Advanced Windows PowerShell Scripting Video Training

Advanced Windows PowerShell Scripting Video Training
Advanced Windows PowerShell Scripting Video Training

Sunday, June 28, 2009

What does "Option Explicit" mean in VBScript

The Option Explicit statement requires you to declare all variables before they can be used. You must have Option Explicit as the first executable statement in your script. After that, you must use Dim, Private, Public, or ReDim to declare all variables.

To novice scripters, this may seem more of a nussance then a helpful tool. Once you begin scripting longer and longer code, you will appricate it. It will help prevent you from accidentally decalring two variables of the same name. Without this statement, you could just declase a variable anywhere. Also, should you mistype the variable later on, an error message will help you locate the problem.

Option Explicit will help keep your code clean and organized.

Thursday, June 25, 2009

Is there a way to synchronize a client’s time with the server?

To ensure that your clients are in sync with your domain controllers, you can call this command from a logon script.

Net time //servername /set /yes

Authentication requires that the system clocks of your clients be within 5 minutes of the system time on your domain controllers. If the deviation occurs on a server, then you may want to consider running this in a batch file as a scheduled task every day. Remember to use an account with the right level of user rights to run this command.

http://support.microsoft.com/kb/314090

Wednesday, June 24, 2009

Q: What does each of the different user rights do?

User rights give the user (or group) the ability to perform certain activities on the computer (or other computers). The difference between User Rights and Permissions is this:


User rights:
· Attached to the user account.
· Allow the user to perform actions on the computer (or the network)

Permissions:
· Determine the level of access a user has to an object in Active Director.
· Attached to the object.

In Sever 2003, there are 39 different user rights. To get a detailed explanation of each user right and the default members:
· Open Local Security Policy (or Default Domain Controller Security Settings)
· Expand Local Policy
· Right Click User Rights and select Help.
· A list of all user rights is listed in the right hand column.

Sunday, June 21, 2009

MCT Tip - Eating Healthy

All of us road warriors know, eating healthy is a challenge while we are on the job. This past week my students invited me to a Chinese buffet. I'm very glad that another health conscious member of the group came along. It helped me to resist the temptation of gorging on all that wonderful food.

I highly recommend eating 6 times a day. Doing so puts your bodies genetics to work for you. As long as your body thinks that food is plentiful, it will not try to store it as fat. Of course, you cannot eat Mc Donalds 6 times a day. I try to keep fresh fruit with me and eat it during our class breaks. When asked while I am not partaking in the Krispy Kreams, I simply remind them that I am in the military. Usually that is all that I need to say.

After work, I usually change into some shorts and go for a run. I try to stay at hotels with a refrigerator and a microwave. That way I can at least do a little cooking for myself and stay out of the restaurants.

Thursday, June 18, 2009

How to install the Windows 2003 Server admin tools on Windows Vista?

The link below will allow you to download the adminpak for Server 2003. You can also get it from your servers at %windir%\system32\adminpak.msi. This does not work for 64 bit systems. Microsoft recommends that you utilize remote desktop for administration for a 64 bit system.

Wednesday, June 17, 2009

Updated Website!

MCTExpert has updated the look and feel of our website. Most notable to potential clients are the student comments scrolling at the bottom of the website. These comments are taken directly from the course evaluations. Also take a look at the classes page to see our new course offerings in Windows Server 2008 and scripting.



Tuesday, June 16, 2009

MOC 6419 added to the MCTExpert lineup.

MCTExpert has now added MOC 6419: Configuring, Managing, and Maintaining Windows Server 2008 Servers to our course offerings. 6419 is similar to the popular 2273: Managing and Maintaining a Microsoft Windows Server 2003 Environment. In this class we will explore many of the same skills, but in the context of Server 2008. We will also take a look at some of the new technologies for Server 2008..

For a complete list of all classes offered form MCTExpert, browse to our Classes section on our website.

Sunday, June 14, 2009

What is the maximum VHD size in Hyper-V?

The maximum VHD size in Hyper V is 2040GB (8GBs short of 2TB). Should you need more, there is an option. You can utilize passthrough disk to exceed this limitation. This passthrough disk can be a physical disk on the host, or on a SAN. Also, if your are using a SAN, you will lose you Snap Shot capability.

Reference: http://blogs.microsoft.com/josebda/archive/2008/02/06/storage-options-for-windows-server-2008-s-hyper-v.aspx

Thursday, June 11, 2009

Join a server core to a domain

Objective: join a server core to a Windows domain.

Requirements: You need to know the username and password of an account that has permission to join a computer to the domain in question.

Type NETDOM JOIN machine /Domain:DomainName /userd:username /Passwordd:*

Machine is the name of the computer to be joined to the domain.
DomainName is the name of the domain that is being joined.
UserD is the username of an account with the Add Workstation to Domain user right.
PasswordD:* tells the computer that you will manually enter the password for this user and to prompt you for it.

Opitonally, you can specify which OU to place this computer object in. This is preferable if Active Directory is set to place all new computer objects in the Computers container. Since we cannot apply Group Policy to the Computers container, this represents a hole in your security. To do this, add this line after the domain name: /OU:ou path.

A common error when executing this command is in typing the /USERD and /PASSWORDD switches. The mistake is made in not adding the “D” to the end of the switch.

Exercise 1: Verify connectivity and name resolution to the domain controller.
A common problem at this stage is that the computer that you want to join to the domain cannot communicate with the server. Task 1 will help you set a static IP address to the client if necessary. Task 2 will add a DNS server to your IP settings.

Task 1: Get the name of the interface you want to set an IP address for.
· Type netsh interface ipv4 show interfaces
· Press Enter
· Record the name of the interface you want to set a static IP address for. Sample output is below.
Idx Met MTU State Name
--- --- ----- ----------- -------------------
3 5 1500 Connected Local Area Connection

· Local Area Connection is the name we are interested in.
· To simply the typing, you can also user the Idx value of 3.
· Type netsh interface ipv4 set address name=3 source=static address=10.10.1.10 mask=255.255.0.0
· Optionally, you can add a gateway address by appending gateway=address to the end of the command.
· In the Name parameter, we used the Idx value. We could have also typed “Local Area Network”.
· Type IPConfig /all and verify that all data is correct.

At this point, you should be able to ping the server by IP address, but not by name.

Task 2: Add a DNS server to the IP settings on the client.
· Type Netsh interface ipv4 add dns 3 10.10.1.1
· Press Enter

The “3” represents the index number of our NIC from Task 1. You can also put the full name of the adapter here. The address 10.10.1.1 is the IP address of the DNS server. At this point, you should be able to PING the server by name.



Exercise 2: Add the computer to the domain.
· Type NETDOM Join Geyser-Core /Domain:DomainName/userd:UserName /password:*
· When prompted, type in the password.
· You can verify this by checking Active Directory or by typing GPResult /r on the server core and verifying the data.

Wednesday, June 10, 2009

Can Windows Backup span multiple DVDs?

Windows backup utility now supports DVDs. With backup operations usually requiring more than the capacity of a single DVD, Windows backup is able to span multiple DVDs. The backup is compressed to help save space but be prepared to change DVDs if this is you option of choice for backing up your volumes.

Reference: http://technet.microsoft.com/en-us/library/cc771380.aspx.

Sunday, June 7, 2009

How do you provide alternate credentials to a script?

Providing alternate credentials allows scripts to run while a non administrator is logged into the client. I found script samples for this on ScriptingAnswers.com
http://www.scriptinganswers.com/essentials/index.php/2008/02/15/alternate-credentials-adsi-and-wmi/

The following code was taken from WindowsITPro.comL http://windowsitpro.com/windowsscripting/article/articleid/39114/rem-running-a-script-with-alternate-credentials.html

LISTING 1: ADSI Script That Uses Alternate Credentials Const

ADS_SECURE_AUTHENTICATION = 1 strUserDN = "cn=Administrator,cn=Users,dc=acme,dc=com"strPassword = "bXk23s8w" ' BEGIN CALLOUT ASet objRoot = GetObject("LDAP:")Set objDomain = _ objRoot.OpenDSObject("LDAP://dc=acme,dc=com", _ strUserDN, strPassword, ADS_SECURE_AUTHENTICATION)' END CALLOUT A Set objOU = objDomain.Create("organizationalUnit", "ou=Students")objOU.Put "Description", "Student OU"objOU.SetInfo Set objGroup = objOU.Create("Group", "cn=Seniors")objGroup.Put "sAMAccountName", "Seniors"objGroup.Put "Description", "Seniors"objGroup.SetInfo Set objUser = objOU.Create("User", "cn=Student1")objUser.Put "sAMAccountName", "Student1"objUser.Put "Description", "Student1"objUser.SetInfo objGroup.Add objUser.ADSPath

LISTING 2: WMI Script That Uses Alternate Credentials Const

wbemImpersonationLevelImpersonate = 3 strComputer = "foo"strUser = "Administrator"strPassword = "bXk23s8w" ' BEGIN CALLOUT ASet objSWbemLocator = _ CreateObject("WbemScripting.SWbemLocator")objSWbemLocator.Security_.ImpersonationLevel = _ wbemImpersonationLevelImpersonateSet objSWbemServices = _ objSWbemLocator.ConnectServer(strComputer, _ "root\cimv2", strUser, strPassword)' END CALLOUT A Set colSWbemObjectSet = _ objSWbemServices.ExecQuery("SELECT * FROM “ _ & “Win32_OperatingSystem") For Each objSWbemObject In colSWbemObjectSet WScript.Echo "Name: " & objSWbemObject.Name WScript.Echo "Caption: " & objSWbemObject.CaptionBEGIN COMMENT ' Insert additional Win32_OperatingSystem properties here.END COMMENTNext

Thursday, June 4, 2009

Set Static IP address on Server Core

Objective: Set a static IP Address

This example assumes that you want to configure a static IP addres of 10.10.1.10 with a subnet mask of 255.255.0.0 of a Windows 2008 Server Core.


Task 1: Get the name of the interface you want to set an IP address for.
· Type netsh interface ipv4 show interfaces
· Press Enter
· Record the name of the interface you want to set a static IP address for. Sample output is below.

Idx Met MTU State Name
--- --- ----- ----------- -------------------
3 5 1500 Connected Local Area Connection

· Local Area Connection is the name we are interested in.
· To simplify the typing, you can also user the Idx value of 3.

Task 2: Set the IP Address
· Type netsh interface ipv4 set address name=3 source=static address=10.10.1.10 mask=255.255.0.0
· Optionally, you can add a gateway address by appending gateway=address to the end of the command.
· In the Name parameter, we used the Idx value. We could have also typed “Local Area Network”.

Task 3: Verify the address change
· Type IPConfig /all and verify that all data is correct.

Wednesday, June 3, 2009

What legacy operating systems can read a Windows 7 Bitlocker To Go encrypted USB drive?

Windows 7 Bitlocker-to-Go allows you to encrypt information on an entire volume. Even if the volume is a removable drive or USB memory key. To support the use of your portable devices, XP SP3 and Vista SP1 can open the encrypted key.

When you allow the key to autoplay, an application on the unencrypted portion of the drive brings up the BitLocker –to-Go reader and asks for the password. If you explore the device without using the reader, you will only see the unencrypted portion of the drive containing the reader software. Also, if you look at the properties of the drive, it is completely filled. The encrypted side will reserve all the space on the volume, minus the small portion for the reader.

Reference: http://blogs.msdn.com/rockyh/archive/2009/03/01/bitlocker-to-go.aspx