Archive for the ‘PowerShell’ Category

Importing Powershell Active directory module into windows 2008

Wednesday, June 17th, 2015

I am “crash and burn” testing windows 10. Painful but a good way to get the feel of it. One painful loss was the Active Directory module for Powershell. You have to have Remote Server Administration Tools (RSAT) and they stopped working for Win 10. There was a special release for the January version of Win10 but it died with the May version and Microsoft reported they will fix it with the general release.

What to do?

I thought about using one of my test VMs running Windows 2008. It had RSAT but when I tried to import the Active Directory module into Powershell; I received an error saying it did not exist.

I found there were a extra other steps needed to be done:

1) Import-Module ServerManager

2) Add-WindowsFeature RSAT-AD-Powershell

After that, I was able to import the active directory module.

-edit- 07/23/15

There was a recent update to windows 10 and it nuked RSAT.  Microsoft will basically fix it after the OS is released.  *sighs*

How to get the server serial number with powershell

Saturday, February 14th, 2015

I had to update some drivers and did a quick check of the server database and found it was wrong. I remembered there were a couple server changes before this install and was not sure the correct server was listed.

I needed the serial number of to verify I was updating the right information in the database.

Powershell can do this.  Note: this is a 2012 install on new hardware.  Older models might not work.

From Powershell; simply enter;

gwmi win32_bios | fl SerialNumber

Comparing processes between two computers

Tuesday, December 2nd, 2014

I am reading Don Jones’ book Learning Windows Powershell in a month of lunches and found one nice little sequence of commands which can do a diff between two lists of processes.

Every so often you can get the complaint of “why do these two computers have different run times when they are the same?”

A valid complaint which can take awhile to sort out. Obvious first steps would be to compare apps installed and what is running as sometimes the “smarter then you” engineers can install things without telling anybody.

One quick way would be to use a couple cmdlets and diff.  This was taken from page 41.

Use the computer which is running as expected as the reference computer.  Get a list of processes by entering:

Get-Process | Export-CliXML reference.xml

The CliXML can hold more information then the traditional CSV file.

After you have the file, you can run:

Diff -reference (Import-CliXML reference.xml) -difference (Get-Process -computername newserver) -property Name

The output centers on the name of each process and you will get <= and => to point out where it’s different.

This is a nice little trick to compare setups.  You can keep the reference file as a baseline for future issues on the same computer.

This will work with any of the get cmdlets.

Changing to Powershell ISE

Thursday, October 23rd, 2014

I have had a constant problem with AdminScriptEditor.  For whatever reason, it will format certain lines which break up my variables (IE.  $  variable).

In a moment of anger, I decided to start using the Powershell ISE.  Simple but missing a few things such as a print menu.

There is the add-ons menu which is kind of clumsy but it gives you the chance to add missing routines and functions.

I found Jeffrey Hicks wrote a series of functions to extend ISE.  Simple install process and now I can print my scripts!

There is also a technet entry on this.

DNS check for powershell

Saturday, October 11th, 2014

I had a need to do a quick DNS lookup for computers in a powershell script which going through a list of computers. There are two ways to a system will not have a DNS entry: 1) System retired. 2) System uses DHCP and is not on the network.

A quick way to perform a look would be to use:

[System.Net.Dns]::GetHostName()

It does give output directed to the console.  If you want to suppress it, use the [void] option.

[void][System.Net.Dns]::GetHostName()

Trimming white space

Friday, October 10th, 2014

Working with a CSV file; I had a situation where the command line would give the output I wanted but the script would get the object information.  I found I could get what I needed by converting the output to a script but it introduced white space.  A computer name would turn into:

“Computer                                       “

What was interesting was the system commands would treat the white space as part of the computer name which of course cause the commands to fail.

Look around the Net; I found a command to trim white space.

$server = $server.trim()

The system name returned to proper size and what is great about this command is that it will trim white space from both sides.

Replace a character in a string

Friday, October 10th, 2014

I had a script where I needed to change a character in a string.

Simple task as I found on the Net.

$str = $str.replace(‘\’,’_’)

Scriptblock doesn’t work with variables.

Friday, October 10th, 2014

Powershell is a fun experience which I wish I had started awhile ago.  It’s features seem endless and it greatly eases system management.

The recent scare over Shellshock caused us to evaluate our Cygwin installations.  We didn’t know the exact number of installations and the version of Bash in use.

The question of the number of Cygwin installations was easy to solve. A script to review the organization units and scan each computer for Cygwin.

After a list was generated; a script was written and three results files were created: Found, System Down, and Not Found.

Cygwin due to it’s open source nature does not follow Microsoft design standards.  It has it’s own way of doing things. Good for the user but not always good for system management purposes.

I didn’t find a “Quick and Dirty” way to get the version number of the Bash executable.   Nothing in the registry and file information lacked details.

Redhat (we use them for support) advised using the “–version” option to identify the version.  A rather tedious task if done through remote desktop or nagging the users to send the information.

What would be nice if there was way to run a command remote and get the information.

Powershell has a nice option called “invoke-command.” It’s a one use option for such things.

The command is rather simply to use:

Invoke-Command -scriptblock { c:\cygwin\bin\bash –version }  -computername <hostname>

This gave the following output:

GNU bash, version 4.1.15(1)-release (i686-pc-cygwin)
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software; you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

A little too much detail for a version number.  This was quickly addressed by using Select-String command.

Invoke-Command -scriptblock { c:\cygwin\bin\bash –version }  -computername <hostname> | Select-String -pattern “GNU bash, version”

This in turn gave:

GNU bash, version 4.1.15(1)-release (i686-pc-cygwin)

This was usable.  It also helped with simple errors.  If you don’t get the expected result, add an error message. This became evident when trying to run the command on Windows 2003 which lacked Powershell 2.0 and systems which did not have remote management configured.

Invoke-Command is great.  It gave me the information I needed without visiting each system.

I wrote a script and quickly found two problems:

  1. There are flavors of Cygwin and unless there was a conscious effort during install; you could end up with different directories (ie: C:\cygwin, C:\cygwin64, C:\rhcygwin).
  2. Running the command for several systems.  Invoke-Command can take up to five systems.  Great for a small number but not so great when you have hundreads or more.

Both of these issues required the use of variables and it was quickly discovered that -scriptblock option couldn’t use variables. For example:  $cygwinPath\bash.exe –version resulted as \bash.exe –version

The dynamic nature of scanning several computers was not something the command could do.  Rather then use another approach; I looked around the Net and found there was a way to use dynamic scriptblocks by using the NewScriptBlock command.

A quick change:

$scriptblock = $ExecutionContent.InvokeCommand.NewScriptBlock( “$cygwinPath\bash.exe –version”)
$versionResult = Invoke-Command -scriptblock $scriptblock -computername $server | Select-String -pattern “GNU bash, version”

This gave the needed results and we had an understanding of the work needed to be done.

If you would like to read more about Invoke-Command, Ed Wilson did a nice little writeup on his blog.

How to skip the first line with import-csv

Wednesday, September 3rd, 2014

I had a “quick and dirty” script to examine a list of hosts from a CSV.

There was a header with the data and I didn’t want the error that would pop up at the end of the foreach loop.

To get around the first line; I used a pipe and the select statement:

Import-Csv $file -header(“Hostname”, “OldIP”, “NewIP”) | select -Skip 1 | foreach {

Simple and it avoids a comparison check in the code.

The only thing to be concerned is if there are times there will be files without a header.

An extended error has occurred

Thursday, July 10th, 2014

New operating systems always bring new error messages. Such was a recent incident for a Windows 2012 server trying to access a share on a Network Appliance Filer:

An extended error has occurred

A quick test of my Windows 8.1 laptop produced the same error.

We have been playing around with SMBv3 on the Netapp filers and this was thought to have been an issue as the new OS is more SMBv3 “friendly.”

The filer people said they configured the filer to use smbv2 but the error continued.

Originally, I wrote about this a year ago with this post but you can review the support article.

I suspected either signed support was not configured or can’t be used so I opted to disable it via Powershell and the command(start it in admin mode):

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" RequireSecureNegotiate -Value 0 -Force

A reboot of the server (just because) and we had access to the share.

For those that want to get some features information on SMBv3 and 2012, you can look at this article.