© 2010 Quest Software, Inc. ALL RIGHTS RESERVED

Techstravaganza 2010PowerShell 101

Dmitry Kagansky

Solutions Architect - Quest Software (Public Sector)

dmitry.kagansky@quest.com

http://www.idmwizard.com/

2

Introduction & Administrative Items

• Agenda– Dmitry Kagansky

• PowerShell 101

– Aaron

• PowerShell and Server Management

– Barry Gerdsen

• PowerShell and Active Directory

• PowerGUI

• PowerShell Scripting & Debugging

• Expectations

3

What is PowerShell?• Blah blah blah – you’ve heard it all before• However, these are some things to keep in mind

• It is Object Oriented– What?

• It is extensible– “Snap-ins” is the word of the day

• It is baked into Windows• It is mandatory for some products

– Exchange

• It’s now up to version 2.0!

4

Unified and Standardized

• Exchange

Get-Mailbox –Database 'VIP' | Set-Mailbox –MaxReceiveSize 'unlimited'

• Active Directory

Get-QADUser –City 'Aliso Viejo' | Set-QADUser -PhoneNumber '949.754.8000'

• VMware

Get-VM -Name web* | Set-VM –MemoryMB 1024

5

Where to begin?

• “Blue is the new black”

• The console

6

So how did I start?

• I stumbled around and tried things

• First new word– cmdlets

• The only cmdlet I can reliably remember– Get-Help

• save it for the lab

• cmdlet format– Verb-noun

• Aliases

7

cmdlets

• Verb-Noun– No ‘real’ standard to separate out separate vendor

cmdlets (Quest uses Verb-QNoun but another snap-in could break this)

• I lied; I can also remember:– Get-Command

8

How It Works

filtering, etc.

Get-Something

Do-Something

Collection of

objects

Collection of

objects

9

PowerShell for Reporting

• Get-* to retrieve information on most objects

• Sorting, Filtering, Grouping

• Tables, Lists

• Output to XML, CSV, HTML

• On the fly calculations

10

Perfect for Bulk Operations

• Bulk changes

• Provisioning from csv

• Snapshots

• Learn to love the pipe– |– (and its red-headed step-children, the redirectors)

11

Natively Supports Modern Technology

• HTML Reporting

• CSV• XML• Web Services

Get-QADUser | ConvertTo-Html –Property Name, Title Get-QADUser | ConvertTo-Html –Property Name, Title

12

Natively Supports Modern Technology

• HTML Reporting• CSV

• XML• Web Services

Get-Mailbox | Export-CSV c:\out.csv Get-Mailbox | Export-CSV c:\out.csv

13

Natively Supports Modern Technology

• HTML Reporting• CSV• XML

• Web Services

$data = [XML] Get-Content c:\data.xml

$data.chapter

$data = [XML] Get-Content c:\data.xml

$data.chapter

14

Natively Supports Modern Technology

• HTML Reporting• CSV• XML• Web Services

$zip = New-WebServiceProxy –uri `

http://www.webservicex.net/uszip.asmx?WSDL

$zip = New-WebServiceProxy –uri `

http://www.webservicex.net/uszip.asmx?WSDL

15

Variables, Arrays, and Hash Tables

• Variables - allows us to store single bits of information– $firstName

• Arrays - allows us to store information in a sequentially numbered index– $strComputers[x]

• Hash Table - allows us to store in key/value pairs• (like Arrays but referenceable by name)

– $strEmployeeID[“Dmitry K”]

16

Special Variables• $_: Contains the current pipeline object, used in script

blocks, filters, and the where statement• $Args: Contains an array of the parameters passed to

a function• $Error: Contains objects for which an error occurred

while being processed in a cmdlet• $Home: Specifies the user’s home directory• $PsHome: The directory where the Windows

PowerShell is installed

• I give up – just run:• _ Get-Help about_automatic_variables Get-Help about_automatic_variables

17

Conditional Logic

• Comparing data

• if/else/elseif

Operator Description

-eq Equal to

-lt Less than

-gt Greater than

-ge Greater than or Eqaul to

-le Less than or equal to

-ne Not equal to

If (this –eq boring) {surf-web} else {pay-attention} If (this –eq boring) {surf-web} else {pay-attention}

18

Looping

• Looping is the key to batch work

• Common loop constructs– do while: - Script block executes as long as condition value =

True– while: Similar to “do while”– do until: Script block executes until the condition value = True– for: Script block executes a specified number of times– foreach: Executes script block for each item in a collection or

array

19

Output & Feedback

• Lots of ways to do it– Write-Host– Out-File– Redirection

– Lots of ways . . . .

Get-Command *export* Get-Command *out*Get-Command *write*

Get-Command *export* Get-Command *out*Get-Command *write*

20

Redirection Cheat SheetOperator Description

>Redirects output to specified file. If the file already exists, current contents are overwritten.

>>Redirects output to specified file. If the file already exists, the new output is appended to the current content.

2>Redirects error output to specified file. If the file already exists, current contents are overwritten.

2>>Redirects error output to specified file. If the file already exists, the new output is appended to the current content.

2>&1Redirects error output to the standard output pipe instead of to the error output pipe.

22

Dissecting some code

• From http://www.idmwizard.com/2009/05/19/delete-that-gpo-using-a-quest-product-of-course/

• Follow it with me

23

import-csv deletelist.csv | % {& Delete-QGPO.ps1 $_.GPOName $_.GPMServer}import-csv deletelist.csv | % {& Delete-QGPO.ps1 $_.GPOName $_.GPMServer}

Dissecting some code

24

###################################################### In an ideal world, this would be a cmdlet called:#    Delete-QGPO GPOName [-GPMServer] #####################################################

# define the GPO name, which is what people # will probably know it as – this # can be an argument to a script later$gpoName = $args[0];

# Which GPM Server to export from$GPMHostname = $args[1];$GPMPort = 40200;#####################################################

###################################################### In an ideal world, this would be a cmdlet called:#    Delete-QGPO GPOName [-GPMServer] #####################################################

# define the GPO name, which is what people # will probably know it as – this # can be an argument to a script later$gpoName = $args[0];

# Which GPM Server to export from$GPMHostname = $args[1];$GPMPort = 40200;#####################################################

Dissecting some code

25

& 'C:\Program Files\Quest Software\Quest Group Policy Manager\QGPMInit.ps1' -computerName $GPMHostname& 'C:\Program Files\Quest Software\Quest Group Policy Manager\QGPMInit.ps1' -computerName $GPMHostname

Dissecting some code

26

$foundGPO = $false ;

# loop through all the objects in the data set and find the policy we wantforeach($currentGPO in

$VCManager.GetControlledObjects("GPO") | Where-Object {$_.Name -eq $gpoName})

{$foundGPO = $true;

# check out the GPO so we can edit it# you can discard the contents # returned since we want a previous version

  $VCManager.Delete($currentGPO.VCId, "Deleting GPO - bye bye");

Write-Output “deleting GPO $gpoName";}

$foundGPO = $false ;

# loop through all the objects in the data set and find the policy we wantforeach($currentGPO in

$VCManager.GetControlledObjects("GPO") | Where-Object {$_.Name -eq $gpoName})

{$foundGPO = $true;

# check out the GPO so we can edit it# you can discard the contents # returned since we want a previous version

  $VCManager.Delete($currentGPO.VCId, "Deleting GPO - bye bye");

Write-Output “deleting GPO $gpoName";}

Dissecting some code

27

if ($foundGPO -eq $false){

Write-Output "GPO $gpoName not found”;}

if ($foundGPO -eq $false){

Write-Output "GPO $gpoName not found”;}

Dissecting some code

28

###################################################### In an ideal world, this would be a cmdlet called:#    Delete-QGPO GPOName [-GPMServer] [-GPMPort]#####################################################

# define the GPO name, which is what people will probably know it as – this # can be an argument to a script later$gpoName = $args[0];

# Which GPM Server to export from$GPMHostname = $args[1];$GPMPort = 40200;#####################################################

& 'C:\Program Files\Quest Software\Quest Group Policy Manager\QGPMInit.ps1' -computerName $GPMHostname

$foundGPO = $false ;

# loop through all the objects in the data set and find the policy we wantforeach($currentGPO in $VCManager.GetControlledObjects("GPO") |      Where-Object {$_.Name -eq $gpoName}){

$foundGPO = $true;

# check out the GPO so we can edit it# you can discard the contents returned since we want a previous version

  $VCManager.Delete($currentGPO.VCId, "Deleting GPO - bye bye");

Write-Output “deleting GPO $gpoName";}

if ($foundGPO -eq $false){

Write-Output "GPO $gpoName not found”;}

###################################################### In an ideal world, this would be a cmdlet called:#    Delete-QGPO GPOName [-GPMServer] [-GPMPort]#####################################################

# define the GPO name, which is what people will probably know it as – this # can be an argument to a script later$gpoName = $args[0];

# Which GPM Server to export from$GPMHostname = $args[1];$GPMPort = 40200;#####################################################

& 'C:\Program Files\Quest Software\Quest Group Policy Manager\QGPMInit.ps1' -computerName $GPMHostname

$foundGPO = $false ;

# loop through all the objects in the data set and find the policy we wantforeach($currentGPO in $VCManager.GetControlledObjects("GPO") |      Where-Object {$_.Name -eq $gpoName}){

$foundGPO = $true;

# check out the GPO so we can edit it# you can discard the contents returned since we want a previous version

  $VCManager.Delete($currentGPO.VCId, "Deleting GPO - bye bye");

Write-Output “deleting GPO $gpoName";}

if ($foundGPO -eq $false){

Write-Output "GPO $gpoName not found”;}

Dissecting some code: The whole script

29

$gpoName = $args[0];$GPMHostname = $args[1];$GPMPort = 40200;

& 'C:\Program Files\Quest Software\Quest Group Policy Manager\QGPMInit.ps1' -computerName $GPMHostname

$foundGPO = $false ;

foreach($currentGPO in $VCManager.GetControlledObjects("GPO") |      Where-Object {$_.Name -eq $gpoName}){

$foundGPO = $true;

  $VCManager.Delete($currentGPO.VCId, "Deleting GPO - bye bye");

Write-Output “deleting GPO $gpoName";}

if ($foundGPO -eq $false){

Write-Output "GPO $gpoName not found”;}

$gpoName = $args[0];$GPMHostname = $args[1];$GPMPort = 40200;

& 'C:\Program Files\Quest Software\Quest Group Policy Manager\QGPMInit.ps1' -computerName $GPMHostname

$foundGPO = $false ;

foreach($currentGPO in $VCManager.GetControlledObjects("GPO") |      Where-Object {$_.Name -eq $gpoName}){

$foundGPO = $true;

  $VCManager.Delete($currentGPO.VCId, "Deleting GPO - bye bye");

Write-Output “deleting GPO $gpoName";}

if ($foundGPO -eq $false){

Write-Output "GPO $gpoName not found”;}

Dissecting some code: The whole script

30

Remember this? - Unified and Standardized

• Exchange

Get-Mailbox –Database 'VIP' | Set-Mailbox –MaxReceiveSize 'unlimited'

• Active Directory

Get-QADUser –City 'Aliso Viejo' | Set-QADUser -PhoneNumber '949.754.8000'

• VMware

Get-VM -Name web* | Set-VM –MemoryMB 1024

31

PowerShell 2.0 – What’s new• See http://support.microsoft.com/kb/968929 for details• An update of not just PoSh but the entire Windows Management Framework

• Remoting– run commands on one or more remote computers from a single computer

• Integrated Scripting Environment– run interactive commands and edit and debug scripts in a graphical environment.

• Modules– partition and organize Windows PowerShell code in self-contained, reusable units.

• Advanced functions– Advanced functions are functions that have the same capabilities and behavior as cmdlets but

not written in compiled C#.• Background jobs

– allows for running a command or expression asynchronously and "in the background" without interacting with the console.

• Eventing– adds support for listening, forwarding, and acting on management and system events.

• Script internationalization– enables scripts to display messages that is specified by the UI culture setting on the user's

computer.• Script debugging

– New features were added to Windows PowerShell that let you do more during debugging.• New cmdlets

– introduces over 100 built-in cmdlets.

32

Thank You

33

Additional Info

Special user group pricing on PowerGUI Pro ($99)– http://www.quest.com/TechStrav2010

34

Resources

• MSDN PowerShell Blog– http://blogs.msdn.com/powershell/

• Good Starting Tutorial– http://www.powershellpro.com/powershell-tutorial-introduction/

• PowerGUI Community– http://www.powergui.org

• Free Tools from Quest– Look for PowerGUI and the AD cmdlets at:

• http://www.quest.com/free-tools