StorSimple Test-HcsStorageAccountCredential Powershell cmdlet output inaccurate

Test-HcsStorageAccountCredential is a function in the HCS (Hybrid Cloud Storage) PowerShell module.


This module is only available on StorSimple device. The purpose of this function is to test connectivity and authentication to an Azure Storage account or other supported public clouds’ storage containers. This may be needed during device deployment to troubleshoot connectivity issues; specifically Storage Account access.

The cmdlet/function has 3 parameter sets. When using the ‘name’ parameter set, we may see several outputs like:

storsimple-storage3The output above indicates that the Storage Account does not exist, or

storsimple-storage5that the Storage Account is not used by any volume container on this device.

Once a volume container is created to use a newly created Storage Account


The Test-HcsStorageAccountCredential returns a different output:


The above output indicates that the StorSimple device can access the Storage Account successfully. What’s indicative of success here is NOT the ‘HcsErrorMessage: Success’ message. This is considered a success because of the ‘StatusCode: 0‘ message.

Now, if you change the Storage account keys (password portion of the credential needed to access it), the Test-HcsStorageAccountCredential returns output similar to:


The HcsErrorMessage and the HttpMessage above seem to be accurate.

After synchronizing the Storage Account keys with the StorSimple Manager service, deleting the volume container associated with the Storage Account, and deleting the Storage Account, the Test-HcsStorageAccountCredential returns output similar to:


The above message is a bit confusing. I expect to see a message similar to the red error message above indicating that the Storage Account does not exist. ‘HcSErrorMessage: Success’ here is inaccurate. On the bright side, ‘HttpMessage: ResourceNotFound’ is accurate.

In one scenario, where volume container creation fails with error 502, the Test-HcsStorageAccountCredential returns output similar to:


Again, ‘HcSErrorMessage: Success’ here is inaccurate. This particular error ended up being a mis-configured proxy settings on the device where NTLM was specified instead of None and no username/pwd were provided. The proxy was not requiring or using any authentication.

The PowerShell commands to use are:

Get-HCSWebProxy # to view current Proxy settings

Set-HCSWebProxy -ConnectionURI '' -Authentication 
None # to configure the device to use Proxy

Enable-HCSWebProxy # to enable Proxy use


When using the Test-HcsStorageAccountCredential function/cmdlet with the ‘name’  parameter set, any StatusCode value other than 0 indicates failure to connect or/and authenticate to the Storage Account. ‘HcSErrorMessage: Success’ may be inaccurate.


PowerShell function to parse Netstat output and return a PowerShell object

This is a function to parse Netstat -ano output and return a PowerShell object.

This output is similar to that of the Get-NetTCPConnection cmdlet of the NetTCPIP PowerShell module.

To see the built-in help, type in: help Parse-Netstat -Show


(Parse-Netstat | where { $_.Version -eq ‘IPv4’ -and $_.RemoteAddress -ne ‘’ -and $_.LocalPort -eq 5985 } | select RemoteAddress -Unique).RemoteAddress

This example checks for connections where localhost is listening on TCP port 5985 (VMM Agent which uses WBEM WS-Management HTTP), and returns the IP address of the remote host (VMM server). VMM being System Center Virtual Machine Manager. If it returns nothing, this means this machine is not listening on port 5985 (VMM agent not running)



Moving your StorSimple 8k device

You may have the situation where you need to move your StorSimple 8k iSCSI SAN from one physical location to another. Assuming that the move is not so far as to move to another continent or thousands of miles away, the following process is what I recommend for the move:

  • On the file servers that receive iSCSI volumes from this StorSimple device, open Disk Management, and offline all volumes from this StorSimple device
  • (Optional) In the classic portal, under the device/maintenance page, install the latest Software and Firmware update. The reason this unrelated step is here, is to take advantage of the down time window to perform device update. This may take 1-12 hours, and may require access to the device serial interface.
  • Ensure that you have the Device Administrator password. You’ll need that to change the device IP configuration for the new site. If you don’t have it, you can reset it by going into the classic portal, under the device/configuration page.
  • Power down the device by going to the classic portal, under device/maintenance, click Manage Controllers at the bottom, and shutdown Controller0, and repeat to shutdown Controller1storsimple-shutdown
  • After the device is powered down, toggle the power buttons on the back on the PCM’s to the off position. Do the same for the EBOD enclosure if this is an 8600 model device.
  • Move the device to the new location
  • Rack, cable, and power on the device by toggling the power buttons on the back of the PCM modules.
  • In the serial console,
    • Type 1 to login with full access, enter the device Administrator password.
    • Type in Invoke-HCSSetupWizard, enter the new information for data0 interface: IP, mask, gateway, DNS server, NTP server, Proxy information if that’s needed for Internet access in the new site (Proxy URL as, authentication is typically T for NTLM, Proxy username and password if needed by your Proxy – Proxy must be v1.1 compliant)
  • Back in the classic portal, you should see your device back online, go to the device/configuration page, update any settings as needed such as controller0 and controller1 fixed IPs, and iSCSI interface configuration if that has changed.
  • If the same file servers have moved with the StorSimple device,
    • Bring online the file servers, change IP configuration as needed
    • Verify iSCSI connectivity to the StorSimple device
    • Verify iSCSI initiator configuration
    • Online the iSCSI volumes
    • Test file access

StorSimple 8k series software version reference

This post lists StorSimple software versions, their release dates, and major new features for reference. Microsoft does not publish release dates for StorSimple updates. The release dates below are from published documentation and/or first hand experience. They may be off by up to 15 days.

  • Version 3.0 (17759) – released 6 September 2016 – see release notes, and this post.
    • Major new features: The use of a StorSimple as a backup target (9/9/2016 it’s unclear what that means)
  • Version 2.2 (17708) – see release notes
  • Version 2.1 (17705) – see release notes
  • Version 2.0 (17673) – released January 2016 – see release notes, this post, and this post
    • Major new features: Locally pinned volumes, new virtual device 8020 (64TB SSD), ‘proactive support’, OVA (preview)
  • Version 1.2 (17584) – released November 2015 – see release notesthis post, and this post
    • Major new features: (Azure-side) Migration from legacy 5k/7k devices to 8k devices, support for Azure US GOV, support for cloud storage from other public clouds as AWS/HP/OpenStack, update to latest API (this should allow us to manage the device in the new portal, yet this has not happened as of 9/9/2016)
  • Version 1.1 (17521) – released October 2015 – see release notes
  • Version 1.0 (17491) – released 15 September 2015 – see release notes and this post
  • Version 0.3 (remains 17361) – released February 2015 – see release notes
  • Version 0.2 (17361) – released January 2015 – see release notes and this post
  • Version 0.1 (17312) – released October 2014 – see release notes
  • Version GA (General Availability – 0.0 – Kernel 6.3.9600.17215) – released July 2014 – see release notes – This is the first Windows OS based StorSimple software after Microsoft’s acquisition of StorSimple company.
  • As Microsoft acquired StorSimple company, StorSimple 5k/7k series ran Linux OS based StorSimple software version – August 2012

StorSimple Software update 3.0 (17759)

This post describes one experience of updating StorSimple 8100 series device from version 0.2 (17361) to current  (8 September 2016) version 3.0 (17759). It’s worth noting that:

  • StorSimple 8k series devices that shipped in mid 2015 came with software version 0.2
  • Typically, the device checks periodically for updates and when updates are found a note similar to this image is shown in the device/maintenance page: storsimple3-03
  • The device admin then picks the time when to deploy the updates, by clicking INSTALL UPDATES link. This kicks off an update job, which may take several hoursstorsimple3-01
  • This update method is known as updating StorSimple device using the classic Azure portal, as opposed to updating the StorSimple device using the serial interface by deploying the update as a hotfix.
  • Released updates may not show up, in spite of scanning for updates manually several times: storsimple3-04
    The image above was taken on 9 September 2016 (update 3.0 is the latest at this time). It shows that no updates are available even after scanning for updates several times. The reason is that Microsoft deploys updates in a ‘phased rollout’, so they’re not available in all regions at all times.
  • Updates are cumulative. This means for a device running version 0.2 for example, we upgrade directly to 3.0 without the need to manually upgdate to any intermediary version first.
  • An update may include one or both of the following 2 types:
    • Software updates: This is an update of the core 2012 R2 server OS that’s running on the device. Microsoft identifies this type as a non intrusive update. It can be deployed while the device is in production, and should not affect mounted iSCSI volumes. Under the covers, the device controller0 and controller1 are 2 nodes in a traditional Microsoft failover cluster. The device uses the traditional Cluster Aware Update to update the 2 controllers. It updates and reboots the passive controller first, fails over the device (iSCSI target and other clustered roles) from one controller to the other, then updates and reboots the second controller. Again this should be a no-down-time process.
    • Maintenance mode updates: These are updates to shared components in the device that require down time. Typically we see LSI SAS controller updates and disk firmware updates in this category. Maintenance mode updates must be done from the serial interface console (not Azure web interface or PowerShell interface). The typical down time for a maintenance mode update is about 30 minutes, although I would schedule a 2 hour window to be safe. The maintenance mode update steps are:
      • On the file servers, offline all iSCSI volumes provisioned from this device.
      • Log in to the device serial interface with full access
      • Put the device in Maintenance mode: Enter-HcsMaintenanceMode, wait for the device to reboot
      • Identify available updates: Get-HcsUpdateAvailability, this should show available Maintenance mode updates (TRUE)
      • Start the update: Start-HcsUpdate
      • Monitor the update: Get-HcsUpdateStatus
      • When finished, exit maintenance mode: Exit-HcsMaintenanceMode, and wait for the device to reboot.


Powershell script to read column from CSV file, excluding one or more values

This script will read the input CSV file, and look for a column name as entered in either the -Column or -Alias parameters. If column is found, the script will read all the values in that column, exclude any values passed in the -ExcludeValue parameter, and return all remaining values.

Read-CSV -FileName ‘.\MigrationData-1.csv’ -Column ‘user’ -Verbose
This example reads and returns all values in column ‘user’


$UserList = Read-CSV -FileName ‘.\MigrationData-1.csv’ -Column ‘user’ -ExcludeValue ‘none’,’N/a’ -Verbose
This example reads and returns all values in column ‘user’, excluding the values ‘none and ‘n/a’ (not case sensitive), and stores the read user names in the $UserList variable


$UserList = Read-CSV -FileName ‘.\MigrationData-1.csv’ -Column ‘samAccountName’ -Alias ‘user’,’users’,’username’ -ExcludeValue ‘none’,’N/a’ -Verbose
This example reads the input CSV file, looks for a column named ‘samAccountName’,’user’,’users’,or ‘username’, and returns all values in the found column if any, excluding the values ‘none and ‘n/a’ (not case sensitive), and stores the read user names in the $UserList variable.


Powershell script to validate if a folder exists, creates it if not, creates subfolders if needed

This function will  validate that a folder exists, and creates the folder if missing.

If the -NoCreate switch is used the function will not create a missing folder

The function will create missing subfolders as well

The parameter -FolderName can be local like ‘c:\folder 1\folder 2’ or UNC path like ‘\\server\share\folder 1\folder 2’

The -NoCreate switch insructs the function to NOT create the folder if missing

The function returns a TRUE/FALSE value. The function returns TRUE if:

  • The folder exists
  • The folder did not exist but was created by the function

The function will return FALSE if:

  • The folder doesn’t exist and the -NoCreate switch is used
  • The folder doesn’t exist and the function failed to create it

The function will create the folder tree if it does not exist. For example, if c:\sandbox has no subfolders and we run the cmdlet:

Validate-Folder f1\22\33\44\55\66\77\88 -Verbose

It will create the folders:

  • c:\sandbox\f1 and
  • c:\sandbox\f1\22 and
  • c:\sandbox\f1\22\33 and
  • c:\sandbox\f1\22\33\44 and
  • c:\sandbox\f1\22\33\44\55 and
  • c:\sandbox\f1\22\33\44\55\66 and
  • c:\sandbox\f1\22\33\44\55\66\77 and
  • c:\sandbox\f1\22\33\44\55\66\77\88



Validate-Folder -FolderName c:\folder1
This example checks if folder c:\folder1 exists, creates it if not,
returns TRUE if exists or created, returns FALSE if failed to create missing folder

Validate-Folder -FolderName ‘c:\folder 2’ -NoCreate
This example checks if ‘c:\folder 2’ exists, return TRUE if it does, FALSE if it doesn’t

if (Validate-Folder ‘c:\folder 1\sub 2’) { ‘hi’ | Out-File ‘c:\folder 1\sub 2\file.txt’ }
This example checks if folder ‘c:\folder 1\sub 2’ exists,
creates it if it doesn’t,
creates file ‘c:\folder 1\sub 2\file.txt’, and
writes ‘hi’ to it

@(‘c:\folder1′,’\\server\share\folder 4’) | % { Validate-Folder $_ -Verbose }
This example validates if the folders in the input array exist, creates them if they don’t


Powershell script to provide a PS Credential object, saving password securely

Have you ever been in the situation where you need to execute a cmdlet like

Disable-ADAccount -Identity ‘Someone’ -Server ‘MyDomainController’ 

To disable a user account, but it fails because your account does not have permission to disable users?

You can use another account that have permissions to disable users by using the -Credential parameter of the Disable-ADAccount cmdlet as in

Disable-ADAccount -Identity ‘Someone’ -Server ‘MyDomainController’ -Credential (Get-Credential)

The Get-Credential cmdlet prompts for a user name and password, which is fine if ypu need to run it once or a few times. However, we often come across situation where we need to use several credentials to automate tasks in Active Directory, Exchange, SharePoint,… You will rarely have a single account that has permission to do all these tasks, or across multiple directories. In an automation script, the Get-SBCredntial function can make this easy.

Here’s an example:

$SourceADCred = Get-SBCredential 'domain1\MyADAdmin'
$TargetADCred = Get-SBCredential 'domain2\MyADAdmin'
$ExCred = Get-SBCredential 'domain1\MyExchangeAdmin'
Disable-ADAccount -Identity 'Someone' -Server 'MyDomainController1' -Credential $SourceADCred
Disable-ADAccount -Identity 'Sometwo' -Server 'MyDomainController2' -Credential $TargetADCred
Get-Mailbox -Identity '' -Credential $ExCred




Powershell script to list StorSimple network interface information including MAC addresses

In many cases we can obtain the IP address of a network interface via one command but get the MAC address from another command. StorSimple 8k series which runs a core version of server 2012 R2 (as of 20 June 2016) is no exception. In this case we can get the IP address information of the device network interfaces via the Get-HCSNetInterface cmdlet. However, to identify MAC addresses we need to use the Get-NetAdapter cmdlet. This Powershell script merges the information from both cmdlets presenting a PS Object collection, each of which has the following properties:

  • InterfaceName
  • IPv4Address
  • IPv4Netmask
  • IPv4Gateway
  • MACAddress
  • IsEnabled
  • IsCloudEnabled
  • IsiSCSIEnabled

Script output may look like:


For more information about connecting to StorSimple via PowerShell see this post.