Monthly Archive

Categories

September 2016–DSC Resource updates

Two new modules of DSC resources are available:

OfficeOnlineServerDsc

SystemLocaleDsc

 

A number of updates to existing resources have been made available.

 

Details from https://blogs.msdn.microsoft.com/powershell/2016/09/21/dsc-resource-kit-september-release/

Update-Help errors

One the latest build of Windows 10 – 14296 I’m getting errors when updating help. Three modules don’t seem to have help available

 

Update-Help : Failed to update Help for the module(s) 'Microsoft.PowerShell.Operation.Validation'
with UI culture(s) {en-GB} : The value of the HelpInfoUri key in the module manifest must resolve to
a container or root URL on a website where the help files are stored. The HelpInfoUri
'https://www.msn.com/en-gb/?ocid=NEFLS000' does not resolve to a container.
At line:1 char:1
+ Update-Help -Force
+ ~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [Update-Help], Exception
    + FullyQualifiedErrorId : InvalidHelpInfoUri,Microsoft.PowerShell.Commands.UpdateHelpCommand

 

Update-Help : Failed to update Help for the module(s) 'PSScriptAnalyzer' with UI culture(s) {en-US}
: The Help content at the specified location is not valid. Specify a location that contains valid
Help Content.
At line:1 char:1
+ Update-Help -Force
+ ~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidData: (:) [Update-Help], Exception
    + FullyQualifiedErrorId : HelpContentXmlValidationFailure,Microsoft.PowerShell.Commands.UpdateHe
   lpCommand

 

Update-Help : Failed to update Help for the module(s) 'SecureBoot' with UI culture(s) {en-GB} :
Unable to retrieve the HelpInfo XML file for UI culture en-GB. Make sure the HelpInfoUri property in
the module manifest is valid or check your network connection and then try the command again.
At line:1 char:1
+ Update-Help -Force
+ ~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ResourceUnavailable: (:) [Update-Help], Exception
    + FullyQualifiedErrorId : UnableToRetrieveHelpInfoXml,Microsoft.PowerShell.Commands.UpdateHelpCo
   mmand

 

I’ve checked and the help isn’t available for en-US culture.

Talk like a pirate day

In honour of International talk like a pirate day  - http://talklikeapirate.com/wordpress/

What’s a pirate’s favourite programming language?

R

 

What’s a pirate’s favourite load balancer?

ARR

 

= Application Request Routing -  see http://www.iis.net/learn/extensions/installing-application-request-routing-arr

 

Normal service may be resumed quite soon

Unregistering the default repository–PS version dependent?

In this post - https://richardspowershellblog.wordpress.com/2016/09/17/powershell-repositories/ – I stated that you could unregister the default PowerShell repository.

 

I also said that the statement in the documentation for Unregister-PSrepository that you couldn’t unregister PSGallery was incorrect.

 

A couple of readers have left comments stating that they tried it and got an error message stating that PSGallery can’t be unregistered.

 

I did my first test on Windows 10 latest preview build – build 14926

PS> $PSVersionTable

Name                           Value
----                           -----
PSVersion                      5.1.14926.1000
PSEdition                      Desktop
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}
BuildVersion                   10.0.14926.1000
CLRVersion                     4.0.30319.42000
WSManStackVersion              3.0
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1

 

I’ve just test on Windows Server 2016 TP5

PS C:\Windows\system32> $PSVersionTable

Name                           Value
----                           -----
PSVersion                      5.1.14300.1000
PSEdition                      Desktop
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}
CLRVersion                     4.0.30319.42000
BuildVersion                   10.0.14300.1000
WSManStackVersion              3.0
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1

 

The version of PowerShell 5.1 on Server 2016 TP5 doesn’t have the –Default parameter on Register-PSrepositiry but this works

Register-PSRepository -Name PSGallery -SourceLocation https://www.powershellgallery.com/api/v2/

 

It appears that the ability to unregister the default repository and then re-register it is an evolving feature in PowerShell 5.1

PowerShell repositories

A reader on my blog asked if you can unregister the default PowerShell repository so you just use an internal repository.

 

First off – PSGallery is the default repository

PS> Get-PSRepository | Format-List

Name                      : PSGallery
SourceLocation            : https://www.powershellgallery.com/api/v2/
Trusted                   : False
Registered                : True
InstallationPolicy        : Untrusted
PackageManagementProvider : NuGet
PublishLocation           : https://www.powershellgallery.com/api/v2/package/
ScriptSourceLocation      : https://www.powershellgallery.com/api/v2/items/psscript/
ScriptPublishLocation     : https://www.powershellgallery.com/api/v2/package/
ProviderOptions           : {}

 

According to the documentation for Unregister-PSRepository you CAN’T unregister the default repository. In fact you can – the documentation appears to be incorrect

 

You can unregister PSGallery  with

Get-PSRepository -Name PSGallery | Unregister-PSRepository

NOTE You have to do this on a user by user basis

 

If you decide you need the default repository again then you can register it like this:

Register-PSRepository –Default

Dealing with CIM properties that are integer arrays

Saw a post about WmiMonitorID that intrigued me

 

If you use the WmiMonitorID:

 

PS> Get-CimInstance -Namespace root\wmi -ClassName WmiMonitorID | select -f 1

Active                 : True
InstanceName           : DISPLAY\GSM598F\4&19086f00&0&UID200195_0
ManufacturerName       : {71, 83, 77, 0...}
ProductCodeID          : {53, 57, 56, 70...}
SerialNumberID         : {51, 48, 52, 78...}
UserFriendlyName       : {50, 50, 69, 65...}
UserFriendlyNameLength : 13
WeekOfManufacture      : 4
YearOfManufacture      : 2013
PSComputerName         :

 

You get a number of properties returned as an array of numbers. if you look at the property with Get-CimClass they unsigned 16 bit integers

Name               : ManufacturerName
Value              :
CimType            : UInt16Array
Flags              : Property, ReadOnly, NullValue
Qualifiers         : {MAX, read, WmiDataId}
ReferenceClassName :

 

Probably the easiest way to deal with them is a very simple function and calculated fields

 

function Convert-ArrayToName {
param ($array)

($array | foreach { [char][byte]$_} ) -join ''

}

Get-CimInstance -Namespace root\wmi -ClassName WmiMonitorID |
select Active,
@{N='Manufacturer'; E={Convert-ArrayToName -array $_.ManufacturerName }},
@{N='ProductCode'; E={Convert-ArrayToName -array $_.ProductCodeID}},
@{N='SerialNumber'; E={Convert-ArrayToName -array $_.SerialNumberID}},
@{N='UserFriendlyName'; E={Convert-ArrayToName -array $_.UserFriendlyName}},
WeekOfManufacture,YearOfManufacture

 

The function Convert-ArrayToName accepts an array.  Using foreach-object the integers are converted to bytes and then to chars. Join the resultant array of chars and you get the string versions of the property

 

Call the function in a calculated field to convert the numeric array to a string – repeat for all relevant properties. You could create an object rather than just using select if you wish

 

Run the code and

Active                 : True
InstanceName           : DISPLAY\GSM598F\4&19086f00&0&UID200195_0
ManufacturerName       : {71, 83, 77, 0...}
ProductCodeID          : {53, 57, 56, 70...}
SerialNumberID         : {51, 48, 52, 78...}
UserFriendlyName       : {50, 50, 69, 65...}
UserFriendlyNameLength : 13
WeekOfManufacture      : 4
YearOfManufacture      : 2013
PSComputerName         :

 

Active                 : True
InstanceName           : DISPLAY\SEC3242\4&19086f00&0&UID265988_0
ManufacturerName       : {83, 69, 67, 0...}
ProductCodeID          : {51, 50, 52, 50...}
SerialNumberID         : {48, 0, 0, 0...}
UserFriendlyName       :
UserFriendlyNameLength : 0
WeekOfManufacture      : 0
YearOfManufacture      : 2012
PSComputerName         :

 

 

becomes

 

Active            : True
Manufacturer      : GSM            
ProductCode       : 598F           
SerialNumber      : 304NDJX51788   
UserFriendlyName  : 22EA63      
WeekOfManufacture : 4
YearOfManufacture : 2013

 

Active            : True
Manufacturer      : SEC            
ProductCode       : 3242           
SerialNumber      : 0              
UserFriendlyName  : 
WeekOfManufacture : 0
YearOfManufacture : 2012

Latest Windows 10 build fixes Surface Pro 2 wireless issue

The latest Windows 10 build  - 14926  -  fixes the issue that took out the wireless adapter on my Surface Pro 2 in build 14915.

 

Wasn’t a major issue as I could successfully revert to 14905 but unexpected for  all that.  Still think its funny that Windows took down the wireless adapter on Microsoft hardware

Deadline for proposal submissions fast approaching

The deadline for proposal submissions for the 2017 PowerShell and DevOps Global Summit is fast approaching.

 

A list of possible topics is available here

https://powershell.org/2016/09/06/nearing-last-call-for-powershell-summit-topic-proposals-topic-ideas/

 

as well as the original call for topics

https://powershell.org/2016/08/01/powershell-and-devops-global-summit-2017-call-for-topics/

 

If you do decide to submit session proposals please submit multiple proposals. if we can get a speaker who’ll deliver 2 good sessions they’re more likely to be accepted

How many domain admins do you need?

I was working on a book chapter this afternoon and  something I was reading made me  stop and think for a moment. How many people are members of your domain admins group – or even worse the enterprise admins or schema admins groups.

 

Many of the organisations where I’ve reviewed their AD have 15, 20, 50 or even 70 people in the domain admins group – this is for a single domain!

Is this necessary?

 

Most often the answer is no, no and no again.

 

Way back in NT times you had to be a domain admin to do practically any administration. Now things are different.

You can be much more granular in assigning permissions  -remember the principal of least privilege – there a a whole raft of groups for administering facets of your environment.

 

You can use tools like JEA and PowerShell to delegate permissions rather than lumping everyone in domain admins

 

  In this day and age there is no excuse for having a domain admins group with huge numbers of members unless you prescribe to the “that’s how we’ve always done it” school of thought. If you do then expect problems sooner rather than later

using help proactively

I was reading a thread on the forum about using a particular cmdlet and it occurred to me that the person posing the question hadn’t actually looked at the help file for the cmdlet.

 

One of the first things I do when coming across a new cmdlet – either in some code or when I need to perform a new task - is to read the FULL help file for the cmdlet.

Either 

Get-Help Get-Process –Full

 

or

Get-Help Get-Process –Online

 

The online version tends to be updated quicker than the downloadable version.

 

Two areas to concentrate on.

The parameter list shows you what parameters are available, the input and relevant information

 

The examples section is possibly the most useful as you’ll find how you can actually use the cmdlet.

 

The detailed description and notes a re worth a read – especially for a cmdlet you’ve not used before

 

Think about the PowerShell experts you’ve come across. How did they get to be experts? A lot of it was reading the help files.