Tag Archives: powershell

PowerShell Quick Tip- Letter Frequency

With a list of Surnames in a text file I wanted to see how many start with A, how many with B, and so on. This is my PowerShell solution:

(Get-Content .\surnames.txt).Substring(0,1).ToUpper() |
  Sort-Object | Group-Object |Select-Object Name, Count

Example Input (surnames.txt file):

Adams
Smith
Jones
Bloggs
...

Example Output:

Name Count
---- -----
A      162
B      372
C      365
D      193
E      187
F      198
G      154
H      321
...

Advert:

Checking Encryption Status of Remote Windows Computers

Using the manage-bde command you can check the Bitlocker encryption status on both the local Windows computer but also remote devices on the local area network. For example, to check the encryption status of the C: drive on the computer “WS12345” the following command could be used

manage-bde -status -computername WS12345 C:

and the results might look something like this:

BitLocker Drive Encryption: Configuration Tool version 10.0.14393
Copyright (C) 2013 Microsoft Corporation. All rights reserved.

Computer Name: WS12345

Volume C: [OSDisk]
[OS Volume]

Size:                 237.99 GB
BitLocker Version:    2.0
Conversion Status:    Fully Encrypted
Percentage Encrypted: 100.0%
Encryption Method:    AES 256 with Diffuser
Protection Status:    Protection On
Lock Status:          Unlocked
Identification Field: None
Key Protectors:
    Numerical Password
    TPM

Expanding on this we could wrap some PowerShell around the command and read in a list of hostnames from a text file and report on the encryption status of each.

Firstly we need to format the output of manage-bde to only show us the value of the “Conversion Status” field- PowerShell’s string manupulation can come in handy here- we can locate the “Conversion Status” line, check that it is present (if the computer is not on the network, or access is denied the manage-bde command will not return a status), and then trim back the line so we only have the value of the field. For example:

#Check the Encryption Status of the C: drive, filter to the Conversion Status line
$EncryptionStatus=(manage-bde -status -computername "$hostname" C: | where {$_ -match 'Conversion Status'})
#Check a status was returned.
if ($EncryptionStatus)
{
  #Status was returned, tidy up the formatting
  $EncryptionStatus=$EncryptionStatus.Split(":")[1].trim()
}
else
{
  #Status was not returned. Explain why in the output
  $EncryptionStatus="Not Found On Network (or access denied)"
}

Once this is working, it’s just a case of reading in the text file using the get-content cmdlet and outputting a result. The full code (Get-EncryptionStatus.ps1) I used is available for downloading and/or improving on GitHub here- https://github.com/isjwuk/get-encryptionstatus

Finding Deprecated VMFS Volumes

Following an upgrade to vSphere 6, hosts popped up an error message reporting that some old VMFS volumes were found on the host. Whilst these still worked, it would be prudent to tidy them up and replace them with modern datastores. The message is:

“Deprecated VMFS volume(s) found on the host. Please consider upgrading volume(s) to the latest version”

image

Whilst this highlights that there is an issue, the GUI message doesn’t indicate which volumes (or how many) are affected. The following quick bit of PowerCLI produces a table of the datastores with a VMFS version of less than 5.

Get-Datastore |
 Where-Object { $_.ExtensionData.Info.VMFS.MajorVersion -lt 5} |
 Select-Object Name, FreeSpaceGB, CapacityGB, @{n='VMFS Version';e={$_.ExtensionData.Info.VMFS.MajorVersion}}

Example Output:

Name           FreeSpaceGB CapacityGB VMFS Version
----           ----------- ---------- ------------
VOL-VM01            574.77    2047.75            3
VOL-VM02           1924.05    2047.75            3
The Home Lab

Automated Deployment in the HomeLab- Part 1

I’m commencing a project with my HomeLab- I’m going to build a system whereby I can produce custom mini-lab environments by means of a script. There are off the shelf solutions to do this (see AutoLab as an example) but if I build this myself I get something tailored exactly to my needs (and available resources) and hopefully learn something along the way- which is what the HomeLab is all about really. This is the first post in what should develop into a series showing how I work through the process to create my automation system.

 

The Aims

a.k.a. what I want to achieve

  • ExampleMiniLabThe ability to run a script to deploy a predefined lab environment. For example running “Build-Project-Lab-One.ps1” makes 3 Windows Server VMs, connected on a private switch, with one running AD/DNS/DHCP roles, one acting as a Gateway, and one ready for whatever experiment I throw at it
  • The ability to quickly and easily modify a copy of that script to produce a lab with a different configuration. Then I can have a script that builds me a WDS platform, or another one that produces a SCOM test environment. I can use this library to quickly rebuild, or build a copy of, and of my environments within the HomeLab
  • This script should also create a second script for decommissioning  /destroying the lab environment when I’ve finished.
  • Whilst perhaps not meeting full “production” standards, the scripts should be at least in a state whereby I can post them online and not have to hide in a cave for the next decade whilst they get laughed at.

 

The Resources

a.k.a. what I have to play with

  • One Intel NUC host running vSphere ESXi 6 providing some compute, memory, storageIntel NUC
  • One VMUG Advantage Subscription complete with VMware EVAL Experience licensing- this provides VMware vCenter amongst other things.
  • One Microsoft DreamSpark Subscription and Microsoft Evaluation Licensing (see “Microsoft Licensing” on the Open Homelab Project for details on how to get these)
  • Me with my knowledge of Windows, vSphere, PowerShell, PowerCLI, and how to Google for stuff.
  • The community who not only kindly put content up on the internet for me to Google for but also are there for me to tweet, slack, and (shock, horror) talk to when I encounter problems or lose direction.

 

The Plan

a.k.a. How I’m hoping to achieve those aims with those resources.

To do all this I’m starting out by preparing a vSphere template of Windows Server 2012R2. I can deploy this- with customisations- using PowerCLI to form the building blocks of the lab environment. Once I have Windows VMs deployed I need to be able to configure them- this is where PowerShell remoting will come in handy- I can deploy roles and features and do some basic configuration. I’ll put together a PowerShell function to do all that. This function can then be re-used in the script to deploy multiple VMs with different configurations. For example:

CreateVM "Server1" $TemplateName $CustomizationSpec "Web-Server"
CreateVM "Server2" $TemplateName $CustomizationSpec "WDS"

I’ll use PowerCLI to deploy a private network within the Hypervisor and connect the VMs to it. This method will also be used to configure the connections to the gateway -one NIC pointing at the private switch and one at the internet-facing vSwitch already in place.

Some more in-depth PowerShell (possibly also arranged into reusable functions) to do the in-depth configuration of the roles. For example, when the script completes I want the Active Directory to be up and running, the Gateway providing an internet connection to the VMs, the VMs getting IP addresses from the lab DHCP and domain-joined. Basically I want to be able to run the script, make a brew, and come back and find a fully configured system ready to go.

 

Coming Soon- Part 2, full of scripting goodness.