Monthly Archive

Categories

Windows 10

Windows update module

A Windows Update module is available on Windows versions 1709 and later. This includes Windows 10 Fall Creators Update, Windows Server 1709 and Windows Insider previews (Server and Client) post the 1709 release.

The module supplies the following cmdlets

Get-WUAVersion
Get-WUIsPendingReboot
Get-WULastInstallationDate
Get-WULastScanSuccessDate
Install-WUUpdates
Start-WUScan

The module is a CDXML module based on the root/Microsoft/Windows/WindowsUpdate/MSFT_WUOperations CIM class I discussed in a recent post.

If you’re working with these newer versions of Windows this module makes patching a good bit simpler. It shouldn’t be that much effort to backport the module using the MSFT_WUOperationsSession CIM class available on Windows Server 2016

Windows 10 Fall Creators Update

The Windows 10 fall Creators Update arrived this morning.

 

After the usual long download, install and then updating bits after I first log on (that last bit is really irritating – thought it was going away) I got into the machine.

 

First impression is that there are some minor cosmetic changes. Some icons (extensions) appear on the Edge menu bar that I didn’t have before and don’t want now so I have to waste my time undoing changes Microsoft, in their infinite wisdom, have imposed on me because they know better than I do how I want to work!  same with automatically adding the People icon to the taskbar. Stop changing my settings!

 

So what’s in FCU. Unless you’re a developer – on the surface there’s not a lot to be honest.

 

For Admins

https://docs.microsoft.com/en-us/windows/whats-new/whats-new-windows-10-version-1709

 

For developers

https://docs.microsoft.com/en-us/windows/uwp/whats-new/windows-10-version-latest

https://docs.microsoft.com/en-us/windows/uwp/whats-new/windows-10-version-1709-api-diff

 

Having feature updates every 6 months is a great idea but actually getting something useful would be better. Maybe some of the new features in PowerShell v6 being back ported would be a good one.

You have to laugh

Sometimes things just happen and you have to laugh.

So I decided I wanted to get back to working with the Windows 10 Insider previews (and Windows Server previews). This time I decided to use VMs rather than my working machine so that interruptions were minimised.

I created a new Windows 10 VM and as normal for VMs I set the initial memory to 512MB and used dynamic memory so that the machine could claim more RAM if required. Windows 10 installed with no problems. (Remember this).

I then went into Window Update and signed into the Windows Insider program. After triggering a scan fro updates build 16241 showed up and started downloading. Great.

It tried to install but failed with a message that 2GB of RAM was needed to perform the install!

So I can install from scratch with less than 2GB of RAM but I can’t update the build unless I have 2GB RAM.

Nice piece of joined up thinking there guys.

Sometimes you just have to laugh.

PowerShell Direct failure

PowerShell Direct is introduced with Server 2016/Windows 10. it enables you to create a remoting session from the Hyper-V host to a VM using the VM name or ID. I recent discovered a PowerShell Direct failure that I couldn’t explain until now.

Normally you do this:

PS> New-PSSession -VMName w16cn01 -Credential (Get-Credential w16cn01\administrator)

Id Name    ComputerName  ComputerType  State  ConfigurationName  Availability
-- ----     ------------  ------------    -----  -----------------  ------------
1 Session1       W16CN01  VirtualMachine  Opened                       Available

But on one particular machine I was getting this

PS> New-PSSession -VMName w16as01 -Credential (Get-Credential w16as01\administrator)
New-PSSession : [W16AS01] An error has occurred which Windows PowerShell cannot handle. A remote session might have ended.
At line:1 char:1
+ New-PSSession -VMName w16as01 -Credential (Get-Credential w16as01\adm ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
gDataStructureException
+ FullyQualifiedErrorId : PSSessionOpenFailed

I couldn’t find an explanation for this particular PowerShell Direct failure

I’ve been working with PowerShell v6 and OpenSSH the last few days and I noticed that the PowerShell directory had been removed from the system path by the installation of one of these pieces of software.

W16AS01 had been the first machine I experimented with PowerShell v6/OpenSSH and it was the first to experience this PowerShell direct failure.

I checked W16AS01 and sure enough the PowerShell folder was missing from the system path. Adding the Powershell folder back onto the path (and restarting the machine for luck) then retrying PowerShell Direct gives:

PS> New-PSSession -VMName W16AS01 -Credential (Get-Credential W16AS01\Administrator)

Id Name            ComputerName    ComputerType    State         ConfigurationName     Availability
-- ----            ------------    ------------    -----         -----------------     ------------
1 Session1        W16AS01         VirtualMachine  Opened                                 Available

Looks like I’ve found a solution for this particular PowerShell direct failure

Updating built in modules

Windows 10 and Server 2016 automatically install a module called Pester which is used for testing code. Its the foundation of Test Driven Development or Behaviour Driven Development using PowerShell.

The version  installed by default is 3.4.0.

Pester is originally an open source module that has been incorporated into Windows. The latest version from the PowerShell Gallery is 4.0.2

Normally you’d use Update-Module to install the new version BUT you didn’t install pester from the gallery using Install-Module so you’ll get a big fat error message.

The answer is to use

Install-Module pester –Force

You might still get an error message about the Pester module not being catalog signed. if you do and still want the latest version then use

Install-Module pester -Force -SkipPublisherCheck

Windows 10 uptime

One of the things that managers seem to be fascinated with is up time. For Windows server operating systems its a fairly simple calculation

PS>  (Get-Date) - (Get-CimInstance -ClassName Win32_OperatingSystem | select -ExpandProperty LastBootUpTime)
Days              : 0
Hours             : 3
Minutes           : 46
Seconds           : 45
Milliseconds      : 465
Ticks             : 136054659217
TotalDays         : 0.157470670390046
TotalHours        : 3.77929608936111
TotalMinutes      : 226.757765361667
TotalSeconds      : 13605.4659217
TotalMilliseconds : 13605465.9217

You can get a bit more precise by using the time the event log service is started as that’s early in the boot sequence while LastBootUpTime really records when the machine is ready to access. If you want to use the event log methodology see https://richardspowershellblog.wordpress.com/2009/02/14/machine-uptime/

With Windows 10 (actually with Windows 8 or 8.1 as well) this breaks down.

PS> (Get-Date) - (Get-CimInstance -ClassName Win32_OperatingSystem | select -ExpandProperty LastBootUpTime)
Days              : 23
Hours             : 6
Minutes           : 57
Seconds           : 55
Milliseconds      : 371
Ticks             : 20122753718697
TotalDays         : 23.2902242114549
TotalHours        : 558.965381074917
TotalMinutes      : 33537.922864495
TotalSeconds      : 2012275.3718697
TotalMilliseconds : 2012275371.8697

I use my computer a lot but 23 days is a bit excessive even for me.

If we look at the last boot time

PS> Get-CimInstance -ClassName Win32_OperatingSystem | select LastBootUpTime

LastBootUpTime
--------------
11/02/2017 10:00:35

You can see the calculation is correct.

This happens because Windows 10 (and 8 and 8.1) don’t fully power down when you do a Shut Down. They enter an extreme sleep state. This is the reason that start up times shrunk so dramatically when Windows 8 was introduced.

So how can you determine when your Windows 10, 8.1 or 8 machine was used.

You might be tempted to look in the System event log – where you’ll find entries like this each time the Windows machine is woken up

PS> Get-EventLog -LogName system -InstanceId 2147489661 | select -First 1 | Format-List
Index              : 8668
EntryType          : Information
InstanceId         : 2147489661
Message            : The system uptime is 1995412 seconds.
Category           : (0)
CategoryNumber     : 0
ReplacementStrings : {, , , ...}
Source             : EventLog
TimeGenerated      : 06/03/2017 12:17:24
TimeWritten        : 06/03/2017 12:17:24
UserName           :

Unfortunately this takes us back to out 23 days

PS> New-TimeSpan -Seconds 1995412
Days              : 23
Hours             : 2
Minutes           : 16
Seconds           : 52
Milliseconds      : 0
Ticks             : 19954120000000
TotalDays         : 23.0950462962963
TotalHours        : 554.281111111111
TotalMinutes      : 33256.8666666667
TotalSeconds      : 1995412
TotalMilliseconds : 1995412000

Using the event log service start up also gives us the hard power up date

PS> Get-EventLog -LogName system | where{(($_.EventId -eq 6005) -or ($_.EventId -eq 6006)) } | select -First 1 | Format-
List
Index              : 6275
EntryType          : Information
InstanceId         : 2147489653
Message            : The Event log service was started.
Category           : (0)
CategoryNumber     : 0
ReplacementStrings : {}
Source             : EventLog
TimeGenerated      : 11/02/2017 10:00:30
TimeWritten        : 11/02/2017 10:00:30
UserName           :

There is an entry in the System event log for when the machine comes out of its power down mode:

PS> Get-EventLog -LogName system -InstanceId 1 | where Message -Like '*low power*' | select -First 1 | Format-List
Index              : 8683
EntryType          : Information
InstanceId         : 1
Message            : The system has returned from a low power state.

Sleep Time: 2017-03-05T22:00:54.261033400Z
Wake Time: 2017-03-06T12:17:26.089189400Z

Wake Source: 0
Category           : (0)
CategoryNumber     : 0
ReplacementStrings : {2017-03-05T22:00:54.261033400Z, 2017-03-06T12:17:26.089189400Z, 1245, 1590...}
Source             : Microsoft-Windows-Power-Troubleshooter
TimeGenerated      : 06/03/2017 12:17:28
TimeWritten        : 06/03/2017 12:17:28
UserName           : NT AUTHORITY\LOCAL SERVICE

so you could calculate uptime as

PS> (Get-Date) - (Get-EventLog -LogName system -InstanceId 1 | where Message -Like '*low power*' | select -First 1 | sel
ect -ExpandProperty TimeGenerated)
Days              : 0
Hours             : 4
Minutes           : 54
Seconds           : 9
Milliseconds      : 174
Ticks             : 176491748155
TotalDays         : 0.20427285666088
TotalHours        : 4.90254855986111
TotalMinutes      : 294.152913591667
TotalSeconds      : 17649.1748155
TotalMilliseconds : 17649174.8155

If you really wanted to you could dig into the log entries and use the sleep and wake times in the message block

PS> Get-EventLog -LogName system -InstanceId 1 | where Message -Like '*low power*' | select -First 1 | select -ExpandPro
perty ReplacementStrings
2017-03-05T22:00:54.261033400Z
2017-03-06T12:17:26.089189400Z
1245
1590
1501
0
9469
5143
195417
16641
6
5
0
0

0
0
0

PS> $rs = Get-EventLog -LogName system -InstanceId 1 | where Message -Like '*low power*' | select -First 1 | select -ExpandProperty ReplacementStrings

From which you can calculate the time the machine was powered down (asleep)

PS> [datetime]$rs[1] - [datetime]$rs[0]
Days              : 0
Hours             : 14
Minutes           : 16
Seconds           : 31
Milliseconds      : 828
Ticks             : 513918281560
TotalDays         : 0.59481282587963
TotalHours        : 14.2755078211111
TotalMinutes      : 856.530469266667
TotalSeconds      : 51391.828156
TotalMilliseconds : 51391828.156

So how much have I been using the machine in the last week

$now = Get-Date
$start = $now.AddDays(-7)

$events = Get-EventLog -LogName system -InstanceId 1 -After $start  |
where Message -Like '*low power*'

$lastevt = $events.Count - 1

## time since last wake up
$usetime = $now - [datetime]$events[0].ReplacementStrings[1]

for ($i=0; $i -lt $lastevt; $i++){

$Sleep = [datetime]$events[$i].ReplacementStrings[0]
$Wake = [datetime]$events[$i+1].ReplacementStrings[1]

$tt = $sleep - $wake

$usetime += $tt

}

$usetime

Days              : 2
Hours             : 15
Minutes           : 46
Seconds           : 20
Milliseconds      : 736
Ticks             : 2295807363007
TotalDays         : 2.65718444792477
TotalHours        : 63.7724267501944
TotalMinutes      : 3826.34560501167
TotalSeconds      : 229580.7363007
TotalMilliseconds : 229580736.3007

Calculating Windows 10 uptime isn’t simple but can be done with these techniques

Linux on the desktop

My sense of humour has some quirky moments – as my friends will tell you. Last night I had a lot of time to sit and think (why is a story for another time and place) and it one point a thought about Linux on the desktop struck me.

 

Back in the 1980s when I worked in seismic exploration and desktop computers were emerging I remember seeing articles at least once every year that “this is the year that Unix takes over the desktop”

 

This then morphed to “this is the year that Linux takes over the desktop”

 

Of course neither of these fantasies were actually likely to happen – and I’m deliberately ignoring the Mac OS which is unix based.

 

However, my thought yesterday was that *nix on the desktop is actually a reality. Windows 10 includes the Bash on Ubuntu on Windows option which brings the bash shell to Windows.

Bet this way of getting *nix on the desktop was ever envisaged. Smile

PowerShell finally the de facto shell

After 10 years PowerShell has become the de facto shell for Windows!

 

Windows Insider Preview build 14971 released yesterday uses PowerShell instead of cmd.exe as the default shell in Start Menu or File Explorer.

 

See https://blogs.windows.com/windowsexperience/2016/11/17/announcing-windows-10-insider-preview-build-14971-for-pc/#66Smq5KicvsTBzld.97

for this and other new features

New Hyper-V switch on Windows 10

My test/lab machine had been running Windows Server 2016 TP 5. With Server 2016 now RTM it was time for a rebuild.  Unfortunately, 2016 RTM carried on from TP5 and decided not to work with my wireless card.

 

Decided to try using Hyper-V on Windows 10 – it recognises the wifi card and is happy to work with it.

 

After installing the Hyper-V feature I needed to create some Hyper-v virtual switches

PS> New-VMSwitch -SwitchType External -Name 'LAN' -NetAdapterName 'LAN'
New-VMSwitch : Cannot validate argument on parameter 'SwitchType'. The argument "External" does not belong to the set
"Internal,Private" specified by the ValidateSet attribute. Supply an argument that is in the set and then try the
command again.
At line:1 char:26
+ New-VMSwitch -SwitchType External -Name 'LAN' -NetAdapterName 'LAN'
+                          ~~~~~~~~
    + CategoryInfo          : InvalidData: (:) [New-VMSwitch], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.HyperV.PowerShell.Commands.NewVMSwitch

 

But External is a valid switch type

 

PS> New-VMSwitch -SwitchType x
New-VMSwitch : Cannot bind parameter 'SwitchType'. Cannot convert value "x" to type
"Microsoft.HyperV.PowerShell.VMSwitchType". Error: "Unable to match the identifier name x to a valid enumerator name.
Specify one of the following enumerator names and try again:
Private, Internal, External"
At line:1 char:26
+ New-VMSwitch -SwitchType x
+                          ~
    + CategoryInfo          : InvalidArgument: (:) [New-VMSwitch], ParameterBindingException
    + FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Microsoft.HyperV.PowerShell.Commands.NewVMSwitch

 

Wonder how many of these issues I’m going to find!

Upgrading WSL

If you start  WSL (Bash on Ubuntu on Windows) and see messages like this:

 

7 packages can be updated.
1 update is a security update.
root@RSsurfacePro2:~#

 

You can view the available updates:

root@RSsurfacePro2:~# apt-get update
Hit:1 http://archive.ubuntu.com/ubuntu xenial InRelease
Get:2 http://archive.ubuntu.com/ubuntu xenial-updates InRelease [95.7 kB]
Get:3 http://security.ubuntu.com/ubuntu xenial-security InRelease [94.5 kB]
Get:4 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages [160 kB]
Get:5 http://security.ubuntu.com/ubuntu xenial-security/main Translation-en [65.8 kB]
Get:6 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages [415 kB]
Get:7 http://security.ubuntu.com/ubuntu xenial-security/universe amd64 Packages [51.9 kB]
Get:8 http://security.ubuntu.com/ubuntu xenial-security/multiverse amd64 Packages [1,176 B]
Get:9 http://archive.ubuntu.com/ubuntu xenial-updates/main Translation-en [159 kB]
Get:10 http://archive.ubuntu.com/ubuntu xenial-updates/universe amd64 Packages [356 kB]
Get:11 http://archive.ubuntu.com/ubuntu xenial-updates/universe Translation-en [128 kB]
Get:12 http://archive.ubuntu.com/ubuntu xenial-updates/multiverse amd64 Packages [5,492 B]
Fetched 1,532 kB in 35s (42.9 kB/s)
Reading package lists... Done

 

And to install the updates use:

apt-get upgrade