Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ed Wilson, MCSE, MCSD Microsoft Scripting Guy Microsoft Session Code: WCL314.

Similar presentations


Presentation on theme: "Ed Wilson, MCSE, MCSD Microsoft Scripting Guy Microsoft Session Code: WCL314."— Presentation transcript:

1

2 Ed Wilson, MCSE, MCSD Microsoft Scripting Guy Microsoft Session Code: WCL314

3 Objectives And Takeaways Objectives Show how to use Windows PowerShell 2.0 remoting to manage Desktops Show how to use Windows PowerShell 2.0 to troubleshoot Desktops Key Takeaways Windows PowerShell 2.0 remoting is as easy as typing the name of the computer Interactive sessions allow for more extensive remote scenarios

4 What is Windows PowerShell? Console Interactive commands Query and configure Run jobs Scripting language Automate everything Sharable and reusable

5 PowerShell Remoting requirements Not all remoting is the same Get-Process Get-Service and others use.NET Framework methods To use Local and remote computer need: Windows PowerShell 2.0 Microsoft.NET Framework 2.0 or later Windows Remote Management 2.0 To configure PowerShell remoting: start PowerShell as admin Use enable-psremoting cmdlet Configures firewall and Winrm Service

6 Windows PowerShell Remoting Use the ComputerName parameter with select cmdlets Get-Process –ComputerName Berlin Run a command on remote computer Invoke-Command –ComputerName Berlin ` -ScriptBlock { HostName} Open a PowerShell session on remote computer Enter-PSSession –ComputerName Berlin [berlin]: PS C:\> HostName [berlin]: PS C:\> Exit-PSSession

7 30 ComputerName cmdlets TROUBLESHOOTING Restart-Computer Stop-Computer Test-Connection Get-Counter EVENTLOG Show-EventLog Write-EventLog Limit-EventLog Get-EventLog Remove-EventLog New-EventLog Clear-EventLog Get-WinEvent GENERAL Get-HotFix Receive-Job Get-Process Set-Service Get-Service WMI Register-WmiEvent Set-WmiInstnace Invoke-WmiMethod Get-WmiObject Remove-WmiObject WSMAN Disconnect-WSMan Test-WSMan Connect-WSMan Invoke-WSManAction Get-WSManInstance Remove- WSManInstance Set-WSManInstance New-WSManInstance REMOTING Remove-PSSession Get-PSSession New-PSSession Enter-PSSession Invoke-Command

8 Getting information remotely The same syntax, and experience remotely as locally Uses credentials of current user Examples: Get-Service –computername berlin Get-Process –computername berlin Get-HotFix –computername berlin 9 cmdlets Get-Counter Get-EventLog Get-HotFix Get-Process Get-Service Get-PSSession Get-WinEvent Get-WmiObject Get-WSManInstance

9 Getting information remotely Ed Wilson Microsoft Scripting Guy Microsoft

10 Working with Services Has a ComputerName Parameter. Use Directly Get-Service and Set-Service PS C:\> Get-Service –ComputerName Berlin No ComputerName parameter. Use Invoke- Command when working remotely PS C:\> Invoke-Command -ComputerName berlin ` { Start- Service -Name bits } Start-Service Stop-Service Restart-Service Suspend-Service Resume-Service Before making changes to services PS C:\> Checkpoint-Computer –Description “Before changed services”

11 Working with services remotely Ed Wilson Microsoft Scripting Guy Microsoft

12 Working with Processes There are five process cmdlets Get-Process Debug-Process Start-Process Stop-Process Wait-Process Get-Process. Easy to use remotely and locally PS C:\> Get-Process –comptuername Berlin –name calc PS C:\> Get-Process –computername Berlin –id 4072 Start-Process, Stop-Process no computername PS C:\> Enter-PSSession –comptuername berlin [berlin]: PS C:\> Start-Process notepad [berlin]: PS C:\> Get-Process –name notepad [berlin]: PS C:\> Stop-Process –name notepad [berlin]: PS C:\> exit

13 Working with Processes Ed Wilson Microsoft Scripting Guy Microsoft

14 Working with Hot Fixes Use on Local Computer PS C:\> Get-HotFix On remote use computername parameter PS C:\> Get-HotFix -ComputerName berlin To search for hot fixes by ID number use id PS C:\> Get-HotFix -Id KB950099 Search by description to find related hot fixes PS C:\> Get-HotFix -Description security* PS C:\> Get-HotFix -Description update PS C:\> Get-HotFix -Description software*

15 Working with Hot fixes Ed Wilson Microsoft Scripting Guy Microsoft

16 Working with Event logs Two cmdlets. Both support computername Get-EventLog Get-WinEvent Get-EventLog Traditional event logs. Easy to use syntax PS C:\> Get-EventLog -LogName application ` -ComputerName berlin -Newest 1 Get-WinEvent Can access diagnostic logs PS C:\> Get-WinEvent –logname Microsoft- Windows-WinRM/Operational –MaxEvents 1

17 Using Get-EventLog Use to access classic event logs only Use LogName parameter to specify log System, Application, Security etc. PS C:\> Get-EventLog –LogName Application Use Source parameter filters where event from PS C:\> Get-EventLog -LogName application -Source vss Use Newest parameter to limit number records Use EntryType parameter to limit type records Error, Warning, Information, Auditing Use ComputerName parameter to remote

18 Using Get-WinEvent Use the ListLog parameter to list logs Use wild cards to search for logs *winrm* Use LogName parameter to query logs Use wild cards for log name as well *winrm* Use when have single match, only one with events Use ListProvider parameter to display sources To use the ETW diagnostic logs Enable ETW diagnostic logging ETW logs can only be played Forward. An error is returned unless you use –oldest switch More information in Advanced Scripting Talk by Dan Harmon

19 Working with Event logs Ed Wilson Microsoft Scripting Guy Microsoft

20 Using WMI Events Do not confuse with event logs. Easy to work with temporary short term events Monitor for process creation Monitor for service stopping Monitor for USB drive attached to system Use Register-WmiEvent to create Uses intrinsic WMI event classes, or generics Can be local or remote. Remote credentials if need Retrieve by Get-Event and SourceIdentifier UnRegister-Event or Remove-Event when done

21 Working with WMI Events Ed Wilson Microsoft Scripting Guy Microsoft

22 Working with Hardware Inventory Use the Get-WmiObject cmdlet to work with WMI Basic query uses Class and Computername PS C:\> Get-WmiObject -Class Win32_Bios ` -ComputerName berlin PS C:\> gwmi win32_Bios -co berlin Use Credential parameter for remote if need Other parameters allow full WMI Amended Authentication Authority Impersonation EnableAllPrivileges

23 Working with hardware inventory Ed Wilson Microsoft Scripting Guy Microsoft

24 Working with Software Uses Win32_Product WMI class Uses MSIPROV Installed by default on: Windows 7 Windows Server 2008 R2 Windows Server 2008 Windows Vista, and Windows XP Need to Add on Windows Server 2003 Use to inventory software installed via MSI Install Method to install software Uninstall Method to uninstall software

25 Working with software Ed Wilson Microsoft Scripting Guy Microsoft

26 Setting security Best to use ICACLS.exe Installed on –Windows Vista and above Available on Windows Server 2003 SP2 You need the hotfix 943043 to fix inheritance issue PS C:\> icacls test /Deny Everyone:`(R`) PS C:\> icacls test /Grant Everyone:`(F`) Get-ACL Retrieves the security descriptor from item Set-ACL Sets the security descriptor on item

27 Setting Security Ed Wilson Microsoft Scripting Guy Microsoft

28 Stop by and see the Scripting Guys What types of tasks do you need to automate What types of scripts would you like to see What script do you wish you had now What would you like to see in the Script Repository How could we make it easier to navigate How can we make your life easier What types of functions / modules do you wish you had

29

30 www.microsoft.com/teched Sessions On-Demand & Community http://microsoft.com/technet Resources for IT Professionals http://microsoft.com/msdn Resources for Developers www.microsoft.com/learning Microsoft Certification and Training Resources www.microsoft.com/learning Microsoft Certification & Training Resources Resources Required Slide Speakers, TechEd 2009 is not producing a DVD. Please announce that attendees can access session recordings at TechEd Online. Required Slide Speakers, TechEd 2009 is not producing a DVD. Please announce that attendees can access session recordings at TechEd Online.

31 Microsoft Technet Script Center www.ScriptingGuys.com Daily Hey Scripting Guy! Article Script Center Script Repository Resources Required Slide Speakers, TechEd 2009 is not producing a DVD. Please announce that attendees can access session recordings at TechEd Online. Required Slide Speakers, TechEd 2009 is not producing a DVD. Please announce that attendees can access session recordings at TechEd Online. Microsoft Press Scripting Books Microsoft Windows Powershell Step By Step Windows PowerShell Scripting Guide

32 Advanced Windows PowerShell Scripting Advanced Windows PowerShell Scripting HOL Introduction to Windows PowerShell Fundamentals HOL Windows PowerShell Programming HOL

33 Complete an evaluation on CommNet and enter to win! Required Slide

34 © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. Required Slide


Download ppt "Ed Wilson, MCSE, MCSD Microsoft Scripting Guy Microsoft Session Code: WCL314."

Similar presentations


Ads by Google