PowerShell for Windows Admins

June 1, 2010  3:03 PM

PAM 0.2

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I’ve released the second module for the PowerShell Admin Modules tonight.  It is available from


This release includes two modules.

PAMShare (originally in PAM 0.1) contains the following functions:

  • Get-Share
  • Get-ShareAccessMask
  • Get-ShareSecurity
  • New-Share
  • Remove-Share
  • Set-Share

Get-Share can now accept a wildcard  eg get-share t*

New-Share now has the share name as first parameter and path as the second.

Both of these changes are the result of feed back on the issues page

The second module is PAMMath.  It contains functions for working with binary and hex numbers

  • ConvertTo-Binary
  • ConvertTo-Decimal
  • ConvertTo-Hex
  • Get-BinaryAND
  • Get-BinaryDifference
  • Get-BinaryOR
  • Get-BinarySum
  • Get-BinaryXOR
  • Get-HexDifference
  • Get-HexSum
  • Test-Binary
  • Test-Hex

A help file is supplied with each module.


May 30, 2010  3:22 PM

Windows Netbooks: The Path to Low Cost Computing

Richard Siddaway Richard Siddaway Profile: Richard Siddaway


Author: James Floyd Kelly

Publisher: Apress

ISBN: 978-1-4302-2399-3

My usual three criteria for judging a book are:

  • Is it technically accurate?
  • Does deliver the material it claims to deliver?
  • Is worth the cost of purchase and the time I spend reading it?

I came to this book more intrigued than anything.  I’d not really considered using a netbook – they are too small to do what I want. Right?  So I wanted to learn more and find out if my ideas were right.

At 202 pages this isn’t a massive book and the ratio of screen shots to text is pretty high so it is a fairly quick read.

The book contains 12 chapters and three appendices:

  • 1 The Netbook
  • 2 Netbook Hardware Option
  • 3 Netbook Maintenance
  • 4 Netbook Software Options
  • 5 Netbook and Google Docs
  • 6 Netbook and Malware Protection
  • 7 Netbook Web Browsers
  • 8 Netbook Email
  • 9 Netbook Calendar
  • 10 Netbooks and OpenOffice.org
  • 11 Windows 7 and Netbooks
  • 12 Finding Great Netbook Apps
  • A Netbook manufacturers
  • B Upgrading a Netbook to Windows 7
  • C additional Netbook Apps to consider

Chapter 1 opens the discussion with a review of exactly what a netbook is and why they are so useful. A jog through the main hardware components and a look at how they can influence your purchasing decisions completes the chapter. Chapter 2 follows straight on with a look at the extras you may want – USB hub, pen drive, external CD\DVD, mouse, keyboard etc. Chapter 3 gives a few hints on the watering (not literally) and feeding of netbooks.

By chapter 4 we’re looking at software.  A computer’s great but you can’t do anything without software. Open Source and Cloud computing get the most space here – especially openoffice.

Chapters 5, 8 and 9 are straight advertising copy for Google Docs, Google Mail and Google Calendar respectively.  Ok so as the author you love these but there are alternatives and in some cases much better alternatives.

Chapter 6 covers Malware with so good information on free AV products. The section on SpyBot is overdone.  If your netbook runs Windows 7 it has Windows Defender – works for me.

The brower is next with chapter 7 mainly given over to a discussion of Firefox. Chapter 10 returns to OpenOffice but agian doesn’t mention alternatives.

In chapter 11 we look at windows 7 on netbooks – good recommendation to get one with it installed. A check at a PC retailer today showed most have it installed. The book was published in October 2009 and is already showing its age.

Chapter 12’s discussion on applications spends too long explaining how to search the Internet. The bit at the end on online software repositories was worth waiting for. I also tried Attack of the Buggles (page 182) the book was almost worth it for that alone!

The appendices do what they say with Appendix C being an extension of chapter 12.

So in summary what do I think of the book:

  • technically it is accurate but on the light side.  Don’t look here for an in-depth discussion of the technologies. I’d give it 7/10
  • does it deliver on the material – yes. After reading this you would have a good idea of waht a netbook can do and if its for you – - 8/10
  • is it worth buying and reading. Not sure if I’d be totally happy if I’d bought it but it was worth the read. – 8/10

Overall, it made me think about netbooks and their place in the scheme of things – I might actually be getting one soon as I can see so uses for one – especially now I can get Windows 7 on one. – - 8/10

I think the book will suffer because of the rapid changes in this area of technology. Another edition in 12 months wouldn’t go amiss – if it was an ebook it would be quicker to update.

May 30, 2010  9:47 AM

Reading Registry values

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

We have seen how to access the registry using the StdRegProv class. Now we look at reading from the registry. If we know the value we want to read out of the registry we can use one of the following classes



$HKUS = 2147483651 #HKEY_USERS

$reg = [wmiclass]‘\\.\root\default:StdRegprov’

$key = "SOFTWARE\Microsoft\Windows\CurrentVersion"
$value = "CommonFilesDir"
$reg.GetStringValue($HKLM, $key, $value)  ## REG_SZ

$value = "ProgramFilesPath"
$reg.GetExpandedStringValue($HKLM, $key, $value)  ## REG_EXPAND_SZ

$key = "SOFTWARE\Microsoft\Windows\CurrentVersion\BITS"
$value = "LogFileMinMemory"
$reg.GetDwordValue($HKLM, $key, $value)  ## REG_DWORD

We need to define the constants that define which registry hive we are reading and create a WMI object for the StdRegprov class.  We then set the key and the value we want.  The method of reading is determined by the type of data to be returned as shown in the examples.

The actual value is returned as the svalue or uvalue propert depending on if the data type is string or numeric

May 26, 2010  12:29 PM

PowerShell in Practice ebook deal

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

I know there isn’t much of today left but if you are quick its possible to get an ebook version of PowerShell in Practice for $15.  See the deal of the day at http://www.manning.com/

May 24, 2010  3:14 PM

Query me no more

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

One of the things I noticed in the recent Scripting Games was that a lot of the scripts would do things like this

$query = "Select MaxClockSpeed from Win32_Processor"
$proc = Get-WmiObject -Query $query
Write-Host "Speed: " $proc.MaxClockSpeed

Create a query to access the Win32_Processor class to get the MaxClockSpeed.  Run the query and then use Write-Host to format and output the results.  We’ll come back to use Write-Host like this another time.

This construction is based on the way things used to be done with VBScript.  With PowerShell we have much easier ways to get to the same result.

Get-WmiObject -Class Win32_Processor | Format-List MaxClockSpeed

will produce the same answer. if you really need the formatting

Get-WmiObject -Class Win32_Processor | Format-List @{Name=’Speed’; Expression={$_.MaxClockSpeed}}

or even

Write-Host "Speed: " (Get-WmiObject -Class Win32_Processor).MaxClockSpeed

Get-WmiObject does a great job of returning the information from a WMI class. Use its power and simplicity to make your scripts quicker to write and easier to understand

May 21, 2010  12:52 PM

Quick ping

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

If you’ve used ping before you’ll know that it normally returns four replies from the target.  In PowerShell we have Test-Connection which does the same job. It also normally returns four replies.

When I’m working with remote machines I often want to check they are available before sending a command – especially a WMI command that can take a long time to time out.

"rslaptop01", "" | 
foreach {
    if (Test-Connection $_ -Count 1) {
        Get-WmiObject -ComputerName $_ -Class Win32_LogicalDisk `
        -Filter "DriveType=’3′" |
        select SystemName, DeviceID, Size, FreeSpace

To speed up the process use the –Count parameter on test-connection and only get 1 reply.  Quick test to see if he system is there and then run the rest of the code

May 18, 2010  2:09 PM

UG May 2010 Recording, Slides and demo

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Thank you to everyone who joined the Live Meeting this evening. Hope you enjoyed the session on PowerShell events.

The slides and demo files are available from



The recording can be viewed on line

View Recording
Recording Details
    Subject: PowerShell Events
    Recording URL: https://www.livemeeting.com/cc/usergroups/view
    Recording ID: 39Q7T9
    Attendee Key: Q&x!_63dP

May 15, 2010  8:41 AM

hey ho hey ho its off to print we go

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

PowerShell in Practice will be going to the printers next week.

Between now and 21 May 2010 you can get 40% off of PowerShell in Practice (and other Manning books that are in the final stages of production)

Use promotional code m1440 at checkout from www.manning.com

May 12, 2010  3:06 PM

WMI and the Registry

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

We can use WMI to access the registry on local and remote machines – if you remember back to VBScript it was the way to access the registry.

In PowerShell we have a couple of PowerShell drives available  through the provider

Name           Used (GB)     Free (GB) Provider      Root
—-           ———     ——— ——–      —-
HKCU                                   Registry      HKEY_CURRENT_USER
HKLM                                   Registry      HKEY_LOCAL_MACHINE

These only work with the local machine.  We can use PowerShell remoting to access the registry but if PowerShell isn’t installed we are back to WMI.

The class we need to use is StdRegprov

In Windows XP\2003 and earlier it is only found in the root\default namespace. In Windows Vista\2008 and above it is also found in the root\cimv2 namespace (which is the default namespace PowerShell uses). In order to access most machines we will work with the root\default instance. We need to use the [wmiclass] type accelerator

$reg = [wmiclass]\\.\root\default:StdRegprov

looking at $reg though get-member we see a lot of methods


We will start looking at these next time

May 4, 2010  3:07 PM

String Substitution with WMI

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

String substitution is one of my favourite bits of PowerShell. If you’ve not seen it before the idea is that you can substitute a variable into a double quoted string.  Note that single quote strings won’t work. As an example

PS> $colour = “red”
PS> “The balloon is $colour”
The balloon is red
PS> ‘The balloon is $colour’
The balloon is $colour

One place this breaks down in when substituting properties of an object.  Consider something we’ve pulled back with WMI.

PS> $os = Get-WmiObject -Class Win32_OperatingSystem
PS> $os

SystemDirectory : C:\Windows\system32
Organization    :
BuildNumber     : 7600
RegisteredUser  : Richard
SerialNumber    : 00426-065-1155216-86852
Version         : 6.1.7600

We can pick off a couple of properties

PS> $os | select Caption, ServicePackMajorVersion | Format-List

Caption                 : Microsoft Windows 7 Ultimate
ServicePackMajorVersion : 0


We can use write-host

PS> Write-Host $os.Caption, $os.ServicePackMajorVersion
Microsoft Windows 7 Ultimate  0


and even expand it a bit

PS> Write-Host $os.Caption, “Service Pack”, $os.ServicePackMajorVersion
Microsoft Windows 7 Ultimate  Service Pack 0

but if we try string substitution

PS> Write-Host “The OS is $os.Caption with Service Pack $os.ServicePackMajorVersion”
The OS is \\RSLAPTOP01\root\cimv2:Win32_OperatingSystem=@.Caption with Service Pack \\RSLAPTOP01\root\cimv2:Win32_OperatingSystem=@.ServicePackMajorVersion

Oops – thats not what we want

The problem is that we are getting the object rather than the value.  We need to use a subexpression

PS> Write-Host “The OS is $($os.Caption) with Service Pack $($os.ServicePackMajorVersion)”
The OS is Microsoft Windows 7 Ultimate  with Service Pack 0


All this does is say give me the result of the expression in the brackets and substitute that in the string. Easy and neat. No need to concatenate strings to create the display line in your scripts.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: