Advanced Windows PowerShell Scripting Video Training

Advanced Windows PowerShell Scripting Video Training
Advanced Windows PowerShell Scripting Video Training

Friday, March 24, 2017

Determine which Nodes have UAC Enabled with PowerShell

Wow!  It has been a while since I last blogged.  This has been a very busy year. Between my Navy activities and all the classes that I’m bringing online for clients, I am burning the candle at both ends.

As many of you know, my last day of a PowerShell class is “Project Day”.  One of the projects that I helped out with this week involved determining if UAC was enabled.  Utilizing the template we created in class and a check of the registry, we were able to:
  •         Remote to each client.
  •         Determine if the client was online.
  •         Report back the state of UAC.

I decided to advance the code just a little to make sure everything reports back as an object.  Below is that code.  Wish I had more time to explain it step by step, but I have to keep moving.  I only have 3 weeks to get everything done for PowerShell Conference Europe.

ForEach ($N in (Get-ADComputer -filter *).Name)
    $Obj = New-Object -TypeName PSObject -Property @{
        ComputerName = $Null
        UACEnabled = $Null
        Online = $False
        $Obj.ComputerName = $N
        $Data = Invoke-Command `
                -ComputerName $N `
                -ErrorAction Stop `
                -ScriptBlock {
                    (Get-ItemProperty `
                        -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System `
                        -Name EnableLUA).EnableLUA
        $Obj.Online = $True
        If ($Data = 1) {$Obj.UACEnabled = $True}
        Else {$Obj.UACEnabled = $False}
    Catch {$Online = $False}
    Write-Output $Obj

Wednesday, March 8, 2017

Demonstrating Hashing a File

I’m spending the week in San Diego delivering a Security+ class as part of my Annual Training for the United States Navy.  It has been a few years since my last Security+ class that I delivered to the US Air Force.  Since then, PowerShell has undergone a few version updates.  I decided to leverage one of the new cmdlets to help use demonstrate file hashing.

The group that we are working with this week is sharp and asking some really great questions.  There is a little confusion out there on what a hash is so I’m adding this to both my military and civilian Security+ classes. 


Demonstration of using a hashing algorithm to verify
file integrity.

ITC J. Yoder

Creation Date: March 7, 2017

Slide: Symmetric Algorithms

This code is designed to be ran inside of the PowerShell ISE.
Select the code in each step and press F8.

Tested on PowerShell 5.  Execute the command below to determine your
PowerShell version.

# Step 1 : Create a Folder Structure
New-Item -Path c:\ps\Original -ItemType Directory
New-Item -Path c:\ps\Copy -ItemType Directory

# Step 2 : Create a text file in the original directory.
"This is my text" | Out-File -FilePath C:\ps\Original\Data1.txt

# Step 3 : Create a hash for this file using SHA256
$HashOriginal = Get-FileHash -Path C:\ps\Original\Data1.txt

# Step 4 : View the hash.

# Step 5 : Copy the file.
Copy-Item -Path C:\ps\Original\Data1.txt -Destination C:\ps\Copy\Data1.txt

# Step 6 : Create a hash Of the copy using SHA256
$HashCopy = Get-FileHash -Path C:\ps\Copy\Data1.txt

# Step 7 : Test the hashes for equality.
$HashOriginal.Hash -eq $HashCopy.Hash

# Step 8 : Rename the copy.
Rename-item -Path C:\ps\Copy\Data1.txt -NewName C:\ps\Copy\Data2.txt

# Step 9 : Create a hash Of the renamed copy using SHA256
$HashRenamed = Get-FileHash -Path C:\ps\Copy\Data2.txt

# Step 10 : Test the hashes for equality.
$HashOriginal.Hash -eq $HashRenamed.Hash

# Step 11 : Modify the copy by adding a period to the end.
"This is my text." | Out-File -FilePath C:\ps\Copy\Data2.txt

# Step 12 : Create a hash Of the Modified copy using SHA256
$HashModified = Get-FileHash -Path C:\ps\Copy\Data2.txt

# Step 13 : Test the hashes for equality.
$HashOriginal.Hash -eq $HashModified.Hash

# Step 14 : View the hashes
Write-Host "Original : $($HashOriginal.Hash)" -BackgroundColor DarkGreen
Write-Host "Copy     : $($HashCopy.Hash)" -BackgroundColor DarkGreen
Write-Host "Renamed  : $($HashRenamed.Hash)" -BackgroundColor DarkGreen
Write-Host "Modified : $($HashModified.Hash)" -BackgroundColor DarkRed

# Step 15 : Clean up the disk.
Remove-Item -Path C:\ps\Original -Confirm:$false -Recurse
Remove-Item -Path C:\ps\Copy -Confirm:$false -Recurse

Thursday, February 2, 2017

__error__ in PowerShell ISE

Wow, I finally got around to doing a little blogging.  This has thus far been a very busy year.  I’m actually writing this in the air heading to teach a PowerShell class in North Carolina and prepping my sessions for PowerShell Summit Europe in a few months. 

When I start helping my students debug their issues in class, I often walk up to their monitors and see the error right away.  I am very cautious to point out at the beginning of class that the reason that I see their errors so fast is because I have made the same errors so often.  Here is one that left me scratching my head.

While adding a valid parameter to a function that I was developing, I had this error in the ISE.
I’ll be honest, this was a new one for me.  Looking at the message, I realized that there was a casting of string.  This pointed me to my param block. Sure enough, I placed a comma where I should not have.

You can see it right after [String].  My bad.  Hey, all of us make mistakes.

Wednesday, January 4, 2017

Using functions with PowerShell Background Jobs Part 2 of 2

Yesterday we learned how to use the InitializationScript parameter of Start-Job. Today we are going to allow for further modularization of our code and send multiple functions to Start-Job.  We could very easily send multiple functions in the same script block, but I need to pick and choose which functions I will be working with for each process so I need to be able to send them separately.  Here is our code.

$JobFunction1 = {
 Function Beep
    Param ($Tone)


$JobFunction2 = {
 Function Beep2
    Param ($Tone, $Time)

$InitializationScript = $executioncontext.invokecommand.NewScriptBlock("$JobFunction1 $JobFunction2")

$JobSplat = @{
    Name = "Test1"
    InitializationScript = $InitializationScript
    ArgumentList = 300, 400, 200

Start-Job @JobSplat -ScriptBlock {
            Param($Value, $Tone, $Time)
            Beep -Tone $Value
            Beep2 -Tone $Tone -Time $Time

A lot of the code is the same as yesterday with a few exceptions. Notice that we are creating $JobFunction1 and $JobFunction2.  This allows me to place a single function inside of a script block, but be able to send multiple script blocks to Start-Job.  I am also using the $ExecutionContext automatic variable. According to About_Automatic_Variables, this variable:
Contains an EngineIntrinsics object that represents the execution context of the Windows PowerShell host. You can use this variable to find the execution objects that are available to cmdlets.

OK, that was informative.  It is on object of type System.Management.Automation.EngineIntrinsics. In short, you can create new script blocks with it.  I use it to join the 2 variables containing the script blocks that I need to send to Start-Job. I save the output in a variable called $InitializationScript. This is now the value of –InitializationScript.

When you run this code, you will hear two beeps.

Tuesday, January 3, 2017

Using functions with PowerShell Background Jobs Part 1 of 2

Happy New Year everyone!  I am spending my New Years’ day working on some code that I’ve been putting off while the family has been in town.  Something about shoveling sunshine as opposed to shoveling snow.  I’m working on expanding some Azure code that I have developed and I’m looking at ways to further modularize the code.  Since I use Background jobs with script blocks to speed the processes that I am running, I’m looking at using the InitializationScript parameter of Start-Job.

The InitializationScript parameter allows you to run code before the ScriptBlock parameter runs.  When you include functions inside of it, you are able to place those functions in the same memory that the ScriptBlock will execute in.  Let’s take a look at our code to set this up.

First we create a variable that will hold our function that we will call from the background job.

$JobFunctions = {
 Function Beep
    Param ($Tone)


In this case, we are going to make the console beep.  We are also going to pass the value for the tone of the beep to the parameter $Tone.

Next we will set up a splat for a few of the parameters of Start-Job. Notice that we are setting the value for –InitializationScript to be the $JobFunctions that we created above.  Also, we need to pass a value to what will be our script block.  That value is 300.

$JobSplat = @{
    Name = "Test1"
    InitializationScript = $JobFunctions
    ArgumentList = 300

Now we can run our background job.

Start-Job @JobSplat -ScriptBlock {
            Beep –Tone $Value

First off we call our splat and then we call our script block.  We need to pass the value of 300 to the script block so we created a parameter called $Value. In other words $Value = 300.  Next we call the function that we sent to the initialization script.  The function name is Beep it has a parameter called –Tone.  We provide it the value of 300 that is contained in $Value.  Once this runs, you will hear a beep.

Tomorrow we will send multiple functions to our background job. 

Thursday, December 22, 2016

Using Here-Strings to help search United Airlines for Flight Dates

As many of you know, I am fortunate to teach Windows PowerShell, Server, and Client all over the world.  One thing that I do not do very often is use my air miles.  This is has been a very deliberate action because I wanted to make sure that when my wife decides to fly to Europe with me, she will do so in style. 

Well, the time has come.  I’m heading over to Europe to speak at the PowerShell Conference in a few months and my wife and I are going to spend some time together hunting down what we hope will be distant relatives and doing a little sightseeing.  So, I’m burning the air miles to fly family to my home to house sit and for us to fly over the pond in United Polaris Class.  My wife does not like long flights so I am determine to spend the air miles wisely to make sure she is as comfortable as possible.  I’ve made the flight many times in coach, but I would be a bad husband if I did not splurge a bit on my wife. Below is the difference.


What I usually fly…. Economy.

Our schedule is extremely flexible so I’m searching all of the airports in central Europe for days when United puts a premium cabin “on sale”, so to speak, for award mile use.  To help make this daily ritual less time consuming, and to give me a good lesson to share on Here-Strings with my class, I came up with the code below.

A few things first.  If you have a United Mileage Plus account, open your default web browser and log in.  Leave the browser open when you execute the code. Otherwise the queries will not be executed with your account.

You will also need to manually search for award travel to each destination.  You will need to replace my URL strings with yours for each search that you make.

Finally, you will need to replace the date component of the URL with $FlightDate.  Look for a date with a format of YYYY-MM-DD in the URL from United.  It is easy to find.

Once done, just save the code and press F5 to put it in memory. (You will need to change the default values of the parameters to meet your desired travel date. I marked the 3 places in the param block of the code.)

Type Search-United and press Enter.  All of your queries will run at the same time.  Remember to start this process 6 months in advance if possible.  This will help you find more award mile saving dates.

Function Search-United
Param (
    $Month = <#Replace with your default Month#>,
    $Day = <#Replace with your default Day#>,
    $Year = <#Replace with your default Year#>

#Create a DateTime object based on the flight date.
[DateTime]$Date = "$Month-$Day-$Year"

# Convert that DateTime object into the format the United website requires.
$FlightDate = $Date.GetDateTimeFormats().split("`n")[5]

# Here-String to list all destinations to check.
$SearchList = @"$FlightDate&tt=1&at=1&sc=7&px=2&taxng=1&idx=1$FlightDate&tt=1&at=1&sc=7&px=2&taxng=1&idx=1$FlightDate&tt=1&at=1&sc=7&px=2&taxng=1&idx=1$FlightDate&tt=1&at=1&sc=7&px=2&taxng=1&idx=1$FlightDate&tt=1&at=1&sc=7&px=2&taxng=1&idx=1$FlightDate&tt=1&at=1&sc=7&px=2&taxng=1&idx=1$FlightDate&tt=1&at=1&sc=7&px=2&taxng=1$FlightDate&tt=1&at=1&sc=7&px=2&taxng=1&idx=1$FlightDate&tt=1&at=1&sc=7&px=2&taxng=1&idx=1$FlightDate&tt=1&at=1&sc=7&px=2&taxng=1&idx=1$FlightDate&tt=1&at=1&sc=7&px=2&taxng=1&idx=1

# Open a web page for each destination.
$SearchList.Split("`n") | ForEach-Object {Start-Process -FilePath $_}

Allows you to search multiple destinations at United Airlines.

Allows you to search multiple destinations at United Airlines.

First you must open your default web browser and log into your United Mileage
Plus account.  Mileage Plus members receive better access to award miles
savings so you should see more options.

You must manually search each destination and make sure to select
"Award Travel" on the website.

Copy the web address into the Here-String above. Replace the date in
the string with $FlightDate.  The string to replace will bi in the
format YYYY-MM-DD.

Run this code when you want to check for award travel.

The numeric value of the month to travel.

The numeric value of the day to travel.

The numeric value of the year to travel.


Opens the United website and looks for award travel on the default dates.

Search-United -Month 6 -Day 15 -Year 2017

Opens the United website and looks for award travel June 15, 2017.

== Cmdlet: Search-United                                                     ==
== Author: Jason A. Yoder                                                    ==
== Company: MCTExpert of Arizona                                             ==
== Date: December 21, 2017                                                   ==
== Copyright: All rights reserved.                                           ==
== Version:                                                          ==
== Legal: The user assumes all responsibility and liability for the usage of ==
== this PowerShell code.  MCTExpert of Arizona, Its officers, shareholders,  ==
== owners, and their relatives are not liable for any damages.  As with all  ==
== code, review it and understand it prior to usage.  It is recommended that ==
== this code be fully tested and validated in a test environment prior to    ==
== usage in a production environment.                                        ==
==                                                                           ==
== Does this code make changes: NO                                           ==