Monthly Archive

Categories

Monthly Archives: January 2019

To install or not

My recent posts about the NTFSsecurity module drew a comment that the cmdlets in the module couldn’t be used because they’re not installed on every server. This raises the question - to install or not.

Windows systems have a huge array of PowerShell cmdlets available:

- those from the PowerShell team that form the “core” of PowerShell

- other Windows teams such as the Networking and Storage teams

- the modules that come with optional features such as AD, DNS or DHCP

- the RSAT tools – though they overlap with the cmdlets from the optional features

- modules from the PowerShell gallery – some Microsoft and others from the community

- modules from third party vendors

 

What I install on a system depends on what the system is supposed to do and what I need to know about the system.

 

A domain controller probably doesn’t need much extra PowerShell functionality installed as it should a single purpose (I include DNS) system.

Similarly, a dedicated Exchange or SQL Server system doesn’t need much else installed – though I may install the DBAtools on a SQL box.

 

A File server is likely to have a mass of NTFS permissions to work with and the NTFSsecurity module would be very useful.

Jump off / admin servers are where I’d likely to install a lot of functionality that can reach out to other systems.

 

The question to install or not doesn’t have a simple answer - some organizations categorically forbid the installation of external software for instance - as it depends on your organization, your needs and what you want to accomplish.

 

As usual with IT the only answer is – IT DEPENDS!

Start-Sleep change

Start-Sleep change in PowerShell v6.2 preview 4

Start-Sleep has had this syntax

Start-Sleep [-Seconds] <int> [<CommonParameters>]

Start-Sleep -Milliseconds <int> [<CommonParameters>]

 

since it was first introduced in PowerShell v1 (I think).

You can define the period as a number of seconds or use the –Milliseconds option if you need a fraction of a second.

 

In PowerShell v6.2 preview 4 this changes to

Start-Sleep [-Seconds] <double> [<CommonParameters>]

Start-Sleep -Milliseconds <int> [<CommonParameters>]

 

so you can use

Start-Sleep -Seconds 3.5

 

If you try the command in Windows PowerShell v5.1 or PowerShell v6.1 it will work but I suspect that the 3.5 is converted to an integer so you don’t get the correct delay.

Get-NTFSAcess

Get-NTFSAcess and Get-NTFSEffectiveAccess are two cmdlets from the NTFSsecurity module.

 

Get-NTFSAcess retrieves the access rights on a folder or file. You can immediately who has what rights and from where the rights are inherited.

 

Get-NTFSEffectiveAccess by contrast shows the rights YOU (the account you’re using to access the data) have to a file or folder.

 

This is far superior to Get-Acl where you have to dig through several layers to get the information.

Get-DiskSpace

The Get-DiskSpace cmdlet from the NTFSsecurity module is useful in that it gives ready calculated percentages of free and used space:

AvailableFreeSpacePercent : 56.73%
AvailableFreeSpaceUnitSize : 270.11 GB
ClusterSize : 4096
DriveName : \\?\Volume{c1c4c5bb-0000-0000-0000-f01500000000}\
TotalSizeUnitSize : 476.1 GB
UsedSpacePercent : 43.27%
UsedSpaceUnitSize : 206 GB
FreeBytesAvailable : 290024239104
TotalNumberOfBytes : 511210610688
TotalNumberOfFreeBytes : 290024239104
BytesPerSector : 512
NumberOfFreeClusters : 70806699
SectorsPerCluster : 8
TotalNumberOfClusters : 124807278

 

BUT as you can see it doesn’t identify the Drive Name by user friendly name.

You can do

PS> Get-DiskSpace -DriveLetter C:

AvailableFreeSpacePercent : 56.73%
AvailableFreeSpaceUnitSize : 270.1 GB
ClusterSize : 4096
DriveName : C:\
TotalSizeUnitSize : 476.1 GB
UsedSpacePercent : 43.27%
UsedSpaceUnitSize : 206 GB
FreeBytesAvailable : 290020270080
TotalNumberOfBytes : 511210610688
TotalNumberOfFreeBytes : 290020270080
BytesPerSector : 512
NumberOfFreeClusters : 70805730
SectorsPerCluster : 8
TotalNumberOfClusters : 124807278

 

but that means passing each drive separately. The DriveLetter parameter should take an array of drives according to the syntax diagram but that doesn’t seem to work.

 

Try running something like

Get-Volume |
where DriveLetter |
sort Driveletter |
foreach {
Get-DiskSpace -DriveLetter "$($_.Driveletter):" |
select DriveName, TotalSizeUnitSize, UsedSpaceUnitSize,
AvailableFreeSpaceUnitSize, UsedSpacePercent, AvailableFreeSpacePercent
}

and you get a nice output

DriveName : C:\
TotalSizeUnitSize : 476.1 GB
UsedSpaceUnitSize : 206 GB
AvailableFreeSpaceUnitSize : 270.1 GB
UsedSpacePercent : 43.27%
AvailableFreeSpacePercent : 56.73%

PowerShell Admin Modules

My PowerShell Admin Modules that used to be available through codeplex are now available on github - https://github.com/RichardSiddaway/PowerShell-Admin-Modules

 

I haven’t updated them since their original publication but they’re still valid

 

Enjoy

Long file paths

Long file paths – greater than 260 characters – have been a pain to deal with in Windows.

 

There is an argument that you should avoid file paths of that length but sometimes you don’t have any choice – when you inherit a file structure for instance.

 

The following cmdlets from the NTFSsecurity module I recently highlighted are designed to work with long file paths.

Copy-Item2
Get-ChildItem2
Get-FileHash2
Get-Item2
Move-Item2
Remove-Item2
Test-Path2

 

Hopefully, this will make dealing with long file paths easier in the future

PowerShell v6.2.0 preview 4

PowerShell v6.2.0 preview 4 is now available from https://github.com/PowerShell/PowerShell/releases

 

After installation over the top of preview 3 I found that the PowerShell console would open and then immediately close when I tried to use it.  This is a known issue with a fix in the pipeline as far as I’m aware.  The workaround is to re-run the installer and select the repair option.

 

The conflict between the Working directory and profile seems to have been resolved with the profile taking precedence.

NTFSsecurity module

Just came across the NTFSsecurity module. Its available on the PowerShell gallery or from https://github.com/raandree/NTFSSecurity.

The *-Acl cmdlets have been around since Windows PowerShell v1 but aren’t easy to use and don’t cover all our needs.

 

This module contains a number of cmdlets:

Add-NTFSAccess
Add-NTFSAudit
Clear-NTFSAccess
Clear-NTFSAudit
Copy-Item2
Disable-NTFSAccessInheritance
Disable-NTFSAuditInheritance
Disable-Privileges
Enable-NTFSAccessInheritance
Enable-NTFSAuditInheritance
Enable-Privileges
Get-ChildItem2
Get-DiskSpace
Get-FileHash2
Get-Item2
Get-NTFSAccess
Get-NTFSAudit
Get-NTFSEffectiveAccess
Get-NTFSHardLink
Get-NTFSInheritance
Get-NTFSOrphanedAccess
Get-NTFSOrphanedAudit
Get-NTFSOwner
Get-NTFSSecurityDescriptor
Get-NTFSSimpleAccess
Get-Privileges
Move-Item2
New-NTFSHardLink
New-NTFSSymbolicLink
Remove-Item2
Remove-NTFSAccess
Remove-NTFSAudit
Set-NTFSInheritance
Set-NTFSOwner
Set-NTFSSecurityDescriptor
Test-Path2

 

Some of the cmdlets appear to overlap with standard PowerShell cmdlets

Copy-Item2
Get-ChildItem2
Get-FileHash2
Get-Item2
Move-Item2
Remove-Item2
Test-Path2

which needs further investigation.

PS> get-command Test-Path -Syntax

Test-Path [-Path] <string[]> [-Filter <string>] [-Include <string[]>]
[-Exclude <string[]>] [-PathType <TestPathType>] [-IsValid]
[-Credential <pscredential>] [-UseTransaction] [-OlderThan <datetime>]
[-NewerThan <datetime>] [<CommonParameters>]

Test-Path -LiteralPath <string[]> [-Filter <string>] [-Include <string[]>]
[-Exclude <string[]>] [-PathType <TestPathType>] [-IsValid]
[-Credential <pscredential>] [-UseTransaction] [-OlderThan <datetime>]
[-NewerThan <datetime>] [<CommonParameters>]

PS> get-command Test-Path2 -Syntax

Test-Path2 [-Path] <string[]> [-PathType <TestPathType>] [<CommonParameters>]

 

There isn’t a complete set of help files for the module at the moment but some documentation is available through the github repository.

 

This is a Windows PowerShell only module at the moment as it requires System.Windows.Forms but may work on PowerShell core through the Windows compatibility module.

PowerShell v6.1.2

PowerShell v6.1.2 was recently released - https://github.com/PowerShell/PowerShell/releases

 

There doesn’t seem to be any new functionality or breaking changes. Most of the changes seem to be internal to the project.

 

The issue with PowerShell not starting after installation over the top of an existing version seems to have been resolved.

 

The issue with PowerShell WorkingDirectory parameter and any directory changes in your profile don’t seem to have been fully resolved.

Windows sandbox

The recent Windows 10 Insider builds (18305) have introduced a Windows sandbox feature. This is a new light weight desktop environment for testing software. A new sandbox is created every time you need one and EVERYTHING in the sandbox is destroyed when you close it.

see https://blogs.windows.com/windowsexperience/2018/12/19/announcing-windows-10-insider-preview-build-18305/#ua844cXgClodRKz2.97 for the initial announcement.

The IE fix KB4483214 seems to break the sandbox on build 18305.

I’ve tried it on build 18309 and it seems to work OK.

There are a few issues as explained in the blog post and the documentation

https://techcommunity.microsoft.com/t5/Windows-Kernel-Internals/Windows-Sandbox/ba-p/301849

Note the requirement to enable nested virtualisation if you’re running the preview in a VM.

So far it looks like one of the more useful features to come out of the Windows 10 update process.