Advanced Windows PowerShell Scripting Video Training

Advanced Windows PowerShell Scripting Video Training
Advanced Windows PowerShell Scripting Video Training

Tuesday, November 29, 2011

MCTExpert is now on the Android Market!


Today MCTExpert is proud to announce our first step in the exciting world of mobile apps.  After a month of research and development, our first demo app is on the Android Marketplace.  “American Road Trip” was inspired by a game played with 12x12 inch cards on family road trips a long time ago with my brothers in the back seat of the car.   This version is more dynamic.

This demo app served as our test bed for developing our first code library for the Android platform.  It also allowed us to work on the procedures that are needed to get an application fro the design board to the Android Marketplace.  I invite you to download this app and give your kids a video game that will keep their eyes more on the world around them.

Plans are on the table to take on more challenging projects as we continue to build our code library and bring some great ideas to the Android Market.

Monday, November 28, 2011

Prevent a specific type of device from installing on a client.

This process can be completed in either local or Group Policy.

 

Plug in the device that you wish to restrict.

 

Open Device Manager and then open the properties of the device.

image

 

Click the Details tab.

From the Property drop down box, select Device class guid.

Record the Value.

image

 

Close Device Manager

 

Open either local policy or the GPO that you will use to manage this restriction.

 

Expand Computer Configuration / Administrative Templates / System / Device Installation /Device Installation Restrictions.

 

Double click Prevent installation of devices using drivers that match these device setup classes.

image

 

Click Enable and then click Show.

 

image

 

Enter the GUID you recorded earlier.  Include both the open and close curly braces on each end of the GUID. Click OK.

image

 

Click OK. Close the policy editor.

Friday, November 25, 2011

Password Change prompt in Windows 7

You can set the number of days in advanced that a user receives a warning about their password expiring using Group Policy.

 

You will find this setting at: Computer Configuration \ Windows Settings \ Security Settings \ Local Policies \ Security Options \ Interactive Logon: Prompt user to change password before expiration.

 

Just enable this policy and set the number of days that you want the warnings to begin.  This will appear as a pop up balloon.  If you are preventing balloon pop ups, the user will not receive notification.

 

If you do not want to enable balloon notifications, try the logon script located at this site.  Make sure you test it before using it in a production environment.

Thursday, November 24, 2011

What does the–b switch do in OSCDIMG command?

In class, we used the OSCDIMG command to create a Windows PE image a question came about as to when the –b switch does. According to Microsoft, the –b option specifies the location of the El Torito boot sector file.
From Wikipedia, the El Torito Bootable CD Specification is an extension to the ISO 9660 CD-ROM specification. It is designed to allow a computer to boot from a CD-ROM.  In short, this helps us create a bootable image.

Wednesday, November 23, 2011

Change the number of cached credentials

Many years ago, Microsoft allowed users to logon to Windows clients utilized a set of cached credentials.  These were credentials from a previous authentication with a domain controller.  This allowed for two things.

 

1) The user could log on to a mobile computer without contacting a domain controller and,

2) The user could logon to the client before the network connection initialized.  This gave the appearance of Windows booting faster.  It is also why the hard drive is still going strong on the I/O operations after you log in.

By default, Windows 7 stores the last 10 logged on users credentials and Windows Server 2008 stores the previous 25.  You can change these values to better suite your organizations needs.

Click Start.

Type Regedit and press Enter.

Browse to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\Current Version\Winlogon\

Change the value of CachedLogonCount to any value between 0 and 50.

 

Giving the value of zero will disable cached credentials.  Any value above 50 will be treated as 50.

Tuesday, November 22, 2011

How to turn off Windows 7 System Restore with Group Policy

 

Click Start / Administrative Tools/ Group Policy Management

Create or use an existing GPO that is scoped to the clients you want to make this change to.

image

image

Edit your GPO

Browse to Computer Configuration / Policies / Administrative Templates / System / System Restore

Double click Turn off Configuration.

Set this olicy to Enable and click OK.

Close the Group Policy Management Editor.

Scope the GPO to deploy the GPO to the target computers.

 

Remember, it may take a few reboots for the GPO to take effect.

Monday, November 21, 2011

How to prevent new USB devices from being installed on a client.

In local (or Group) policy, expand Computer Configuration / Administrative Templates / System / Device Installation /Device Installation Restrictions.

 

Double click Prevent installation of Removable Devices.

image

Select Enable and click OK.

Close local (or Group) policy.

Friday, November 18, 2011

How to list all the WMI namespaces and their classes in PowerShell

Get ready for a real long list, but here is how you do it.

Get-WMIObject –Namespace root –List -Recurse
Simple, yet effective.  Be prepared though. My Windows 7 Ultimate returned 4,608 classes.


Get-WMIObject –Namespace root –List -Recurse | Get-Member
I receive 60251 classes. There is a lot of information in WMI.

Thursday, November 17, 2011

How to Delete a DNS Zone

When it is time to remove a DNS zone for a server, log on with an account that has local administrative rights to the server. We are going to delete a zone called Test.Contoso.com

Type the following line.

dnscmd nyc-dc1 /zonedelete test.contoso.com

Press Y to confirm the delete.
image

Wednesday, November 16, 2011

How to sort an object with one property descending and another property ascending with PowerShell?

I’ll admit, I did not come up with the answer to this one.  I pulled it from the help file for Sort-Object  It was a good question though.

get-service | sort-object -property @{Expression="Status";Descending=$true}, @{Expression="DisplayName";Descending=$false}

The above command is all on the same line.

First we used Get-Service to get some objects to work with.  We then piped it to Sort-Object  and we used the –Property parameter to tell PowerShell what values we are interested in sorting.

 

Next we switch to creating a hash table to specify that we first want to sort the Status property in descending order.  We do this by setting the Descending flag to Boolean True  In PowerShell Boolean true is $true and Boolean false is $false.  We the specify the next value that we want to sort by which is DisplayName and we set the Descending flag to Boolean $false.

 

The end result is a list of all running processes that is sorted in descending order by status and then ascending order by DisplayName.

Tuesday, November 15, 2011

Windows 8 app History

Note: Information provided from Windows 8 Developer Preview

 

Windows 8 has a new tab in the task manager called App History.  This tab allows you to monitor the usage of Metro app.

image

With Windows 8 being designed for a more mobile workforce, I can see this tab being very useful.  You can identify how much CPU time but more importantly, how much network bandwidth is being consumed.  With our more mobile society, one network hogging app and really degrade the users experience.

Monday, November 14, 2011

Windows 7 Installation does not see my hard drive.

It is possible that on some very advanced systems, the Windows 7 installer may not have the drivers for your hard drive.  Follow this simple set of instructions to load your drivers into Windows 7 during installation.

 

Boot from the Installation DVD.

 

Choose your language and click Next.

image

 

Click Install Now.

image

 

Check I accept the license agreement and click Next.

image

 

Click Custom.

image

 

Click Load Driver.

image

 

Browse to the media that contains your drivers.  Once loaded, you may need to click Refresh to see your hard drive.

Friday, November 11, 2011

List all properties of a user object with PowerShell

Enumerating a user account’s properties in PowerShell using the command get-ADUser – Filter ‘name –like “username”’ only gets you a small subset of the data.

image

If you want to see it all, try this:

get-aduser –filter ‘name –like “username”’ –Properties *

 

You will see all the attributes of the user object.

Thursday, November 10, 2011

How to join a client to a domain via command line

Windows 7/2008 R2 have a feature that allows you to join a client to the domain without actually having access to the client.  It is called Offline Domain Join.  This process involves creating a file on the domain controller and then using that file on the client to join it to the domain.  Let’s take a look at how to make that happen.

 

We are going to perform this on the server.  The idea is to join a client, NYC-CL1 to the domain in an Organizational Unit called Clients  The default container for joining clients to the domain is Computers, but this exercise will allow you to join the client to the OU that you want the computer object to be stored in.

On the Domain Controller, click Start.

 

Type CMD.

 

Right click the CMD.exe that appears in the search list and then click Run as Administrator.

 

Type djoin /provision /domain contoso.com /machine nyc-cl1 /savefile nyc-cl1_File /MachineOU “OU=Clients,DC=contoso,dc=com”

 

Once this is done, we can see the computer object has been created in the Clients OU.

image

 

 

You now need to copy that file to the machine to be joined.

 

On the client computer, open an elevated command prompt as you did earlier on the server.

 

Make sure the nyc-cl1_File is accessable in the file structure where you are typing this command line.

 

Type djoin /requestODJ /loadfile NYC-CL1_File /windowspath %SystemRoot% /localos

 

You should see a message similar to the one below.

image

Reboot the client.

 

Below is Microsoft's information on some of the switches used in this demo.

 

/provision Creates a computer account in AD DS.
/domain Specifies the name of the domain to join.
/machine Specifies the name of the computer that you want to join to the domain
/savefile Saves provisioning data to a file.
/machineou Specifies the name of the organizational unit (OU) in which you want the computer account to be created. By default, the computer account is created in the Computers container.
/requestodj Requests an offline domain join at the next start.
/Loadfile Specifies the output from a previous provisioning command.
/windowspath Specifies the path to the Windows directory of the offline image. If you are using the/localos parameter, specify %systemroot% or %windir% as the value of the/windowspath parameter.
/localos Targets the local operating system installation, instead of an offline image, with the domain join information. If you use this parameter, the value that you specify for/windowspath should be %systemroot% or %windir%. Run this parameter only on a destination computer that you want to join to the domain. This parameter is blocked from being run on a domain controller. Because this parameter injects the blob data into the locally running operating system image, you must restart the computer to complete the domain join operation, as you must also do for an online domain join.

Wednesday, November 9, 2011

Rename all the files in a directory to lowercase with PowerShell

Here is a case where I was thinking to much.  While I was naming about 500 image files for an app that I was working on, I named them in all uppercase lettering.  Well, lowercase was required.  I then started writing a small PowerShell function to go through the folder and rename every image file to lowercase.  Way to much work.  It ended up being a one liner.

Get-ChildItem *.txt | ForEach {$_ | Rename-Item -NewName $_.Name.TpLower()}

Seriously, it is that easy.

Tuesday, November 8, 2011

List installed roles and features in Server Core 8

Tested on Windows Server 8 Developer Preview.

On the 2008 R1 and R2 versions of Server Core, we could list all the roles and features using the OCList command.  This gave us a large and messy list.  We can use PowerShell to give us a list of what is installed, and separately what is not.
At the command prompt, type PowerShell and press Enter.

We need to expand the normal cmdlet set for PowerShell by importing the ServerManager module.

Import-Module ServerManager

To get a list of all installed components:

Get-WindowsFeature | Where {$_.Installed –eq $True}
image

Conversely, we can also get this list of roles and features that are not installed.
Get-WindowsFeature | Where {$_.Installed –eq $False}

Monday, November 7, 2011

Reliability Monitor is Empty in Server 2008

On some installation of Server 2008, the Reliability Monitor does not record data.  The instructions below are from Microsoft and I’ve tested them out.  They do work.

 

  1. Click Start, type Task Scheduler in the Search box, and then click Task Scheduler.
  2. Enable the trigger that regularly starts the RacTask task.
    1. In Task Scheduler, expand Task Scheduler Library, expand Microsoft, and then expandWindows.
    2. Right-click RAC, click View, and then click to select the Show Hidden Tasks command.
      Note If the Show Hidden Tasks command is already selected, go to step 2c.
    3. Double-click RacTask.
    4. In the RacTask Properties dialog box, click the Triggers tab.
    5. On the Triggers tab, double-click the One time trigger.
    6. In the Edit Trigger dialog box, click to select the Enabled option, and then click OK.
    7. In the RacTask Properties dialog box, click OK.
    8. Close Task Scheduler.
  3. Update a registry setting.
    1. Click Start, type Regedit in the Search box, and then click Regedit.
    2. In Registry Editor, set the value of the following registry entry to 1:

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Reliability Analysis\WMI\WMIEnable

  4. Restart the computer.

Friday, November 4, 2011

PowerShell 3 on the Horizon

This is just a “I told you so.”  For those of you who have taken my classes over the past 2 years you know that I’ve been encouraging all network administrators to learn PowerShell.  I’m now looking at Windows Server 8 DP.  PowerShell v3 is on it and WOW!  The additional functionality.  The help files are not fully in place, but I can see hundreds of not functions and cmdlets to support the virtual/cloud environment.

My next PowerShell class is in Portland, Maine on December 12th at VTEC.  I also will be providing another one in Fort Wayne, IN in early 2012 and ENS.  Please contact these training centers and book your seat. 

Thursday, November 3, 2011

How to shut down Windows 8

This was one of my big frustrations.  For years the Shut Down option has been in the Start menu.  If you are working with Windows 8 with the touch based interface turned off, the shut down procedure has not changed.  With Metro turned on, it is different.

 

Just move yore finger to the lower left corner of the screen or press your finger on the right side and move it left.  A menu similar to the one below appears.

image

Touch Settings

Touch the Power icon (highlighted in blue)

image

Now touch Shut Down

 

image

Wednesday, November 2, 2011

How long can a GPO name be?

This was a unique one.  I created a GPO with the longest name possible.  Instead of counting I switched to PowerShell.

 

Open PowerShell on the Domain Controller.

Type Import-Module Group Policy

The name I used was a repeating 0123456789 to help make locating it easier.  I then used the following PowerShell line to count the characters of the name for me.

((Get-GPO –all | Where {$_.DisplayName –like “01234*”}).DisplayName).Length

The returned value was 255.

Tuesday, November 1, 2011

What is the DUID found with IPv6 DHCP?

Below is a screen shot of an IPConfig /all command:

image

The question from class is “What is the DUID?”

 

According to section 9 of RFC3315, DHCP servers use DUIDs to identify clients for the selection of configuration parameters and in the association of IAs with clients.  An IA (Identity Association) is a collection of addresses assigned to a client.  The DUID must be both unique in the environment and to be dynamically created.  This is because some devices cannot store this information.  For this reason, a DUID is generated in one of 3 ways.  The link above contains more detailed information.

  • Link-layer Address Plus Time
  • Vendor-assigned unique ID based on Enterprise Number
  • Link-Layer address