Posts RSS Comments RSS 253 Posts and 411 Comments till now

Regular Expression Info and Tips for Powershell

One of the most useful tools a scripter has at their disposal is Regular Expressions. The problem is that regular expressions can seem like Greek and for most folks learning them can seem an impossible task. I hope this blog post provides those people some hope as well as some tools they can use to tackle this mountain one foot at a time.

NOTE: I would like to make this blog entry as dynamic as possible, so if you have your own tips… let me know and I will add them.

Everyone is different, but this is how I went about learning Regular Expressions

  • Phase one: Learn EXACTLY what a regular expression is and what it can and can NOT do.
  • Phase two: Learn the syntax. I printed out the RegEx Cheet Sheet and use it daily.
  • Phase three: Find a purpose. I find if I actually have a problem I spend more energy on learning.
  • Phase four: Create a simple Regular Expression.
  • Phase five: Build on your Regular Expression.
  • Phase six: Trouble shooting the Regular Expression.

Useful Tips:

  • First things first… Click here and watch the vids
  • Keep a cheat sheet close at hand!
  • Take them in small bites. I hope to blog in detail about this later, but lets just say string concatenation is your friend
  • Keep it simple!
  • $matches is your friend! $matches is an object that Powershell creates when you make a RegEx call (like -match.)
  • Google It. Chances are there is Regex already out there for what you need.
  • Using Lables can save you time by extracting certain data and making it a property on $matches.
  • RichardP from IRC says “Dont eat yellow snow?” Apparently he has experience in this area.

Online Vids:
This is GREAT stuff provided by Shay (aka scriptfanatic)

Good Blog Entries:
MoW at it again.

RegEx Cheet Sheet (my Favorite)
Regular Expression Library

Online Regex Checkers:
RegEx Tester (my Favorite)
Regular Expression Library Tester

Mastering Regular Expressions (my Favorite)
Regular Expression Recipes for Windows Developers

RegEx Buddy

Cool new blog to watch (up and coming Powershellite)

I often run into blogs while googling for stuff at work and when I find good ones I like to share.

I found this one looking for NC373i driver info and it turned out to be a great blog and not just because it answered my question, but it has a solid focus on engineering type tasks (like debuggin and scripting.)

Anyway here it is:

p.s. Funny story, The evening before I found his blog we had an email conversation regarding Powershell (we have a common friend Brian Puhl.) His blog never came up, but the next day I was googling something completely unrelated and his blog was the first hit… how crazy is that?

It is a Poll day for me (This one is from Citrix)


Tracing LDAP calls with Powershell

Spat had an eerily coincidental blog post the other day (HERE). The reason I say eerily is because the night before I was fighting trying to get a LDAP trace, this trace was to help figure out EXACTLY how SDS.ActiveDirectory got replication cursors from a Domain Controller (another joe Richards discussion.) Anyway, I digress, I found the blog entry EXTREMELY useful as it allowed me to get what I needed. I proceeded to leave a comment suggesting that this looked like a good job for Powershell as the resulting file from the tool is a CSV. This has led to a “challenge” from Spat and this is my response. I hope I did it justice.

Useful Links about Tracelog.exe
Details about TraceLog.exe
LDAP tracing with TraceLog
ADSI tracing with TraceLog

Details about Script

Here are the functions in the script

-flag: Hex value for the flags you want to pass (Default Value = “0x1FFFDFF3”)
-guid: GUID or File for tracing (Default Value = “LDAP”)
-SessionName: Unique Name for the actual trace (Default Value = “mytrace”)
-exe: The full name with extension of the EXE to add to registry to enable tracing. This only has to be done the first time you want to trace for an EXE.
[switch]Start: If set it enables logging. If not set, logging is disabled.
[switch]ADSI: If set it passes the ADSI GUID for tracing
[switch]LDAP: If set it passes the ADSI GUID for tracing

-Source: Trace (etl) file to convert to csv (Default Value = “.\ldap.etl”)
-file: File to set the results to (Default Value = “TraceResults.csv”)
[switch]$import: If set it will return a custom object with results

Below is a video that shows a demo of the script in use. I hope to do another one of these showing how to trace ADSI as well as LDAP. Make sure to read the Comments in Green. I tried to allow enough time. You can click to pause.

Download Tracelog Transcript (right click | Save Target As…)
Best Viewed Full Screen

Get the Flash Player to see this content.

Download Trace Log Functions (right click | Save Target As…)

function Trace-Log {
    Param($file = ".\ldap.etl",
        $flag = 0x1FFFDFF3,
        $guid = "LDAP",
        $SessionName = "mytrace",
    if($ADSI){$guid = "ADSI"}
    switch -exact ($guid)
        "LDAP"  {$myguid = ‘#099614a5-5dd7-4788-8bc9-e29f43db28fc’}
        "ADSI"  {$myguid = ‘#7288c9f8-d63c-4932-a345-89d6b060174d’}
        Default {$myguid = "’$_’"}
        Write-Host " Action: Start" -fore Yellow
        Write-Host " GUID:   $GUID" -fore Yellow
        Write-Host " File:   $file" -fore Yellow
        Write-Host " Flag:   $flag" -fore Yellow
        if($exe){Write-Host " Exe:    $exe" -fore Yellow}
        Write-Host " State: Disabled" -fore Red
    if(!(test-Path "HKLM:\System\CurrentControlSet\Services\ldap\tracing\$exe") -and $exe)
        new-Item -path "HKLM:\System\CurrentControlSet\Services\ldap\tracing" -name $exe | out-Null
        $cmd = "Tracelog.exe -start ‘$SessionName’ -f ‘$file’ -flag ‘$flag’ -guid ‘$myguid’"
        $cmd = "tracelog -stop $SessionName"
    Write-Host "==========================" -fore White -back black
    write-Host "Running Command:" -fore White
    Write-Host " ==> $cmd" -fore Yellow
    invoke-Expression $cmd
    Write-Host "==========================" -fore White -back black
function Convert-TraceFile{
    $cmd = "tracerpt.exe $Source -o $file -of CSV -y"
    invoke-Expression $cmd
        import-Csv $file

Powershell and MFCom (Citrix takes more steps)

Vishal Ganeriwala is hosting a webinar on the 29th of April on Powershell and MFCom. This is just another example of Citrix actively embracing Powershell.

It will cover some basic Powershell for those who do not have much XP with Powershell.
– What is an Object
– Properties
– Methods
– New-Object (-ComObject)

It will also cover how to create a Citrix Farm Object in Powershell and some of the interactive nature of Powershell
– Getting Farm Properties
– Getting Applications
– Getting Servers
– Getting Sessions

– Get Current Sessions Client Resolution

Citrix Script Repo (aka Exchange)

I was recently directed to a new website (for me at least) that contains a repository of Citrix related scripts. There are some pretty useful scripts posted (and I started adding some Powershell ones.) You should check it out

Script Exchange

I would also recommend RSS’ing Vishal blog (Dev at Citrix.) He has a passion for Powershell and I hope to see some awesome things from him in the future.

Vishal Ganeriwala’s Blog

Powershell Information Central (work in progress)

I have taken some time away from actual blogging and decided that I would try to provide a central location for Powershell information of all different levels.

Of course its not complete (not sure it will ever be,) but It is getting there. Please take some time to Check it out:
Powershell Information Central


1) Search: This is compressive Search of all the powershell blogs that have been submitted (over 25 so far.) It utilizes Google search engine. It works incredibly well.

2) Guides: This is biggest part of the project… Its gonna take some time and some help. Right now I have the FAQ provided by Mr. Shaw.

3) Blogs: A list of most of the blogs included in the search. If you find one missing… PM Me or Comment.

4) IDE’s: Links to the known Integrated Development Environment (IDE) for Powershell. Eventually I will add reviews as I use all of them on a daily basis.

5) Snap-Ins: Links to Snap-ins that make mine and others Powershell Experience much easier.

6) Books: A list of books that are currently or soon will be available on Powershell . ATM… its a list of all the ones I know, but I will trim/expand the list as I read them and can personally attest to the value of Book. Actually… since value is relative… maybe I will just rate them as a procure them.

7) Links: General list of all things Powershell.