PowerShell for Windows Admins

February 26, 2011  8:18 AM

PowerCLI book

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Last May I posted a review of fellow PowerShell MVP Hal Rottenberg’s book on managing VMware through PowerShell – http://msmvps.com/blogs/richardsiddaway/archive/2010/05/09/book-review-managing-vmware-infrastructure-with-windows-powershell.aspx

My good friends from the UK PowerShell user group Jonathan Medd (also a PowerShell MVP) and Alan Renouf have collaborated with three other authors to bring you VMware vSphere PowerCLI Reference which is published at the end of March – ISBN 978-0470890790

I’ll be posting a review as soon as I can get hold of a copy

More details from http://www.jonathanmedd.net/2011/02/powercli-book-is-go.html#comments

February 25, 2011  1:24 PM

PowerShell Deep Dive

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

If you haven’t seen it already check out the PowerShell Deep Dive at this years “The Experts Conference”. http://www.theexpertsconference.com/us/2011/general-information/2011-powershell-deep-dive/

As well as total immersion in PowerShell you can dabble in some of the minor technologies associated with it – AD, Exchange, SharePoint, Virtualisation and the cloud.

I’ll be there with a bunch of other PowerShell MVPs. Hope to see you there.

February 23, 2011  1:18 PM

PowerShell and WMI–Chapter 5 MEAP

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Chapter 5 has been released for PowerShell and WMI. It is available through the Manning Early Access Program (MEAP) at http://www.manning.com/siddaway2/
The available chapters cover:

  1. Solving Administrative Challenges
  2. Using PowerShell
  3. WMI in Depth
  4. Best Practices
  5. System Documentation

Chapters 6 to 8 covering Disk Systems, Registry and the file system respectively are in the pipeline. I’m currently working on chapter 9 on processes and services. The code to accompany the MEAP chapters is also available for download from the URL above.

February 22, 2011  4:16 PM

WMI and Performance Counters: I

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

We are always worried about the performance of our systems for one reason or another. We usually turn to sysmon/perfmon to find out how the system is doing.

We can actually use WMI to retrieve this data!

CPU performance is always an issue. We can see what is available

PS> Get-WmiObject -List Win32_Perf*Processor | select name


The two classes do exactly what they say – they return the raw data or formatted data. You may think that returning the raw data is the best bet but you will need to perform a set of calculations on the data to get the results you expect. We’ll stick with the formatted data for now.

PS> Get-WmiObject -Class Win32_PerfFormattedData_PerfOS_Processor | select Name


I have two cores on my windows 7 system so this works. if we just look at the _Total data

__GENUS               : 2
__CLASS               : Win32_PerfFormattedData_PerfOS_Processor
__SUPERCLASS          : Win32_PerfFormattedData
__DYNASTY             : CIM_StatisticalInformation
__RELPATH             : Win32_PerfFormattedData_PerfOS_Processor.Name="_Total"
__PROPERTY_COUNT      : 24
__DERIVATION          : {Win32_PerfFormattedData, Win32_Perf, CIM_StatisticalInformation}
__SERVER              : RSLAPTOP01
__NAMESPACE           : root\cimv2
__PATH                : \\RSLAPTOP01\root\cimv2:Win32_PerfFormattedData_PerfOS_Processor.Name="_Total"
C1TransitionsPersec   : 307
C2TransitionsPersec   : 0
C3TransitionsPersec   : 0
Caption               :
Description           :
DPCRate               : 0
DPCsQueuedPersec      : 116
Frequency_Object      :
Frequency_PerfTime    :
Frequency_Sys100NS    :
InterruptsPersec      : 190
Name                  : _Total
PercentC1Time         : 96
PercentC2Time         : 0
PercentC3Time         : 0
PercentDPCTime        : 0
PercentIdleTime       : 100
PercentInterruptTime  : 0
PercentPrivilegedTime : 0
PercentProcessorTime  : 0
PercentUserTime       : 0
Timestamp_Object      :
Timestamp_PerfTime    :
Timestamp_Sys100NS    :

This dumps all of the counters for a set.  If you’ve looked the Processor counters before these should be familiar. The drawback to the formatted counters is that we lose the timestamp information.  Either we use the raw data and calculate all of the results or we add the timestamp ourselves. My vote goes to option 2.

public class CPUcounter
    public string Timestamp {get; set;}
    public string Name {get; set;}
    public ulong PercProcTime {get; set;}

Add-Type -TypeDefinition $source -Language CSharpversion3

$data = @()

1..3 | foreach {

$date = (Get-Date).ToString()

Get-WmiObject -Class Win32_PerfFormattedData_PerfOS_Processor | 
$value = New-Object -TypeName CPUCounter -Property
= $date
       Name = $_.
= $_.
$data += $value

Start-Sleep -Seconds 1

$data | Format-Table -AutoSize



We create our own object to hold the counter values and add the timestamp.  This can be the basis of a performance baseline as we will see next time

February 20, 2011  1:32 PM

Windows 7 SP1

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Installed the RTM version of SP1 today – its one download to cover Windows 7 and Windows 2008 R2.  Install is straight forward. No real issues seen.  I’ll report any problems that come up

February 12, 2011  5:04 AM

IT lemmings

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

IT seems to be in a continuous cycle of hype. We keep getting “new” technologies or ways of supplying IT that will solve all of your organisations problems at a stroke. Some examples of this phenomenon include:

  • outsourcing – IT isn’t a core activity for you business so hand over the running of your IT systems to a specialist company who have the experts to deliver what you need and the economy of scale to do it cheaper
  • virtualisation – You don’t need lots of physical servers. Virtualise so that you are running a number of big servers really hard and they host a bunch of virtual servers that are doing the work
  • web services – everything will be available as a web service. Don’t write your own code just string together a set of pre-supplied services and nirvana is reached
  • cloud computing – move everything to Internet access. Let the supplier host the application and you just use it (How is this different from the failed Application Service Provider idea of the late 1990’s?)

Now before you start jumping up and down calling me a luddite let me point out that I am currently working in a environment that utilises three out of these four concepts. I am actively designing new services that employ two of them.

My concern is the misinformation and hype that surrounds “new” technologies. I keep calling it “new” because a number of these are recycled. I’ve already mentioned ASP/Cloud computing. I was working with “virtualisation” technologies on mainframes back in the 1980’s. What goes around comes around.

Each wave of “new” technologies brings a bubble of hype that is totally out of proportion to the benefits to be gained. The IT analyst companies start the ball rolling and the IT press (who usually don’t understand what they are talking about) jump on the bandwagon. Suddenly, the only way your organisation can survive is to throw away everything that has gone before and embrace this new way of doing things.

Reality Check

How many organisations have completely virtualised their environment. I have applications that can’t be virtualised because the vendor won’t support it in a virtual environment?

How many external web services does you company really use?

Can you run your organisation in the cloud? Many can’t because of regulatory or commercial restrictions that prevent it. This is often due to access to the data.


All of the ideas that are bandied about need consideration. Just because its new doesn’t mean that it suits your organisation.

This is where the good architect earns their money. Separate out what will benefit your organisation and utilise it. Ignore the rest. ignore the analysts and IT press telling you what you should be doing when they don’t have a clue what your organisation really needs.

There are organisations that will benefit from cloud computing. There are others that it will harm. Virtualisation is delivering benefits to the organisation I work with – but don’t forget the overheads that come with it.

One of my favourite phrases when discussing technology is “so what”.  Meaning what does it actually do for us? Does the benefit of implementing out weigh the cost?

This continual jumping towards the next shiny toy is why many businesses hold their IT departments in such low regard? The planning should always be from business process to applications to infrastructure to support them. Leading with technology doesn’t work and will continue to cost businesses money they possibly can’t afford.

February 4, 2011  11:46 AM

Don’t forget

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The UK PowerShell group has a Live Meeting on Tuesday 8 February at 7.30pm GMT.

Details from:


January 28, 2011  1:17 PM

Science or Art

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Infrastructure Architecture = Science or Art. Discuss.

We claim the titles of architect and/or engineer but is what we do as infrastructure architects really based on solid scientific/engineering principles.

I would claim not. Much of what we do is recycling the designs of the past – possibly adapting them as new versions of particular technologies appear. But how many times have you seen an implementation of version 3 of product that is implemented in exactly the same way as version 1 would have been. The reason is usually the very lame “but we’ve always done it that way”. The real reason in many cases is that the people involved haven’t bothered to keep up to date with changes in the technologies they are relying on. This means their organisations aren’t getting the full benefit of those applications.

There are a number of fundamental architectural decisions that in many cases are driven by the existing environment. How many truly green field sites are there these days?

There are a larger number of design decisions which are often based on the products we select.

In this way we are more like the master masons that built the great cathedrals of the Middle Ages. We know what works and we stick with it.

So. Science or Art?

January 25, 2011  2:08 PM

System Restore Points pt 2

Richard Siddaway Richard Siddaway Profile: Richard Siddaway


We have seen how to discover the available restore points.  What about creating one.

function new-systemrestorepoint {
param ( 
) $test = Test-Connection -ComputerName $computername -Count 1
if (-not ($test)){Throw “Computer $computername not reachable”


 $sr = [wmiclass]“\\$computername\root\default:SystemRestore”
 $sr.CreateRestorePoint($description, 0, 100)





We need to use [wmiclass] to create a new instance of the SystemRestore class. We can then use the CreateRestorePoint method with the description we’ve input as a parameter. The other paarmeters define it as an application install and begin system change respectively. This are generic enough to be left as is.  They can be made parameters if required

January 23, 2011  1:10 PM

System Restore Points

Richard Siddaway Richard Siddaway Profile: Richard Siddaway


PowerShell 2.0 supplies 4 cmdlets for working with system restore points. 


This is great but they only work with the local machine. You can test this easily by either looking at the help for each one or use

get-help * -Parameter computer*

to view all of the cmdlets with a computer related parameter.


Let’s start with Get-ComputerRestorePoint. We can perform this task using

Get-WmiObject -Namespace ‘root\default’ -Class SystemRestore

This starts the display with the oldest restore point. I want it the other way up. 

Get-WmiObject -Namespace ‘root\default’ -Class SystemRestore |
sort SequenceNumber -Descending

I also only want the CreationTime, Sequence number and description

Get-WmiObject -Namespace ‘root\default’ -Class SystemRestore |
sort SequenceNumber -Descending |
Format-Table SequenceNumber, CreationTime, Description –AutoSize

At this point we loose the formatting on the date and it reverts to WMI format.  Well, we know how to deal with that.

Get-WmiObject -Namespace ‘root\default’ -Class SystemRestore |
sort SequenceNumber -Descending |
Format-Table SequenceNumber,
@{Name="Date"; Expression={$($_.ConvertToDateTime($_.CreationTime))}},
Description –AutoSize

Now I want to wrap this into a function

function get-systemrestorepoint {
param ( 

$test = Test-Connection -ComputerName $computername -Count 1
if (-not ($test)){Throw "Computer $computername not reachable"

 Get-WmiObject -Namespace ‘root\default’ -Class SystemRestore `
-ComputerName $computername |
sort SequenceNumber -Descending |
 Format-Table SequenceNumber,
="Date"; Expression={$($_.ConvertToDateTime($_.CreationTime))}},
 Description -AutoSize





I can use this to access the system restore points on remote machines.  This becomes the first function in a new PAM module.  I’ll develop the rest over a series of posts.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: