PowerShell for Windows Admins


August 9, 2010  1:55 PM

WMI at the Office

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

If you have Office 2010 installed you should find an msapps12 namespace on your machine.

The classes exposed by this namespace can be found with

Get-WmiObject -Namespace root\msapps12 –List

There are a lot of them! The classes seem to be broken down by Office application  for instance to see the classes for dealing with Word documents

Get-WmiObject -Namespace root\msapps12 -List *word*

I can’t seem to find any documentation for these classes so a bit of trial and error is involved

August 8, 2010  12:51 PM

How big’s my dit

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

The ntds.dit file is used to store Active Directory data on a domain controller. Knowing how big this file is getting is a useful piece if information. One way is to log on to each domain controller and test the size using Windows explorer.

A better way is to use WMI

PS> “server02″, “dc02″ | foreach {Get-WmiObject -Class CIM_LogicalFile `

-Filter “Name=’c:\\Windows\\NTDS\\ntds.dit'” -computername $_ }  |

Format-table CSname, FileSize  -AutoSize

CSname        FileSize
——                 ——–
SERVER02   41959424
DC02             41959424

If the file is in different places on different machines then put the server name and the location into a csv file.


August 6, 2010  12:29 PM

Adding permissions

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

 

In a recent post http://itknowledgeexchange.techtarget.com/powershell/setting-permissions/ I showed how to set the permissions on a folder. Some times we just want to add permissions.

001
002
003
004
005
006
007
008
009
010
011
012
013
014
015
016
017
018
019
020
021
022
023
024
025
026
027
028
029
030
031
032
033
034
035
$trustee = ([wmiclass]‘Win32_trustee’).psbase.CreateInstance()
$trustee.Domain = "RSLAPTOP01"
$trustee.Name = "Test"

$fullcontrol = 2032127

$aces = @()
$ace = ([wmiclass]‘Win32_ACE’).psbase.CreateInstance()
$ace.AccessMask = $fullcontrol
$ace.AceFlags = 19
$ace.AceType = 0
$ace.Trustee = $trustee

$sd = ([wmiclass]‘Win32_SecurityDescriptor’).psbase.CreateInstance()
$sd.ControlFlags = 4
$sd.DACL = $ace
$sd.group = $trustee
$sd.owner = $trustee

$sec = Get-WmiObject -Class Win32_LogicalFileSecuritySetting `
  -Filter "Path=’c:\\test\\test1\\special’"

$osd = $sec.GetSecurityDescriptor()

foreach ($acl in $osd.Descriptor.DACL){
    $ace = ([wmiclass]‘Win32_ACE’).psbase.CreateInstance()
    $ace.AccessMask = $acl.AccessMask
    $ace.AceFlags = $acl.AceFlags
    $ace.AceType = $acl.AceType
    $ace.Trustee = $acl.Trustee

    $sd.DACL += $ace.psobject.baseobject
}

$sec.SetSecurityDescriptor($sd)

We start by creating a trustee – this is a user or group that we can assign permissions to. As before we define the permissions flag as full control.  This allows us to create an ACE and a Security Descriptor.

We can then get the security settings of our folder. Read the acls and create an ACE for each one.  We then add them to the security descriptor.

Final action is to replace the permissions on the folder with our new security descriptor which includes the additional permissions.

One draw back to this approach is that WMI won’t work with UNC paths.


August 6, 2010  12:13 PM

Lenovo W510, Hyper-V and BSOD

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Beginning of the week I took delivery of a Lenovo W510 – i7 quad core with Hyper-Threading (Windows sees 8 cores) and 16GB of RAM.  From reviews I’d seen it seemed to run Hyper-V OK so it fitted the bill for a mobile lab.

Partitioned the disk OK and got Windows 2008 R2 installed.  Had to download a few drivers from the Lenovo (IBM) site but everything I needed was there or on the box already.  I’d ordered it with Windows 7 64bit so most of the drivers were available.

Installed Hyper-V and joined it to the domain.

Started moving Virtual Machines on to it and it started crash with a Blue Screen of Death.  Not good & I’m not amused at this point. Eventually got to the point where it wouldn’t start – continual BSOD.  Very not good – my new toy is going back if this continues!

Did some research and it seems there can be a conflict between core parking and Hyper-V.  Core parking is a power saving technology that puts cores to sleep if they are not being used. Hyper-V expects them to be there = BANG.

I booted into the BIOS screen and disabled the power management features on the CPU (and PCI bus for good measure) that enable core parking.  Restarted and everything now seems OK.

I can comfortably run a bunch of VMs and have a reasonable performance. 

Then I discovered that I had to reactivate Windows on all the VMs.  They’d been originally been running on a machine with AMD processor. New processor is Intel.  Its enough of a change to trigger reactivation.

All done and everything seems to work fine.

Time to get Virtual Machine Manager installed and see what that actually does.


July 27, 2010  2:00 PM

Recording and slides for July 2010 UG meeting

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

This months meeting covered working with the registry.

The slides and the demo script are available from

http://cid-43cfa46a74cf3e96.office.live.com/browse.aspx/PowerShell%20User%20Group/2010%20July

 

The recording is available

Richard Siddaway has invited you to view a Microsoft Office Live Meeting recording.
View Recording
Recording Details
    Subject: PowerShell and the Registry
    Recording URL: https://www.livemeeting.com/cc/usergroups/view
    Recording ID: CB99JS
    Attendee Key: mm$2!",$G


July 26, 2010  12:41 PM

Tomorrow – July UG meeting

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Tomorrow is the PowerShell UG Live Meeting on the Registry, PowerShell, .NET and WMI.

Full details from

http://msmvps.com/blogs/richardsiddaway/archive/2010/07/20/july-2010-ug-meeting-registry.aspx


July 25, 2010  4:40 AM

Complexity vs Heterogeneity

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Most organisations have a degree of heterogeneity in their infrastructure for example:

  • mainly Windows with a few Unix or Linux servers
  • multiple versions of SQL Server because of application restrictions
  • a mixture of fat client and thin client systems because of application and mobility drivers
  • virtual and physical servers

Cost can also be a contributing factor to heterogeneity – for instance an organisation wants to virtualise its whole infrastructure but can’t afford to perform the migration in a single project under the current economic conditions.

Complexity, in infrastructure terms, may seem to be the same as heterogeneity in that a complex infrastructure is usually heterogeneous however a heterogeneous infrastructure isn’t necessarily complex.

Complexity arises from a number of sources:

  • multiple systems performing the same task
  • manual administration processes across multiple, disparate systems
  • multiple technologies – “just because we can”
  • wrong choice of technology
  • infrastructure driven by technology rather than business need
  • adopting new technologies without a clear business need

The last point may need some clarification.  There is a simple progression of needs:

  • organisations have business processes
  • business processes need applications to make them work
  • applications need to be hosted on and supported by infrastructure

If we approach this list in a top down manner we build infrastructure that meets the business requirements. If we supply technology and attempt to make the applications and business processes fit the result may well not meet the requirements and almost certainly will be more complex.

Complexity can be removed from a heterogeneous environment e.g:

  • use Active Directory for authentication\authorisation on your handful of Unix/Linux servers
  • extend your management tools across the whole environment
  • determine a strategic approach to infrastructure and ensure there is a governance/enforcement mechanism

I’ve stated before that infrastructure seems to a forgotten subject.  There is a lot published on software architectures but very little on the infrastructure.  We don’t even seem to have a set of guiding principles. I’ll offer one here:

Heterogeneity driven by business need should be embraced. Complexity should be removed from the environment.


July 24, 2010  7:29 AM

Remove Registry Key

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Alternatively we can remove the whole key

001
002
003
004
005
006
007
008
$HKLM = 2147483650 #HKEY_LOCAL_MACHINE

$computer = "."  #local machine
$reg = [wmiclass]"\\$computer\root\default:StdRegprov"

$key = "SOFTWARE\ITKE PSAdmins"

$reg.DeleteKey($HKLM, $key)

We define the hive and the key and call the DeleteKey() method


July 24, 2010  7:27 AM

Remove-RegValue

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Removing a registry value is a matter of using the DeleteValue() method

001
002
003
004
005
006
007
008
009
$HKLM = 2147483650 #HKEY_LOCAL_MACHINE

$computer = "."  #local machine
$reg = [wmiclass]"\\$computer\root\default:StdRegprov"

$key = "SOFTWARE\ITKE PSAdmins"
$value = "String Entry"

$reg.DeleteValue($HKLM, $key, $value)

Set the hive, the key and the value and call the method


July 23, 2010  1:50 PM

Setting permissions

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

There was a question on the ITKE forum about creating folders and setting permissions.  That immediately started me thinking about a PowerShell answer

001
002
003
004
005
006
007
008
009
010
011
012
013
014
015
016
017
018
019
020
021
022
023
024
025
026
027
028
029
030
$trustee = ([wmiclass]‘Win32_trustee’).psbase.CreateInstance()
$trustee.Domain = “RSLAPTOP01″
$trustee.Name = “Test”

$fullcontrol = 2032127
$change = 1245631
$read = 1179785

$ace = ([wmiclass]‘Win32_ACE’).psbase.CreateInstance()
$ace.AccessMask = $fullcontrol
$ace.AceFlags = 3
$ace.AceType = 0
$ace.Trustee = $trustee

$sd = ([wmiclass]‘Win32_SecurityDescriptor’).psbase.CreateInstance()
$sd.ControlFlags = 4
$sd.DACL = $ace
$sd.group = $trustee
$sd.owner = $trustee

Get-ChildItem -Path c:\test | 
where{($_.PSISContainer) -and ($_.Name -like “test?”)} |
foreach {
    New-Item -Path $_.FullName -Name “Special” -ItemType directory
    $folder = Join-Path -Path $_.FullName -ChildPath “Special” 
    $name = $folder.Replace(“\”,“\\”)
    $fldr = Get-WmiObject -Class Win32_Directory -Filter “Name=’$name'”
    $fldr.ChangeSecurityPermissions($sd, 4)
}

I created a group called test on my machine – then used Win32_Trustee to create an object referring to the group. The creatinstance method doesn’t show on the PowerShell object so we have to drill down into the base object.

We then create an ACE defining full control and a security descriptor encompassing the ACE and the trustee.

I can loop through a folder picking off the folders that match a pattern and then create a new folder in each. After creation I set the security permission.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: