Cupfighter.net

For whatever reason Microsoft removed the accessible way of removing hardware profiles in Vista and Windows 7. To help out a collegue with a corrupt profile I made a tiny Powershell script to perform this action. It’s easily done by hand in the registry, the downside is you won’t see the profile descriptions which is a tad errorprone. Also, feel free to use this but I will take no responsibility whatsoever if you use this and you break your Windows install

# 20091218 – vo.o1 – PZO    – Initial hack to delete hardware profiles in Windows Vista/7
#
#————————————————————————————————————————————–
# Let’s see which profiles exist..
#————————————————————————————————————————————–
$i = 0
Write-Host “”
Write-Host “The following hardware profiles have been found on this computer:” -f white
foreach ($profile in (ls -path “HKLM:\SYSTEM\CurrentControlSet\Control\IDConfigDB\Hardware Profiles\”) ) {
Write-Host 000$i – (get-itemproperty -path “HKLM:\SYSTEM\CurrentControlSet\Control\IDConfigDB\Hardware Profiles\000$i”).FriendlyName
$i++
}
#————————————————————————————————————————————–
# Now we can ask which to remove..
#————————————————————————————————————————————–
Write-Host “”
Write-Host “You are strongly advised not to remove profile 0000 – New Hardware Profile” -f red
Write-Host “”
$input = read-host “Which profile is causing you headaches and should be removed?”
Write-Host “deleting.. “HKLM:\SYSTEM\CurrentControlSet\Hardware Profiles\$input”"
Remove-Item -Path “HKLM:\SYSTEM\CurrentControlSet\Hardware Profiles\$input”

Finally: do _not_ remove profile 0000 unless you know what you are doing. YMMV!

[BBG]

Late October PowerShell V2 was released for almost all Windows platforms. Check out http://support.microsoft.com/kb/968929 and download the version you need.

Happy scripting!

Remote Management.
Well finally, PowerShell v2 is included and holds an AD Module, so the Quest ActiveRoles Management Shell for Active Directory is now ‘sort of’ native.  A comprehensive set of AD cmdlets for AD DS and AD LDS administration, configuration and diagnostic tasks.

PowerShell drives for AD will simplify navigation in AD Directory Services. And most of all: certain tasks can only be achieved through PowerShell hurrah for the shell.

AD Web services (ADWS) will create a web service ‘gateway’ for managing windows 2008 R2 servers through PowerShell. Be sure you have port 9289 opened on the firewalls and your home free.

For backward compatibility Active Directory Management Gateway Service (ADMGS) is available for Windows Server 2003 and 2008, however this does not support instances of AD Mounting Tool (get-PSdrive)

AD Administrative Center
The users and computers interface is enriched by progressive disclosure of data, which means, the interface builds up navigation history and anticipates on tasks you’re about to do and fill the interface accordingly. Big plus is that you can connect to multiple domains at the same time.

Managed Service Accounts
Currently using built in accounts for services does not provide service isolation. And in case we run the services using standard user accounts with some extensive privileges. But then again, changing services account passwords on a regular basis did cause some unexpected service failures.

So managed service accounts are presented, though the accounts must be created and managed through Windows PowerShell. J. It’s delivered in three steps. The sweet thing is that a reset of the password is done on a regular basis (default by 30 days) by the system itself.

However:
1: Service / application requiring managed account must be running on Windows 7 or Server 2008 R2
2: Managed accounts cannot be shared across multiple servers

The latter is a major setback since the whole security of the password changes are embedded, so why don’t enable it cross hosts, so keep it simple and transparent does not apply here.

Djoin.exe
Now, Windows 7 or Windows 2008 R2 machines can be joined to a domain while offline, it’s not PowerShell driven though. During deployment the machine has already domain joined the domain at startup, so no reboot required. This will definitely speed up deployment of VMs and scripted installs. The sysprep process will create a new section in unattended.xml to supports offline domain joins which will actually simplifies domain joins to RODCs.

Recycle Bin for AD
Here it is: a fast and decent failsafe of accidently deletion of AD objects; the recycle bin for AD.
You need to promote to 2008 R2 Forest functionality and, of course, it’s PowerShell driven.
Bear in mind, once enabled it cannot be disabled, but then again, it restores all attributes including linked attributes.  Of course it will impact storage, but no more than 5 -10% increase of the AD database. Here is how it will work:

Session by: Andrew Fryer

In this interactive lab I learned how to install and configure SQL 2008 on Windows 2008 R2 Core, which has the following technical advantages and characteristics:

-          Running on R2 Core instead of normal setup, limits the need of patching and maintenance of a SQL OS to the minimum R2 core components updated, minimizing the instance downtime.

-          Running several SQL instances is possible as it is on the GUI enabled full OS setup.

-          All installations and configurations needs to be done using Powershell cmdlets, which are limited to installation of .Net framework 3.5, configuring windows firewall to allow 1433 and installing base components of SQL 2008, and of course the GUI components of SQL including management studio is not to run from the R2 core and the instance needs to be managed by remote machine.

-          It makes the life really easy to prepare an R2 image with pre-installation of SQL 2008 using Sysprep for fast deployment of an SQL Server. We have reached an OS/SQL deployment time of 5 minutes in the lab.

-          Running on R2 core is has also security advantages for SQL Server instance as major windows vulnerabilities are related to higher levels and Windows 2008 core is mostly not affected.

-          It is possible to cluster an SQL instance running on R2 core.

-          This implementation is not supported by Microsoft at this moment, but several factors shows it will be supported in the near future.

The how to guide will be shortly available on Codeplex. If not, I will add an installation guide to this blog too.

Finding the next available driveletter on a system, excluding reserved driveletters, can be done using the following PowerShell 1-liner.

[char[]]”DEFGJKLMNOPQRTUVWXY” | ?{!(gdr $_ -ea ‘SilentlyContinue’)} | select -f 1

The character array containing only valid driveletters (in this example A, B, C, H, I, S and Z are not to be used)  is piped to the where-object cmdlet which uses Get-PSDrive to filter out the non-used drive letters. These are then passed to the Select-Object cmdlet which only displays the 1st match.

Beware: the line above returns only the bare driveletter – no colon is appended.

Comparing version numbers can be tricky from time to time, before you know it you end up in auto-casting issues comparing strings to integers etc. The most common format of a version number in Windows is “Major. Minor. Build. Revision” where each individual item is a figure, but because of the separating dots PowerShell will treat each item as a string.

The .Net System.Version assembly offers a CompareTo method which can do the trick, as shown in the figure below.

The CompareTo method will return 1, 0 or -1  depending whether the compare to version  is higher, equal or lower.

Thanks to Shay Levi (see the comment) I now know a better/faster method for comparing version numbers (thaks Shay). PowerShell has its own [vesion] type. This removes the need of loading the assembly and using New-Object. It still allows for using the CompareTo method and direct compare via -ge, -gt, etc.

The CompareTo method will distinguish between the 3 possibilities (>, < or =), but direct comparison might be sufficient in a script.

PowerShell allows for inline parameter control for some of its cmdlet parameters. Based upon commandline and/or inputfile content you might want to turm some of the cmdlet parameters on or off.

For example: scripts manipulating files will often use the Get-ChildItem cmdlet in combination with the -recurse parameter, but not allways the subfolder files are required. Instead off having multiple Get-ChildItem commandlines (each with their own set of parameters) a single line might be possible.

The following examples use the Get-ChildItem cmdlet to show what I mean.

The command in figure below will display all *.tmp files in the current folder and its subfolders.

By extending -recurse with :$false recursive lookup will be turned off.

On the otherhand, replacing $false with $true will turn recursive lookup on again.

So using a boolean variable we can turn recursive lookup on or off from within the script (-recurse:$RecurseOnOff). And of course this method also works for other parameters.

And it does get stranger….. in some occasions you can also reverse the default action of a parameter. Hence the following figure.

The 1st command will show all files with exception of the *.tmp files. By appending :$false to -exclude, we turn -exclude into -include as demonstrated by the 2nd command.

This form of parameter manipulation offers a scala of possibilities. Using script parameters to control cmdlet behaviour can both decrease script size and complexity.

Have fun experimenting with this little trick