Monthly Archives: May 2009

Powershell – Basic use for the rest of us (Part 5)

How to find what you CAN look for – a few tips

One of the stumbling blocks I personally ran into in Powershell was a actually a simple one to solve but I thought I might share it anyhow. 

How do I go about finding what I can pull and use?

You already know about the GET-MEMBER commandlet.  That will show you all the available properties of the Objects.

But sometimes “GET-MEMBER” isn’t enough.  I mean in all fairness it’s gets you what you need but I found (Very often, especially with Exchange and Active Directory) it’s a matter of seeing what particular field you can pull up and if the CONTENT of that field meets your needs.   And this trick is good with pretty much every Powershell command-let I’ve run across.

It’s the one that opened up my eyes.

With the Quest Active Roles Commandlets loaded fire up the following command (This is a free Powershell Addon from Quest Software that allows you to effectively work with Active Directory from Powershell)

GET-QADUSER

Now that’s going to dump a list of ALL Active Directory users.  But we all know, Active Directory has a LOT more than just Usernames.     And to find out WHAT was available, Just pipe that into a VERY powerful and oh so handy commandlet “EXPORT-CSV”

EXPORT-CSV is pretty much what it says it is.  It takes the Information you’re giving it (even stuff you can’t visibly see on the screen, like OTHER objects) and EXPORT’s that to a CSV (Comma Separated Value) file.   And the way to use it is easy too.  EXPORT-CSV NameOfFile.CSV (And if you’re wondering, yes there is also an IMPORT-CSV to Read back and send in.   But that’s another time.

Now I have Excel for viewing this but any spreadsheet application out there will do fine to open up a CSV file.

And of course give it a location to dump it to.  I like to have a little temporary folder off the root for Powershell.  Mostly because I hate typing and I don’t want to wreck the NTFS permissions on the Root of C just to dump a simple CSV file.    So in this case I have a folder called C:\ENERGIZED to dump my Powershell info into, or to test scripts or whatever.

GET-QADUSER | EXPORT-CSV C:\ENERGIZED\LISTOFAD.CSV

Once you open up this file you’ll see a series of columns with headers.  Those columns are ALL the available objects being piped out.    So if you remember a previous post I had about pulling a list of users from the data they were created, here’s where I got the information.  I went into Active Directory and looked to see (Under the Advanced View) if certain information was available.   Then I compared it with this output list (and checked the headers)

Now there is a LITTLE bit of guessing but not a lot.  You can usually compare the header with the output under it to see if it meets your needs.

The other thing you can do with making GET-MEMBER more useful is to change it’s output.   One of the things I found maddening was running a “GET-MEMBER” on the output only to find the lines cut off.  This mostly happens when it lists a METHOD.

But the information is always there.

So another trick that’s good and handy is running your output through a FORMAT-LIST Commandlet. 

So running

GET-QADUSER | GET-MEMBER | FORMAT-LIST

Will show me that view in a lot greater detail.   You have to scroll up and down the Powershell window but it’s all there. 

But again.  What you’ll find in Powershell is there is a lot you can work with.  Sometimes it’s just a matter finding what you can get.

Sean
The Energized Tech
”……It’s so Easy and It’s Free, Download it now it’ll take no time….” "(Highway to Powershell)

FacebookTwitterGoogle+Share

Powershell – Basic use for the rest of us (Part 5)

How to find what you CAN look for – a few tips

One of the stumbling blocks I personally ran into in Powershell was a actually a simple one to solve but I thought I might share it anyhow. 

How do I go about finding what I can pull and use?

You already know about the GET-MEMBER commandlet.  That will show you all the available properties of the Objects.

But sometimes “GET-MEMBER” isn’t enough.  I mean in all fairness it’s gets you what you need but I found (Very often, especially with Exchange and Active Directory) it’s a matter of seeing what particular field you can pull up and if the CONTENT of that field meets your needs.   And this trick is good with pretty much every Powershell command-let I’ve run across.

It’s the one that opened up my eyes.

With the Quest Active Roles Commandlets loaded fire up the following command (This is a free Powershell Addon from Quest Software that allows you to effectively work with Active Directory from Powershell)

GET-QADUSER

Now that’s going to dump a list of ALL Active Directory users.  But we all know, Active Directory has a LOT more than just Usernames.     And to find out WHAT was available, Just pipe that into a VERY powerful and oh so handy commandlet “EXPORT-CSV”

EXPORT-CSV is pretty much what it says it is.  It takes the Information you’re giving it (even stuff you can’t visibly see on the screen, like OTHER objects) and EXPORT’s that to a CSV (Comma Separated Value) file.   And the way to use it is easy too.  EXPORT-CSV NameOfFile.CSV (And if you’re wondering, yes there is also an IMPORT-CSV to Read back and send in.   But that’s another time.

Now I have Excel for viewing this but any spreadsheet application out there will do fine to open up a CSV file.

And of course give it a location to dump it to.  I like to have a little temporary folder off the root for Powershell.  Mostly because I hate typing and I don’t want to wreck the NTFS permissions on the Root of C just to dump a simple CSV file.    So in this case I have a folder called C:\ENERGIZED to dump my Powershell info into, or to test scripts or whatever.

GET-QADUSER | EXPORT-CSV C:\ENERGIZED\LISTOFAD.CSV

Once you open up this file you’ll see a series of columns with headers.  Those columns are ALL the available objects being piped out.    So if you remember a previous post I had about pulling a list of users from the data they were created, here’s where I got the information.  I went into Active Directory and looked to see (Under the Advanced View) if certain information was available.   Then I compared it with this output list (and checked the headers)

Now there is a LITTLE bit of guessing but not a lot.  You can usually compare the header with the output under it to see if it meets your needs.

The other thing you can do with making GET-MEMBER more useful is to change it’s output.   One of the things I found maddening was running a “GET-MEMBER” on the output only to find the lines cut off.  This mostly happens when it lists a METHOD.

But the information is always there.

So another trick that’s good and handy is running your output through a FORMAT-LIST Commandlet. 

So running

GET-QADUSER | GET-MEMBER | FORMAT-LIST

Will show me that view in a lot greater detail.   You have to scroll up and down the Powershell window but it’s all there. 

But again.  What you’ll find in Powershell is there is a lot you can work with.  Sometimes it’s just a matter finding what you can get.

Sean
The Energized Tech
”……It’s so Easy and It’s Free, Download it now it’ll take no time….” "(Highway to Powershell)

FacebookTwitterGoogle+Share

Powershell – Windows 7 and Server 2008R2 “My God, It’s all full of PS1 files!”

One on the really nice things, and the greatest features (and In My Humble Opinion the BEST reason to by Windows 7 and Server 2008R2) is the fact that Powershell “Newest Version as yet unnamed” is PART of the operating system.

No download needed.  No “Add a role”.

It’s there. 

And wouldn’t you know it?  A nice little editor for those of us who are not quite happy with the debugging features of “NOTEPAD”.

But here’s an indication of just HOW much Powershell is a part of the Administrator and the Users’ lives now.

I did a search for a sample PS1 file in Windows 7.  Didn’t know where to look, didn’t care, just a random search.

I do these kinds of things you know. 

I expected to find a file or two.

Well what a surprise I received!  Primarily diagnostics but there are over 400 (FOUR HUNDRED) PS1 (Powershell Script) files NATIVE to Windows 7.  I haven’t even looked at my copy of Server 2008R2 yet!

These are all functions that Windows calls up regularly

image

Take a look at the RS-Themes.PS1 file

 

—————————-

# Copyright © 2008, Microsoft Corporation. All rights reserved.

# You may use this code and information and create derivative works of it,
# provided that the following conditions are met:
# 1. This code and information and any derivative works may only be used for
# troubleshooting a) Windows and b) products for Windows, in either case using
# the Windows Troubleshooting Platform
# 2. Any copies of this code and information
# and any derivative works must retain the above copyright notice, this list of
# conditions and the following disclaimer.
# 3. THIS CODE AND INFORMATION IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND,
# WHETHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES
# OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE. IF THIS CODE AND
# INFORMATION IS USED OR MODIFIED, THE ENTIRE RISK OF USE OR RESULTS IN CONNECTION
# WITH THE USE OF THIS CODE AND INFORMATION REMAINS WITH THE USER.

. .\CL-Utility.ps1

Import-LocalizedData -BindingVariable localizationString -FileName CL-LocalizationData

Write-DiagProgress -activity $localizationString.themesResolve-progress

# check the Uxsms service startup tpe
$startupType = (Get-WmiObject -query "select * from win32-baseService where Name=’Themes’").StartMode

#resolver
if($startupType -ne "auto" -and $startupType -ne $null)
{
    (Get-WmiObject -query "select * from win32-baseService where Name=’Themes’").changeStartMode("automatic") > $null
}

Restart-Service Themes
WaitFor-ServiceStatus "Themes" ([ServiceProcess.ServiceControllerStatus]::Running)

——————————————–

 

Without knowing the full details, it appears this one script has something to do with  The Aero themes (either turning them on or off) But ignoring this one script it is ABSOLUTELY AMAZING to see what a level Powershell plays within the operating system.   It’s no longer an add-in.   It is hard coded and embedded with the system.   Which means Administration software uses it.

Which means your life as an Administrator is about to get easier.   As More and more of Windows is based upon Powershell scripts (including the Server and various applications) it will be far easier to control via Group Policy and Powershell scriptings how things need to run.

Ohhhhhhhh I can’t wait to get this in action at work! 

Sean
The Energized Tech

FacebookTwitterGoogle+Share

Powershell – Pulling up specific user fields in Active Directory

Ok Here’s an easy one I stumbled across in Powershell that’s SO incredibly useful.
 
First off, get yourself a copy of the Active Roles Management Shell from Quest Software.  It’s free and makes working in Active Directory a complete breeze with Powershell.
 
Now I had what could have been a nightmare task (doesn’t seem at first until you think about it)
 
Pull up a list of users that I had created in the past thirty days.
 
"Well that should be easy… " I thought to myself.   The information *IS* in ActiveDirectory.  But how?
 
Well Powershell and Active Roles Management Shell from Quest Software, it’s dead simple.  
 
In the Active Roles Shell all you have to do is
 
GET-QADUSERS -searchroot "ou=xxx,dc=yyy,dc=zzz" -enabled | where { $-.whencreated -gt "mm/dd/yyyy }
 
Where the "-enabled" shows all ENABLED User accounts and "ou=xxx,dc=yyy,dc=zzz" is your Search scope to isolate it to a single OU in Active Directory
 
So if my domain was "energized.local" and I was digging through the "technicians" OU from the root of Active Directory I would use
 
"OU=TECHNICIANS,DC=ENERGIZED,DC=LOCAL"
 
Now this was a "quick and dirty" solution where I ran in my head that 30days was this date and just figured out what the month day and year to plug in was.
 
But you can get fancy.   And make it into a function or just a simple script for occasional use.
 
In Powershell there is a GET-DATE function which gets, ( well yes of course, you guessed it)  The Date.
 
So without much difficulty you can run create this little script.
 
$TODAYDATE=GET-DATE
 
GET-QADUSERS -searchroot "ou=xxx,dc=yyy,dc=zzz" -enabled | where { $.whencreated.AddDays(30) -gt $TODAYDATE }
 
Now save that as "LIST30DayUsers.PS1" and you’ve got a handy script for pulling up new Users that are recently created.  Now If you want, pull out the -searchroot "ou=xxx,dc=yyy,dc=zzz" from the line and it will search the Entire Active Directory you’re defaulting to.  Pull out "-enabled" and it will show ALL accounts created in the structure (including disabled accounts)
 
And if you’re wondering?  The Active Roles Management Shell DOES work with the newer Powershell (as of this writing) in the RC1 of Server 2008R2 and RC1 of Windows 7.   I did this on a Server 2008R2 setup.
 
Enjoy.   I am.  I’m sitting at my desk now humming "Highway to Powershell" ;)
 
Sean
The Energized Tech
 
 
 
 
 
 
 
FacebookTwitterGoogle+Share

Kai Axford Security Tour

Hey Don’t forget!  There’s still time to register!   Here at Sheridan College in Oakville Ontario!

Don’t miss this chance.

KAI AXFORD World renowned Security Expert

https://www.clicktoattend.com/invitation.aspx?code=138016

Tuesday night, May 26th 2009 at 6pm!  Don’t miss this opportunity!

If you’re going by transit, get off at the Oakville Go Station and it’s a quick cab ride up to the college!

This is a rare opportunity!  Seize it and learn from one of the best there is.

DO IT!  Expand your mind!

FacebookTwitterGoogle+Share

Kai Axford Security Tour

Hey Don’t forget!  There’s still time to register!   Here at Sheridan College in Oakville Ontario!

Don’t miss this chance.

KAI AXFORD World renowned Security Expert

https://www.clicktoattend.com/invitation.aspx?code=138016

Tuesday night, May 26th 2009 at 6pm!  Don’t miss this opportunity!

If you’re going by transit, get off at the Oakville Go Station and it’s a quick cab ride up to the college!

This is a rare opportunity!  Seize it and learn from one of the best there is.

DO IT!  Expand your mind!

FacebookTwitterGoogle+Share

Powershell – Basic use for the rest of us (Part 4)

So last time we were introduced to piping.  A more efficient way to port results to different programs.

Now in Powershell we have to remember the information we’re dealing with is OBJECTS.  It’s important to remember that what you see on the screen, although VISUALLY text, may not be.

Think of those Objects much like a spreadsheet.   It’s a list. It’s a SPECIAL kind of list, but on a very basic level; it’s a list.

We may just want to GET the ITEMS from the list and just see them.  (GET-CHILDITEM) or we may want to examine them a little deeper.

This time, we may want to look at the Objects individually.  Perhaps examine them a bit more deeply.   The simplest way is with the “FOREACH-OBJECT” statement

With the FOREACH-OBJECT statement we have a special builtin variable.   You’ll notice variables in Powershell (Items containing information) represented by a “$”.  In the case of the Foreach-Object statement there is a variable called “$-” which represents whatever OBJECT we’re presently looking at.

So here’s a simple example with our “GET-CHILDITEM”

GET-CHILDITEM |  FOREACH-OBJECT { $- }

image

Which really isn’t very impressive right now.  All we did was get a list of objects and say “FOREACH-OBJECT” “Echo” $- (That Object)

But here is where the Powershell starts to open up

That SAME line with a little change can access SPECIFIC information from those objects

GET-CHILDITEM | FOREACH-OBJECT { $-.Name, $-LastAccessTime }

image

What that is doing is going sequentially though the list of objects and pulling out SPECIFICALLY the Name Property and LastAccessTime Property from the output (Remember that information provided with the GET-MEMBER ?)

You can even assign the results of that to a Variable for later use and manipulate it however you want

But here’s a better example of the FOREACH-OBJECT in Action.  To see how I can manipulate the results and maybe do something with it later afterwards.

Let’s take a look at this line

GET-CHILDITEM | FOREACH-OBJECT { $-.LastWriteTime }

image

So that just pulled up a list and showed me all the time those Objects were last written to

Then this system we’re going to apply a METHOD to those Objects (As shown from running a GET-CHILDITEM | FOREACH-OBJECT { $-.LastAccessTime } | GET-MEMBER )

image

We’re going to use the “AddHours()” Method on the “LastWriteTime” Property

and

GET-CHILDITEM | FOREACH-OBJECT { $-.LastWriteTime.AddHours(96) }

image

What did I just do? 

I pulled up a list of OBJECTS with GET-CHILDITEM.  I ran the results through a FOREACH-OBJECT and ran a Method against “EACH” object given (supplied by our friend GET-MEMBER which said which Members and Properties we could use) and said in this case “Add 96 Hours to value of that Date Object”.   This DOESN’T write back to the original item but it IS a way to manipulate information.

Still in just one line.  We’re working with the Structure of an ENTIRE file system in One line and dumping a list to the console with EVERY date Modified to work with.

And what we’ll do with that information, we’ll touch on next time.

Sean
The Energized Tech

FacebookTwitterGoogle+Share