PowerShell for Windows Admins

October 8, 2013  2:48 PM

ADs 1000 object limit

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

By default when you query AD using a script or cmdlet you won’t get more than 1000 objects returned. If your AD contains 4000 users and you run

Get-ADuser –filter *

You’ll still only get the first 1000 users returned.

This is by design to prevent you accidentally unleashing the “query from hell” and grinding your poor domain controller into the ground.

Of course if you only have 900 users you’ll never see a problem.

You can get a bigger result set using the ResultSetSize parameter.

Set it to a value bigger than you expect and you’ll be fine.

The documentation says that using a value of $null (which is supposedly default) will return all objects that match you filter. I need to test but I don’t think that’s right

October 7, 2013  1:10 PM

Desired State Configuration

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Desired State Configuration is the headline item in PowerShell 4.0

Steven Murawski has started a series of posts on PowerShell.org. The first two posts are available



More to come

October 5, 2013  5:59 AM

Common mistakes–size constants

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I can’t count the number of times I’ve seen something like this:

Get-WmiObject -Class Win32_LogicalDisk -Filter {DriveType = 3} |
select @{N=’Capacity’; E={[math]::Round(($_.Size / 1073741824), 2)}}

What’s wrong this?

The use of 1073741824 – in case you don’t recognise the number its 1 gigabyte.

Wouldn’t you prefer to do this

Get-WmiObject -Class Win32_LogicalDisk -Filter {DriveType = 3} |
select @{N=’Capacity’; E={[math]::Round(($_.Size / 1gb), 2)}}

That’s right divide by 1 gigabyte.

PowerShell recognises the main sizes you’ll be using – from KB to PB (petabyte)

1kb, 1mb, 1gb, 1tb, 1pb |
foreach {
“{0,16}” -f $psitem


Which would you prefer to type 1pb or 1125899906842624 ?

Using the size constants is less prone to error and also reminds you of what you are trying to achieve.

October 5, 2013  5:41 AM

Common mistakes–filtering

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Which of these should you use

Get-WmiObject -Class Win32_LogicalDisk | where DriveType -eq 3


Get-WmiObject -Class Win32_LogicalDisk -Filter {DriveType = 3}

They both give the same results after all.

Against a remote machine the first one took 640 milliseconds and the second took 245 milliseconds.

The reason for the difference is that the first command pulls back information on all logical disks – and then filters. The second on pulls back information on drive type 3 (local hard disks)

The 395 milliseconds difference doesn’t sound much and against 1 machine is negligible. No span that across hundreds or thousands of machines and you get a significant impact.

Always filter the data down as soon as you can – preferably at source.

October 3, 2013  2:00 AM

Scanning event logs

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

My post on scanning event logs on multiple machines using a workflow went live on the Scripting Guy blog yesterday –


September 29, 2013  11:23 AM

Winter Scripting Games scheduled

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The Winter Scripting Games are tentatively schedule to start 6 January 2014 & run for 4-6 weeks depending on the number of events.

See http://powershell.org/wp/2013/09/29/winter-scripting-games-tentatively-scheduled/ for latest details

September 28, 2013  3:39 AM

PowerShell too big to know

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

A couple of sentences in the Scripting Guy’s post from yesterday


stuck in my mind:

“I am not certain I have ever met anyone who knows everything there is to know about Windows PowerShell. In fact, I am not certain I have ever met anyone who knows nearly everything there is to know about Windows PowerShell. “

One simple anecdote should put that in context. At the recent PowerShell summit a number of things were demonstrated that had senior members of the PowerShell team saying “I didn’t know you could do that” As an aside similar scenarios played out at the 3 PowerShell Deep Dives in 2011 & 2012.

I’ve been using PowerShell since the early betas for 1.0 & have been an MVP for 6 years and I definitely don’t know everything about PowerShell. I’m learning something new about PowerShell every day.

Think also that it took three of us to write PowerShell in Depth.

There are a whole bunch of modules in Windows 2012 & 2012 R2 I haven’t had time to paly with yet. Add in the PowerShell functionality in SharePoint, Exchange, SQL Server plus all the other Microsoft and third party products and no one can know all there is to know about PowerShell.

One of the great joys of working PowerShell is that there is always something new to learn. Sure, you’re building on what you already know but even the core PowerShell engine can bring surprises.

I’d be highly suspicious of anyone claiming to know everything about PowerShell.

September 27, 2013  11:02 AM

PowerShell Summit 2014–reasons to attend

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Microsoft’s Scripting Guy supplies a number of very compelling reasons for attending the PowerShell Summit 2014 in Seattle.


Registration details can be found here


In addition to the powershell.org you will be able to talk to MVPs, the representatives from the PowerShell team, The Scripting Guy and a whole bunch of people who use PowerShell on a daily basis and probably have the answer to that burning question.

This years’s event was brilliant – next years will be at least as good if not better.

It is the PowerShell event of the year – highly recommended

September 26, 2013  12:58 PM

Rolling back time

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

There are many situations where you want to roll the date back – checking a file’s last access time, processing event logs, checking a password expiry in AD.

Get-Date (or more accurately the underlying System.DateTime .NET class offers a number of options.

Lets say you need a date that’s 3 months in the past.

You could create it directly:

£> Get-Date -Day 26 -Month 6 -Year 2013

26 June 2013 19:41:42


£> Get-Date -Date “26 June 2013”

26 June 2013 00:00:00

Notice the difference on the times. I’m going to ignore the time portion.

Get-Date supplies a number of methods you could use:

Get-Date | Get-Member -MemberType Method


£> $ts = New-TimeSpan -Days 91
£> $ts

Days : 91
Hours : 0
Minutes : 0
Seconds : 0
Milliseconds : 0
Ticks : 78624000000000
TotalDays : 91
TotalHours : 2184
TotalMinutes : 131040
TotalSeconds : 7862400
TotalMilliseconds : 7862400000

£> (Get-Date).Add(-$ts)

27 June 2013 19:46:06

£> (Get-Date).AddDays(-$ts.Totaldays)

27 June 2013 19:46:32

£> (Get-Date).AddHours(-$ts.TotalHours)

27 June 2013 19:48:32

£> (Get-Date).AddMinutes(-$ts.TotalMinutes)

27 June 2013 19:49:07

£> (Get-Date).AddSeconds(-$ts.TotalSeconds)

27 June 2013 19:50:18

£> (Get-Date).AddMilliseconds(-$total.TotalMilliseconds)

26 September 2013 19:51:19

£> (Get-Date).AddTicks(-$total.TotalTicks)

26 September 2013 19:51:38

You can also do

£> (Get-Date).AddMonths(-3)

26 June 2013 19:52:12

£> (Get-Date).AddYears(-0.25)

26 September 2013 19:52:37

Lots of ways to solve the same problem. While you normally wouldn’t want to calculate a date 3 months in the past based on seconds or ticks the fact that you can use those values opens up other possibilities.

The [datetime] class supplies a good set of methods for manipulating dates. Knowing they are there enables you to use the most appropriate to solve your task.

September 25, 2013  2:10 AM

Server Documentation

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

No one likes documenting their servers but is a necessary job. As the start of a series on taking those first automation steps – you’ve learned PowerShell and now you want to put it to use – I have an article on the Scripting Guy blog that shows you how to get started documenting your servers



If you have any ideas for future articles in the series please leave a comment

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: