-* cmdlets in this module to modify these settings? My suspicion is no because you would to modify a large number of settings to achieve consistency. The cmdlets may be useful for tweaking settings for particular tasks.

August 27, 2013  1:50 PM

Windows Error Reporting Cmdlets

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Windows Error Reporting (WER) captures software crash and hang data from Windows systems. The data is sent to Microsoft for analysis. The data captured by WER is used to identify those bugs that are affecting customers the most. Fixing those bugs benefits the whole Windows user community.

WER is an optional configuration during the installation of Windows and some other Microsoft products.

How can you tell if WER is configured on your machines?

Windows 8/2012 has a PowerShell module for working with WER configuration.

£> Get-Command -Module WindowsErrorReporting | select Name

You can view the current WER configuration:

£> Get-WindowsErrorReporting

You can disable WER:

£> Disable-WindowsErrorReporting
£> Get-WindowsErrorReporting

And you can enable WER:

£> Enable-WindowsErrorReporting
£> Get-WindowsErrorReporting

These cmdlets are only available on Windows 8/2012 and above. The module is labelled as a script module but it is actually loaded as a dll so its unlikely to be portable to legacy versions of Windows.

August 27, 2013  11:38 AM

Windows 8.1/2012 R2 RTM

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Windows 8.1 & Windows Server 2012 R2 have gone RTM (Release To Manufacturing). The General Availability date is 18 October but it looks like you won’t be able to get your hands on it before then even with a TechNet/MDSN subscription.

No fair.

Why bother trying to keep up to date when Microsoft pull stunts like this. All other new versions of Windows as far back as I can remember have been made available on TechNet and MSDN within a month of RTM.

Announcing RTM and then imposing nearly 2 month delay on making it available to the technical community won’t win many friends.

August 27, 2013  11:22 AM

DSC Cheat Sheet

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The big news item in PowerShell v4 is Desired State Configuration (DSC). Its unlikely that I’ll be writing much here about DSC because its too close to what I do for a living at the moment. I’m not giving away all my secrets 🙂

A quick reference cheat sheet for DSC has been published – details from



August 26, 2013  2:37 PM

Get-AdUser and –properties

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The Get-ADuser cmdlet returns a small subset of properties by default:

PS> Get-ADUser -Identity Richard

DistinguishedName : CN=Richard,CN=Users,DC=Manticore,DC=org
Enabled : True
GivenName : Richard
Name : Richard
ObjectClass : user
ObjectGUID : b94a5255-28d0-4f91-ae0f-4c853ab92520
SamAccountName : Richard
SID : S-1-5-21-3881460461-1879668979-35955009-1104
Surname :
UserPrincipalName : Richard@Manticore.org

You can use the –Properties parameter to return more properties

Get-ADUser -Identity Richard -Properties *

returns all properties

You can select a subset of properties by specifying their names

Get-ADUser -Identity Richard -Properties MemberOf, Country

If you want to use wildcards you need to use select

Get-ADUser -Identity Richard -Properties * | select last*

August 26, 2013  1:40 PM

String Concatenation revisited

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

There a few ways to concatenate (join together) strings in PowerShell.

The obvious way is to use the concatenation operator +

£> $a = “Hello”
£> $b = “World”
£> $a + ” ” + $b
Hello World

You can use string substitution

£> $a = “Hello”
£> $b = “World”
£> “$a $b”
Hello World

but remember that only works when you are using double quotes. Single quotes give you

£> ‘$a $b’
$a $b

You can also use the format operator –f

£> $a = “Hello”
£> $b = “World”
£> “{0} {1}” -f $a, $b
Hello World

One final method is to put your strings into the elements of an array and use the –join operator

£> $d = @()
£> $d += “Hello”
£> $d += “World”
£> $d
£> $d -join ” ”
Hello World

Which one should you use. Simple, whatever works best to solve your problem.

PowerShell often supplies multiple options to solve a problem. Use whichever you are most comfortable with and is the easiest to use in the context of the problem you are trying to solve.

August 14, 2013  1:17 PM

PowerShell 4 available in October

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Microsoft has announced that Windows 2012 R2, System Center 2012 R2 and Windows 8.1 will be on general availability on October 18. The important point being that Windows 2012 R2 & Windows 8.1 bring PowerShell v4


If the pattern of previous releases is followed they will be available earlier through MSDN.

Pity it couldn’t have been 8 days earlier – would have made a nice birthday present

August 13, 2013  2:41 PM

PowerShell Jump start pt 2

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The second part of the PowerShell jump start – Tools and Scripting – was broadcast on 1 August

The recordings are now available from


The first set of recordings are still available at


I even get a mention Smile

August 13, 2013  2:35 PM

AD Management in a Month of Lunches–chapter 16 MEAP

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The next chapter of AD Management in a Month of Lunches has been released to MEAP


Chapter 16 deals with Sites and Subnets


August 13, 2013  2:30 PM

Finding the typo

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

A project I’m working on involves 1000s of lines of code, across numerous modules and folders. When I make changes, like everyone else, I sometimes mistype a command. When your system throws an error and its in nested several levels deep in your code and you’re not sure where it is – who you going to call?

Unfortunately, Ghostbusters can’t help you. But PowerShell can help. I’d type [swtch] instead of [switch]. Nice easy way to find the spelling mistake. Open a PowerShell prompt in the top folder and

Get-ChildItem -Recurse -File | Select-String -Pattern “[swtch]” –SimpleMatch

You will get the file and line number containing the typo. Simple.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: