Ed Wilson, MCSE, MCSD Microsoft Scripting Guy Microsoft Session Code: WCL314 Objectives And Takeaways Objectives Show how to use Windows PowerShell 2.0 remoting to manage Desktops Show.

Download Report

Transcript Ed Wilson, MCSE, MCSD Microsoft Scripting Guy Microsoft Session Code: WCL314 Objectives And Takeaways Objectives Show how to use Windows PowerShell 2.0 remoting to manage Desktops Show. 

Ed Wilson, MCSE, MCSD
Microsoft Scripting Guy
Microsoft
Session Code: WCL314
Objectives And Takeaways
Objectives
Show how to use Windows PowerShell 2.0
remoting to manage Desktops
Show how to use Windows PowerShell 2.0 to
troubleshoot Desktops
Key Takeaways
Windows PowerShell 2.0 remoting is as easy as
typing the name of the computer
Interactive sessions allow for more extensive
remote scenarios
What is Windows PowerShell?
Console
Interactive commands
Query and configure
Run jobs
Scripting language
Automate everything
Sharable and reusable
PowerShell Remoting requirements
Not all remoting is the same
Get-Process Get-Service and others use .NET Framework
methods
To use Local and remote computer need:
Windows PowerShell 2.0
Microsoft .NET Framework 2.0 or later
Windows Remote Management 2.0
To configure PowerShell remoting:
start PowerShell as admin
Use enable-psremoting cmdlet
Configures firewall and Winrm Service
Windows PowerShell Remoting
Use the ComputerName parameter with select
cmdlets
Get-Process –ComputerName Berlin
Run a command on remote computer
Invoke-Command –ComputerName Berlin `
-ScriptBlock { HostName}
Open a PowerShell session on remote computer
Enter-PSSession –ComputerName Berlin
[berlin]: PS C:\> HostName
[berlin]: PS C:\> Exit-PSSession
30 ComputerName cmdlets
TROUBLESHOOTING
GENERAL
Get-HotFix
Receive-Job
Get-Process
Set-Service
Get-Service
Restart-Computer
Stop-Computer
Test-Connection
Get-Counter
EVENTLOG
Show-EventLog
Write-EventLog
Limit-EventLog
Get-EventLog
Remove-EventLog
New-EventLog
Clear-EventLog
Get-WinEvent
WMI
Register-WmiEvent
Set-WmiInstnace
Invoke-WmiMethod
Get-WmiObject
Remove-WmiObject
WSMAN
Disconnect-WSMan
Test-WSMan
Connect-WSMan
Invoke-WSManAction
Get-WSManInstance
RemoveWSManInstance
Set-WSManInstance
New-WSManInstance
REMOTING
Remove-PSSession
Get-PSSession
New-PSSession
Enter-PSSession
Invoke-Command
Getting information remotely
The same syntax, and experience remotely as
locally
Uses credentials of current user
Examples:
Get-Service –computername berlin
Get-Process –computername berlin
Get-HotFix –computername berlin
9 cmdlets
Get-Counter
Get-Process
Get-WinEvent
Get-EventLog
Get-Service
Get-WmiObject
Get-HotFix
Get-PSSession
Get-WSManInstance
Getting information remotely
Ed Wilson
Microsoft Scripting Guy
Microsoft
Working with Services
Has a ComputerName Parameter. Use Directly
Get-Service and Set-Service
PS C:\> Get-Service –ComputerName Berlin
No ComputerName parameter. Use InvokeCommand when working remotely
PS C:\> Invoke-Command -ComputerName berlin `
Service -Name bits }
Start-Service
Stop-Service
Restart-Service
Suspend-Service
Resume-Service
{ Start-
Before making changes to services
PS C:\> Checkpoint-Computer –Description “Before changed services”
Working with services remotely
Ed Wilson
Microsoft Scripting Guy
Microsoft
Working with Processes
There are five process cmdlets
Get-Process
Stop-Process
Debug-Process
Wait-Process
Start-Process
Get-Process. Easy to use remotely and locally
PS C:\> Get-Process –comptuername Berlin –name calc
PS C:\> Get-Process –computername Berlin –id 4072
Start-Process , Stop-Process no computername
PS C:\> Enter-PSSession –comptuername berlin
[berlin]: PS C:\> Start-Process notepad
[berlin]: PS C:\> Get-Process –name notepad
[berlin]: PS C:\> Stop-Process –name notepad
[berlin]: PS C:\> exit
Working with Processes
Ed Wilson
Microsoft Scripting Guy
Microsoft
Working with Hot Fixes
Use on Local Computer
PS C:\> Get-HotFix
On remote use computername parameter
PS C:\> Get-HotFix -ComputerName berlin
To search for hot fixes by ID number use id
PS C:\> Get-HotFix -Id KB950099
Search by description to find related hot fixes
PS C:\> Get-HotFix -Description security*
PS C:\> Get-HotFix -Description update
PS C:\> Get-HotFix -Description software*
Working with Hot fixes
Ed Wilson
Microsoft Scripting Guy
Microsoft
Working with Event logs
Two cmdlets. Both support computername
Get-EventLog
Get-WinEvent
Get-EventLog
Traditional event logs. Easy to use syntax
PS C:\> Get-EventLog -LogName application `
-ComputerName berlin -Newest 1
Get-WinEvent
Can access diagnostic logs
PS C:\> Get-WinEvent –logname MicrosoftWindows-WinRM/Operational –MaxEvents 1
Using Get-EventLog
Use to access classic event logs only
Use LogName parameter to specify log
System, Application, Security etc.
PS C:\> Get-EventLog –LogName Application
Use Source parameter filters where event from
PS C:\> Get-EventLog -LogName application -Source vss
Use Newest parameter to limit number records
Use EntryType parameter to limit type records
Error, Warning, Information, Auditing
Use ComputerName parameter to remote
Using Get-WinEvent
Use the ListLog parameter to list logs
Use wild cards to search for logs *winrm*
Use LogName parameter to query logs
Use wild cards for log name as well *winrm*
Use when have single match, only one with events
Use ListProvider parameter to display sources
To use the ETW diagnostic logs
Enable ETW diagnostic logging
ETW logs can only be played Forward. An error is returned
unless you use –oldest switch
More information in Advanced Scripting Talk by Dan Harmon
Working with Event logs
Ed Wilson
Microsoft Scripting Guy
Microsoft
Using WMI Events
Do not confuse with event logs.
Easy to work with temporary short term events
Monitor for process creation
Monitor for service stopping
Monitor for USB drive attached to system
Use Register-WmiEvent to create
Uses intrinsic WMI event classes, or generics
Can be local or remote. Remote credentials if need
Retrieve by Get-Event and SourceIdentifier
UnRegister-Event or Remove-Event when done
Working with WMI Events
Ed Wilson
Microsoft Scripting Guy
Microsoft
Working with Hardware Inventory
Use the Get-WmiObject cmdlet to work with
WMI
Basic query uses Class and Computername
PS C:\> Get-WmiObject -Class Win32_Bios `
-ComputerName berlin
PS C:\> gwmi win32_Bios -co berlin
Use Credential parameter for remote if need
Other parameters allow full WMI
Amended
Authentication
Authority
Impersonation EnableAllPrivileges
Working with hardware inventory
Ed Wilson
Microsoft Scripting Guy
Microsoft
Working with Software
Uses Win32_Product WMI class
Uses MSIPROV
Installed by default on:
Windows 7
Windows Server 2008 R2
Windows Server 2008
Windows Vista, and Windows XP
Need to Add on Windows Server 2003
Use to inventory software installed via MSI
Install Method to install software
Uninstall Method to uninstall software
Working with software
Ed Wilson
Microsoft Scripting Guy
Microsoft
Setting security
Best to use ICACLS.exe
Installed on –Windows Vista and above
Available on Windows Server 2003 SP2
You need the hotfix 943043 to fix inheritance issue
PS C:\> icacls test /Deny Everyone:`(R`)
PS C:\> icacls test /Grant Everyone:`(F`)
Get-ACL
Retrieves the security descriptor from item
Set-ACL
Sets the security descriptor on item
Setting Security
Ed Wilson
Microsoft Scripting Guy
Microsoft
Stop by and see the Scripting Guys
What types of tasks do you need to automate
What types of scripts would you like to see
What script do you wish you had now
What would you like to see in the Script
Repository
How could we make it easier to navigate
How can we make your life easier
What types of functions / modules do you wish
you had
Resources
www.microsoft.com/teched
www.microsoft.com/learning
Sessions On-Demand & Community
Microsoft Certification & Training Resources
http://microsoft.com/technet
http://microsoft.com/msdn
Resources for IT Professionals
Resources for Developers
www.microsoft.com/learning
Microsoft Certification and Training Resources
Resources
Microsoft Technet Script Center
www.ScriptingGuys.com
Daily Hey Scripting Guy! Article
Script Center Script Repository
Microsoft Press Scripting Books
Microsoft Windows Powershell Step By
Step
Windows PowerShell Scripting Guide
Advanced Windows PowerShell Scripting
Advanced Windows PowerShell Scripting HOL
Introduction to Windows PowerShell Fundamentals HOL
Windows PowerShell Programming HOL
Complete an
evaluation on
CommNet and
enter to win!
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should
not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS,
IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.