PowerShell for Windows Admins


July 6, 2010  1:04 PM

Registry Size

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

 

Do you know how big your registry is?

001
002
003
Get-WmiObject -Class Win32_Registry | 
Select CurrentSize, ProposedSize, MaximumSize, Status,
@{Name="InstallationDate";Expression={$_.ConvertToDateTime($_.InstallDate)}}

The size parameters are in MB and the maximum size should be the same as the proposed size.  If the status is anything other than OK – it means there is a problem.

July 5, 2010  1:30 PM

Get Local Admins

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I’ve been experimenting with different ways of retrieving local group membership – specifically the members of the local admin group.

This is the quickest answer I’ve come up with

001
002
003
004
005
006
Get-WmiObject -Class Win32_GroupUser | 
where{$_.GroupComponent -like "*Administrators*"} | 
foreach {
    $data = $_.PartComponent -split "\,"
    $data[1].Remove(0,5).Replace(‘"’,) 
}

The Win32_Usergroup is one of the association classes. In the case it has all the information we need.  Use the GroupComponent to restrict the data to the admins groups.  Split the Part component and then clean up the second element to get the name.

For reference the two elements look like this:

GroupComponent : \\RSLAPTOP01\root\cimv2:Win32_Group.Domain="RSLAPTOP01",Name="Administrators"

PartComponent  : \\RSLAPTOP01\root\cimv2:Win32_UserAccount.Domain="RSLAPTOP01",Name="Administrator"

If you want to pick off the domain to show the difference between local and domain accounts then manipulate $data[0]  like this

001
002
003
004
005
006
007
008
009
010
Get-WmiObject -Class Win32_GroupUser | 
where{$_.GroupComponent -like "*Administrators*"} | 
foreach {
    $data = $_.PartComponent -split "\,"
   
    $domain = ($data[0] -split "=")[1].Replace(‘"’,) 
    $name = $data[1].Remove(0,5).Replace(‘"’,) 
   
    "$domain\$name"
}


July 4, 2010  10:22 AM

Adding non-string registry values

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

We recently looked at adding a string string registry value to the key we had created.

http://itknowledgeexchange.techtarget.com/powershell/adding-a-registry-value/

In this post we’ll extend this to other types

001
002
003
004
005
006
007
008
009
010
011
012
013
014
015
016
017
018
019
020
021
022
023
$HKLM = 2147483650 #HKEY_LOCAL_MACHINE

$computer = "."  #local machine
$reg = [wmiclass]"\\$computer\root\default:StdRegprov"

$key = "SOFTWARE\ITKE PSAdmins"

$name = "String Entry"
$value = "This is a string"
$reg.SetStringValue($HKLM, $key, $name, $value)

$name = "Expanded String Entry"
$value = "%temp%"
$reg.SetExpandedStringValue($HKLM, $key, $name, $value)

$name = "Dword Entry"
$value = 101
$reg.SetDWORDValue($HKLM, $key, $name, $value)

$name = "Multi-string Entry"
$value = "A","B","C","D"
$reg.SetMultiStringValue($HKLM, $key, $name, $value)

The pattern established for writing a string value is used across the other values.  An expanded string picks up it value from an environmental variable – so if we want to access the temp folder we can use %temp% and find that folder on all machines.

A multi-string value takes a list of strings. if you change this it will overwrite so we need to read the current value, append new data and then write it back – next time


July 1, 2010  12:54 PM

Computer System Information

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The basic information on your system – name, model, CPUs and RAM can be easily obtained

001
002
003
004
005
Get-WmiObject -Class Win32_ComputerSystem | 
Format-List Name, Manufacturer, Model, 
SystemType, Description,
NumberOfProcessors, NumberOfLogicalProcessors,
@{Name="RAM"; Expression={[math]::round($($_.TotalPhysicalMemory/1GB), 2)}}

use the Win32_Computersystem class and select the relevant properties.  Only new bit is using the round method of System.Math to round the result of converting the memory from bytes to GB. The 2 represents the number of decimal digits I want


June 29, 2010  2:13 PM

PowerShell UG – June meeting slides and recording

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Thanks to everyone how joined the Live Meeting this evening – especially for the questions :-)

The slides and demo script are available for download from:

http://cid-43cfa46a74cf3e96.office.live.com/browse.aspx/PowerShell%20User%20Group/2010%20June

 

The recording of the session is available from:

Richard Siddaway has invited you to view a Microsoft Office Live Meeting recording.
View Recording
Recording Details
    Subject: PowerShell and DNS
    Recording URL: https://www.livemeeting.com/cc/usergroups/view
    Recording ID: NPP98R
    Attendee Key: Dj\J_)4}g


June 28, 2010  3:23 PM

PowerShell User Group

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

 

Don’t forget the PowerShell User Group Live Meeting – Tuesday 29 June @ 7.30 BST

Details from

http://msmvps.com/blogs/richardsiddaway/archive/2010/06/17/powershell-ug-meeting-dns.aspx


June 28, 2010  3:21 PM

Adding a Registry value

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Last time we saw how to add a registry key – this we add a string value to that key

001
002
003
004
005
006
007
008
009
010
$HKLM = 2147483650 #HKEY_LOCAL_MACHINE

$computer = "."  #local machine
$reg = [wmiclass]"\\$computer\root\default:StdRegprov"

$key = "SOFTWARE\ITKE PSAdmins"
$name = "String Entry"
$value = "This is a string"

$reg.SetStringValue($HKLM, $key, $name, $value)

Very similar to last time except after defining the key we define a subkey and its value.  In this case both strings.

The SetStringValue methods is used to create the value. It can also be used to modify the value

 

001
002
003
004
005
006
007
008
009
010
$HKLM = 2147483650 #HKEY_LOCAL_MACHINE

$computer = "."  #local machine
$reg = [wmiclass]"\\$computer\root\default:StdRegprov"

$key = "SOFTWARE\ITKE PSAdmins"
$name = "String Entry"
$value = "This is a string 2"

$reg.SetStringValue($HKLM, $key, $name, $value)

The set methods will alter the value if it present or create it if its not.

Next time we’ll look at some of the other methods and types of data. There is one method for each data type as when we were reading


June 27, 2010  4:33 AM

Adding a Registry Key

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

We seen how to read the registry – now its time to look at writing to the registry.

At this point I have to supply the usual warnings about altering the registry – it can damage your machine if things go wrong. In addition registry errors have been blamed for the extinction of the dinosaurs, the big bang and the energy death of the universe – you have been warned  :-)

We’ll start by creating a new key in a safe(-ish) place.  This has the advantage of not altering anything.

 

001
002
003
004
005
006
007
$HKLM = 2147483650 #HKEY_LOCAL_MACHINE

$computer = "."  #local machine
$reg = [wmiclass]"\\$computer\root\default:StdRegprov"

$key = "SOFTWARE\ITKE PSAdmins"
$reg.CreateKey($HKLM, $key)

We need to define the constant for the HKLM hive, define the machine we are interested in – this could be a parameter to our script/function.

Create the WMI object for the registry, define the key to be created and then use the CreateKey method to actually perform the creation.  Use regedit to confirm the result or use the PowerShell registry provider

Get-ChildItem -Path hklm:\software\itk*


June 22, 2010  1:56 PM

Transparency Policy

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

 

If you haven’t see the ITKE transparency policy – it is available here

http://itknowledgeexchange.techtarget.com/itke-community-blog/the-it-knowledge-exchange-transparency-and-accuracy-policy/

If for any reason you think I have posted anything that breaches this please leave a comment so that I can amend the post as appropriate


June 22, 2010  1:53 PM

Reader Survey

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

 

ITKE are performing a reader survey.

http://itknowledgeexchange.techtarget.com/itanswers/new-contest-you-could-win-a-new-xbox-360/
http://www.surveygizmo.com/s3/314286/ITKE-Member-Survey-June-2010

Please participate


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: