Deleting User Profiles

“How do I delete old users from a Windows 10 computer? I log in as an administrator, navigate to c:\Users\, and delete their tree.”

NO!  In fact, HELL NO!

There are several reasons why you might want to delete a user profile from a computer. ranging from termination of employment to reallocation of systems to… well, you get the picture.  There are a few of ways you can do it, but there are only a couple of ways of doing it right,

Recently I was working with a client who encountered a situation where a few of his domain users’ local profiles were corrupted on a corporate system.  I told him that the simplest way of fixing the issue was to delete the user profile, so that when the user next logged on, it would re-create the profile for them.  They called me back a few minutes later reporting that they were now receiving the following message when the affected users logged in:

We can’t sign in to your account.  This problem can often be fixed by signing out of your account then signing back in.  If you don’t sign out now, any files you create or changes you make will be lost.

Okay, that led me to believe they had simply deleted the c:\Users\%username% directory, and we had to clean up that mess in the registry (under “KEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList”, delete any entries that have the .BAK extension).

Okay… now that we have learned how NOT to do it, here’s how you should do it:

1) Open Control Panel > System and Security > System in the affected machine.  The simplest way to do this in the more recent releases of Windows 10 is to click Run – sysdm.cpl.

3) In the Advanced tab of the System Properties window, in the User Profiles section, click Settings…

image

4) In the User Profiles window, click on the user you want to delete, and click Delete.

image

**NOTE: You will not be able to delete the account you are logged in as, nor the default Administrator account.

Of course, you will be asked if you are really really sure that you want to delete the account, and you can click Yes or No as you wish.

There are ways to do it in PowerShell… but they don’t seem to be very clear or very easy.  For this one time, I strongly suggest the GUI.

Advertisements

What is in a Name?

Recently a client asked me to build a series of virtual machines for them for a project we were working on.  No problem… I asked what they should be named, and the client told me to call them whatever sounded right.

That did not sound right… or at least, it turned out to not be right.  Indeed, the client had an approved server naming convention, and when the manager saw my virtual machines named VM1, VM2, VM3, and so on… he asked me to change them.

If we were talking about a single server, I would have logged in and done it through Server Manager.  But there were fifteen machines in play, so I opted to use Windows PowerShell from my desktop.

Rename-Computer –ComputerName “VM1.domain.com” –NewName “ClientName.domain.com” –DomainCredential domain\Mitch –Restart

The cmdlet is pretty simple, and allowed me to knock off all fifteen servers in three minutes.  All I needed was the real names… and of course my domain credentials.

The cmdlet works just as well with the –LocalCredential switch… in case you aren’t domain joined.

image

That’s it… have fun!

Default Gateway Corrections

PowerShell.jpgThe default gateway setting in Windows (and every other networked operating system) is a simple setting that tells your network interface card (NIC) where to send traffic when sending it outside of your domain segment.  More often than not, it will be the .1 address of a network segment (e.g.: 10.0.0.1), but that is not always the case.

It is one of those settings that you set once and forget it… It almost never needs to be changed… until it does.  Network reconfigurations do happen, and changing the default gateway is simple to do in the graphical user interface via the Properties window of your network interface, simply by modifying the appropriate field in the  Internet Protocol Version 4 (TCP/IPv4) properties.

But what if you need to do it for several machines?  Of course, PowerShell to the rescue!

First, you need to check what your NIC Interface Index is:

Get-NetIPConfiguration

This will give you an output that looks like this:

Get-Alias

As we see in this example, the server was moved from one network segment (10.128.43.x/24) to a new one (10.128.11.x/24).  Because of that, we need to assign a new Gateway in the proper network segment.

The Interface Index here lists as 3.  Remember that.

Before we add the new Gateway, we have to remove the old one.  Otherwise the NIC will have two gateways, and that can cause issues.

Remove-NetRoute -ifindex 3 -NextHop “10.128.43.1”

Notice that we put in 3 for the ifindex (the Interface Index), and the old gateway in quotes.

Now that we have a clean slate, all we have to do is configure the new default gateway, with this:

New-NetRoute -interfaceindex 3 -NextHop “10.128.11.1” -destinationprefix “0.0.0.0/0”

Again, we change our interfaceindex to 3, and our NextHop to the proper gateway.  When you run these two commands, you should get the following output:

Done

That’s all there is to it!  Of course, you may want to execute this script against a group of computers, but that’s for another time…

 

 

 

SCOM Prerequisites: A Web of Confusion

Microsoft’s System Center Operations Manager (SCOM) has several prerequisites that must be installed for each component, and frankly, some of those can be cumbersome to get around.  Of course, it is nice for the SCOM installation console to let us know that Report Viewer (a free download from Microsoft, link provided in the notifications window) is a prerequisite… but they do not tell you that System CLR Types for SQL Server 2014 are a prerequisite to Report Viewer, no link given (spoiler alert: it is a component of the SQL Server 2014 Feature Pack).

Of all the components, it is the SCOM Web Console that has the most prerequisites, and frankly some of them are easier to install than others.

WebConsole Prerequisites

We have our work cut out for us, it would seem… unless we use PowerShell!

Yes, we could much our way through the Add Roles & Features wizard in Server Manager… and if you are only installing it the once, then that is probably fine.  If you are a consultant and expect to be installing SCOM more than once in your client environments, I strongly suggest you grab these PowerShell scripts.

Of course, the Report Viewer Controls Check is still going to fail, but those prerequisites are really easy – the link for the Report Viewer is here, and I hope you took the opportunity to install the SQL Server 2014 Feature Pack before you do that.

Script:

Import-Module ServerManager

Add-WindowsFeature NET-Framework-Core,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-Http-Logging,Web-Request-Monitor,Web-Filtering,Web-Stat-Compression,Web-Metabase,Web-Asp-Net,Web-Asp-Net45,Web-Windows-Auth,NET-HTTP-Activation,NET-WCF-HTTP-Activation45 -restart

This should do it… you will need to reboot the server in order for a few things to register properly (ISAPI and CGI and all sorts of stuff), but when you restart the installer and check your prerequisites…

Prerequisites Passed

That’s what we want to see… so in a few minutes time (the web console really does not take a long time to install) you should be able to navigate to https://servername/OperationsManager and you will see…

WebConsole

Now go forth and script, my good man!

I am heading out of town for a week or R&R… See you next Friday!

SCOM Management Packs: Removing Foreign Languages

When you go to add Management Packs (MPs) to System Center Operations Manager, there is that temptation to be lazy and just add everything.  This will clog your environment with a lot of things you do not need… including MPs in languages that you likely do not speak, read, or care about (within the context of your SCOM environment).

Once you realize this is a lousy idea, it is usually too late… you’ve already done it.  You will want to clear out a lot of things… starting with those foreign languages.

You can delete them one by one of course… right-click on the MP, click Remove (or Delete).  This will be reasonably time consuming… so when this happened to me some time ago, I went looking online for a better solution.

John Savill, an IT writer and Microsoft MVP whom I have known and respected for many years, created a great script that I found.  I found it again recently in an article he wrote for IT Pro Today.  Essentially, it removes every MP that has a geo-tag (.KOR for Korean, .ITA for Italian, and so forth).

From the Operations Manager Shell, enter (or cut and paste) the following:

Get-SCOMManagementPack | where{($_.Name.Substring($_.Name.Length -4,4) -eq “.CHS”) -or ($_.Name.Substring($_.Name.Length -4,4) -eq “.KOR”) -or ($_.Name.Substring($_.Name.Length -4,4) -eq “.CHT”) -or ($_.Name.Substring($_.Name.Length -4,4) -eq “.ITA”) -or ($_.Name.Substring($_.Name.Length -4,4) -eq “.JPN”) -or ($_.Name.Substring($_.Name.Length -4,4) -eq “.RUS”) -or ($_.Name.Substring($_.Name.Length -4,4) -eq “.FRA”) -or ($_.Name.Substring($_.Name.Length -4,4) -eq “.PTB”) -or ($_.Name.Substring($_.Name.Length -4,4) -eq “.DEU”) -or ($_.Name.Substring($_.Name.Length -4,4) -eq “.ESN”) -or ($_.Name.Substring($_.Name.Length -4,4) -eq “.HUN”) -or ($_.Name.Substring($_.Name.Length -4,4) -eq “.NLD”) -or ($_.Name.Substring($_.Name.Length -4,4) -eq “.PLK”) -or ($_.Name.Substring($_.Name.Length -4,4) -eq “.PTG”) -or ($_.Name.Substring($_.Name.Length -4,4) -eq “.SVE”) -or ($_.Name.Substring($_.Name.Length -4,4) -eq “.TRK”) -or ($_.Name.Substring($_.Name.Length -4,4) -eq “.CSY”)} | Remove-SCOMManagementPack

(Note: John’s original script excluded a number of languages; I have modified the script to include Hungarian, Dutch,  Polish, Portuguese, Swedish, Turkish, and Czech. I do not know if these are languages that were added to Management Packs recently, but I found several with these and wanted to remove them as well.)

Depending on how many foreign language MPs you have, it might take some time… After all, it is going through and removing them individually the same way that you would… but without having to right-click, click, confirm, repeat.  So be patient… it is working!

(Note: While it is working, you will not be able to access the Operations Console… at least, not from the same system you are running the script on.)

RemoveSCOMMPs

The article I found it in is here, and while it was originally written for SCOM 2012, it works just as well for SCOM 2016.

Thanks John!

Operations Manager: How to List What Management Packs Are Installed?

A client asked me recently how to determine what Management Packs he had installed in his System Center Operations Manager (SCOM) infrastructure.  I told him to open his Management Console and navigate to Administration – Installed Management PacksIt was a short conversation.

SCOM Installed MPs

Easy peasy, right?  Here’s a list, go with G-d.  Twenty minutes later, my phone rings again.

“Mitch, how can I export that list so that I can include it in our Infrastructure Documentation?”

Aha… That is a different kettle of fish.  For this, we will go into the Operations Manager Shell, essentially the PowerShell console for SCOM.  The command most people seem to recommend, to stick to pure PowerShell scripting, would be:

Get-SCOMManagementPack |ConvertTo-Csv | Out-File c:\MPs\InstalledMPs.csv

This will give you a .CSV (comma separated values) file with the following information:

  • Name
  • TimeCreated
  • LastModified
  • KeyToken
  • Version
  • ID
  • Identifier
  • VersionID
  • References
  • Sealed
  • ContentReadable
  • FriendlyName
  • DisplayName
  • Description
  • DefaultLanguageCode
  • ActiveLanguageCode
  • LockObject
  • Store
  • SchemaVersion
  • OriginalSchemaVersion
  • Registry
  • Extensions
  • LifetimeManagers
  • Features
  • ImageReferences
  • EntityTypes
  • ManagementPacks
  • Presentation
  • Monitoring
  • DerivedTypes

…in other words, way more information than we need.  I generally cheat and use the following (from my Batch File days):

Get-SCOMManagementPack >”c:\MPs\InstalledMPs.txt”

This creates a text file with exactly what would be displayed if I ran this cmdlet on the screen…

SCOM Installed MPsTXT

Ok, that is a lot more useful than the whole CSV list, but I might want to select only the columns I want, and not the ones that PowerShell thinks I want.  Let’s try this:

Get-SCOMManagementPack | Select-Object Name,FriendlyName,Description | ConvertTo-Csv | Out-File c:\MPs\InstalledMPs.csv

Now I have a usable file (.csv imported into Excel is a lot more useful than a text file that I can only manipulate in Notepad), that has exactly the information I want… in this case, I have the Name, the Friendly Name, and the Description.  My output might now be formatted to look like this:

SCOM Installed MPs-Formatted

Much better, don’t you think?  If we are doing this for the sake of documentation, we should be able to make it as legible as possible.

Of course, you can choose your objects (columns) as you choose… just replace the names in my Select-Object entry with the ones you want (from the list above, separated by commas).  Then you can import your list into Excel.  Do not try to open the file in Excel by double-clicking… that will not do anything with your CSV formatting, and it gets ugly.

Have fun!

SCOM License – Upgrade?

The installation of System Center Operations Manager (SCOM) 2016 does not ask you anywhere to enter a license key.  Then when you run the Operations Console, you are shown a required task to Upgrade to full version.  When you click on the link, it opens a website that is less than helpful.

SCOM Upgrade to Full

In fact, when you open the Help – About, you get a nice screen that says the product is not licensed to anyone, and you are using an Eval copy.

SCOM Unlicensed

All this is saying is that we have not yet entered a product key for SCOM.  For reasons I have never quite understood, there is no way to enter the license key in the GUI; you have to enter it in the Operations Manager Shell (essentially the PowerShell for SCOM), and you have to do it directly from the Management Server.

The command is: Set-SCOMLicense -ProductID “XXXXX-XXXXX-XXXXX-XXXXX-XXXXX”.

SCOM ProductID

Once you do this, the Upgrade Required notice will disappear (when you restart the Management Console), and your product version in the About section will now appear as Retail.

SCOM Licensed

Note: If you have any problems getting this to work with the Shell, try running the Operations Manager Shell as Administrator.

Active Directory Recycle Bin

A few years ago, Microsoft introduced the Active Directory Recycle Bin to Windows Server.  Wonderful!  It is not enabled out of the box, but it is reasonably simple to enable… except, it is not.

Firstly, you can do it in the GUI… Open the Active Directory Administrative Center, navigate to local (local), and then in the Actions Pane click Enable Recycle Bin…  You will get a warning about how serious this is – that is, it is irreversible.  Thanks, let’s go ahead.  We’re done.

The other way to do it, and obviously my preferred method, is with PowerShell.  Use the following cmdlet:

Enable-ADOptionalFeature –Identity ‘CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=local,DC=domain,DC=name’ –Scope ForestOrConfigurationSet –Target ‘local.domain.name’

Once again, you will get a warning that “Enabling ‘Recycle Bin Feature” is an irreversible action! You will not be able to disable ‘Recycle Bin Feature’ on ‘CN=Partitions,CN=Configuration,DC=local,DC=domain,DC=name’ if you proceed.”

(Yes, the warning is in orange… not my choice)

You press YES, you go ahead, and it’s done…

…or IS IT?

“A referral was returned from the server”

This error can come equally and identically from the GUI as from PowerShell… It simply means, THIS DID NOT WORK.

I have read all sorts of articles and forums on this, people telling people that they had the syntax wrong.  “Change single quotes to double quotes, or remove the quotes, that’s what will work.”  Some of these may be accurate.  In my experience, it is not a syntax error.

There are five (5) Flexible Single Master Operations (FSMO) roles on our domain.  Two of these, namely the Schema Master and the Domain Naming Master have to be on the same domain controller in order for this to work.  Otherwise… no.

I should also take a moment to mention that anytime you are doing anything with the Schema Master role, you have to be a member of the Schema Administrators security group.  I hear from people all the time ‘…but I am a member of the Enterprise Admins group!’ Nothing doing… except that, if you are a member of the EA group, you can add yourself pretty easily to the SA group.

So… transfer the Schema master role and you will be fine.  Good luck!

Oh yeah… here’s how.

  1. Use ntdsutil.exe.  I will not bore you with the details… somewhere under roll – connections – servers – bla bla bla.
  2. Use PowerShell.  Here’s your cmdlet:

Move-ADDirectoryServerOperationMasterRole -Identity “Target-DC” -OperationMasterRole SchemaMaster

Let me know if you run into any further issues, but this should solve it for you!

DCPromo No More… PowerShell!

I needed to build a new domain controller for a friend’s company recently.  It is something that I have done so many times over the past two decades that some things are just instinctive… like typing dcpromo to create a domain controller.

dcpromo

Right… I had forgotten about that.  dcpromo has been deprecated.

You could go through the process of doing it through the Server Manager, but it really is more work than is needed.  Instead, try the following PowerShell script::

#################
#
# Script to create Active Directory Domain Controller.
# Written by Mitch Garvis for Cistel Technologies Inc.
#
# Enjoy!
#
#################

# Install Active Directory

Install-WindowsFeature AD-Domain-Services -IncludeManagementTools

# Create Domain Controller

Import-Module ADDSDeployment
Install-ADDSDomainController `
-NoGlobalCatalog:$false `
-CreateDnsDelegation:$false `
-CriticalReplicationOnly:$false `
-DatabasePath “C:\Windows\NTDS” `
-DomainName “domain.com” `
-InstallDns:$true `
-LogPath “C:\Windows\NTDS” `
-NoRebootOnCompletion:$false `
-SiteName “Default-First-Site-Name” `
-SysvolPath “C:\Windows\SYSVOL” `
-Force:$true

That should do it… just change where it says ‘domain.com’ to whatever domain you want to use.  Run it.  In a couple of minutes, you will be asked to enter a Safe mode Admin password.  A few minutes after that, you should have a brand new domain controller.

Remember, depending on the size of your Active Directory, it may take several hours to replicate to the new DC… so give it time 🙂

Renaming Files en Mass…

Nikon D5100I take a lot of pictures… not only with my phone, but also with my Nikon DSLR camera.  It is one of my hobbies… I am not very good at it, but I enjoy it nonetheless.

Keeping track of hundreds or thousands of pictures is easy, as long as you copy them into the appropriate directory in your computer.  It is easy to keep track, so I might have the following files in a directory:

Volume in drive E is SWMI Blue-2T
Volume Serial Number is 9ED7-318E

Directory of E:\Holiday Snaps

2017-12-19  03:26 PM    <DIR>          .
2017-12-19  03:26 PM    <DIR>          ..
2017-12-19  03:26 PM                 0 dir.txt
2008-05-25  03:54 PM         3,102,650 DSC_0001.JPG
2008-05-25  03:55 PM         3,107,741 DSC_0002.JPG
2008-05-25  03:54 PM         3,102,650 DSC_0003.JPG
2008-05-25  03:55 PM         3,107,741 DSC_0004.JPG
               5 File(s)     12,420,782 bytes
               2 Dir(s)  280,903,417,856 bytes free

That is great… except for the fact that if I search my hard drive for a file named DSC_0004.JPG, I might have hundreds of them, depending on how my camera is configured. So what I like to do is rename all of my files from a specific event, like so:

E:\Holiday Snaps> ren DSC_0*.* HolSn*.*

E:\Holiday Snaps> dir

Volume in drive E is SWMI Blue-2T
Volume Serial Number is 9ED7-318E

Directory of E:\Holiday Snaps

2017-12-19  03:30 PM    <DIR>          .
2017-12-19  03:30 PM    <DIR>          ..
2017-12-19  03:26 PM               553 dir.txt
2017-12-19  03:30 PM                 0 dir1.txt
2008-05-25  03:54 PM         3,102,650 HolSn001.JPG
2008-05-25  03:55 PM         3,107,741 HolSn002.JPG
2008-05-25  03:54 PM         3,102,650 HolSn003.JPG
2008-05-25  03:55 PM         3,107,741 HolSn004.JPG
               6 File(s)     12,421,335 bytes
               2 Dir(s)  280,903,417,856 bytes free

Great… I now have my files named HolSn (for HOLiday SNaps).  If I only go on holiday once in my life, I am set.

What I want to be able to do is to rename the files with more descriptive names… like Havana July 20170001.JPG, and so forth… and if I only have four or five pictures, that is easy enough.  With hundreds and often thousands of pictures, it can be ridiculously laborious.  So instead, we are going to use some old Command Prompt/Batch Magic.  Watch this:

E:\Holiday Snaps>for /f %a in (*) do ren “%a” “Havana July 2017 %a”

E:\Holiday Snaps> dir

Volume in drive E is SWMI Blue-2T
Volume Serial Number is 9ED7-318E

Directory of E:\Holiday Snaps

2017-12-19  03:42 PM    <DIR>          .
2017-12-19  03:42 PM    <DIR>          ..
2017-12-19  03:42 PM                 0 dir.txt
2008-05-25  03:54 PM         3,102,650 Havana July 2017 DSC_0001.JPG
2008-05-25  03:55 PM         3,107,741 Havana July 2017 DSC_0002.JPG
2008-05-25  03:54 PM         3,102,650 Havana July 2017 DSC_0003.JPG
2008-05-25  03:55 PM         3,107,741 Havana July 2017 DSC_0004.JPG
               5 File(s)     12,420,782 bytes
               2 Dir(s)  280,903,409,664 bytes free

That is more like it.  So when you want to rename your files in a Command Prompt, just follow those easy steps.

POWERSHELL

Yes, I know… Command Prompt is out, PowerShell is in.  Also simple…

Get-ChildItem | Rename-Item -NewName { “Prefix_” + $_.Name }

This will do the same thing, but you have to be running a version of Windows with PowerShell… so, not Windows XP! Smile

PS E:\Holiday Snaps> ls

    Directory: E:\Holiday Snaps

Mode                LastWriteTime         Length Name
—-                ————-         —— —-
-a—-       2008-05-25   4:54 PM        3102650 DSC_0001.JPG
-a—-       2008-05-25   4:55 PM        3107741 DSC_0002.JPG
-a—-       2008-05-25   4:54 PM        3102650 DSC_0003.JPG
-a—-       2008-05-25   4:55 PM        3107741 DSC_0004.JPG

PS E:\Holiday Snaps> Get-ChildItem | Rename-Item -NewName { “Havana July 2017-” + $_.Name }
PS E:\Holiday Snaps> ls

    Directory: E:\Holiday Snaps

Mode                LastWriteTime         Length Name
—-                ————-         —— —-
-a—-       2008-05-25   4:54 PM        3102650 Havana July 2017-DSC_0001.JPG
-a—-       2008-05-25   4:55 PM        3107741 Havana July 2017-DSC_0002.JPG
-a—-       2008-05-25   4:54 PM        3102650 Havana July 2017-DSC_0003.JPG
-a—-       2008-05-25   4:55 PM        3107741 Havana July 2017-DSC_0004.JPG

PS E:\Holiday Snaps>

I hope this helps…. now if you don’t mind, for some reason I am thinking I should book a vacation!

Scheduling Server Restarts

If you manage servers you have likely come to a point where you finished doing work and got a prompt ‘Your server needs to reboot.  Reboot now?’  Well you can’t reboot now… not during business hours.  I guess you’ll have to come back tonight… or this weekend, right?

Wrong.  Scheduling a reboot is actually pretty easy in Windows.  Try this:

  1. Open Task Scheduler (taskschd.msc).
  2. In the Actions pane click Create Basic Task…
  3. Name the task accordingly… Reboot System for example.
  4. On the Task Trigger page click the radio button One Time
  5. On the One Time page enter the date and time when you want the server to reboot.
  6. image
  7. On the Action page select Start a program.
  8. On the Start a Program page enter the name of the program shutdown.exe.  In the Add arguments box enter /f /r /t 0.  This will force the programs to close, restart the server (instead of just turning it off), and set the delay time to 0 seconds.
  9. image
  10. Once you have done this your server will reboot at the precise time you want it to, and will come back up.

**NOTE: Don’t forget to check.  it is not unheard of in this world for servers to go down and not come back up as they are supposed to!

Do it in PowerShell!

Using PowerShell to script this will allow you to not only save the script, but also run it on remote servers.  From Justin Rich’s blog article I found this script:

register-ScheduledJob -Name systemReboot -ScriptBlock {

Restart-Computer -ComputerName $server -Force -wait

Send-MailMessage -From mitch@email.com -To mitch@email.com -Subject "Rebooted" -SmtpServer smtp.mail.com

} -Trigger (New-JobTrigger -At "04/14/2017 8:45pm" -Once) -ScheduledJobOption (New-ScheduledJobOption -RunElevated) -Credential (Get-Credential)

 

Have fun!

Resize Live Virtual Hard Drives

 

I have used Hyper-V for as long as there has been Hyper-V.  Today I use it much less than I once did, but it is still handy for running VMs on my laptop.  I run a particular VM called ‘Sandbox’ in which I do all sorts of things that I would not want to do on my live system… things that I can simply try and then wipe.

When I built the Sandbox VM I was spending a lot of time at home, and portability was not a huge issue.  I ran it on one of my external drives, and it worked fine.  I allocated 100GB and was good to go.

When I realized I was going to be on the road again I could just as easily take my external hard drive with me, but the shortage of USB ports on my Surface Pro meant making a decision… I was going to shrink the VHDX file and put it on my internal hard drive.

76GB free space.  That’s going to be a problem.

Step 1: Shrink your partitions

My 100GB virtual hard drive (.vhdx file) meant that somewhere within the VM I had a 100GB partition (or at least a few partitions that added up to that).  I had to shrink as much as I could.

  1. If you have a Pagefile.sys, Swapfile.sys, and Hiberfil.sys you should eliminate them now.  Remember that even if you turn off Memory Paging the files don’t disappear until you reboot.
  2. Defragment the disk.  We may not talk much about it anymore, but the old faithful defrag.exe C: still works. 
  3. Use the Disk Manager console to shrink your C: as much as you can… but not too much.  When I tried it I had the option to shrink it down to 11.5 GB… I’m pretty sure that would render my VM pretty useless.  Pick a number that works for you.  I chose 60GB.
  4. Using the diskpart tool delete any partitions at the end of your drive.  I had a 450MB Recovery partition on mine.

image

Because it was a Recovery (read: SYSTEM) partition I needed to do the following:

Select Partition 5

Delete Partition OVERRIDE

image

Good… Now we can shrink the VHDX file.

In the older versions of Hyper-V this would have meant shutting down the VM.  You don’t have to do that anymore… but you do have to run PowerShell as an Admin.  Once you do:

Step 2: Shrink your VHDX file

The cmdlet is easy…

  1. Navigate to the directory where you keep your VHD file;
  2. Resize-VHD -Path .\Sandbox-PC.vhdx -SizeBytes 60GB

It will only take a minute and you will be done.  Simple as pie!

Remotely Enable RDP

Like most IT Managers I manage myriad servers, most of which are both remote and virtual.  So when I configure them initially I make sure that I can manage them remotely… including in most cases the ability to connect via RDP (Remote Desktop).

But what happens if you have a server that you need to connect to, but does not have RDP enabled?  Using PowerShell it is rather simple to enable the RDP feature remotely:

Enter-PSSession -ComputerName computername.domain.com –Credential domain\username
Set-ItemProperty -Path ‘HKLM:\System\CurrentControlSet\Control\Terminal Server’-name “fDenyTSConnections” -Value 0
Enable-NetFirewallRule -DisplayGroup “Remote Desktop”
Set-ItemProperty -Path ‘HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp’ -name “UserAuthentication” -Value 1

That should get you going.  Good luck!

Wireless Networks: Know your strengths!

It is not uncommon for me to hear people complain that their wireless network is not stable, is not working properly, disconnects, is slow, and just isn’t good enough.

Unfortunately, unless you are a networking specialist, wireless connectivity is essentially a binary state: It works… or it doesn’t work. There are three things I ask people to check before I get involved:

  1. Wireless device driver issues (try downloading the latest driver);
  2. Interference (verify that there are no microwaves or wireless phones or devices between the computer and the nearest wireless access point;
  3. Distance to nearest wireless access point (move closer and try)

Of course, when we talk about interference or distance, there are a lot of factors, and while it can be binary insofar as ‘Yes there is a problem or No there isn’t a problem,’ the reality is that signPowerShellal strength is decidedly not binary.  Knowing what the signal strength is can be directly related to your answer.  So how do we check this in Windows?

Of course, many wireless adapters have their own software that will provide this information.  But that is no way to standardize things.

There is a quick PowerShell script that you can run though that will give you exactly what you need:

(netsh wlan show interfaces) -Match ‘^\s+Signal’ -Replace ‘^\s+Signal\s+:\s+’,””

Notice that we are using a netsh command, which you will agree is not PowerShell.  However if you try to run this in a basic Command Prompt it will come back with an error because if the command line switches.

I ran the script from my desk at Rakuten; I am sitting about fifteen feet from the nearest wireless access point (WAP), so my response is 99%.  I know that Rakuten (who just moved into their new offices last month, and spent a considerable amount of time planning for connectivity and productivity) wants all of their employees to have the best possible signal.

For the sake of ensuring I was not always going to get the same number I ran the same script sitting in a busy Starbucks location in Akasaka, where they are more concerned with patrons buying coffee than they are offering fast Internet.  Here are the results:

image

A paltry 79%… which may seem great, but when you take into account the entire room is maybe 15 metres by 20 metres you realize there is probably interference… until you account for the fact that there are another dozen patrons connected to the same single Access Point at the same time, and at least three of them that I can see are watching streaming videos.

Of course, many IT Support people will want to run this command remotely.  No problem:

Invoke-Command {(netsh wlan show interfaces) -Match ‘^\s+Signal’ -Replace ‘^\s+Signal\s+:\s+’,””} -ComputerName RemotePC

(Making sure you get all of the single and double quotes and regular and squiggly parentheses correct Smile).

Of course, if you have a group of users you who are complaining you can run it in a batch by using a Session:

$session=New-PSSession -ComputerName RemotePC1 RemotePC2 RemotePC3
Invoke-Command -session $session {(netsh wlan show interfaces) -Match ‘^\s+Signal’ -Replace ‘^\s+Signal\s+:\s+’,””}

Now that you can measure the wireless signal on your computer, you can

  • Determine if the signal is the problem, or if you have to look elsewhere;
  • See if you need to implement more access points, or distribute existing ones differently; and
  • Figure out where the best place to sit in the lunch room is when your favourite hockey team is playing when you have to work.

No go forth and administer!

How To Cheat With PowerShell

Admit it… you are a crappy coder.  You may be a pretty fair IT Professional, but you cannot script your way out of a paper bag.  There’s a support group for you.

Hi, my name is Mitch, and I’m a lousy scripter. 

Admittedly I have never been to an AA or NA meeting; I have never really done well with support groups, and the only addiction I ever had I kicked without anyone’s help.  However I’ve seen plenty of AA meetings on TV and in movies, and that’s how they usually start.

4214_Powershell%20blore-logo_png-550x0Recently I wrote an article called iSCSI Virtual Disks: If you have to make a bunch… Use PowerShell! Thanks to one of my loyal readers (who despite or because of their loyalty are always quick to point out when I make a mistake) I realized that despite saying that it did, the script did not actually connect the virtual disks to the iSCSI Target… and I had to find a way to do that before looking stupid for too long.

Here’s the problem… I’m not really a PowerShell guru, just a regular IT guy who realizes the amazing power of the tool.  And as was written in an article that went live this week (guest-written by a colleague and friend), while using Google to find samples of scripts is great, there are two spectacular tools to help you on your way. 

The first such tool is called Get-Help.  You can type that in PowerShell to find out about any cmdlet.  Cool!

However what do you do if you know there is probably a cmdlet, but you don’t know what it is?  Well, the second one is the Integrated Scripting Environment (ISE).  PowerShell’s ISE is the easiest way to build your scripts, whether they are simple, single-line cmdlets, or large, vast, flowing scripts that take up pages and pages.

Step 1: Run PowerShell ISE.  This is pretty easy, and if you haven’t figured it out, just click on the Start menu and type ISE.

Step 2: Select your Module.

image

The PowerShell ISE window is generally divided into three parts: A live PowerShell window, a scripting window, and the Commands list.  The Commands section is literally a list of every command and cmdlet in PowerShell… thousands of them.  However let’s say you know the command you are looking for has to do with iSCSI Targeting… select that Module from the drop-down list, and all of a sudden your thousands of commands turn to twenty-six.

What I want to do is to map a previously created iSCSI Virtual Disk to an iSCSI Virtual Target… so the top target (Add-IscsiVirtualDiskTargetMapping) sounds pretty spot-on. I’ll click on it, and if this is the first time clicking on a command for this module, I will get the following message:

To import the “iSCSITarget” module and its cmdlets, including “Add-IscsiVirtualDiskTargetMapping”, click Show Details.

SNAGHTML37e7dde

When I click Show Details, I am presented with several options.  These will differ for every cmdlet, and they will correspond to the optional (and required) command-line switches that I might need.

The Path is going to be the full name and path of the previously created iSCSI Virtual Disk.  In my case I created several, but they all look like q:\iSCSIVirtualDisks\Disk1.vhdxThat is what I am going to enter there.

The TargetName is the name of the target I created… in this case it might look like Target1.

It is important that you pay attention to the ComputerName box because as you saw in my previous article, I might name the iSCSI Virtual Disks (my VHDX files) the same thing on each host.  When I enter the ComputerName TargetServer1 PowerShell knows to look for Target1 on that server.  If you do not enter a ComputerName then it will assume that it should look on the local server… and that could be disastrous, especially if those VHDX files are already otherwise mapped and in use.

The Credential box is exactly what it sounds like… If your user account does not have credentials to execute a command on a remote system, you can use this box to specify alternate credentials.

The Lun box allows you to set the LUN (Logical Unit Number) of the virtual disk.  If you are not concerned by this, the default is for the lowest available LUN number to be assigned automatically.

If you want more help, notice that there is a blue circle with a ? right in the window.  Click on that, and you get a much more detailed Help dialog than you would get by typing Get-Help Add-IscsiVirtualDiskTargetMapping in the PowerShell window will pop up for you.  If you don’t believe me, try them both Smile

image

imageSee? I told you!

So let’s go ahead and populate those fields the way I said:

image

Once you populate them, there are three buttons at the bottom of the Commands console that you can use:

Run does exactly what you would think… it runs the command with the appropriate switches.

Insert puts the command and switches into your PowerShell (blue) window, but does not execute the command.

Copy is also pretty self-explanatory… it copies it to the clipboard for you to put in the scripting (white) window… or anywhere else you might want to insert it with a Ctrl-V.

So I don’t really know how to script, but I know what I want to accomplish… PowerShell ISE takes me from base-camp to the goal like a Sherpa guiding me on Everest.  Yet another way to love PowerShell… and get to know it better!