Advanced Windows PowerShell Scripting Video Training

Advanced Windows PowerShell Scripting Video Training
Advanced Windows PowerShell Scripting Video Training

Wednesday, October 28, 2009

6292: Installing and Configuring Widows 7 Client is now available through MCTExpert

I'm happy to say that last night, after instructing class, I passed exam 70-680 for Windows 7 Configuration. Windows 7 is an exciting new product that offers greater stability then its predecessors and more tools to reduce cost in the Enterprise environment. I am adding course 6292: Installing and Configuring Windows 7 Client to the MCTExpert course offerings. This 3 day course will help get you started with the new features of Windows 7 and also get the wheels in your head spinning as to the possibilities it offers you.

For booking information, please visit my website.


Tuesday, October 27, 2009

Managing AD Objects with PowerShell

PowerShell offers us the ability to manage very detailed and technical aspects of our clients in a standard way. Well, until you get to Active Directory. As part of PowerShell V1, Microsoft omited this seemingly obvious need. Would it be part of PowerShell V2? Nope. Instead I think that Microsoft followed the first rule of Computer Science "Never reinvent the wheel." What I mean by that is that third party vendors already did that for Microsoft so there was no need for Microsoft to invest the resources. The first link below talks about a free Powershell Snapin from Quest that handles AD management in PowerShell. The second like is the link to the down load.

http://www.microsoft.com/technet/scriptcenter/topics/winpsh/tools/cmdlets.mspx

`http://www.quest.com/powershell/activeroles-server.aspx

Monday, October 26, 2009

My Hyper-V Machines all say "Saved-Critical"

This one actually happened to me one morning in class. nothing like having an your Hyper-V give you a brand new error right in front of your students. Considering I've been using Hyper-V for many months without issue, this was a surprise.

I discovered that the problem actually was because the server did not pick up the USB hard drive that I was using for this set of VMs. Once the server recognized the USB drive, I had to restart the Hyper-V Virtual Machine Management service.

Wednesday, October 21, 2009

MCT Tip: Priceline will put you in a smoking room.

Be careful with Priceline. I checking into my hotel yesterday here in Ft. Wayne Indiana where I am instructing this week. I got a nasty surprise. Priceline booked me into a smoking room. Luckily for me there was a non-smoking room available. I had completely forgot to call the hotel to ensure that I did not get a smoking room.

When I do my initial search on priceline to see what hotels are available, I make sure that the hotels at the star level that I am choosing have non-smoking rooms available. Once the reservation is made, I call what ever hotel that accepted my bid and make sure 2 things happen:

1) It is a non-smoking room.
2) I am not looking/listening to an interstate.

Tuesday, October 20, 2009

Do you need PowerShell installed on remote machines to run a script from one shell to a remote computer?

No you do not. I tested this out in Windows 2008 R2 Hyper-V. I utilized two virtual machines. The first was a Windows 2008 R2 Server configured as a domain controller. The other was a Windows 2003 server configured as a member server. On the DC, I executed the command Get-Service –ComputerName CoomputerName. The result was a listing of the services running on the 2003 server.

To verify that I was indeed getting results from the other server, I executed these two lines.

$A = Get-Service –ComputerName CoomputerName

$A = Get-Service

$A.count

$B.count

What this did was place the returned objects from the remote computer into variable $a and the objects from the local computer in to variable $B. I then used the Count property of each to verify that I had different numbers.

Monday, October 19, 2009

List of all GPO objects

With over 2400 possible GPO objects (and counting), it is difficult to know what objects exist without manually going through a GPO and looking at all of them. I recommend using Bing or Google and asking "How do it (insert issue here) in group policy?" But if you like doing more detailed research, below are some links that can help.

Group Policy Home Page: http://technet.microsoft.com/en-us/windowsserver/grouppolicy/default.aspx

Group Policy Settings Reference for Vista/2008: http://www.microsoft.com/downloads/details.aspx?FamilyID=2043b94e-66cd-4b91-9e0f-68363245c495&displaylang=en

Group Policy Settings Reference for 2003: http://www.microsoft.com/downloads/details.aspx?FamilyID=7821C32F-DA15-438D-8E48-45915CD2BC14&displaylang=en

Wednesday, October 14, 2009

How to use GPO Prefeences on Windows XP?

Group Policy Preferences allow you to save a lot of time scripting, I set what you want via a graphical interface. Preferences are what you would like the user to have where as policies are what you tell the user they will have. In Windows Server 2008, edit a GPO. Under both the computer and user configurations you will see Policies and Preferences. Ex pand preferences and let the wheels start turning in your head. You must install software on your XP and Vista clients to use Group Policy Preferences. The following blog article gives you more detailed instructions and where to get the software.

http://blogs.technet.com/grouppolicy/archive/2009/03/27/group-policy-preferences-not-applying-on-some-clients-client-side-extension-xmllite.aspx

Tuesday, October 13, 2009

Install PowerShell on Server 2008 R2.

PowerShell V2 is already installed on Windows Server 2008 R2. The ISE (Integrated Scripting Environment) however, is not. To installed the PowerShell ISE:

· Open Server Manager

· Click Features

· Click Add Features

· Check Windows PowerShell Integrated Scripting Environment (ISE)

· Click Next

· Click Install

· Click Close.

You will find it in All Programs à Accessories à Windows PowerShell

Monday, October 12, 2009

When creating file shares, what protocols are available?

When you create a shared folder using the Share and Storage Management MMC, you can specify what protocol that you want to use. By default, SMB will be used. This what you want to use for Windows networks. If you are sharing your data with a UNIX system, then select NFS protocol.

Reference: http://technet.microsoft.com/en-us/library/cc753731.aspx

Wednesday, October 7, 2009

2277 Added to the MCTExpert Lineup

By request, 2277: Implementing, Managing, and Maintaining a Microsoft ® Windows Server 2003 Network Infrastructure: Network Services has been added to my course offerings. Evening thought Windows 2003 has been around for a while, many organizations are sticking to it through these tough economic times. So, I'll continue to instruct Windows 2003 courses as long as my clients request them.

Tuesday, October 6, 2009

Install PowerShell R2 on Server Core

It’s here! PowerShell for Server Core. This is just a quick lesson in how to install it. So, how do you get it?

Once you get Windows Server 2008 Core R2 installed, Type OCLIST. We need to make sure that the following is installed:
NetFx2-ServerCore (There may be additional characters after this)
MicrosoftWindowsPowerShell

If you are missing any of these two, install them with the instructions below. Don’t forget, these are case sensitive.

For NetFx2-ServerCore
OCSetup NetFX2-ServerCore

For MicrosoftWindowsPowerShell
OCSetup MicrosoftWindowsPowerShell

OK, now that the software is installed, navigate to c:\Windows\System32\WIndowsPowerShell\V1.0. Once there, type PowerShell you will notice that the prompt changes to PS. Go ahead and type Get-Command and press Enter If this worked, PowerShell is installed. It is not going to be the pretty blue window, but inside the command prompt. Go ahead and type Write-Host –fore blue “Hello World” and press Enter. You will see the text change color. The color formatting will allow you to make your scripts in Server Core look pretty. Typing Exit will take you back to the command prompt.

Monday, October 5, 2009

FSMO seizure procedure

Windows Server operating systems utilize domain controllers for manage the networks communications and security. All the DCs work together to make the network majic happen. There are some roles that cannot be shared and must be localized on one domain controller. These roles are called the Flexible Single Master Operations (FSMO) roles. They include:

· Schema: Used to expand the schema.

· Domain Naming Master: Adds or removes domain or application partitions from active directory.

· RID Master: allows new or existing DCs the ability to create user, computer, and security groups.

· PDC Emulator: Send updates to legacy operating systems and is used by to update user and computer passwords.

· Infrastructur master: Required to run ADPREP /ForestPrep.

When a DC holding a FSMO role is unexpectedly lost, your network can experience problems. For normal down time, you transfer these roles using the graphical interface while the DC is still online. When the server goes down hard, you cannot us normal methods to transfer these roles. The procedures below show you how to both transfer and seize the FSMO roles via command line. The original instructions and more details are available at Microsoft at: http://support.microsoft.com/kb/255504

Transfer FSMO roles

To transfer the FSMO roles by using the Ntdsutil utility, follow these steps:

1. Log on to a Windows 2000 Server-based or Windows Server 2003-based member computer or domain controller that is located in the forest where FSMO roles are being transferred. We recommend that you log on to the domain controller that you are assigning FSMO roles to. The logged-on user should be a member of the Enterprise Administrators group to transfer Schema master or Domain naming master roles, or a member of the Domain Administrators group of the domain where the PDC emulator, RID master and the Infrastructure master roles are being transferred.

2. Click Start, click Run, type ntdsutil in the Open box, and then click OK.

3. Type roles, and then press ENTER.

Note To see a list of available commands at any one of the prompts in the Ntdsutil utility, type ?, and then press ENTER.

4. Type connections, and then press ENTER.

5. Type connect to server servername, and then press ENTER, where servername is the name of the domain controller you want to assign the FSMO role to.

6. At the server connections prompt, type q, and then press ENTER.

7. Type transfer role, where role is the role that you want to transfer. For a list of roles that you can transfer, type ? at the fsmo maintenance prompt, and then press ENTER, or see the list of roles at the start of this article. For example, to transfer the RID master role, type transfer rid master. The one exception is for the PDC emulator role, whose syntax is transfer pdc, not transfer pdc emulator.

8. At the fsmo maintenance prompt, type q, and then press ENTER to gain access to the ntdsutil prompt. Type q, and then press ENTER to quit the Ntdsutil utility.

Seize FSMO roles

To seize the FSMO roles by using the Ntdsutil utility, follow these steps:

1. Log on to a Windows 2000 Server-based or Windows Server 2003-based member computer or domain controller that is located in the forest where FSMO roles are being seized. We recommend that you log on to the domain controller that you are assigning FSMO roles to. The logged-on user should be a member of the Enterprise Administrators group to transfer schema or domain naming master roles, or a member of the Domain Administrators group of the domain where the PDC emulator, RID master and the Infrastructure master roles are being transferred.

2. Click Start, click Run, type ntdsutil in the Open box, and then click OK.

3. Type roles, and then press ENTER.

4. Type connections, and then press ENTER.

5. Type connect to server servername, and then press ENTER, where servername is the name of the domain controller that you want to assign the FSMO role to.

6. At the server connections prompt, type q, and then press ENTER.

7. Type seize role, where role is the role that you want to seize. For a list of roles that you can seize, type ? at the fsmo maintenance prompt, and then press ENTER, or see the list of roles at the start of this article. For example, to seize the RID master role, type seize rid master. The one exception is for the PDC emulator role, whose syntax is seize pdc, not seize pdc emulator.

8. At the fsmo maintenance prompt, type q, and then press ENTER to gain access to the ntdsutil prompt. Type q, and then press ENTER to quit the Ntdsutil utility.

Friday, October 2, 2009

MCTExpert Blog is 1 year old!




Today the MCTExpert Blog is 1 year old. I want to thank all of my readers for the support over the past year that I have been doing this. It has been a great outreach for me to continue to serve my students after class and obviously a source of information for many others.

So far this blog has reached 110 countries and 49 states. It has also been translated into 37 different languages.

Over the course of the next year, I'll continue to post the questions that my students ask. The questions that the everyday Network Administrator wants answered. I know that these tips have helped many and I hope they continue to do so long into the future.