Skip to main content

Getting Rid of the Back Ticks

By

For those of you who have been utilizing my blog posts over these past several years, you may have noticed that I generally rely on the back tick to prevent my code from horizontally extending outside of the screen and to provide order to cmdlets with a lot of parameters.  The back tick consists of only 3 pixels.  Here it is: `  Did you miss it?  So, if the back tick is bad, how to do you prevent horizontal scrolling? 

The back tick does allow for some very orderly presentation of code.  Take a look at this simple example:

$Obj = New-Object -TypeName PSObject

$Obj | Add-Member -MemberType NoteProperty `

        -Name "Prop1" `

        -Value "PowerShell Rocks"

 

 

This code simply makes an object with one property.  Notice that in using the Add-Member cmdlet, I separated three different parameters using the back tick.  The problem, it may not be easy to see.  Here is an alternative using splatting.

$Prop1 = @{

    MemberType = "NoteProperty"

    Name="Prop1"

    Value = "PowerShell Rocks"}

 

$Obj = New-Object -TypeName PSObject

$Obj | Add-Member @Prop1

 

 

In this example, we created a hash table utilizing the name of the parameter as the key, and what we want to set it to as the value.  This method still allows for an orderly presentation of the cmdlets parameters.  It also has another advantage.  If you need to create another object with the same property, you can just reuse the splat. Here is some code to create a new Fine Grain Password Policy written without using back ticks.

New-ADFineGrainedPasswordPolicy -Name "Group1PSO" -Precedence 10 -ComplexityEnabled $True -Description "PSO for Group 1" -DisplayName "Group1PSO" -LockoutDuration "0.12:00:00" -LockoutObservationWindow "0.00:15:00" -LockoutThreshold 3 -MaxPasswordAge "10.00:00:00" -MinPasswordAge "1.00:00:00" -MinPasswordLength 8 -PasswordHistoryCount 10 -ReversibleEncryptionEnabled $False

 

This is not very easy to read.  It is essentially noise.  And now with the back ticks:

 

New-ADFineGrainedPasswordPolicy -Name "Group1PSO" `

 -Precedence 10 `

 -ComplexityEnabled $True `

 -Description "PSO for Group 1" `

 -DisplayName "Group1PSO" `

 -LockoutDuration "0.12:00:00" `

 -LockoutObservationWindow "0.00:15:00" `

 -LockoutThreshold 3 `

 -MaxPasswordAge "10.00:00:00" `

 -MinPasswordAge "1.00:00:00" `

 -MinPasswordLength 8 `

 -PasswordHistoryCount 10 `

 -ReversibleEncryptionEnabled $False

 

Much better and very organized.  It is easy to both see which parameters are being used and their values. And now utilizing splatting:

  $Params = @{

    Name = "Group1PSO"

    Precedence = 10

    ComplexityEnabled = $True

    Description = "PSO for Group 1"

    DisplayName = "Group1PSO"

    LockoutDuration = "0.12:00:00"

    LockoutObservationWindow = "0.00:15:00"

    LockoutThreshold = 3

    MaxPasswordAge = "10.00:00:00"

    MinPasswordAge = "1.00:00:00"

    MinPasswordLength = 8

    PasswordHistoryCount = 10

    ReversibleEncryptionEnabled = $False}

 

 New-ADFineGrainedPasswordPolicy @Params

 

Yes, there is a little bit more code.  The advantage is that you do not have to worry about if the recipient of this code will notice a back tick or not.  In my past PowerShell V2 classes, I had to spend some time with the ISE magnification on high to demonstrate the back tick being used as the escape character.  This included line continuation.  Moving forward with the V3 classes, I will be focusing on splatting as my means of line continuation when parameters are involved.

Labels

Labels:

Comments

Post a Comment

Popular posts from this blog

How to list all the AD LDS instances on a server

By
AD LDS allows you to provide directory services to applications that are free of the confines of Active Directory.  To list all the AD LDS instances on a server, follow this procedure: Log into the server in question Open a command prompt. Type dsdbutil and press Enter Type List Instances and press Enter . You will receive a list of the instance name, both the LDAP and SSL port numbers, the location of the database, and its status.
Post a Comment
Read more

How to run GPResult on a remote client with PowerShell

By
In the past, to run the GPResult command, you would need to either physically visit this client, have the user do it, or use and RDP connection.  In all cases, this will disrupt the user.  First, you need PowerShell remoting enabled on the target machine.  You can do this via Group Policy . Open PowerShell and type this command. Invoke-Command –ScriptBlock {GPResult /r} –ComputerName <ComputerName> Replace <ComputerName> with the name of the target.  Remember, the target needs to be online and accessible to you.
Post a Comment
Read more

Where did a User’s Account Get Locked Out?

By
Updated: May 15, 2015 When this article was originally published, two extra carriage returns were add causing the code to malfunction.  The code below is correct.   My client for this week’s PowerShell class had a really interesting question. They needed to know where an account is being locked out at. OK, interesting. Apparently users hop around clients and forget to log off, leading to eventual lock out of their accounts. The accounts can be unlocked, but are then relocked after Active Directory replication. This problem is solved in two parts. The first one is to modify the event auditing on the network. The second part is resolved with PowerShell. The first part involves creating a group policy that will encompass your Domain Controllers. In this GPO, make these changes. Expand Computer Configuration \ Policies \ Windows Settings \ Security Settings \ Advanced Audit Policy Configuration \ Audit Policies \ Account Management Double click User Account Management C...
18 comments
Read more