PowerShell for Windows Admins

February 5, 2012  3:22 PM

Passing no parameters

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

This was interesting question on the forum – user wants to retrieve something by name or id and if neither are given then return all objects.  This is similar to

Get-Process powershell
Get-Process -Id 1568

In the first two we filter on a name or id – in the last one we get everything


This is what I arrived at using processes as an example

function test-proc{             
param (             
switch ($psCmdlet.ParameterSetName) {            
 "ByName"  {Get-Process -Name $name }            
 "ById"  {Get-Process -Id $id }            
 "XXXXX" {Get-Process }            

The trick is to define a default parameter set with no parameters – then when you don’t use any parameters it kicks in at the switch statement and your code can run as required

Be interested if this gets broken in any scenarios as it seems to simple to be correct – but it works

February 5, 2012  2:06 PM

Testing replication

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

We’ve seen a few things we can do with the WMI provider for Active Directory. One of the most useful is testing replication

function test-replication{            
Get-WmiObject -Namespace root\MicrosoftActiveDirectory -Class MSAD_ReplNeighbor -ComputerName $computername|            
select SourceDsaCN, NamingContextDN,             
@{N="LastSyncAttempt"; E={$_.ConvertToDateTime($_.TimeOfLastSyncAttempt)}},            
@{N="LastSyncSuccess"; E={$_.ConvertToDateTime($_.TimeOfLastSyncSuccess)}}             

A simple call to the MSAD_ReplNeigbor and we can test the last times the DCs attempted to synchronise and the last time they were successful

February 5, 2012  6:40 AM

PAM release February 2012

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I have added another module to the PowerShell Admin Modules – http://psam.codeplex.com/


Release 0.7 adds a PAMHostsFile module with the following members



A release notes document is also available which includes a listing of all modules and members together with a history of releases.

February 5, 2012  3:59 AM

Training for the Scripting Games

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Like all sporting events you need to train before participating – as part of your training follow the links on the sites in my previous post


and also use these resources


Good luck

February 4, 2012  9:31 AM

Scripting Games 2012–link page

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The 2012 Scripting Games were announced


They will start on 2 April – with events released to schedule after that. The usual Advanced and Beginner categories will be available

An all links page is available


This is worth book marking.

If you didn’t compete last year – follow the links to see the type of fun that is in store.

Last year there were some amazing PowerShell scripts submitted – looking forward to this years games already.

And just to add to the fun – this year you can use PowerShell v3

January 28, 2012  2:51 PM

Naming Contexts

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Continuing our quick look at The ActiveDirectory name space lets have a look at the MSAD_NamingContext  class

Get-WmiObject -Namespace root\MicrosoftActiveDirectory -Class MSAD_NamingContext |

Format-Table DistinguishedName, IsFullReplica –AutoSize


DistinguishedName                              IsFullReplica
—————–                              ————-
DC=DomainDnsZones,DC=Manticore,DC=org                   True
DC=ForestDnsZones,DC=Manticore,DC=org                   True
CN=Schema,CN=Configuration,DC=Manticore,DC=org          True
CN=Configuration,DC=Manticore,DC=org                    True
DC=Manticore,DC=org                                     True


This is equivalent to the information you see in the root of the AD provider

PS> Get-ChildItem -Path AD:\

Name                 ObjectClass          DistinguishedName
—-                 ———–          —————–
Manticore            domainDNS            DC=Manticore,DC=org
Configuration        configuration        CN=Configuration,DC=Manticore,DC=org
Schema               dMD                  CN=Schema,CN=Configuration,DC=Manticore,DC=org
ForestDnsZones       domainDNS            DC=ForestDnsZones,DC=Manticore,DC=org
DomainDnsZones       domainDNS            DC=DomainDnsZones,DC=Manticore,DC=org

January 28, 2012  10:20 AM

Active Directory and WMI

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

A lot of the Active Directory related functionality has been removed from WMI but  there is a little bit left in the root\MicrosoftActiveDirectory namespace.

This is on a Windows 2008 R2 domain controller – I don’t know if this is available on down level versions of Windows.

Get-WmiObject -Namespace root\MicrosoftActiveDirectory -List | where {$_.Name -notlike "__*"}



The mixture of naming conventions doesn’t help but lets start looking at some domain information

Get-WmiObject -Namespace root\MicrosoftActiveDirectory -Class Microsoft_LocalDomainInfo


The following properties of interest are returned

DCname           : SERVER02
DNSname          : Manticore.org
FlatName         : MANTICORE
SID              : S-1-5-21-3881460461-1879668979-35955009
TreeName         : Manticore.org


We can also get a quick replication test


Get-WmiObject -Namespace root\MicrosoftActiveDirectory -Class MSAD_DomainController |
select CommonName, DistinguishedName, IsAdvertisingToLocator, IsGC, IsNextRIDPoolAvailable,
IsRegisteredInDNS, IsSysVolReady, NTDsaGUID, PercentOfRIDsLeft, SiteName,
@{N="OldestQueuedAddition"; E={$_.ConvertToDateTime($_.TimeOfOldestReplAdd)} },
@{N="OldestQueuedDeletion"; E={$_.ConvertToDateTime($_.TimeOfOldestReplDel)} },
@{N="OldestQueuedModification"; E={$_.ConvertToDateTime($_.TimeOfOldestReplMod)} },
@{N="OldestQueuedReplicationSync"; E={$_.ConvertToDateTime($_.TimeOfOldestReplSync)} },
@{N="OldestQueuedReplicationUpdate"; E={$_.ConvertToDateTime($_.TimeOfOldestReplUpdRefs)} }


CommonName                    : SERVER02
DistinguishedName             : CN=NTDS Settings,CN=SERVER02,CN=Servers,CN=Site1,CN=Sites,CN=Configuration,DC=Manticore,DC=org
IsAdvertisingToLocator        : True
IsGC                          : True
IsNextRIDPoolAvailable        : False
IsRegisteredInDNS             : True
IsSysVolReady                 : True
NTDsaGUID                     : baba1150-8a6a-41ac-9889-4b69268d3f7c
PercentOfRIDsLeft             : 91
SiteName                      : Site1
OldestQueuedAddition          : 01/01/1601 00:00:00
OldestQueuedDeletion          : 01/01/1601 00:00:00
OldestQueuedModification      : 01/01/1601 00:00:00
OldestQueuedReplicationSync   : 01/01/1601 00:00:00
OldestQueuedReplicationUpdate : 01/01/1601 00:00:00


The 1601 dates mean nothing is queued

January 27, 2012  2:10 PM

PowerShell Deep Dive 2012

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The 2012 PowerShell Deep Dive has been announced  – April 29 – May 2 in San Diego.



This time PowerShell is a full track so expect more of your favourite stuff.  Hope to see you there.

January 26, 2012  4:09 PM

Integer sizes

Richard Siddaway Richard Siddaway Profile: Richard Siddaway


If you’ve used PowerShell for any time you will be away of [int] meaning integer. One common use is in functions to define a parameter’s data type

function test1 {
param (
$a * $b

We can use this function

PS> test1 -a 10 -b 6

OK simple stuff but what if we do this

PS> test1 -a 2147483648 -b 17
test1 : Cannot process argument transformation on parameter ‘a’. Cannot convert
value "2147483648" to type "System.Int32". Error: "Value was either too large
or too small for an Int32."
At line:1 char:9
+ test1 -a <<<<  2147483648 -b 17
    + CategoryInfo          : InvalidData: (:) [test1], ParameterBindin…mati
    + FullyQualifiedErrorId : ParameterArgumentTransformationError,test1


Integers come in a number of different sizes – denoted by the number of bits that are used to store the number – 16, 32 and 64 respectively.  The standard [int] is a 32bit integer (4 bytes)

We can see the maximum and minimum numbers that can be stored in these data types using the MaxValue and MinValue properties

"`n16 bit integer"
"$([int16]::MinValue) to $([int16]::MaxValue)"

"`n32 bit integer"
"$([int32]::MinValue) to $([int32]::MaxValue)"

"`n32 bit integer alternative"
"$([int]::MinValue) to $([int]::MaxValue)"

"`n64 bit integer"
"$([int64]::MinValue) to $([int64]::MaxValue)"


which gives these results

16 bit integer
-32768 to 32767

32 bit integer
-2147483648 to 2147483647

32 bit integer alternative
-2147483648 to 2147483647

64 bit integer
-9223372036854775808 to 9223372036854775807


So 2147483648 is one bigger than the maximum value storable in 32 bit integer. We could use a 64bit integer or we can use an unsigned integer. This only contains positive values

"`nunsigned 16 bit integer"
"$([uint16]::MinValue) to $([uint16]::MaxValue)"

"`nunsigned 32 bit integer"
"$([uint32]::MinValue) to $([uint32]::MaxValue)"

"`nunsigned 64 bit integer"
"$([uint64]::MinValue) to $([uint64]::MaxValue)"


unsigned 16 bit integer
0 to 65535

unsigned 32 bit integer
0 to 4294967295

unsigned 64 bit integer
0 to 18446744073709551615

Which should you use?  Use int64 if likely to have negative values and possibly uint32 if definitely only positive values

January 24, 2012  4:34 PM

Remoting between PowerShell v3 CTP 2 and PowerShell v2

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

One of the questions on tonight’s Live Meeting concerned the compatibility between remoting on PowerShell v2 and PowerShell v3 CTP 2

The difference is that v3 uses a WSMAN 3.0 stack but v2 uses 2.0

I used two machines:

  • Windows 2008 R2 SP 1 with PowerShell v2
  • Windows 7 SP1 with PowerShell v3 CTP 2


on each machine I ensured remoting was enabled then ran

$s = New-PSSession –ComputerName <other computer name>
Invoke-Command -Session $s -ScriptBlock {get-service}


it worked in both cases

Looks like in this case you can remote both ways

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: