PowerShell: A note on Execution policy.

While driving up to RTP today I was listening to the PowerScritpting podcast episode 140.  Hal and Johnathan received a question about execution policy settings.  The conclusion they reached was that remote signed was a good compromise.  I would like to expand on this a bit.  The real fear with script execution is that you’ll unintentionally run code that has malicious intent buried within it.  Personally I don’t run around running code before I review and test it, but that doesn’t mean I’m safe.  As PowerShell MVP and trainer extraordinaire Don Jones has previously stated the risk is with your profile.

Read more

PowerShell: Automate SUN ILOM configuration

I’m currently winding down on a datacenter build that has consumed me for the better part of six months.  Last night our team went through and stood up vSphere on 200+ hosts. I know that’s nothing for you cloud providers, but that’s a lot of servers for the average IT shop.   Being a lights out datacenter we have 3 management paths to every server IP-KVM, ILOM, and serial ports.  Going through and setting all that up would have been a pain in the but, so I did a little searching and found how to configure the SUN ILOM via the serial port.  With that document and little experimentation I quickly had my script, now all that was left was to learn how to script via a COM port.  I turned to BING and found this article which pointed me to a new-to-me .Net Class…  about 4hrs later I had a complete solution, and yet another example of the Admin Development Model.

Read more

PowerShell: DataOnTAP and SID Convertions

This morning while standing up a new vScan A/V server I wanted to look up our McAfee service account.  I knew the account would be a domain account, and I knew it would be a member of the backup operators group on the filer.  With that in mind I ran the following.

Well that’s rather useless… Unfortunately, the OnTAP API doesn’t provide a means to convert a SID to a NTAccount.  This is normally accomplished via the “cifs lookup” command on the Ontap CLI, but that doesn’t help us much from the toolkit.  Fortunately .Net provides a native means to perform this conversion.  This isn’t new to anyone who has been following PowerShell for a while (//o// first posted these function way back in the Monad days), but that doesn’t make them any less useful!

Now that’s more like it!  This is what I Love about powershell.  In the past I would have had to push back on my sales rep, who would have inturn pushed back on the development team.  fast forward a year, and maybe I would have a workaround.  Or I would have had to try and glue a couple third party exe together (yuck). With PowerShell if I don’t like something I simply extend it in script.  No development, nothing complicated, just a couple line of PowerShell.  Best of all I can then provide this to the vendor as a concreate example of what I want in the next release (hint hint NetApp cifs lookup needs to be in the SDK!)

It really is just great stuff.
~Glenn

PowerShell: DataOnTap Realtime Multiprotocol Volume Latency

I had some free time yesterday morning as I couldn’t sleep after the long weekend. I used the time to dig into into the DataOnTap PowerShell Toolkit.  I started with an easy port of one of Andrews performance monitoring scripts.  I won’t go into as it’s very straight forward, but I will say so far I am very pleased with the DataOnTAP toolkit. 

~Glenn

Scripting Games 2010: My Scripts


2010 Scripting Games--I was there!

This is more for my own records.  I know for sure I will be using these as a reference over the next few month.  All my 2010 Scripting Games solutions.

~Glenn

Scripting Games 2010: PostGame Roundup

2010 Scripting Games
I just submitted my last entry into this years games, and I wanted to capture a few things before I go and get busy. 

The Challenges

In years past the challenges where the equivalent of the scripting combine.  They would test ones ability to solve a logic problem in code. This created a developer friendly zone.  Whereby professional coders (aka developers) would inevitably produce a script that used some –xor feature or .net class I knew nothing about.  I would look back on my script feel incredibly inadequate and try harder.  This always lasted at most 5 days… until this year I never made it past 5 days.

This year the dread pirate Ed Wilson flipped the script. All of a sudden the event resembled a ticket at work.  As I read them I instantly knew how to do x or y, and would jump straight to the extra credit section.  This my friends is where it got interesting.  Every event this year could be solved by a PowerShell newbie, but to hit all the design criteria that would take some skill.

It was this combination that kept me in the games. Looking back it felt more like leveling in a MMO than work.  It wasn’t enough to solve the problem I wanted my stars.

PoshCode

There were a slew of issues with Poshcode V2 during the first couple days of the games.  They were fixed promptly, and the site has preformed admirably ever since.  This is the second year I’ve used PoshCode V2, and would just like to say…

JOEL… SHIP IT ALREADY…. ITS GOOD ENOUGH!!!!!1111

Seriously though, it is a massive upgrade, I’m excited to see what the poshcode.org upgrade may bring!

The Ratings

Judging criteria was put out here.  The short version is as follows.  If the script looks like it works you get two stars.  Every star beyond that is based on meeting the extra design criteria.  Now that is an incredibly open guideline…. and I am completely okay with it.

The same judges judge all the scripts so one liberal judge will give us all 5 stars.  The next judge might not like our approach and only give it three, but that stingy judge will be stingy to all the entries.  (I have some great scripts that got some whacked rankings.  Tell me how this only get’s three stars?)

That being said I would like to propose one change for next year.  We need feedback, why only four stars… did I miss something? Do you not like the formatting?  Did I go off the deep end for no reason and overcomplicated it?  All of these would be valid reasons to deduct points, but the deduction looses it’s real purpose if we can’t pass on the lesson it contains.

I’ll give you an example.  one of my close competitors this year kept creating the help by hand.  After day two or three I left a comment that said

hey great script, but you’re use of a here-string already locks you to V2.  Might as well go whole hog… check out help about_Comment_Based_Help

His very next script included comment based help.. heck he even gave me a shout out for the tip!  Awesome, this is what these games are about!

Except, that script didn’t rate too well… as of event 5 he was back to his old VBScript ways.  Somehow he associated that change with the bad rating… maybe it was part of it, he’s had all 5’s since.  Either way for on brief moment he was on track…

PowerShell Best practices

Which leads me to my final peeve about these games, and something we should fix for next year.  A script that is CLEARLY VBScript written in PowerShell should not get higher than a 3.  This isn’t about prizes or winning either.  These games are a learning event.  If we aren’t teaching best practices along the way what good are we doing anyone? You know simple stuff like don’t use the Scripting.FileSystemObject com object anymore…  I know this is a slippery slope, and I was truly blown away by the overall quality of the submissions. Nevertheless I think it’s a conversation worth having.

Motivation for the Games

As of this post I’m in first place… Looks like I might win this dang thing(what ever that means)!  Still way to early to call. Either way I didn’t participate this year for any monetary prize… I did it for the vanity of it all. I wanted to know where I stacked up.  I never thought I’d win anything… first place came out of left field.  All in all I got exactly what I wanted out of the games.  I do wish the judges had participated, they need only recuse themselves from the event they judge.  I would have liked to compete against a couple MVP’s.

New Tricks

These games forced me to step my game up.  I used EVERY trick I know, and I learned a few knew ones along the way.  Three specific tricks I will not soon forget.

Splatting:

I finally know what spatting is and why it’s a big deal.  Splatting helped me streamline half of my scripts removing 20-30 logic tree’s, by simply creating the parameter set’s upfront. I know we’ve all heard the definition before, but let me show you in code why it matters!

Before Spatting

After Splatting

As you can see splatting allows you to offload all the logic that isn’t related to the task at hand to the the script/function initialization.  This cleans up your working area, and results in cleaner code!

Windows Forms:

Last week I created my very first windows form GUI ever, and I did it by hand.  Not because I’m hardcore, but because once I got started it was REALLY easy.  Like .net itself windows forms have full reflection, meaning it’s all self descriptive from within PowerShell.

Obviously using a tool like PrimalForms will save a ton of time, but don’t feel like you need a third party tool.  This stuff is easier than you’d think!

WPF/WPK:

This was the gut shot that hurt my brain!  WPF was a lot to bit off in one chunk.  After two weeks with it I feel like I still barel y know what I’m doing, but once I do… WPK will make it easy.  WPK’s strength, and weakness come from it’s meta-programming roots.

If you don’t already know, James wrote a script that wrote WPK.  It’s all machine generated code.

The good part, it is 100% complete it can do anything possible in WPF.

The bad part, there is NO abstraction layer between you and WPF.

There are some really cool helper functions that make it easy to use PowerShell code directly.  But if you want to make a listbox you’re going have to look at a c# example. I originally planned on doing event 10 with boots, and I wish I had time… I want to compare the two head to head, but I ran short and wanted to get my final submission in.

Final Thoughts

100% worth the time, These few weeks have sharpened my skill significantly.  To the point where I’ve actually caught up at work.  At this pace I’ll be ahead of schedule next week.  I think it was just the hard break the games carried… forced me out of my rut.

Take a look at my work let me know what you think. I have very thick skin and prefer the truth over candy coated fairy tales.

If you spent this year on the side line… save the excuses.  These games, like learning PowerShell will advance you professionally; ergo they’re good for work; ergo quit you’re bitchin and get to it!  Unless you were at EMC world ;P

In closing I want to personally thank the sponsors and judges who made the games possible this year:

Thank you, Tech·Ed 2010 North America
Thank you, PoshCode.org
Thank you, Microsoft TechNet
Thank you, SAPIEN Technologies
Thank you, Quest Software
Thank you, /n software
Thank you, Software FX
Thank you, 101FreeTechBooks.com
Thank you, ShellTools
Thank you, Idera
Thank you Judges

I had a blast a learned a ton, Good job all, See ya next year!

~Glenn

@extraparams

PowerShell: The Admin Development Model, Win32_NetworkLoginProfile, and DateTime objects

While scanning the PowerShell forums this evening I ran accross this question.  Cruisader03 had already answered the question. The solution.. just…. looked too complicated.  After three years of using PowerShell everyday as my primary means of administration… I offer this simple mantra.

 If it looks complex your doing it wrong!… And you’re the second person to read it. 

I just made that up, but I like it!  Seriously though, this is something I’ve started to notice in my own code.  I believe it is an interesting side effect of the Admin Development Model.  

We cut and paste, one line at a time. Until we get it to work.  By the time we finish a script we know that code not as a script, but as a series of lines. (Pay attention, I bet you still read it like a series of one liners).  In that context it looks fine, but wait 24hr’s and look again… not the same is it.   Now that you’re looking at a finished script.   You will start to find all sorts of inefficiencies and poor grammar usage.   So you polish it up a little… rinse and repeat 100 times, and post to PoshCode!  So goes the Admin Development Model.  With that in mind I offer this simple snip it, more a refactor of  Cruisader03 post than a solution.

~Glenn

PowerShell: Import NetApp AutoSupport

The first step to any problem is getting said problem into PowerShell! We all know the usual players here WMI, ADSI, .NET, COM, etc… but what about good old text. I get the impression text has been ignored as legacy. When text does get a little attention it is almost always treated like the unix world.  Get-Content | Select-String used in place of cat|grep… I offer a different approach, in my opinion you haven’t really ingested something until it’s in the form of an object. Ala, Import-ASUP, a PowerShell script to ingest a NetApp autosupport. Give it a try and look around at the object it spit’s out. You may be surprised just how much information we all beam back to the mother ship every week!

Read more

PowerShell: Custom Types, and Formatting

So you’ve graduated to the PowerShell elite, you’ve mastered the pipeline, and one-liners seem well trivial.  What now?  For me, I started working on a module, and along the way I was forced to really learn PowerShell’s Type and Formatting subsystems.  As I see advanced functions start to propagate out into the world I wanted to share some of what I learned (As well as provide myself a useful reference guid!).

Why should you care? Well,  in order for your script/module to truly perform like a first class cmdlet.  You must have a custom type.  Having this custom type will cause several built-in automation gremlins to get confused…. I.e. PowerShell doesn’t know how to handle your new object!  With a combination of type, and format data we’ll teach PowerShell how to handle our object. 

First we need a custom object, I’ll use an example slightly above foo.bar..  First things first we need to construct our object, I won’t get too into this as I’m not qualified to speak on the matter.  All I will offer is this I’ve seen examples using c# interfaces as the object construct.  I prefer using a class as it allows me to define multiple Constructors, which become very useful later on in your code!

So far so good right?  Well, we already need a little tweaking.  Consider what happens next when we instantiate our Server object.. 

Notice how PowerShell just repeated the type name over and over again.  That’s because we haven’t told it what we care about and how to display the information in this situation. I know this is a rare case but it’s one I’ve found all to often!  Fortunately this is handled easily enough. Ultimately we will handle this with a format data file, but first we need to extend our types!  While it is possible to do all this work in the format file, I highly advise against it as it will lead to confusion by your users!

First we’ll create a GetAdmin.Types.ps1xml file and add the following, permanently adding a couple script properties to our objects.

As you can see we added a script property to our Net object that will return the the ip in a string.  Then we used that IP property in the IPAddress script property to create a comma separated list of IP’s.  Then we’ll use that list of IP’s as the default view for the network.  This is done with a simple format data file. A quick note with the format data file: it’s a good idea to format to 80chars wide, as this is the default for most 3rd party consoles.

Now when we run our command we’re displaying useful information right from the start, but we haven’t hampered anything.  Remember the full object is still available underneath.

That’s all for now, Next time type conversion!

~Glenn Sizemore

PowerShell: Custom Types, Type conversion and ETS

Before we get into the how, here is why you should care about this!  Consider the following oversimplified function.

First off we need to load our custom types:

Now let try and use this function:

While that’s not that bad, consider the following, it could look like this.

Now I really don’t want to get into which one you should be using.  I prefer instead to focus on how to enable either one!

First things first we’re going to have to get a little dirty with some C# (Again I’m not a developer so if anyone knows a better way to do this I’m all ears.) and create a type converter.

I told you we needed to get a little dirty!  Now that we’ve implemented a type converter that knows how to convert a string to a GetAdmin.Net object.  Now we need to inform PowerShell of our work.  This is accomplished via the a type formatting file.

Next import your new type definition file, and try it out!

Hope that was helpful, know a better way?

~Glenn