Windows 8.1

Formatting disks – – the new way

Last time I showed how to format disks using the Win32_Volume CIM class. If you need to perform this activity on a Windows Server 2012/Windows 8 or later system you can use a couple of cmdlets from the Storage module

Get-Volume | where DriveLetter -ne 'C' | Format-Volume -FileSystem NTFS -Confirm:$false –WhatIf

 

If you’ve not looked at the Storage module before there is a lot of useful cmdlets.

Update on Office error

Back in this post http://richardspowershellblog.wordpress.com/2012/10/15/powershell-3-and-word/

I showed that this code

$word = New-Object -ComObject "Word.application"           
$word.visible = $true           
$doc = $word.Documents.Add()           
$doc.Activate()           
           
$word.Selection.Font.Name = "Cambria"           
$word.Selection.Font.Size = "20"           
$word.Selection.TypeText("PowerShell")           
$word.Selection.TypeParagraph()           
           
$word.Selection.Font.Name = "Calibri"           
$word.Selection.Font.Size = "12"           
$word.Selection.TypeText("The best scripting language in the world!")           
$word.Selection.TypeParagraph()           
           
$file = "c:\test1.doc"           
$doc.SaveAs([REF]$file)           
           
$Word.Quit()

Wouldn’t work because of an error in the way [REF] was treated. I had a comment left on the post saying it worked on PowerShell v4.

I’ve tested on PowerShell v4 on Windows 8.1 with Office 2013. It works. I can’t vouch for other combinations but it looks the problem has been resolved.

If you have the opportunity please try it and let me know if it doesn’t work for your particular combination of PowerShell v4, Windows and Office

Get-ADUser issue fixed with hotfix

The issue that I discussed in these posts:

http://richardspowershellblog.wordpress.com/2013/11/08/get-aduser-issue-2/

http://richardspowershellblog.wordpress.com/2013/11/06/get-aduser-issue/

With Get-ADUser and –Properties * in a forest level below 2012 R2 has been resolved  in this update:

http://support.microsoft.com/kb/2923122

Windows installed features

On a Windows Server 2012 or 2012 R2 system you can install the ServerManager module and use the Get-WindowsFeature cmdlet to discover the installed features. They can be managed with Install-WindowsFeature and Uninstall-WindowsFeature .

These cmdlets don’t exist on Windows 8/8.1

However the Dism (Deployment Image Servicing and Management) module can help out. The Dism module is mainly concerned with managing wim files and virtual disks for deployment scenarios but it also contains these cmdlets:

Enable-WindowsOptionalFeature

Get-WindowsOptionalFeature

Disable-WindowsOptionalFeature

 

To discover the installed features

Get-WindowsOptionalFeature -Online | Format-Table –AutoSize

 

The output looks like this

FeatureName                                                State
-----------                                                      -----
Microsoft-Hyper-V-All                                     Enabled
Microsoft-Hyper-V-Tools-All                            Enabled
Microsoft-Hyper-V                                          Enabled
Microsoft-Hyper-V-Management-Clients          Enabled
Microsoft-Hyper-V-Management-PowerShell    Enabled
Printing-Foundation-Features                           Enabled
Printing-Foundation-LPRPortMonitor                 Disabled
Printing-Foundation-LPDPrintService                Disabled
Printing-Foundation-InternetPrinting-Client      Enabled

etc

 

For all of these cmdlets use –Online to access the local machine rather than an image.

 

Individual features can be enabled or disabled

Enable-WindowsOptionalFeature -FeatureName TelnetClient –Online

Disable-WindowsOptionalFeature -FeatureName TelnetClient –Online

 

Feature names are case sensitive.

Transferring modules from Windows 8 or 8.1 to Windows 7

Windows 7 shipped with PowerShell 2.0 installed.  Windows 8 brought PowerShell 3.0 and Windows 8.1 brings PowerShell 4.0.

 

Windows 8 and 8.1 also have a lot of modules installed. This extra functionality widens PowerShell reach immensely – the networking modules alone are a significant step forward.

When you install PowerShell 3.0 or 4.0 on Windows 7 you don’t most of the new modules. This has puzzled many people and I’m often asked how those Windows 8/8.1 modules can be made available on Windows 7.

The short answer is that you can’t.

The long answer is that you can’t because, for the most part, those modules are based on CIM (WMI) classes that were introduced in Windows 8 or 8.1. A lot of the system management functionality you see in modern Windows is based on CIM classes that then use the CDXML approach to create PowerShell modules.

Installing the new CIM classes on Windows 7 is not possible – so you can’t get the modules on which they are based.

If you want the new functionality you have to upgrade to Windows 8.1

Defender Module: Threat Catalog

You can see the threats that defender is testing against

Get-MpThreatCatalog | select SeverityID, ThreatName

You get a long list like this

5 TrojanDownloader:Win32/Agent.A
4 TrojanDownloader:Win32/Holistyc
2 Dialer:Win32/EPlugin
5 Backdoor:Win32/Fxsvc
2 Adware:Win32/Networkone

This is the important one:

Get-MpThreatDetection

You want this to return nothing i.e. no threats found

You can start a scan like this:

Start-MpScan -ScanType QuickScan

A progress bar will show how things are going -  again if your machine is clean you won’t get a return

Windows 8.1 Defender module

Windows 8.1 includes a module – Defender for working with the anti-malware engine on the machine.  I’m presuming this means Windows Defender only

The starting point is Get-MpComputerStatus

£> Get-MpComputerStatus


AMEngineVersion                 : 1.1.10100.0
AMProductVersion                : 4.3.9600.16384
AMServiceEnabled                : True
AMServiceVersion                : 4.3.9600.16384
AntispywareEnabled              : True
AntispywareSignatureAge         : 2
AntispywareSignatureLastUpdated : 27/11/2013 11:14:50
AntispywareSignatureVersion     : 1.163.737.0
AntivirusEnabled                : True
AntivirusSignatureAge           : 2
AntivirusSignatureLastUpdated   : 27/11/2013 11:14:50
AntivirusSignatureVersion       : 1.163.737.0
BehaviorMonitorEnabled          : True
ComputerID                      : 10EEA25B-DB88-4238-BA5C-C500519F9C56
ComputerState                   : 0
FullScanAge                     : 4294967295
FullScanEndTime                 :
FullScanStartTime               :
IoavProtectionEnabled           : True
LastFullScanSource              : 0
LastQuickScanSource             : 2
NISEnabled                      : False
NISEngineVersion                : 2.1.10003.0
NISSignatureAge                 : 4294967295
NISSignatureLastUpdated         :
NISSignatureVersion             : 109.17.0.0
OnAccessProtectionEnabled       : True
QuickScanAge                    : 1
QuickScanEndTime                : 27/11/2013 21:48:57
QuickScanStartTime              : 27/11/2013 21:47:16
RealTimeProtectionEnabled       : True
RealTimeScanDirection           : 0
PSComputerName                  :

 

which shows a lot of useful data.

The cmdlet has a CimSession parameter so you can work with remote Windows 8.1 machines.  This module isn’t available on Windows 2012 R2.

 

Other cmdlets include:

Add-MpPreference
Get-MpComputerStatus
Get-MpPreference
Get-MpThreat
Get-MpThreatCatalog
Get-MpThreatDetection
Remove-MpPreference
Remove-MpThreat
Set-MpPreference
Start-MpScan
Update-MpSignature

If you think the output is reminiscent of a WMI class you’re right. The cmdlet is CDXML built from the ROOT\Microsoft\Windows\Defender\MSFT_MpComputerStatus CIM class

Windows Surface RT upgrade to Windows 8.1

Having seen the comments regarding the removal of the RT upgrade to Windows 8.1 from the Windows app store I was surprised to see it had re-appeared last night. 

Late this morning I started the upgrade. Its a 2GB+ download so make sure your Surface is plugged into the mains!

The download wasn’t a speedy affair but it progressed and immediately cut into the upgrade.  Everything seemed to go well – usual questions regarding accepting T&Cs and configuration. Express seems to work OK.

The usual Windows.old is left behind (2GB+) so used Disk Cleanup to delete that through the Clean up System Files button and selecting to remove previous windows installations -  see http://windows.microsoft.com/en-GB/windows-8/how-remove-windows-old-folder

The apps that I had installed appear to be preserved and at the moment everything looks good. A painless upgrade for me. Hopefully the earlier reported issues are all resolved.

Get-ADUser issue fixed

I reported in this post http://richardspowershellblog.wordpress.com/2013/11/06/get-aduser-issue/ an issue with Get-ADUser under PowerShell 4.0 on Windows 8.1/2012 R2 where using –Properties * caused a failure.

I had a comment that this is schema related and a schema upgrade fixes the problem.

My starting point is a Windows 20012 domain

£> Get-ADDomain | ft DomainMode -a

       DomainMode
       ----------
Windows2012Domain

And I have schema version 56

On a Windows 2012 R2 member server I try get-aduser

£> Get-ADUser -Identity richard -Properties *
Get-ADUser : One or more properties are invalid.
Parameter name: msDS-AssignedAuthNPolicy
At line:1 char:1
+ Get-ADUser -Identity richard -Properties *
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (richard:ADUser) [Get-ADUser], ArgumentException
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:System.ArgumentException,Microsoft.ActiveDirectory.Management.Comm
   ands.GetADUser

Now lets try the schema upgrade – looks like it goes to  version 69 – that’s quite a big upgrade. Once the upgrade has been performed – let the schema replication occur & reboot the Windows 2012 R2 member server just to make sure nothing is cached that could affect the result.

Now to re-try Get-AdUser

Get-ADUser -Identity richard -Properties *
Get-ADUser -Identity richard -Property *

Both work – we have a winner.  If you are seeing this problem the answer is to upgrade your schema.  You don’t need to upgrade the Domain Controllers just the schema.

Its a bit naught that this happens – I don’t remember similar problems putting a Windows 8/2012 machine with PowerShell 3.0 into a Windows 2008 r2 domain

Module versions in PowerShell 4.0

Comparing a Windows 8.1 build with a Windows 8 machine I think these modules remain the same between Windows 8/PowerShell 3 and Windows 8.1/PowerShell 4

BitLocker
BitsTransfer
BranchCache
CimCmdlets
DirectAccessClientComponents
DnsClient
iSCSI
ISE
Kds
Microsoft.PowerShell.Diagnostics
Microsoft.PowerShell.Host
Microsoft.PowerShell.Security
Microsoft.WSMan.Management
MMAgent
MsDtc
NetConnection
NetSwitchTeam
NetTCPIP
NetworkConnectivityStatus
NetworkTransition
PKI
PSDiagnostics
PSWorkflowUtility
ScheduledTasks
TroubleshootingPack
Wdac
WindowsDeveloperLicense
WindowsErrorReporting

While these modules appear to have changed – at least with the version number

1.0.0.0 AppBackgroundTask
2.0.0.0 AppLocker
2.0.0.0 Appx
1.0.0.0 AssignedAccess
1.0     Defender
2.0     Dism
2.0.0.0 International
3.1.0.0 Microsoft.PowerShell.Management
3.1.0.0 Microsoft.PowerShell.Utility
2.0.0.0 NetAdapter
1.0.0.0 NetEventPacketCapture
2.0.0.0 NetLbfo
1.0.0.0 NetNat
2.0.0.0 NetQos
2.0.0.0 NetSecurity
1.0.0.0 PcsvDevice
1.1     PrintManagement
1.0     PSDesiredStateConfiguration
1.1.0.0 PSScheduledJob
2.0.0.0 PSWorkflow
2.0.0.0 SecureBoot
2.0.0.0 SmbShare
2.0.0.0 SmbWitness
1.0.0.0 StartScreen
2.0.0.0 Storage
2.0.0.0 TLS
2.0.0.0 TrustedPlatformModule
2.0.0.0 VpnClient
1.0.0.0 WindowsSearch

Some of these are new – look for the 1.0 version numbers. I’ll be working through the changes over the next few weeks.  More to come