PowerShell for Windows Admins


July 1, 2011  1:56 PM

Computer report

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

A recent post on the powershell.com site asked about running a Windows command (batch) file through PowerShell against remote machines. The batch file was expected to produce a number of files of data in a folder structure based on computer name. This makes it difficult as we could in theory run the batch file through remoting (not actually tried it) but writing to a file share isn’t easy.

I decide to convert the batch file to PowerShell.  The first part uses a number of basic Windows commands to generate data. This function supplies exactly the same functionality

function get-basicdata{             
[CmdletBinding()]             
param (             
   [string]$computer="localhost"             
)             
BEGIN{}#begin             
PROCESS{            
            
Write-Verbose "Get Operating System"            
$os = Get-WmiObject -Class Win32_OperatingSystem -ComputerName $computer            
            
Write-Verbose "Get Computer System"            
$comp = Get-WmiObject -Class Win32_ComputerSystem -ComputerName $computer            
            
Write-Verbose "Get IP Address"            
$ip = Test-Connection -ComputerName $computer -Count 1            
            
Write-Verbose "Read registry entry"            
$HKLM = 2147483650 #HKEY_LOCAL_MACHINE            
            
$reg = [wmiclass]"\\$computer\root\default:StdRegprov"            
$key = "SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\rdp-tcp"            
$value = "MinEncryptionLevel"            
$minlvl = $reg.GetDwordValue($HKLM, $key, $value)  ## REG_DWORD            
            
Write-Verbose "Create Object"            
$obj = New-Object -TypeName PSObject            
$obj |            
Add-Member -MemberType NoteProperty -Name OperatingSystem -Value $($os.Caption) -PassThru |            
Add-Member -MemberType NoteProperty -Name ServicePack    -Value $($os.CSDVersion) -PassThru |            
Add-Member -MemberType NoteProperty -Name Version       -Value $($os.Version) -PassThru |            
Add-Member -MemberType NoteProperty -Name Domain       -Value $($comp.Domain) -PassThru |            
Add-Member -MemberType NoteProperty -Name Name       -Value $($comp.Name) -PassThru |            
Add-Member -MemberType NoteProperty -Name IPv4Address -Value $($ip.IPV4Address.IPAddressToString) -PassThru |            
Add-Member -MemberType NoteProperty -Name MinEncrypt -Value $($minlvl.uValue)            
            
$obj            
            
}#process             
END{}#end            
            
}

All we do is make a few calls to WMI classes and we get the results into an object as shown.

To produce a file use

The contents look like this

OperatingSystem : Microsoft Windows 7 Ultimate

ServicePack     : Service Pack 1

Version         : 6.1.7601

Domain          : WORKGROUP

Name            : RSLAPTOP01

IPv4Address     : 127.0.0.1

MinEncrypt      : 2

That covers the basic data.  Need to look at services and TCP ports next

June 30, 2011  3:18 PM

PowerShell web cast by Don Jones

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Combining Output from Multiple Sources

Webcast: Combining Output from Multiple Sources REGISTER NOW

July 6, 2011, 12pm CST

Presented by: Don Jones

Learn how easy-to-make custom objects not only let you combine output from multiple sources, but also allow you to create calculated properties and columns, customize output formatting, and easily send your output to CSV files, XML files, HTML, or pretty much anything you like.

Don Jones is the founder of ScriptingAnswers.com and the lead scripting guru at SAPIEN Technologies. He’s the author or more than twenty books on information technology, including Managing Windows with VBScript and WMI, Advanced VBScript for Windows Administrators, and Windows PowerShell: TFM. Don has written and spoken extensively about scripting and automation for years, including columns in REDMOND Magazine, MCPMag.com, Microsoft TechNet Magazine, and more, as well as a series of scripting-related Webinars for Microsoft TechNet. Don is a multiple recipient of Microsoft’s MVP Award, and one of the industry’s strongest advocates for Windows administrative automation.

Registration URL:

http://www.idera.com/Events/RegisterWC.aspx?EventID=192&s=EM_PSExpert _PSWC


June 30, 2011  3:13 PM

Scripting Guy discusses PAM modules

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

My codeplex project publishing PowerShell Admin Modules (PAM) is discussed in this post

http://blogs.technet.com/b/heyscriptingguy/archive/2011/06/29/don-t-write-wmi-scripts-use-a-powershell-module.aspx

In particular the Get-OSInfo function from the PAMSysInfo module is heavily featured


June 30, 2011  2:19 PM

UK PowerShell Group–June 2011 PowerShell and Office – slides and scripts

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

As promised on the Live Meeting the slides and scripts are now available at

https://skydrive.live.com/?wa=wsignin1.0&cid=43cfa46a74cf3e96#!/?cid=43cfa46a74cf3e96&sc=documents&uc=1&id=43CFA46A74CF3E96%212924!cid=43CFA46A74CF3E96&id=43CFA46A74CF3E96%212924


June 30, 2011  1:48 PM

UK PowerShell Group–July meeting advance warning

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The UK PowerShell group will be presenting a Live Meeting – Tuesday 26 July 2011 @ 7.30pm BST

Subject – PowerShell Remoting

More details to follow


June 29, 2011  12:46 PM

UK PowerShell UG–30 June 2011

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The rescheduled UG session (via Live Meeting) on using Office products with PowerShell is tomorrow. Details from

http://msmvps.com/blogs/richardsiddaway/archive/2011/06/21/rescheduled-ug-meeting.aspx


June 29, 2011  12:42 PM

Network Connection Ids

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Yesterday I was looking at changing a Network connection id (the name that shows in Network and Sharing Center when you look at the adapters). I kept getting an error – either COM or number of arguments depending if I was running locally or remotely.

I eventually realised that I must be using a connection id that already existed in the Registry.  I tracked them down to

HKLM:\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}

This works for Windows 7 and Windows 2008 R2. Please check for other Windows versions.

This produces a bunch of subkeys of the form

{F913D3B9-DBE4-455C-8926-10E24AB4E68A}

Each of these has a subkey Connection with a value of Name that we are interested in

function get-Registryconnectionid{             
[CmdletBinding()]             
param (             
   [string]$computer="."             
)             
BEGIN{}#begin             
PROCESS{            
            
Write-Verbose "Reading registry keys for IDs"            
$HKLM = 2147483650            
$key = "SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}"            
$reg = [wmiclass]'\\.\root\default:StdRegprov'            
$subkeys = $reg.EnumKey($HKLM, $key)            
            
            
foreach ($name in $subkeys.snames){            
  if ($name -eq "Descriptions"){Continue}            
  $conkey = "SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\$name\Connection"            
  Write-Debug $conkey            
              
  $cvalue = "Name"            
  $id = $reg.GetStringValue($HKLM, $conkey, $cvalue)  ## REG_SZ            
              
  $ivalue = "DefaultNameIndex"            
  $index = $reg.GetDwordValue($HKLM, $conkey, $ivalue)  ## REG_DWORD            
  $connection = New-Object -TypeName PSObject -Property @{            
       Index = $index.uValue            
       Connection = $id.sValue            
    }            
  $connection              
}            
            
            
}#process             
END{}#end            
            
<# 
.SYNOPSIS
Retrieves network connection ids 

.DESCRIPTION
Retrieves network connection ids held in the registry.
This includes current and previous ids.

.PARAMETER  Computer
Computer name

.EXAMPLE
get-Registryconnectionid

.EXAMPLE
get-Registryconnectionid -computer server02

#>            
            
}

This uses the standard WMI methods to read a local or remote registry

The corresponding current values are given by

Get-WmiObject -Class Win32_NetworkAdapter | select NetConnectionId, Index

The two index values are not related


June 28, 2011  3:48 PM

Quick Tip: Discovering service start accounts

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Do you know which accounts are used to start the services running on your machines? if you need this information try:

Get-WmiObject -Class Win32_Service | select Name, DisplayName, StartName

For a remote machine this becomes

Get-WmiObject -Class Win32_Service -ComputerName Win7 | select Name, DisplayName, StartName

And for testing which services are started by a specific account use:

Get-WmiObject -Class Win32_Service -ComputerName Win7 | where {$_.StartName -eq ‘NT Authority\LocalService’} | select Name, DisplayName, StartName

I wanted to use a WMI filter instead of Where-Object but it didn’t want to work


June 26, 2011  12:14 PM

Monitor brightness–or not

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

In this post

http://msmvps.com/blogs/richardsiddaway/archive/2011/06/26/1795135.aspx?CommentPosted=true#commentmessage

I discussed using WMI to check the monitor’s brightness.  Further investigation has shown that not all monitors support the interface to WMI so it is a bit of trial and error to check if it does work on your machine


June 25, 2011  12:28 PM

Read the Scripting Guy Blog

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I had the pleasure of meeting Microsoft’s Scripting Guy, Ed Wilson and his charming wife at the recent PowerShell Deep Dive. As well as being very nice guy Ed  also has a huge depth of knowledge on scripting in general and PowerShell in particular. His Hey, Scripting Guy! blog is one of the few I read on a regular basis. I might not always agree with Ed but he makes me think about some of the things I have come to take for granted about PowerShell.

If you don’t already read this blog now would be a good time to start – Ed is just starting a series about us stopping writing PowerShell scripts!!!  http://blogs.technet.com/b/heyscriptingguy/archive/2011/06/25/don-t-write-powershell-scripts.aspx.

No, I’m not going to tell you any more – go and read it and the subscribe to the RSS feed for the rest of the posts in the series.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: