Posts RSS Comments RSS 253 Posts and 393 Comments till now

Archive for August, 2007

Powershell Crushes VBScript with AD query again

In my on going battle on EE to prove the value of powershell, I have destroyed yet another vbscript. While the vbscript look was impressive it was a monsterous 38 lines compaired to Powershell 12. Again with no short-cuts, you could trim another 4 lines with ease.

Here is my code. It gets all the groups and list the group name / member count / OU.

$filter = "(&(objectcategory=group))"
$root = [ADSI]""
$dsSearcher = new-Object System.DirectoryServices.DirectorySearcher($root,$filter)
$dsSearcher.PageSize = 1000
$groups = $dsSearcher.findAll()
@(foreach($group in $groups)
{
    [string]$name = $group.Properties.cn
    [string]$count = ($group.psbase.properties.member).count
    [string]$OU = ((($group.GetDirectoryEntry()).psbase).parent).distinguishedName
    "GROUP:{0} Count:{1} OU:{2}" -f $name.PadRight(35),$count.padright(5),$ou
}) | out-file C:\temp\yourfile.txt -enc ASCII

Output looks like this
GROUP:TGroup1 Count: OU:OU=MyGroups,DC=corp,DC=bb,DC=lab
GROUP:TGroup2 Count: OU:OU=MyGroups,DC=corp,DC=bb,DC=lab
GROUP:TGroup3 Count: OU:OU=MyGroups,DC=corp,DC=bb,DC=lab
GROUP:TGroup4 Count:1 OU:OU=MyGroups,DC=corp,DC=bb,DC=lab
GROUP:TGroup5 Count:2 OU:OU=MyGroups,DC=corp,DC=bb,DC=lab
….

:: Aug.31.2007 :: Active Directory, Powershell, Scripting :: 3 Comments »

The Power of -f. The Format Operator

This is from a NG post discussing the -f Operator… I thought it was a pretty good description. Compliments to Kiron.

Q: What is the -f operator

A: PowerShell’s Format Operator ‘-f’ is equivalent to .Net’s Composite
Formatting. The syntax is:
{index[,alignment][:formatString]} -f listOfValues

Composite Formatting

http://msdn2.microsoft.com/en-us/library/txafckwd(vs.71).aspx

Quoting from about_operator:
Format Operator “-f”
The format operator provides support for formatting strings via the .NET
string object format method. On the left hand side of the operator is the
format string and on the right hand of the operator is the collection of
objects to be formatted.
The following example shows some of the capabilities of the format operator.
PS> “{0} {1,-10} {2:N}” -f 1,”hello”,[math]::pi
1 hello 3.14

Some samples:

# the ‘|’ is for demonstrating the alignment
"{0:(###) ###-####}" -f 2224445555 # phone number
"{0:hh:mm:ss tt}" -f (get-date) # time, 12 hour format
"{0:HH:mm:ss}" -f (get-date) # time, 24 hour format
"{0:p4}" -f (1/3) # percent with four decimal places
"{0:c2}" -f (1724.87 * 12) # currency with two decimal places
"|{0,22:c2}|" -f (1724.87 * 12) # right aligned currency with two decimal places
"|{0,-22:n2}|" -f (13/57) # left aligned number with two decimal places
"{0:MM dd yy}" -f (get-date) # date, custom short format
"{0:MMMM yyyy}" -f (get-date) # date, ‘month year’ format
0..15 | % {"{0:0##}" -f $_} # filled number format
0..15 | % {"|{0,33}|" -f "Number $_"} # right aligned string
0..15 | % {"|{0,-33}|" -f "Number $_"} # left aligned string
0..15 | % {"|{0,33}|  |{0,-33}|" -f "Number $_"} # right & left aligned string

Suggested Reading.

Standard Numeric Format Strings

http://msdn2.microsoft.com/en-us/library/dwhawy9k.aspx

Custom Numeric Format Strings

http://msdn2.microsoft.com/en-us/library/0c899ak8.aspx

Standard DateTime Format Strings

http://msdn2.microsoft.com/en-us/library/az4se3k1.aspx

Custom DateTime Format Strings

http://msdn2.microsoft.com/en-us/library/8kb3ddd4.aspx

Enumeration Format Strings

http://msdn2.microsoft.com/en-us/library/c3s1ez6e.aspx

Check out this blog from the PowerShell Team

http://blogs.msdn.com/powershell/archive/2006/06/16/634575.aspx

:: Aug.27.2007 :: .NET, Format, Powershell, Scripting :: 3 Comments »

Script to set the Description of Computer Object

I recently joined Experts-Exchange to help people understand the glory of Powershell and how useful it can be to your average Server Admin with little to no scripting or developer experience and trying to sell the idea you do NOT have to be a Developer or hard core scripter to utilize the power that is at your finger tips.

In one of my 200+ response post in the last week :) An admin wanted to collect data from all the servers/workstations in his environment. What was so fun to watch was how Powershell DESTROYED vbscript and I didnt really take an shortcuts.

Total Line Count Vbscript = 98
Total Line Count Powershell = 53

Effectively what it does is collect hardware info from the server/workstation and updates AD Descript field with the data as well as export the info to .CSV file

CPU 3.20GHz/2GB Ram/69,845GB/1.44/CDD

Here is the code.
Download here http://bsonposh.com/uploads/wordpress/2007/08/Set-ComputerDescription.ps1

$Servers = Get-Content "C:\computers.txt"
$myobjects = @()
foreach($server in $servers)
{
    write-host "Processing Server $server"
    $query = "Select statuscode FROM Win32_PingStatus WHERE Address=’$server’ and Timeout=300"
    $pingresult = Get-WmiObject -query $query
    if($pingresult.statuscode -eq 0)
    {
        $myobj = "" | Select Name,CPU,Memory,DiskSpace,CD,Floppy
        $myobj.Name = $server

        # Getting Computer Object
        $filter = "(&(objectcategory=computer)(cn=$server))"
        $ds = new-Object System.DirectoryServices.DirectorySearcher($filter)
        $comp = ($ds.findone()).GetDirectoryEntry()

        # CPU info
        $cpu = Get-WmiObject Win32_Processor -computername $server | select name -first 1 | foreach{$_.name}
        $cpu = (($cpu -replace "Intel" -replace ‘\(R\)’).trim() -replace "Xeon\(TM\)").trim()
        $myobj.CPU = $cpu

        # Memory
        $mem = (Get-WmiObject Win32_OperatingSystem -computername $server).TotalVisibleMemorySize
        $memory = $mem*1kb/1gb
        $memory = "{0}GB" -f [int]$memory
        $myobj.Memory = $memory

        # Disk
        $disks = Get-WmiObject Win32_LogicalDisk -computername $server | Where-Object{$_.DriveType -eq 3}
        $diskSz = (Get-WmiObject Win32_LogicalDisk -computername $server | Measure-Object -SUM size).SUM
        $diskSize = $diskSz/1gb
        $diskSize = "{0:n2}GB" -f $diskSize
        $myobj.DiskSpace = $diskSize
        if(Get-WmiObject Win32_FloppyDrive){$floppy = "1.44"}else{$floppy = "NoFloppy"}
        if(Get-WmiObject Win32_CDROMDrive){$CD = "CDD"}else{$CD = "NO CD"}

        # Formating String and setting the Description Field on the Servers
        $string = "{0}/{1} Ram/{2}/{3}/{4}" -f $cpu,$memory,$disksize,$floppy,$CD
        $comp.psbase.invokeSet("Description",$string)
        $comp.psbase.CommitChanges()
        $myobj.CD = $cd
        $myobj.floppy = $floppy

        # Adding custom object for export CSV
        $myobjects += $myobj
    }
    else
    {
        Write-Host "$Server is NOT pingable"
    }
}
$myobjects | export-csv C:\ComputerInfo.csv

:: Aug.25.2007 :: Active Directory, Powershell, Scripting :: 8 Comments »

Dealing iADSLargeInteger in Powershell

I have spent some time recently working with attributes in AD that get returned as iADSLargeInteger. This has been problematic as Powershell does not natively support iADSLargeInteger. In my travels I have come across three different ways of getting this information (four if you consider using reflection,) but after much discussion on the NG (news group) and on IRC I think the best option is using System.DirectoryServices.DirectorySearcher.

Lets review the 4 options:

1) Use a thirdparty Snap-in that uses ActiveDS.dll like this one from MoW iADSLargeInteger Snap-in.

2) You can use VBScript Engine in Powershell Like this

function Convert-iADSLargeIntPropertyToInt64{
    param([string]$prop,[string]$ldapPath,[string]$server=([ADSI]"LDAP://rootdse").dnshostname,[switch]$verbose)
    $statement=@"
Set objType = getObject(""LDAP://$server/$ldapPath"")
Set objProp = objType.Get("$prop")
result = objProp.HighPart * (2^32) + objProp.LowPart
"@
    if($verbose)
    {
        Write-Host "+ Running Convert on $server"
        Write-Host "  - Property  : $Prop"
        Write-Host "  - Path      : "$ldapPath`""
        Write-Host "  - Statement : $statement"
    }
    $vbs = new-object -com MSScriptControl.ScriptControl
    $vbs.language = ‘vbscript’
    $vbs.ExecuteStatement($statement)
    [int64]$value = $vbs.Eval("result")
    return $value
}
 

3) Use System.DirectoryServices.DirectorySearcher MDSN Link

function Get-iADSLargeIntFromSearcher{
    param([string]$LdapPath,[string]$attribute = $(throw "Attribute Required"),[string]$server,[switch]$date)
    if($server){$de = [ADSI]"LDAP://$server/$LdapPath"}
    else{$de = [ADSI]"LDAP://$LdapPath"}
    $return = new-object system.DirectoryServices.DirectorySearcher($de)
    $value = ($return.findone()).properties[$attribute.ToLower()]
    if( $date)
    {
        [datetime]::FromFileTime([int64]::Parse($value))
    }
    else
    {
        $value
    }
}

4) I wont go in to much detail using Reflection, but it is still valid option. Get more info HERE. The function below is a MoW version.

function ConvertADSLargeInteger([object]$adsLargeInteger)
{
    $highPart = $adsLargeInteger.GetType().InvokeMember("HighPart",‘GetProperty’, $null, $adsLargeInteger, $null)
    $lowPart  = $adsLargeInteger.GetType().InvokeMember("LowPart",‘GetProperty’, $null, $adsLargeInteger, $null)

    $bytes = [System.BitConverter]::GetBytes($highPart)
    $tmp   = [System.Byte[]]@(0,0,0,0,0,0,0,0)
    [System.Array]::Copy($bytes, 0, $tmp, 4, 4)
    $highPart = [System.BitConverter]::ToInt64($tmp, 0)

    $bytes = [System.BitConverter]::GetBytes($lowPart)
    $lowPart = [System.BitConverter]::ToUInt32($bytes, 0)

    return $lowPart + $highPart
}

Here is a list of attributes that are stored as iADSLargeInteger. I used the function at the bottom to generate this list.
—————–
accountExpires
aCSAggregateTokenRatePerUser
aCSAllocableRSVPBandwidth
pekKeyChangeInterval
aCSMaxAggregatePeakRatePerUser
aCSMaxPeakBandwidth
aCSMaxPeakBandwidthPerFlow
aCSMaxTokenBucketPerFlow
uSNChanged
aCSMaxTokenRatePerFlow
uSNCreated
aCSMaximumSDUSize
uSNDSALastObjRemoved
aCSMinimumDelayVariation
aCSMinimumLatency
uSNLastObjRem
aCSMinimumPolicedSize
uSNSource
aCSNonReservedMaxSDUSize
aCSNonReservedMinPolicedSize
aCSNonReservedPeakRate
aCSNonReservedTokenSize
aCSNonReservedTxLimit
aCSNonReservedTxSize
aCSPermissionBits
mS-SQL-Memory
mS-SQL-Status
mS-SQL-Size
lastBackupRestorationTime
lastContentIndexed
lastLogoff
lastLogon
lastLogonTimestamp
lastSetTime
badPasswordTime
builtinCreationTime
builtinModifiedCount
priorSetTime
msWMI-Int8Default
lockOutObservationWindow
msWMI-Int8Max
lockoutDuration
msWMI-Int8Min
msWMI-Int8ValidValues
lockoutTime
privilegeValue
lSACreationTime
lSAModifiedCount
proxyLifetime
machinePasswordChangeInterval
pwdLastSet
maxPwdAge
maxRenewAge
maxStorage
maxTicketAge
creationTime
rIDAllocationPool
rIDAvailablePool
rIDPreviousAllocationPool
minPwdAge
rIDUsedPool
minTicketAge
modifiedCount
modifiedCountAtLastProm
dhcpFlags
dhcpMaxKey
dhcpUniqueKey
dhcpUpdateTime
msDS-Cached-Membership-Time-Stamp
forceLogoff
timeRefresh
timeVolChange
——————-

function Get-iADSLargeIntegerAttribute{
    param([string]$domain)
    if($domain){$rootDSE = [ADSI]"LDAP://$Domain/rootDSE"}
    else{$rootDSE = [ADSI]"LDAP://rootDSE"}
    $schema  = [ADSI]"LDAP://$($rootDSE.schemaNamingContext)"
    $filter = "(&(objectclass=attributeschema)(attributesyntax=2.5.5.16)(omsyntax=65))"
    $props = ("ldapdisplayname")
    $dsearcher = new-Object System.DirectoryServices.DirectorySearcher($schema,$filter,$props)
    $dsearcher.findall() | %{Write-Output "$($_.Properties['ldapdisplayname'])"}
}
 

UPDated highlighting Code

:: Aug.13.2007 :: .NET, Active Directory, HowTo, Powershell :: 1 Comment »