• Tag Archives PoSH
  • Finding Powershell V2

    Joel Bennet made a good point about it can be difficult to find Powershell V2 on the MS site. I am not going to rewrite Joels post, so I will just “quote” it.

    For some reason, people are having trouble finding links to the release version of Windows PowerShell 2.0 … I suspect it’s because while it was in CTP, a lot of us bloggers wrote about it and linked to the various CTP downloads … but there aren’t nearly as many posts announcing the release of Windows PowerShell 2.0 as you would expect.

    Of course, most of the fault is Microsoft’s, because they buried PowerShell 2 in a knowledge base article with a title that exceeds nondescript, even for Microsoft: Description of the Windows Management Framework on Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. What? Even the Microsoft PowerShell Team Blog never actually wrote a post announcing the PowerShell 2.0 release is available for download but instead wrote about the Windows Management Framework being released.

    But in any case, I’m calling on the blogging community to fix the search engines by linking Windows PowerShell and particularly “Windows PowerShell 2.0”: http://support.microsoft.com/kb/968929 to either the Knowledge base article 968929 which has the download links for PowerShell 2.0 for Windows XP, Vista, and Server 2003 and 2008 … or to Microsoft.com/PowerShell which has the latest download links in the side-column on the right hand side. :)

    I can’t fix the search engines on my own, but what was that slogan? Together we can!



  • Windows 7 & RSAT

    I finally found some time today to upgrade my primary work machine to Windows 7 RTM (Yeah). Since I do a lot of system administration one of the first things I put on there was my Powershell tools and RSAT. I went and got the RSAT tools from the MS website, I install it, go into “turn on/off Windows features” menu and click the to level check for RemoteAdministrationTools, in the hope that it would select all the admin tools, but no!
    I have to check each and everyone..

    Then I remembered a while back on the Minasi forum, it was discussed if there was an easier way, and Mark said: “There is probably a one line DISM command for that”, so I took a look at DISM, and found that to my (albeit limited) knowledge there was no way to install all the tools at once.

    So I thought to myself, well I guess I have to do it in powershell then, so I started out writing a small script to enable all the admin tools one by one.

    Then suddenly Marks words sprung to mind again, “there is probably a DISM oneliner to do this), so I rewrote my little script to a oneliner, here is what I ended up with:
    [ps]
    #
    #Enable RSAT features
    dism /online /get-features | Select-String -Pattern remote* | %{$Exec = "dism.exe /online /enable-feature /featurename:RemoteServerAdministrationTools /featurename:" + ($_).ToString().Replace(‘Feature Name : ‘,”); Invoke-expression $Exec}
    [/ps]
    Dism requires admin permissions, so you need to run this elevated.

    Here is what it does:
    [ps]
    dism /online /get-features
    [/ps]
    Uses DISM to retrieve a list of available “features”
    That list is then piped into a Select-string statement, that selects all that contain the string “Remote*”, which luckily all the admin tools does :)

    Each of the selected strings are then “piped along the pipeline” in the next command, which is a bit more complicated:

    [ps]
    %{$Exec = "dism.exe /online /enable-feature /featurename:RemoteServerAdministrationTools /featurename:" + ($_).ToString().Replace(‘Feature Name : ‘,”); Invoke-expression $Exec}
    [/ps]
    % = foreach, so foreach string the Select-String returns, I start to build the $exec variable, the first part of the variable is just text "dism.exe /online /enable-feature /featurename:RemoteServerAdministrationTools /featurename:" this next part is where the feature name is extracted: ($_).ToString().Replace(‘Feature Name : ‘,”). What it does is it converts the output from Select_String ($_) into a string, on that string it replaces “‘Feature Name : “, with nothing “”, so that the $exec variable will end up containing the the initial string, plus the name of the “current” “feature” in the pipeline, giving a full command that can be executed, something like this dism.exe /online /enable-feature /featurename:RemoteServerAdministrationTools /featurename:RemoteServerAdministrationTools-Roles-AD. Then it is “executed” by the Invoke-expression $exec.

    So since what I do is just creating a regular commandline expression and executing it, there is not reason why I cannot just export the result to a batch file, which I can edit and run.
    [ps]
    #
    #Output DISM RSAT commands to file
    dism /online /get-features | Select-String -Pattern remote* | %{$Exec = "dism.exe /online /enable-feature /featurename:RemoteServerAdministrationTools /featurename:" + ($_).ToString().Replace(‘Feature Name : ‘,”);Out-File -InputObject $Exec -FilePath c:\test.bat}
    [/ps]

    Hope this was usefull



  • BrowseForFolder VBScript/PowerShell

    I had to run a script the other day, that I wrote some time ago to change some files in a folder, the script uses the Shell.Application COM object BrowseForFolder method, to show a GUI that lets you browse through the directory structure and choose a folder. I thought that it might come in handy one day, to have this functionality in PowerShell as well.

    First off I remembered seeing someone creating a PowerShell script, that read the input from WSH’s InputBox() by using the COM object MSScriptControl.ScriptControl.

    [sourcecode language='CSS']
    $a = new-object -comobject MSScriptControl.ScriptControl
    $a.language = “vbscript”
    $a.addcode(“function getInput() getInput = inputbox("Message box prompt“,"Message Box Title“) end function” )
    $b = $a.eval(“getInput”)

    [/sourcecode]
    So I thought that if you can do the simple script above, you can do something a little more advanced.

    I started out by looking at the example I had allready created, just copied that to the $a.addcode line of code, that didn’t work of course. After playing with it for a while, I figured out that it was problems with my ‘ ” ”s, they had to be escaped in order for the code to be evaluated correctly, so I ended up with something like this.

    [sourcecode language='CSS']
    Function Get-Folder {
    $a = New-Object -com MSScriptControl.ScriptControl
    $a.language = “vbscript”
    $a.addcode(“Function ShowBrowse() r Set objShell = CreateObject(“Shell.Application") r Set objFolder = objShell.BrowseForFolder (0, "Choose a Folder:“, 0, "“) r If objFolder Is Nothing Then r WScript.Quit r End If r Set objFolderItem = objFolder.Self r ShowBrowse = objFolderItem.Path r End Function” )
    $b = $a.eval(“ShowBrowse”)
    Return $b
    }
    [/sourcecode]
    The above has been incapsulated into a function for ease of use.

    I posted the above script on the Minasi forum, and only minutes went by, before I had the first reply.. It was from no other than Don Jones himself, asking if I knew I could use COM objects directly in PowerShell, I thought to my self, Yes, I have just called one in the script above.

    Then it dawned on me, I used PowerShells functionality to create a “MSScriptControl.ScriptControl” object, that then creates a “Shell.Application” object in WSH “MSScriptControl.ScriptControl” runspace. Why not create the “Shell.Application” object directly.
    That gave me a lot simpler code, and a chance to slap myself for not thinking of that earlier, here is what it looks like

    [sourcecode language='CSS']
    Function Get-folder {
    $a = New-Object -ComObject “Shell.application”
    $b = $a.BrowseForFolder(0,”Choose Folder”,0,””)
    $c = $b.Self
    $c.path
    }

    [/sourcecode]



  • Learning PowerShell

    Don Jones’ keynote basically said, if you do not learn PowerShell, you will not be able to function as an Windows IT administrator in 5 years time or so… After what was told on the MVP summit, about Microsofts commitment to PowerShell, and how all new products will be based on it, he foresees are very dim future for admins who do not know it.

    One of his suggestions was to read a PowerShell help file every day… Just go through the help files one by one, you will most  likely not remember all of it, but if you read enough, some point might stick ;-)

    So on the way home I decided to try to write a little PowerShell script that would display a help file, and automatically store the the number of the helpfile that I have reached. (So I do not have to keep track of it myself)

    This is the most basic version, I came up with it on the plane home from the Forum Meet.

    [int]$HelpNr = Get-Content -Path c:\scripts\test.ini
    $vhelp = Get-Help * | Get-Help
    $i=0
    foreach ($vvhelp in $vhelp){
    $i++
    if ($i -eq $HelpNr) {$vvhelp}
    }
    $HelpNr++
    Set-Content -Path c:\scripts\test.ini -Value $HelpNr


    It has to be said though, that this is hardcoded to look for a file “c:\scripts\test.ini ” which is where it keeps track of the number of help files you have gone through.
    If you are going to test the program, in this version you have to create the .ini file, and just put a 1 in the first line of it.



  • Søndag

    Efter vi har været ude at spise morgenmad hos Mark, kører vi tilbage til hotellet, så vi kan forberede tingene til konferencen, som starter kl 13.

    Det viser sig desværre at Anne Grub er blevet syg, så hun har desværret måttet melde afbud, og derfor har Don Jones sagt, ja til at overtage hendes “Keynote”. Hans oplæg hedder noget i stil med “Hvordan ser dit CV ud i 2018″ Hvor han kommer ind op hvad der sker i branchen for tiden, og hvad han regner med sker i fremtiden.

    En af de ting som han sagde rigtigt mange gange var PowerShell, PowerShell, PowerShell…. Flere af dem som er med hernede har også været til MVP summit i Seattle… Hvor Microsoft fortalte at de er100% på PowerShell vognen, og når næste version af Windows kommer ud, er det 1 prioritet at få alt til at køre i PowerShell… GUI’en bliver prioriteret rigtigt lavet, kan de nå at få noget over i GUI’en er det fint, hvis ikke, er det bare synd, så må man i konsollen.



  • PoSH add-on PowerTab

    Just been playing with PowerTabs for PowerShell, it is kinda like M$ Intellisence code completion, but for your PowerShell command prompt. Let me tell you, it rocks… Just type get- < T A B> and you get all your cmdlets that starts with get-

    This is really really nice if you use your powershell command prompt a lot (Which I try to do :))

    Here is the Link



  • Playing around with profiles.

    In PowerShell you have the option create custom profiles that you can use, in the profiles you can create different aliases, change the prompt and a lot of other things, today we will look at adding some info to prompt. First we need to open profiles.ps1 , this file can be put in the WindowsPowershell folder under System32, or in the users \My Documents\WindowsPowerShell. If you are running vista, and want to play around with your profiles.ps1 file, I would put it in the \My Documents\WindowsPowerShell folder, since you have permission to write to files in that dir. (You can read more about profiles here
    Well ok… on with the coding.. Lets say you want to add some basic info to your prompt.
    When you start up powershell for the first time, your prompt will be defined as

     “PS “ + $(get-location) + ">”

    When you open your profile.ps1 file (There is a template in C:\Windows\System32\WindowsPowerShell\v1.0\Examples\profile.ps1) you will find a function called
    “ prompt”, this is where you will make the following changes.
    The simplest alteration you can make is changing PS to your name

    “Xenophane “ + $(get-location) + ">”
    Will give a prompt like this “Xenophane C:\Users\xen\_”

    What if you want to know something about the system at the prompt, is that possible…. Of course it is…
    Let say you want to know how many processes you are running


    function prompt
    {
    "Processes " + (Get-Process).Count+ " " + $(get-location) + "> "
    }

    Will give you a prompt like this: “ Processes 71 C:\Users\ctn\_”

    But it is very annoying to see that info on the same line as your cursor, so lets add the info on the line over the cursor, and add some more information.


    function prompt
    {
    [wmi]$Global:Cdrive=Get-WmiObject -query "Select * from win32_logicaldisk where deviceid='c:'"
    #Define Cdrive as global variable, which is type cast as a wmi
    $processcount=(Get-Process).Count
    #Define variable processcount as number of processes running
    $cpuload=(Get-WmiObject win32_processor).loadpercentage
    #cpuload is defined as a variable
    $diskinfoC=" Free C: "+"{0:N2}" -f (($global:Cdrive.freespace/1gb)/($global:cdrive.size/1gb)*100)+"%"
    #diskinfoC is defined, {0:N2} is .NET for 2 decimal places, -f is a the "format" property of the string object.
    # Then the amount of free space on drive C is divided by the size of drive C multiplies by 100 to get
    #the percentage of free space.
    $time=Get-WmiObject -class Win32_OperatingSystem
    #Define $time is object Win32_OperatingSystem
    $t=$time.ConvertToDateTime($time.Lastbootuptime)
    #Define #t as the result of the convertion of LastBootuptime into a readable dateTime format.
    [TimeSpan]$uptime=New-TimeSpan $t $(get-date)
    #Typecast the variable $uptime as a [timespan], the timespan cmdlet in powershell is a way to do date arithmetic in ps
    #This way we can compare our variable $t (Which was Lastbootuptime) and the current time Get-date cmdlet
    $up="$($uptime.days)d $($uptime.hours)h $($uptime.minutes)m $($uptime.seconds)s"
    #define variable $up to display the uptime in days/hours/minuted/seconds
    $TextToDisplay="CPU:"+$cpuload+"% Processes:" + $processcount + $diskinfoC+ " " + $diskinfoG+ " "+ ([char]0x25b2)+$up +" "+(Get-Date -format g)
    #define one variable that contains all the data we collected so far.
    Write-Host -fore red $TextToDisplay
    #Write the information to the screen in red
    Write-Host "My PoSh:" $(get-location) -nonewline
    #Display the regular prompt.
    }

    One other thing to be aware of is that PowerShell by default will not let you run scripts, so in order to run scripts like profile.ps1 you need to loosen up the security, to get help you can type the command “get-help about_signing” in a powershell command prompt. I have chosen to use RemotedSigned which will let me run scripts locally on the machine. But you can read about the different security levels in the help file.

    Profile txt file



  • A little more fun with the eventlog in PowerShell

    Imagine that you want to list, the last 15 events in all the eventlogs on the system, do you have to write several lines of codes to do that, like this below??

    get-eventlog -logname Application -newest 15
    get-eventlog -logname System -newest 15
    get-eventlog -logname Application -newest 15

    Of course not, PowerShell is much smarter than that…
    You can use the ‘foreach’ command.


    foreach ($eventlog in (get-eventlog -list -asString)) {write-host $eventlog; get-eventlog $eventlog -newest 15}

    This will give you the newest 15 log entries in each of the eventlogs on the system, let me try to break it down.
     One thing that is important to know about PowerShell is how it handles () and {}
    As in math the () parenthesis’ are evaluated first, the {} curly brackets are used for compulsory arguments.

    The foreach makes the script run through all eventlogs on the system, and add them to the variable $eventlog, then PowerShell evaluates the {} arguments for each.

    {write-host $eventlog; get-eventlog $eventlog -newest 15}

    simply writes the variable $eventlog (this contains the name of a eventlog on the system) to the screen, then it goes on to invoke the get-eventlog again, and tells that to return the newest 15 entries, and write them to the screen.  

    Kiddo… This isnt very readable I would like to have a better indication of when a new eventlog listing is started.

    I say we can take a look at the properties of write-host (You can type help write-host -full or man write-host -full)
    and low and behold it has a feature called background color and foregroundcolor, let try them out.

    foreach ($eventlog in (get-eventlog -list -asString)) {write-host -foregroundcolor blue -backgroundcolor green $eventlog; get-eventlog $eventlog -newest 15}

    But kiddo I want some specific properties from the eventlogs, how do I do that….

    In order to figure out what properties an obeject has, you can use the get-member command as described in another post.
    Get-eventlog -Logname system | get-member (The -logname paramenter is required)
    Now you have a list of properties on the eventlog object, say you would like (Index,EventID,TimeGenerated and Message)

    foreach ($eventlog in (get-eventlog -list -asString)) {write-host -foregroundcolor blue -backgroundcolor green $eventlog; get-eventlog $eventlog -newest 15| select Index,EventID,TimeGenerated,Message}



  • Getting info from the eventlog with PowerShell

    Started playing around with PowerShell, so I thought I would post a few simple things on the blog, maybe you won’t find it interesting, but it is a good way for me to remember, so BLAH!.

    First in order to get information from the eventlog you call the cmdlet called:
    get-eventlog

    Then you need to tell it what you want to get.
    get-eventlog -logname Application

    Which will get you the Application log on the local machine.

    That will list the entire Application eventlog to the screen, which is usually a lot of data. So we want to be able to pick specific data out of the eventlog, and here is a way to do it.

    get-eventlog -logname Application -newest 50 | where {$_.EventID -eq "1"}

    What this does is, it gets the Application eventlog, and gives me an object with the newest 50 entries, i pipe this object into another function called “where”,  I tell “where” to show me all objects where EventID is equal to 1. I this case you see I use $_.EventID, the $_ in powershell represents the object the as being passed into the new function, so in this case $_ represents the newest 50 values in the Application Eventlog.