Using Windows PowerShell to administer your Windows environment

wispxylopolistInternet και Εφαρμογές Web

7 Αυγ 2012 (πριν από 5 χρόνια και 1 μήνα)

697 εμφανίσεις

Using Windows PowerShell to
administer your Windows environment

Richard Siddaway MVP

Microsoft Practice Leader

Centiq Ltd.

Rsiddaway@centiq.co.uk


Introductions

I do not work for Microsoft

Microsoft Practice Leader at Centiq

Interests are optimisation, migration and
management

Automation = Script wherever possible


Worked with PowerShell since early betas

Started and lead UK PowerShell User Group

PowerShell MVP

Demo heavy

Windows Server 2008

PowerShell V2


Questions

Who

Uses PowerShell ?

Has seen PowerShell ?

Uses another scripting language?

Automates administration



Agenda

PowerShell Overview

Learning PowerShell

Using WMI

Break

Administering Active Directory

Administering IIS 7

Windows Server System

Security

Infrastructure

IT Operations

Infrastructure

Applications
Infrastructure

Collaboration

Infrastructure

Administration Styles

GUI

Interactive

Script

POWERSHELL

OVERVIEW

PowerShell

Optimise administration


Minimise Effort


Maximise return on time spent learning




PowerShell

Automation engine

Command Shell and scripting language

.NET based

DO NOT NEED TO LEARN .NET
PROGRAMMING

RTW November 2006

2 million+ downloads

CTP 2 for Version 2 available




PowerShell


Key Features

Cmdlets

Providers

Extensible

Composable

Pipeline




Script
Types


Text

.Net

“interpretation” of the traditional Unix
scripting model

COM

WSH/VBScript style scripting

.NET

Manipulate any native .
NET
object

Commands

PowerShell
cmdlets emitting objects

DataTypes


Flat File


CSV etc

.NET

XML

WMI

ADSI

ADO.NET

SQL

PowerShell adoption

Microsoft

Exchange 2007

Windows Server 2008

SC Data Protection
Manager

SC Operations
Manager 2007

Compute Cluster

SQL Server 2008

OCS Resource Kit


Third party

Special Operations
Software

Quest AD cmdlets

PowerGUI

PowerGadgets

Sdmsoftware

IBM
Websphere

MQ

PowerShell Community
Extensions


PowerShell V2


It is a CTP!!

!!!!! DO NOT USE IN PRODUCTION !!!!!!!

It will change!!

Remoting

Background jobs

Script Cmdlets

Debugging

Graphical PowerShell

LEARNING
POWERSHELL


Get
-
Help


Get
-
Command


Get
-
Member


Get
-
PSDrive

Your four best friends

Try things out in an interactive shell

Stitch things together with utilities

Put the results in a script file

Realize that the tools are unsuitable and restart
with a new set of tools

Generalize (e.g., parameterize)

Clean it up


灲潤畣瑩潮
-
煵q汩ly

䥮瑥杲慴攠楮瑯iy潵爠敮癩牯湭敮r

Share with the community

Ad Hoc Development

Issues

Default install mode won’t run scripts

Set
-
ExecutionPolicy

No file association

Can’t automatically run scripts

Can’t double click script to run it

No
remoting



coming in V2

Can use .NET and WMI

Current working directory is NOT on PATH

.
\
myscript.ps1

Does not load all .NET assemblies

Use [
Reflection.Assembly
]::
LoadWithPartialName
("
Microsoft.SqlServer.Smo

")


Learning PowerShell

Demo

ADMINISTERING

WINDOWS SYSTEMS

Administering Windows

Processes


Services


File system


Registry


Event Logs


Administering Windows systems

Demo

USING WMI

WMI

Instruments to access management information


Common Information Model V2


Windows 2000 onwards


Namespaces and classes


Local and remote machines


WMI

Namespaces are hierarchical


Default set of namespaces and classes


Applications and services add more



WMI in VBScript

strComputer

= "."

Set
objWMIService

=
GetObject
("
winmgmts
:
\
\
" &
strComputer

& "
\
root
\
CIMV2")

Set
colItems

=
objWMIService.ExecQuery
( "SELECT * FROM
Win32_Service",,48)

For Each
objItem

in
colItems



Wscript.Echo

"
-----------------------------------
"


Wscript.Echo

"Win32_Service instance"


Wscript.Echo

"
-----------------------------------
"


Wscript.Echo

"Name: " &
objItem.Name


Wscript.Echo

"Status: " &
objItem.Status

Next

WMI in PowerShell

Get
-
WMIObject

Win32_Service | Select
-
Object Name, Status |
Format
-
List


Or even:



gwmi

win32_Service | select name, status | fl

WMI

WMI Type Accelerators

[WMI]

[
WMIClass
]

[
WMISearcher
]


Improved support in V2

Get
-
WMIObject

improved

Invoke
-
WMIMethod

Set
-
WMIInstance

Remove
-
WMIObject





Using WMI through PowerShell

Demo

Summary

PowerShell can

Adminsister

local machines

Adminsiter

remote machines

WMI

.NET


Access

Services

Processes

Registry

Event logs

Applications





Break

ADMINISTERING

ACTIVE DIRECTORY

PowerShell and Active Directory

NO AD cmdlets in PowerShell v1 or V2

Exchange 2007 has limited AD support

Special Operations Software

Quest AD cmdlets

Sdmsoftware

GPO cmdlets

Quest
PowerGUI

PowerShell Community Extensions

/
nSoftware

Scripting


Active Directory Provider

PowerShell

Community Extensions

Access AD as “
filesystem


Navigation

Use core commands

Interactive or scripting

Associated
cmdlets

Issues


“open source”

Scripting AD in PowerShell

System.DirectoryServices

DirectoryEntry

DirectorySearcher


System.DirectoryServices.AccountManagement

System.DirectoryServices.ActiveDirectory

System.DirectoryServices.Protocols

[ADSI]

[
ADSISearcher
] (V2)

Psbase

issues (V1)

Searching AD

System.DirectoryServices.DirectorySearcher

Wraps ADSI search functionality

Faster and more powerful

Easier

No ADO
recordset

Search for deleted objects

Uses LDAP syntax only (
cn
=
jbloggs
)

Can search Global
Catalog

[
ADSISearcher
] (V2)

DirectoryServices.AccountManagement

ADSI via .NET

Users and Groups

Local and AD

Not access to complete AD object

New in .NET 3.5

DirectoryServices.ActiveDirectory

.NET access not ADSI

Administration rather than data

Only access some objects

Not access to complete AD object

DirectoryServices.ActiveDirectory

Sites,
sitelinks
, subnets, schedules

Forest

Domain

Trusts

Replication

Schema

Adminsitering

Active Directory

Demo

ADMINISTERING
IIS

7

IIS 7 Management tools

New managed code API

Microsoft.Web.Administration

New WMI provider

root
\
webadministration


New command line tool

Appcmd


PowerShell provider

GUI

IIS 7: .NET

Like any managed code assembly M.W.A
requires explicit load into PowerShell before
use

Do not forget to save your changes calling
CommitChanges
()

No access to remote machine

Credentials issues

IIS 7: WMI

Needs packet privacy


MUST give credentials to access remotely


V1 Get
-
WMIObject

cannot access

V2 can

Cannot create new objects remotely

Alternatives:

Access WMI via .NET

Use
remoting

IIS 7: WMI

IIS 7.0 introduced a new WMI namespace
called “
WebAdministration
” in Vista, and it
was enhanced in SP1 and Windows Server
2008

WebAdministration

is greatly simplified
compared to IIS 6.0 WMI namespace
(“MicrosoftIISv2”)

WebAdministration

is tightly integrated with
IIS 7.0 configuration system, but provides
more traditional set of objects: Site,
Application,
ApplicationPool
, in addition to
configuration sections

IIS 7: PowerShell provider

Download from
www.iis.net


Provider and cmdlets


Currently CTP 2


IIS and
Config

file admin

IIS 7: Legacy support

The following options can be installed for IIS
7.0:

IIS 6 Scripting Tools

IIS 6 WMI Compatibility

IIS
Metabase

Compatibility

The goal behind these options is to allow
existing ABO, ADSI, WMI code to continue
to work on IIS 7.0

Legacy scripts can only update legacy
settings

Settings introduced for IIS 7.0 require the use of
new APIs

Using IIS 7 through PowerShell

Demo

Summary/Call to Action

PowerShell can be used to administer large
and growing parts of your environment

Now available at:
www.microsoft.com/downloads

Search for PowerShell

Try it, Deploy it, Use it, Share


For More Information


User group:

http://powershellug.com/


My Blog

http://richardsiddaway.spaces.live.com




Books

Books


Name: Richard Siddaway

Email: Rsiddaway@centiq.co.uk


Any Questions?

Reference Slides

Scripting with COM

Access existing instrumentation

Bind to COM objects

$
fso

= New
-
Object
-
ComObject

Scripting.FileSystemObject

$m = [
System.Runtime.InteropServices.Marshal
]

$word = $m::
GetActiveObject
("
Word.Application
")

Invoke methods/access properties

$
fso.GetDrive
(“C:”)

$
fso.VolumeName

= “System Drive”

Understand/extend instrumentation

Extend and discover properties/methods

Update
-
TypeData

Office.Word.Types.ps1xml

$
fso

| Get
-
Member

Manipulate and format results

Define and import custom
formating

Update
-
FormatData

Office.Word.Format.ps1xml

$
word.RecentFiles

| Sort name | Format
-
Table

Allows more simpler/more powerful COM scripts because of
utilities and formatting

Scripting with WMI

PowerShell provides native WMI support

Get
-
WmiObject

Allows for inspection of WMI namespace

Get
-
WmiObject


list [
-
Namespace xx]

Get
-
WmiObject


Class xx

Namespace xx

Property
xxx


Filter xxx

ComputerName

xxx

Credential xxx

Native language support

[WMI] “
\
\
JPSDESK10
\
root
\
cimv2:Win32_Process.Handle="0


[WMICLASS] "ROOT
\
cimv2:WIN32_PROCESS"

[WMISEARCHER]"select * from Win32_process WHERE Name =
'calc.exe'"

Scripting with .NET

PowerShell provides native access to any .NET class

Create any object

[
reflection.assembly
]::
LoadWithPartialName
("
System.Wind
ows.Forms
")

$d = New
-
Object
System.DateTime

2006,12,25

Access Properties/Invoke Methods

$
d.DayOfWeek

$
d.AddDays
(
-
30)

Access Statics

[
DateTime
]::Now

[
DateTime
]::
IsLeapYear
(2006)


Allows
admins

to easily access and leverage a huge API set because
of
scriptability
, utilities and formatting

Scripting with XML

PowerShell provides native XML support

Native
datatype

$x=[xml]"<a><b><c>TEST</c></b></a>“

$b =[xml](type c:
\
i386
\
mssecure.xml)

Native syntax to access “data” view of properties

$
b.BulletinDataStore.Bulletins.Bulletin
[0]

Access to XML methods

$
b.BulletinDataStore.SelectNodes
(“//Patch”)

XML properties available through
PSBase

property

$
b.BulletinDataStore.PSBase.innerXml

Scripting with Text

Invoke existing tools

Existing command run directly after variables are expanded

Harvest data from existing tools

Parse output into variables using text utilities.

Pipe data to SELECT and use

FIRST and

LAST


Select
-
String <REGEX> <Path>

Dir | Select
-
String <REGEX>


[
DateTime
]”12/25/2006 7:00”


([
DateTime
]”12/25/2006 7:00”).
AddDays
(
-
30)

Use functions/scripts to wrap the commands and convert output to objects
or provide standard syntax

Safely

process text

Use CLR types via Windows PowerShell to safely parse text

[URI]” http://blogs.msdn.com/powershell/archive/2006/04/25/583234.aspx”

Allows
admins

to get 2
-
10x more power out of existing commands
because of
scriptability

Active Directory

AD cmdlets

http://www.quest.com/activeroles
-
server/arms.aspx

PowerGUI

http://www.powergui.org

Special Operations Software

http://www.specopssoft.com/

SDMSoftware

http://www.sdmsoftware.com/freeware.php


IIS 7

The following walkthroughs are available on
the
www.iis.net

web site:

PowerShell

An Introduction to Windows PowerShell and IIS 7.0

http://www.iis.net/go/1212

Writing PowerShell Command
-
lets for IIS7

http://www.iis.net/go/1211

AppCmd

Getting Started with
AppCmd

in IIS 7.0

http://www.iis.net/go/1222

Command Line Administration with IIS7


AppCmd

http://www.iis.net/go/954