PowerShell for Windows Admins


July 7, 2011  2:23 PM

Next partition

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I also need to generate a partition number for Mount-VHD

Similar idea but use the Win32_DiskPartition class

function get-nextpartition {            
            
$disk = Get-WmiObject -Class Win32_DiskPartition |            
sort Index -Descending |            
select -First 1 -Property Index            
            
$nextindex = ($disk.Index) + 1            
$nextindex            
            
}

The Index is an integer so we only need to add 1

July 7, 2011  2:18 PM

Next drive letter

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I’ve been working on using the Hyper-V PowerShell library and wanted to use the Mount-VHD function.  It wants a drive letter.  The library provides Get-FirstAvailableDriveLetter but what I want is actually the next letter in the sequence.  I want to avoid A & B to avoid confusion. So I needed a function to get the next drive letter

function get-nextdriveletter {            
            
$disk = Get-WmiObject -Class Win32_LogicalDisk |            
sort DeviceId -Descending |            
select -First 1 -Property DeviceID            
            
$letter = ($disk.DeviceID).Substring(0,1).ToUpper()            
if ($letter -eq "Z"){            
 Write-Host "No more drive letters available"            
}            
else {            
 $nextletter = [char](([byte][char]$letter) + 1)            
 $nextletter            
}            
            
}

Use WMI to get the last letter used – descending sort on DeviceID produces that. Take the letter, convert to a byte value, add 1 and convert back

Job done


July 7, 2011  2:12 PM

July User group meeting details–PowerShell Remoting

Richard Siddaway Richard Siddaway Profile: Richard Siddaway


When: Tuesday, Jul 26, 2011 7:30 PM (BST)


Where:

*~*~*~*~*~*~*~*~*~*

A look at PowerShell Remoting using individual commands, Invoke-Command and PowerShell sessions. How to configure remoting and get the best out of it

Notes


Richard Siddaway has invited you to attend an online meeting using Live Meeting.
Join the meeting.
Audio Information
Computer Audio
To use computer audio, you need speakers and microphone, or a headset.
First Time Users:
To save time before the meeting, check your system to make sure it is ready to use Microsoft Office Live Meeting.
Troubleshooting
Unable to join the meeting? Follow these steps:

  1. Copy this address and paste it into your web browser:
    https://www.livemeeting.com/cc/usergroups/join
  2. Copy and paste the required information:
    Meeting ID: C7JCCP
    Entry Code: fKg^5N’,D
    Location: https://www.livemeeting.com/cc/usergroups

If you still cannot enter the meeting, contact support

Notice
Microsoft Office Live Meeting can be used to record meetings. By participating in this meeting, you agree that your communications may be monitored or recorded at any time during the meeting.


July 6, 2011  1:13 PM

PowerShell and WMI webcast

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I have been invited by PowerShell.com to give a webcast on 7 September 2011 @ 12 noon Central Time (6pm UK time).

The webcast is entitled Get the most from PowerShell and WMI

Register here

https://www2.gotomeeting.com/register/944144658


July 3, 2011  6:52 AM

Computer Report IV: Time server

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The batch file uses

net time /querysntp

which displays the name of the Network Time Protocol (NTP) server currently configured for the local computer or the one specified in ComputerName.

Unfortunately /querysntp  has been deprecated in later versions of Windows.

In a domain we normally configure client and server machines to use the domain time synchronisation hierarchy rather than an external time source (the exception to this is the PDC emulator FSMO role holder in the root domain which is the top of hierarchy and synchronises externally)

Our test then should be to see if we are using a domain time synchronisation source or external. This information is held in the registry.

We need to look in HKLM:\SYSTEM\CurrentControlSet\Services\W32Time\parameters.

The Type property tells us if we are using domain synchronisation (NT5DS) or and external server (NTP). The server( s ) are held in the NTPserver property.

We can amend our basic data function to read these registry keys

function get-basicdata{             
[CmdletBinding()]             
param (             
   [string]$computer="localhost"             
)             
BEGIN{}#begin             
PROCESS{            
            
Write-Verbose "Get Operating System"            
$os = Get-WmiObject -Class Win32_OperatingSystem -ComputerName $computer            
            
Write-Verbose "Get Computer System"            
$comp = Get-WmiObject -Class Win32_ComputerSystem -ComputerName $computer            
            
Write-Verbose "Get IP Address"            
$ip = Test-Connection -ComputerName $computer -Count 1            
            
Write-Verbose "Read registry entry"            
$HKLM = 2147483650 #HKEY_LOCAL_MACHINE            
            
$reg = [wmiclass]"\\$computer\root\default:StdRegprov"            
$key = "SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\rdp-tcp"            
$value = "MinEncryptionLevel"            
$minlvl = $reg.GetDwordValue($HKLM, $key, $value)  ## REG_DWORD            
            
Write-Verbose "Create Object"            
$obj = New-Object -TypeName PSObject            
$obj |            
Add-Member -MemberType NoteProperty -Name OperatingSystem -Value $($os.Caption) -PassThru |            
Add-Member -MemberType NoteProperty -Name ServicePack    -Value $($os.CSDVersion) -PassThru |            
Add-Member -MemberType NoteProperty -Name Version       -Value $($os.Version) -PassThru |            
Add-Member -MemberType NoteProperty -Name Domain       -Value $($comp.Domain) -PassThru |            
Add-Member -MemberType NoteProperty -Name Name       -Value $($comp.Name) -PassThru |            
Add-Member -MemberType NoteProperty -Name IPv4Address -Value $($ip.IPV4Address.IPAddressToString) -PassThru |            
Add-Member -MemberType NoteProperty -Name MinEncrypt -Value $($minlvl.uValue)            
            
Write-Verbose "Read registry time entry"            
            
$key = "SYSTEM\CurrentControlSet\Services\W32Time\Parameters"            
            
$value = "Type"            
$type = $reg.GetStringValue($HKLM, $key, $value)  ## REG_SZ            
            
$value1 = "NtpServer"            
$NTPserver = $reg.GetStringValue($HKLM, $key, $value1)  ## REG_SZ            
            
switch ($type.svalue){            
 "NTP"  { $obj |            
          Add-Member -MemberType NoteProperty -Name TimeType -Value "External Server" -PassThru |            
          Add-Member -MemberType NoteProperty -Name TimeServer -Value $($NTPServer.svalue)            
         }            
 "NT5DS" { $obj |            
           Add-Member -MemberType NoteProperty -Name TimeType -Value "Domain" -PassThru |            
           Add-Member -MemberType NoteProperty -Name TimeServer -Value ""            
         }            
}            
            
$obj            
            
}#process             
END{}#end            
            
}

 

A switch statement is used to test the value of Type and the appropriate data is add to the object.

As before use

get-basicdata        

to generate output to screen or something like this

   get-basicdata | out-file basicdata.txt   

to create an output file


July 3, 2011  5:17 AM

Computer Report III: Eventlog service

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The batch file has a separate report for event log service status

wmic service where name="EventLog" get Name, SystemName, StartMode, Status

PowerShell translation

Get-WmiObject -Class Win32_Service -Filter "Name=’Eventlog’" | Select Name, SystemName, StartMode, Status

 

This becomes a very simple function

function get-eventstate{             
[CmdletBinding()]             
param (             
   [string]$computer="localhost"            
)             
BEGIN{}#begin             
PROCESS{            
            
Write-Verbose "Get Service"            
Get-WmiObject -Class Win32_Service -Filter "Name='Eventlog'" -ComputerName $computer |             
Select Name, SystemName, StartMode, Status            
            
}#process             
END{}#end            
            
}

 

As with all of the functions we’ve seen in this series if you want the output on screen run as

get-eventstate

but if you want a file creating

get-eventstate | out-file c:\scripts\eventstate.txt


July 3, 2011  5:06 AM

Computer Report: II Service Information

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

 

The batch file retrieves service information using

wmic service where state="Running" get DisplayName, Caption

Direct PowerShell translation is this.

Get-WmiObject -Class Win32_Service -Filter "State=’Running’" | Select DisplayName, Caption

Couple of problems:

  1. DisplayName and Caption tend to show the same output
  2. What about services that aren’t running? A major problem could be resolved if you realised a service that should be running has stopped.

Lets change the WMI to

Get-WmiObject -Class Win32_Service | sort State | Select State, Name, Caption

When we create our function we can add a switch to restrict output to just running services if required

function get-servicestate{             
[CmdletBinding()]             
param (             
   [string]$computer="localhost",            
   [switch]$running             
)             
BEGIN{}#begin             
PROCESS{            
            
Write-Verbose "Get Services"            
$services = Get-WmiObject -Class Win32_Service -ComputerName $computer            
            
if ($running){            
  $services | where{$_.State -eq "Running"} | Select Name, Caption            
}            
else {            
  $services | sort State | Select State, Name, Caption            
}            
            
}#process             
END{}#end            
            
}

 

By fetching all of the service information we allow ourselves the ability to easily modify the output if requirements change


July 1, 2011  1:56 PM

Computer report

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

A recent post on the powershell.com site asked about running a Windows command (batch) file through PowerShell against remote machines. The batch file was expected to produce a number of files of data in a folder structure based on computer name. This makes it difficult as we could in theory run the batch file through remoting (not actually tried it) but writing to a file share isn’t easy.

I decide to convert the batch file to PowerShell.  The first part uses a number of basic Windows commands to generate data. This function supplies exactly the same functionality

function get-basicdata{             
[CmdletBinding()]             
param (             
   [string]$computer="localhost"             
)             
BEGIN{}#begin             
PROCESS{            
            
Write-Verbose "Get Operating System"            
$os = Get-WmiObject -Class Win32_OperatingSystem -ComputerName $computer            
            
Write-Verbose "Get Computer System"            
$comp = Get-WmiObject -Class Win32_ComputerSystem -ComputerName $computer            
            
Write-Verbose "Get IP Address"            
$ip = Test-Connection -ComputerName $computer -Count 1            
            
Write-Verbose "Read registry entry"            
$HKLM = 2147483650 #HKEY_LOCAL_MACHINE            
            
$reg = [wmiclass]"\\$computer\root\default:StdRegprov"            
$key = "SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\rdp-tcp"            
$value = "MinEncryptionLevel"            
$minlvl = $reg.GetDwordValue($HKLM, $key, $value)  ## REG_DWORD            
            
Write-Verbose "Create Object"            
$obj = New-Object -TypeName PSObject            
$obj |            
Add-Member -MemberType NoteProperty -Name OperatingSystem -Value $($os.Caption) -PassThru |            
Add-Member -MemberType NoteProperty -Name ServicePack    -Value $($os.CSDVersion) -PassThru |            
Add-Member -MemberType NoteProperty -Name Version       -Value $($os.Version) -PassThru |            
Add-Member -MemberType NoteProperty -Name Domain       -Value $($comp.Domain) -PassThru |            
Add-Member -MemberType NoteProperty -Name Name       -Value $($comp.Name) -PassThru |            
Add-Member -MemberType NoteProperty -Name IPv4Address -Value $($ip.IPV4Address.IPAddressToString) -PassThru |            
Add-Member -MemberType NoteProperty -Name MinEncrypt -Value $($minlvl.uValue)            
            
$obj            
            
}#process             
END{}#end            
            
}

All we do is make a few calls to WMI classes and we get the results into an object as shown.

To produce a file use

The contents look like this

OperatingSystem : Microsoft Windows 7 Ultimate

ServicePack     : Service Pack 1

Version         : 6.1.7601

Domain          : WORKGROUP

Name            : RSLAPTOP01

IPv4Address     : 127.0.0.1

MinEncrypt      : 2

That covers the basic data.  Need to look at services and TCP ports next


June 30, 2011  3:18 PM

PowerShell web cast by Don Jones

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Combining Output from Multiple Sources

Webcast: Combining Output from Multiple Sources REGISTER NOW

July 6, 2011, 12pm CST

Presented by: Don Jones

Learn how easy-to-make custom objects not only let you combine output from multiple sources, but also allow you to create calculated properties and columns, customize output formatting, and easily send your output to CSV files, XML files, HTML, or pretty much anything you like.

Don Jones is the founder of ScriptingAnswers.com and the lead scripting guru at SAPIEN Technologies. He’s the author or more than twenty books on information technology, including Managing Windows with VBScript and WMI, Advanced VBScript for Windows Administrators, and Windows PowerShell: TFM. Don has written and spoken extensively about scripting and automation for years, including columns in REDMOND Magazine, MCPMag.com, Microsoft TechNet Magazine, and more, as well as a series of scripting-related Webinars for Microsoft TechNet. Don is a multiple recipient of Microsoft’s MVP Award, and one of the industry’s strongest advocates for Windows administrative automation.

Registration URL:

http://www.idera.com/Events/RegisterWC.aspx?EventID=192&s=EM_PSExpert _PSWC


June 30, 2011  3:13 PM

Scripting Guy discusses PAM modules

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

My codeplex project publishing PowerShell Admin Modules (PAM) is discussed in this post

http://blogs.technet.com/b/heyscriptingguy/archive/2011/06/29/don-t-write-wmi-scripts-use-a-powershell-module.aspx

In particular the Get-OSInfo function from the PAMSysInfo module is heavily featured


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: