PowerGUI 1.7

The key new scenario which we wanted to support was creating custom PowerGUI-based consoles : branding them, locking them down, distributing to administrators (e.g. helpdesk), and then having automatically updated whenever you make changes to the central configuration.

The main pieces of this scenario were:

1.  Lockdown mode: this allows you to disable and/or hide any functionality in the PowerGUI admin console. Simply open the file quest.powergui.Lockdown.xml in PowerGUI profile folder (%appdata%\Quest Software\PowerGUI ). You can just replace all true with false (in that case users won’t even be able to click an action or change order of columns), or be more granular.

2.  Central configuration update: Redirections.xml from PowerGUI profile folder lets you make PowerGUI pull its configuration and/or lockdown information from another location (e.g. file share). PowerGUI also checks for the configuration version, which lets you force the UI update whenever you change anything in your custom console.

3.  Ability to change the welcome page to something more meaningful for your organization.

And then there are multiple smaller changes:

4.  Multiline comments for PowerShell v2 (<# #> ).

5.  Icons in the grid and dynamic nodes.

6.  Multiple bugfixes based on reports we got from our community forum s. We’ll hopefully follow-up on all of them next week.
Download PowerGUI here: http://powergui.org/downloads.jspa

Powershell and Active Directory

PowerShell After some research and reading various websites about how to control Active Directory with Powershell, I finally found what I needed. A lot of articles about this topic immediately start using all kinds of cmdlets developed by several parties, especially the one by Quest. But I wanted to do this stuff without needing any extra libraries/cmdlets. The script shown in this article does a search in the Active Directory for a user object given the SAM account name. It then shows some of the attributes of that user. The third part of the script changes some of the attributes and writes the changes back to Active Directory. And finally it moves the object to a new Organisational Unit (OU). All this with native Powershell.

Summary of techniques applied in the Powershell script:

  • search Active Directory objects
  • show Active Directory object attributes
  • update Active Directory object attributes
  • move an Active Directory object to a specified Organisational Unit (OU)
  • set the ‘user must change password at next logon’ flag
  • set a password on a Active Directory user object
  • vclear the ‘disabled user account’ flag

  • set the terminal services profile path (Changing the Terminal Server profile path requires the powershell script to run on a server because the call requires some DLLs that are only installed on servers)

Disclaimer: The powershell scripts shown in this article have only been tested on Windows Server 2008 and Windows Vista.

function searchUserSam($userID)
$root = [ADSI]”
$searcher = new-object System.DirectoryServices.DirectorySearcher($root)
$searcher.filter = "(&(objectClass=user)(sAMAccountName= $userID))"
$object = $searcher.findall()
if ($object.count -eq 0) {
return 0
} else {
return $object[0]

$Name = $args[0]
$objUser = searchUserSam $Name
$userObject = [ADSI]([string]($objUser.Properties.adspath))

#show the current user values
# This terminal server specific InvokeGet method only works on Server 2008, not on Vista!

# set userPrincipalName to X account and add the ‘@foo.bar’ extension
$userObject.userprincipalname = ($userID + "@foor.bar")

# clear the ‘disabled user account’ flag

# set the profile path
$userObject.profilepath = "\\"+$domainFQDN+"\data\"+$environment+"\Users\"+$UserID+"\Profiles\Desktop"

# set the terminal services profile path
$userObject.PSBase.InvokeSet(‘terminalservicesprofilepath’, "\\"+$domainFQDN+"\data\"+$environment+"\Users\"+$UserID+"\Profiles\%FarmName%")

# set the login script
$userObject.scriptPath = "Login.cmd"

# set a new password for the account
$userObject.psbase.Invoke("SetPassword", "Whatever1")

# set the ‘user must change password at next logon’ flag
$userObject.pwdLastSet = 0

# write all updates to the user object in Active Directory

# Move the user object to the ‘Standard Users’ OU
$userObject.PSBase.MoveTo("LDAP://OU=Business Users,OU=Production,DC=foo,DC=bar")

Terminal Server & Citrix CMD Line Utilities

Terminal Services CMD Line Utilities:

Command Function
change logon Temporarily disable logons to a terminal server.
change port Changes COM port mappings for MS-DOS program compatibility.
change user Changes the .ini file mapping for the current user.
cprofile Removes user-specific file associations from a user’s profile.
flattemp Enables or disables flat temporary directories.
logoff Ends a clients session.
msg Sends a message to one or more clients.
mstsc Runs Remote Desktop Connection.
query process Displays information about processes.
query session Displays information about Terminal Services sessions.
query termserver Lists Terminal Services servers on the network.
query user Displays information about users logged on to the system.
register Registers a program so that it has special execution characteristics.
reset session Allows you to reset (delete) a session from the terminal server.
shadow Allows you to monitor or remotely control an active session of another user.
tscon Connects to another existing Terminal Services session.
tsdiscon Disconnects a client from a Terminal Services session.
tskill Terminates a process.
tsprof Copies user configuration and changes profile path.
tsshutdn Shuts down a Terminal Services server.

Citrix CMD Line Utilities:

Command Function
acrcfg Configure autoreconnect settings
altaddr Specify server alternate IP address
app Run application execution shell
apputil Add servers to Configured Servers list for published applications (FR3 Only)
auditlog Generate server logon/logoff reports
change client Change ICA Client device mapping
chfarm Change the server farm membership of the server
clicense Maintain MetaFrame XP licenses
cltprint Set the number of ICA Client printer pipes
ctxxmlss Change the XML Service port number
driveremap Remap the server’s drive letters
dscheck Validate the server farm’s data store’s integrity
dsmaint Configure the server farm’s data store
icaport Configure TCP/IP port number
imaport Change IMA ports
migratetomsde Migrate the server farm’s data store from a Microsoft Access database to an MSDE database (FR3)
mlicense Add multiple MetaFrame licenses to the server farm’s data store
query View information about server farms, processes, servers, ICA sessions, and users
tskill Ends a process.
twconfig Configure ICA display settings
querydc Use this utility to determine the data collector for a given zone
queryds Command-line utility is provided to query the current information on the local zone data collector.
queryhr Use this utility to display information about member servers in the farm.
msghook Execute msghook only if information is requested by a Citrix Technical Support

Windows PowerShell – excellent screencast

Jeff Alexander is perfecting the art of screencasting and his latest adventure with Windows PowerShell is certainly well worth watching. He stole my intro but it’s all good matey. I think in return he needs to tell us where he snagged that cool spinning globe on his desktop.

So what is PowerShell you ask?

I would imagine a lot of you have at least heard of PowerShell. If you aren’t a developer you’ve probably steered clear of it simply because it looks like complex code. Fear not, it isn’t that complex. Here’s the description from microsoft.com:

Microsoft Windows PowerShell command line shell and scripting language helps IT professionals achieve greater control and productivity. Using a new admin-focused scripting language, more than 130 standard command line tools, and consistent syntax and utilities, Windows PowerShell allows IT professionals to more easily control system administration and accelerate automation. Windows PowerShell is easy to adopt, learn, and use, because it works with your existing IT infrastructure and existing script investments, and because it runs on Windows XP, Windows Vista, and Windows Server 2003. Windows PowerShell is now included as part of Windows Server 2008. Exchange Server 2007, System Center Operations Manager 2007, System Center Data Protection Manager V2, and System Center Virtual Machine Manager also leverage Windows PowerShell to improve administrator control, efficiency, and productivity.

Here’s the 20 minute screencast video Jeff created. Jeff demonstrates some really cool tools so stick with him through the entire video. Double click the small window below while playing and it will go full screen. If you want to download the video and watch it offline, right mouse click this link and SAVE AS to your local disk.

For more information on PowerShell, see the website at http://www.microsoft.com/windowsserver2003/technologies/management/powershell/default.mspx.

See the TechNet Script Center at http://www.microsoft.com/technet/scriptcenter/hubs/msh.mspx.

Get PowerShell version 2 (CTP) @ http://www.microsoft.com/downloads/details.aspx?FamilyId=7C8051C2-9BFC-4C81-859D-0864979FA403&displaylang=en.

Original Post Here:

PowerGUI 1.5.1 RTMs

Thay have just posted the newest release of PowerGUI – version 1.5.1 – to the web. As you might guess, it got better, with most of the bugs thay got reported on the community forums fixed , and most feature requests implemented. ;)

A more complete version of what’s new can be found on our version history page .

Both components got:

  • VMware Infrastructure Client integration
  • Support for roaming profiles, as well as Citrix/TS deployments
  • Easier UI localization switch right from the GUI
  • STA mode support

The highlights for the IDE include:

  • Online search for PowerShell scripts
  • Support for multiple runspaces
  • Intellisense now supporting NoteProperties, env:, and function drive
  • Support for signed scripts

Admin console got a lot of improvements for making your powerpacks easier to create and use:

  • Ability to select which parameters get prompted
  • Support for $host.ui.prompt and $host.ui.promptforchoice so you can easily create dialog boxes of your own
  • Updated default PowerPacks
  • Column selection now associated with data type and thus consistent and working for dynamic nodes

Again, the what’s new page has some details and we are out there at the forums waiting for your feedback.

Go ahead and download the latest build ! (Or wait another week or so till we turn the automated upgrade)

Scripts for working with Powershell

Try the Script Center Script Repository;

The Script Repository categorizes sample scripts designed to run on Windows 2000, Windows XP, and Windows Server 2003.

Most of the scripts on this this page were written using VBScript.
New to scripting at all? Take a look at the Getting Started page to learn more about how these scripts work and how to write your own scripts.

Active Directory
Compute Cluster Server
Configuration Manager
Data Protection Manager 2007
Desktop Management
Group Policy
Internet Information Server (IIS)
Messaging and Communication
Microsoft Office
Operating System
Operations Manager
Other Directory Services
Scripting Techniques
Service Packs and Hot Fixes
Services for Unix
Shadow Copy
SMS 2003
SQL Server
Terminal Server
Virtual Server
Windows Update