Posts tagged “Powershell

Azure Automation – getting started


Azure Automation allows Azure administrators to run PowerShell and other scripts against an Azure subscription. They provide several benefits versus running the same scripts from the user desktop computer including:

  • Scripts run in Azure and are not dependent on the end-user desktop
  • Scripts are highly available by design.
  • Scheduling is a built-in feature
  • Authentication is streamlined for both classic ASM and current ARM resources

To get started with Azure Automation;

  1. Create an Azure Automation account
  2. Install needed PowerShell modules
  3. Create, run, test, schedule scripts

Create an Azure Automation account

In the current portal, Create Resource > Monitoring and Management > Automation > Create

In the ‘Add Automation Account’ blade enter/select a name for the Automation Account, Azure Subscription, Resource Group, and Azure Location

Azure will take a few minutes to create the automation account and associated objects.

We can now run scripts against the Azure subscription selected above. Here are some examples:

Create a test script

In the Automation Account blade, click Runbooks

Click ‘Add a runbook’ link on the top to create a new runbook of type PowerShell

Azure creates the runbook/script, and opens the ‘Edit PowerShell Runbook’ blade

Type in the desired command, click Save, then ‘Test pane’

In the ‘Test’ blade, click ‘Start’. Azure will queue and execute the script

Notes:

  • This is not like the PowerShell ISE. There’s no auto-completion for one thing.
  • If Azure comes across a bad command, it will try to execute THE ENTIRE SCRIPT repeatedly, and is likely to get stuck.
  • This shell does not support user interaction. So, any cmdlet that would typically require a user confirmation/interaction of any type will fail. For example, Install-Module cmdlet will fail since it requires user approval/interaction to install PowerShellGet.

Install needed modules

To see available modules click ‘Modules’ in the Automation Account blade

Click ‘Browse Gallery’ on top and search for the desired module

These modules come for the Microsoft PowerShell Gallery.

Click on the desired module, view its functions, and click Import to import it to this automation shell

Now that the module is imported, we can use it in scripting in this particular automation shell:

 

 

Advertisements

Expand-Json cmdlet to expand custom PowerShell object in a more readable format added to AZSBTools PowerShell module


Microsoft Azure REST API version 2 (ARM – Azure Resource Manager) takes input request body and returns output in JSON format. Consequently, Azure PowerShell cmdelts and Azure CLI tend to use similar JSON objects for input, also known as ARM Templates.

For example, using this PowerShell cmdlet:

Get-AzureRmResource -ResourceId /subscriptions/xxxxx/resourceGroups

where xxxxx is your Azure subscription Id, may return output similar to:

Name : prod-mgt
ResourceId : /subscriptions/xxxxx/resourceGroups/prod-mgt
ResourceGroupName : prod-mgt
Location : eastus
SubscriptionId : xxxxx
Properties : @{provisioningState=Succeeded}

Name : TestAuto1
ResourceId : /subscriptions/xxxxx/resourceGroups/TestAuto1
ResourceGroupName : TestAuto1
Location : westeurope
SubscriptionId : xxxxx
Properties : @{provisioningState=Succeeded}

What the PowerShell cmdlet did is to send a GET request to the Azure Management API that looks partially like:

https://management.azure.com/subscriptions/xxxxx/resourceGroups?api-version=2014-04-01

Which returned JSON output similar to:

{
  "value": [
    {
      "id": "/subscriptions/xxxxx/resourceGroups/prod-mgt",
      "name": "prod-mgt",
      "location": "eastus",
      "properties": {
        "provisioningState": "Succeeded"
      }
    },
    {
      "id": "/subscriptions/xxxxx/resourceGroups/TestAuto1",
      "name": TestAuto1
      "location": "westeurope",
      "properties": {
        "provisioningState": "Succeeded"
      }
    }
  ]
}

In the course of working with Azure ARM templates, such as this template to create a Storage Account:

{
  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "storageAccountType": {
      "type": "string",
      "defaultValue": "Standard_LRS",
      "allowedValues": [
        "Standard_LRS",
        "Standard_GRS",
        "Standard_ZRS",
        "Premium_LRS"
      ],
     "metadata": {
       "description": "Storage Account type"
     }
   }
  },
  "variables": {
    "storageAccountName": "[concat(uniquestring(resourceGroup().id), 'standardsa')]"
  },
  "resources": [
    {
      "type": "Microsoft.Storage/storageAccounts",
      "name": "[variables('storageAccountName')]",
      "apiVersion": "2016-01-01",
      "location": "[resourceGroup().location]",
      "sku": {
        "name": "[parameters('storageAccountType')]"
      },
      "kind": "Storage", 
      "properties": {
      }
    }
  ],
  "outputs": {
    "storageAccountName": {
      "type": "string",
      "value": "[variables('storageAccountName')]"
    }
  }
}

It may not be very clear what are the objects in the template and their hierarchy. Using the ConvertFrom-Json cmdlet of the Microsoft.PowerShell.Utility module produces a PS custom object with display similar to:

Get-Content E:\Scripts\ARMTemplates\Storage1.json | ConvertFrom-Json

$schema : https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#
contentVersion : 1.0.0.0
parameters : @{storageAccountType=}
variables : @{storageAccountName=[concat(uniquestring(resourceGroup().id), ‘standardsa’)]}
resources : {@{type=Microsoft.Storage/storageAccounts; name=[variables(‘storageAccountName’)]; apiVersion=2016-01-01; location=[resourceGroup().location]; sku=; kind=Storage; properties=}}
outputs : @{storageAccountName=}

This is better but it doesn’t show some of the information in the source JSON file/ARM template. The new Expand-Json cmdlet further expands the ConvertFrom-Json output:

Get-Content E:\Scripts\ARMTemplates\Storage1.json | ConvertFrom-Json | Expand-JSON


To use the AZSBTools PowerShell module which is available in the PowerShell Gallery, you need PowerShell 5. To view your PowerShell version, in an elevated PowerShell ISE window type

$PSVersionTable

To download and install the latest version of AZSBTools from the PowerShell Gallery and its dependencies, type

Install-Module POSH-SSH,SB-Tools,AZSBTools,AzureRM -Force

AZSBTools contains functions that depend on POSH-SSH, SB-Tools, and AzureRM modules, and they’re typically installed together.

To load the POSH-SSH, SB-Tools, AZSBTools, and AzureRM modules type:

Import-Module POSH-SSH,SB-Tools,AZSBTools,AzureRM -DisableNameChecking

To view a list of cmdlets/functions in SB-Tools, type

Get-Command -Module AZSBTools

To view the built-in help of one of the AZSBTools functions/cmdlets, type

help <function/cmdlet name> -show

such as

help New-SBAZServicePrincipal -show


New-SBAZServicePrincipal cmdlet to create new Azure AD Service Principal added to AZSBTools PowerShell module


For the use case of running PowerShell scripts that perform tasks on objects in an Azure subscription, we need to be able to run such scripts under a user context other than the script author which is what typically happens during script development. A Service Principal is an Azure AD user intended for this purpose. The New-SBAZServicePrincipal function automates and simplifies the process of creating an Azure Service principal.

Parameters

The New-SBAZServicePrincipal function takes the following parameters

ServicePrincipalName

This parameter accepts one or more Service Principal names

Environment

This parameter accepts a value that represents which Azure cloud to create the SPN in. This parameter default to Azure Commercial cloud. As of 15 March 2018 that list is:

  • AzureCloud
  • AzureUSGovernment
  • AzureChinaCloud
  • AzureGermanCloud

To see the current list, use: (Get-AzureRMEnvironment).Name

Role

This parameter is used to assign Role/Permissions for the Service Principal in the current subscription.
The default value is ‘Owner’ role.
As of 16 March 2018 the following default roles are defined:
API Management Service Contributor
Application Insights Component Contributor
Automation Operator
BizTalk Contributor
Classic Network Contributor
Classic Storage Account Contributor
Classic Storage Account Key Operator Service Role
Classic Virtual Machine Contributor
ClearDB MySQL DB Contributor
Contributor
Cosmos DB Account Reader Role
Data Factory Contributor
Data Lake Analytics Developer
DevTest Labs User
DNS Zone Contributor
DocumentDB Account Contributor
Intelligent Systems Account Contributor
Log Analytics Contributor
Log Analytics Reader
Network Contributor
New Relic APM Account Contributor
Owner
Reader
Redis Cache Contributor
Scheduler Job Collections Contributor
Search Service Contributor
Security Manager
SQL DB Contributor
SQL Security Manager
SQL Server Contributor
Storage Account Contributor
Storage Account Key Operator Service Role
Traffic Manager Contributor
User Access Administrator
Virtual Machine Contributor
Web Plan Contributor
Website Contributor
For more details on roles, type in:

Get-AzureRmRoleDefinition | select name,description,actions | Out-GridView

Output

The New-SBAZServicePrincipal function returns a PS Object for each input Service Principal Name containing the following properties:
ServicePrincipalName
TenantId
Environment
Role

Details

The New-SBAZServicePrincipal function performs the following tasks for each provided Service Principal name:

  1. Create/Validate Azure AD App. The Azure AD App is required to create a Service Principal. It carries the same name and has an initial URL matching the same name as well
  2. Create/Validate Azure AD Service Principal. The user is prompted to enter the desired password for the SPN. The password is encrypted and saved in the user’s temp folder for use with future automations
  3. Assign the provided Role to the SPN for the current subscription. By default this is the ‘Owner’ role. This allows the created SPN to perform all tasks against the current subscription.

Registered Apps can be also viewed in the Azure portal under Azure Active Directory/App Registrations blade:

Example

$SPList = New-SBAZServicePrincipal -ServicePrincipalName PowerShell01,samtest1

This example creates 2 Service Prinsipals; PowerShell01 and samtest1 in the default Azure Commercial cloud, and assigns them the default Owner Role in the current subscription.

The New-SBAZServicePrincipal function first pops the Azure login Window to identify which subscription to use:

This function has been tested with both Azure Commercial and Azure US GOV clouds.

Next enter the desired password for each of the 2 provided Service Principals:

The function saves the encrypted password to the user temp folder for future use/automation.

It also display console output similar to:

The Service Principals can be used now to run other PowerShell scripts

The newly registered/validated Apps can also be viewed from the Azure Portal


To use the AZSBTools PowerShell module which is available in the PowerShell Gallery, you need PowerShell 5. To view your PowerShell version, in an elevated PowerShell ISE window type

$PSVersionTable

To download and install the latest version of AZSBTools from the PowerShell Gallery and its dependencies, type

Install-Module POSH-SSH,SB-Tools,AZSBTools,AzureRM -Force

AZSBTools contains functions that depend on POSH-SSH, SB-Tools, and AzureRM modules, and they’re typically installed together.

To load the POSH-SSH, SB-Tools, AZSBTools, and AzureRM modules type:

Import-Module POSH-SSH,SB-Tools,AZSBTools,AzureRM -DisableNameChecking

To view a list of cmdlets/functions in SB-Tools, type

Get-Command -Module AZSBTools

To view the built-in help of one of the AZSBTools functions/cmdlets, type

help <function/cmdlet name> -show

such as

help New-SBAZServicePrincipal -show


Practical guide to PowerShell Arrays


Microsoft defines Arrays in PowerShell as ‘data structures designed to store collections of items’. This posting will go over practical aspects of arrays in PowerShell 5.1

An array is a data structure that holds an ordered list of items.

Array items are not unique (can have duplicates)

Array items are referred to as elements. Although array elements can be of different data types, in most practical use cases, they’re all of the same type.

Referencing array elements

Array elements are referred to by their order in the array where the first element in the array is order #0. They follow the array variable enclosed in square brackets [ ] as in:

In this example, $b[2] refers to the third element of the array which has the value of 4

The last element in an array is number -1, the element before last is -2, the 2nd element from the end is -3, …

We can reference more than one element of an array by using the comma (,), the range operator (..), or the plus sign (+)

In this array $c we have 10 random numbers each is between 0 and 9:

The comma ‘,’ is used to separate multiple array elements. For example to reference the 3rd and 6th elements of the array we use $c[2,5] and we expect to get 1 and 4 values in this example.

The range operator ‘..’ is used to get a sequential range of elements. To get elements 4 through 7 we can use $c[3..6]

The range operator circles the array boundary. For example, $c[-2..2] will list the element before last [-2], the last element [-1], the first element [0], the second element [1], and the third element [2] in this order

Although not very practical, you can mix individual elements and ranges when referencing array elements. Ranges are to be preceded by the plus sign (+). Individual elements are to be preceded by the comma (,) except after a range where they must be preceded by the plus sign (+) as well:

What we see often in practical use of arrays:

  • Referencing one or more array elements separated by commas as $c[1,4,6]
  • Referencing a sequential range of array elements as $c[3..5]
  • Referencing the last array element $c[-1]
  • We often don’t know how many elements an array has. We can find that out by using $c.Count or $c.Length or $c.GetUpperBound(0)+1 or $c.GetLength(0). In our example, array $c has 10 elements.

Declaring a variable as an array

There are several ways to declare an array. The standard/default way is to let PowerShell figure it out.

In this example, PowerShell figured out that $d should be an array based on the data that we’re trying to store in it.

We can specify that by using the array sub-expression operator @(). This is particularly useful when we want to make sure a variable is an array

Take this practical example:

Get-Service Win* | foreach {
    if ($PSItem.Status -eq 'Running') { $myList +=$PSItem }
}
$myList

We get errors on the last 3 cycles of this 4 cycle iteration:

The reason is that on cycle 1 of this 4 cycle iteration, PowerShell auto-declared the variable $myList as a ‘System.ComponentModel.Component’ which is the object returned from the Get-Service cmdlet. We actually want $myList to be an array of such objects that can hold 0, 1, or more items. There are 2 ways to do this:

  1. Declare $myList as an array upfront using the array sub-expression operator @()

    or
  2. Assign the resulting collection of the 4 cycle loop in one step instead of assigning each found value at the end of the if statement

The third way to declare an array is to type cast it. This only works in cases where all elements of the array are of the same data type. For example:

or

Here $myIPList is an array of objects, each is of data type ‘System.Net.IPAddress’

Removing array duplicates

Removing array duplicates is a simple matter of using ‘select -unique‘ as in:

Finding one or more values in an array

Finding a single value is a simple matter of using -match or -eq operators. For example:

In this example, the 8th and 10th elements have the value 3

Finding elements in array $a that also exist in array $b (AKA intersection of arrays $a and $b) can be done using ‘where’ statement and -in operator

This method produces the same result if the array elements are unique and sorted as in:

($d | select -Unique | where { $PSItem -in ($c | select -Unique) } | sort ) -join ', '
($c | select -Unique | where { $PSItem -in ($d | select -Unique) } | sort ) -join ', '

Adding/Removing array elements

Most arrays are of fixed length, which means the .add(), .remove(), .RemoveAt(), and the .Insert() array methods will fail.

To add element to an array, we recreate/reassign values to the array. For example, to add value 17 at the end of the $c array:

This makes 17 the 11th element of the $c array

To insert 17 as the 3rd element of the $c array we rebuild $c as in:

$c = $c[0,1] + 17 + $c[2..9]

This inserts 17 value as the 3rd element in the $c array

To remove a value from an array we can use the -notmatch operator. Note that this will remove all values that match. For example this removes the 17 value:

$c = $c -notmatch 17 

This example removes all 3 values:

$c = $c -notmatch 3

Whereas this example removes the first 3 value only:

$c = 0..($c.Length-1) | foreach { if ($PSItem -ne $c.IndexOf(3)) { $c[$PSItem] } }

This example uses the array object .IndexOf() method to determine the first occurrence of the element with the 3 value. It then loops through the array elements using foreach and compiles a new array skipping the 8th element identified by $c.IndexOf(3), and reassigns this new array to variable $c

To remove the 4th and 8th array elements for example regardless of their values, we use an expression similar to:

$c = 0..($c.Length-1) | foreach { if ($PSItem -notin 3,7) { $c[$PSItem] } }

Multi-dimensional arrays

Multi-dimensional arrays are rarely used and can be constructed using .NET as in:

$2D = [int[,]]::new(3,4)

This creates a 2 dimensional array. The first dimension 0 is 3 elements long, numbered 0..2 and the second dimension 1 is 4 elements long numbered 0..3

This sample code shows how to identify the count of array dimensions and the length of each dimension:

$2D = [int[,]]::new(3,4)
"2D is of type '$($2D.GetType().BaseType)'"
"It has '$($2D.Rank)' dimensions"
1..$2D.Rank | foreach { "Dimension '$($PSItem-1)' has '$($2D.GetUpperBound($PSItem-1))' elements" }

This example shows how to populate and reference multi-dimensional arrays:

"Example populating and referencing 2D:"
$i = 0
foreach ($Dim1 in 0..$2D.GetUpperBound(0)) { 
    foreach ($Dim2 in 0..$2D.GetUpperBound(1)) {
       $2D[$Dim1,$Dim2] = $i
       $i++
    }
}
foreach ($Dim1 in 0..$2D.GetUpperBound(0)) { 
    foreach ($Dim2 in 0..$2D.GetUpperBound(1)) {
       "2D[$Dim1,$Dim2] = $($2D[$Dim1,$Dim2])"
    }
}

 


Get-WindowsOpenPorts and Get-LinuxOpenPorts functions


Get-WindowsOpenPorts and Get-LinuxOpenPorts are 2 functions of the SB-Tools PowerShell module which is available in the PowerShell Gallery. These are not port scanners.

Get-WindowsOpenPorts

This function returns an array of PS object, one for each open port on the target Windows computer. Each object has the following properties:

  • ComputerName: String, such as myPC.mydomain.com
  • Layer3Protocol: String, such as IPv4 or IPv6
  • Layer4Protocol: String, such as TCP or UDP
  • LocalAddress: System.Net.IPAddress, such as 10.11.12.13
  • LocalPort: Int32, such as 80 or 139
  • State: String, such as LISTENING

for example:

$Session = New-PSSession -ComputerName abc3.xyz.klm.com -Credential (Get-SBCredential xyz\myuser) 
$WinPorts = Get-WindowsOpenPorts -Session $Session 
$WinPorts | Format-Table -AutoSize

This cmdlet/function takes a required parameter ‘Session’, which is of type ‘System.Management.Automation.Runspaces.PSSession’ that can be obtained via New-PSSession cmdlet of the ‘Microsoft.PowerShell.Core’ module.

It also takes 2 optional parameters that serve to filter its output:

-Layer3 parameter takes either ‘IPv4’ or ‘IPv6’ values or both, and will output only the records that match this criteria

-Layer4 parameter takes either ‘TCP’ or ‘UDP’ values or both, and will output only the records that match this criteria

By default, this cmdlet will filter on IPv4/TCP only.

This cmdlet uses the IPGlobalProperties.GetActiveTcpListeners() method of the System.Net.NetworkInformation.IPGlobalProperties class. It also parses netstat command output to obtain the Layer4Protocol and State properties.

Get-LinuxOpenPorts

Similarly, this function returns an array of PS object, one for each open port on the target Linux computer. Each object has the following properties:

  • ComputerName: String, such as myPC.mydomain.com
  • LocalAddress: String, such as 10.11.12.13, or ::1 (IPv6)
  • LocalPort: Int, such as 80 or 139
  • Process: String
  • Protocol: String, such as TCP, UDP, TCP6, UDP6, or RAW6
  • RemoteAddress: String, such as 11.12.13.14, or 0.0.0.0, or ::
  • RemotePort: String, such as 389 or *
  • State: String, such as LISTEN, ESTABLISHED, CLOSE_WAIT, TIME_WAIT, or LAST_ACK

for example:

$Session = New-SSHSession -ComputerName abc10.xyz.klm.com -Credential (Get-SBCredential myuser) -AcceptKey
$LinuxPorts = Get-LinuxOpenPorts -Session $Session -Verbose
$LinuxPorts | Format-Table -AutoSize

This cmdlet/function takes a required parameter ‘Session’, which is of type ‘SSH.SshSession’ that can be obtained via New-SSHSession cmdlet of the ‘POSH-SSH’ module.

It also takes 1 optional parameter that serves to filter its output:

-Protocol parameter takes one or more of the following values: TCP, UDP, TCP6, UDP6, RAW6, ALL, and will output only the records that match this criteria

By default, this cmdlet will filter on ‘ALL’

This command invokes ‘netstat -anp’ on the provided Linux host and parses its output to produce the resulting PS objects.


To use the SB-Tools PowerShell module which is available in the PowerShell Gallery, you need PowerShell 5. To view your PowerShell version, in an elevated PowerShell ISE window type

$PSVersionTable

To download and install the latest version of SB-Tools from the PowerShell Gallery, type

Install-Module SB-Tools,POSH-SSH -Force

SB-Tools contains functions that depend on POSH-SSH module, and they’re typically installed together.

To load the SB-Tools and POSH-SSH modules type:

Import-Module SB-Tools,POSH-SSH -DisableNameChecking

To view a list of cmdlets/functions in SB-Tools, type

Get-Command -Module SB-Tools

To view the built-in help of one of the SB-Tools functions/cmdlets, type

help <function/cmdlet name> -show

such as

help Convert-IpAddressToMaskLength -show


Validate-WindowsCredential and Validate-LinuxCredential PowerShell functions


In the course of automation, you might need to validate credentials that a script would use to perform a set of complex tasks before the script is run. The Validate-WindowsCredential and Validate-LinuxCredential PowerShell functions are two of the latest additions to the SB-Tools PowerShell module that simplify this task.

Validate-WindowsCredential

The Validate-WindowsCredential function/cmdlet takes 2 parameters:

  1. ‘Credential’ which is a PSCredential object that can be obtained from the Get-Credential cmdlet of the Microsoft.PowerShell.Security, or the Get-SBCredential function of the SB-Tools PS module.
  2. ‘Session’ which is a PSSession object that can be obtained via the New-PSSession cmdlet of the Microsoft.PowerShell.Core

A simple example may look like:

$Session = New-PSSession -ComputerName test-vm0116.test.domain.com -Credential (Get-SBCredential 'test\superuser')
Validate-WindowsCredential -Credential (Get-SBCredential '.\administrator') -Session $Session

The function returns TRUE if the provided credential (name/password set) was able to successfully authenticate in the provided remote PowerShell session, or FALSE if authentication fails.

The function can validate local accounts presented in the format ‘.\username’ or domain accounts presented in the format ‘domain\username’

The Validate-WindowsCredential function relies on the ValidateCredentials() method of the DirectoryServices.AccountManagement.PrincipalContext class

Validate-LinuxCredential

The Validate-LinuxCredential function/cmdlet is similar to the Validate-WindowsCredential function/cmdlet in that it takes the same 2 parameters:

  1. ‘Credential’ which is the same PSCredential object as before.
  2. ‘Session’ which is an SSH.SshSession object that can be obtained via the New-SSHSession cmdlet of the POSH-SSH PS module

A simple use example would look like:

$Session = New-SSHSession -ComputerName test-vm0112.test.domain.com -Credential (Get-SBCredential 'opsuser') -AcceptKey
Validate-LinuxCredential -Credential (Get-SBCredential 'root') -Session $Session

Similarly, TRUE is returned if authentication is successful or FALSE if authentication fails.

It also displays additional information to the console such as the account hash.

Unlike the Validate-WindowsCredential cmdlet, the Validate-LinuxCredential cmdlet relies on reading and parsing the /etc/shadow file that has the hashes of user accounts of this Linux machine. The current revision of the cmdlet is designed to validate MD5 hashed accounts only. A possible enhancement is to add functionality to validate accounts hashed with other algorithms such as Blowfish and SHA


To use the SB-Tools PowerShell module which is available in the PowerShell Gallery, you need PowerShell 5. To view your PowerShell version, in an elevated PowerShell ISE window type

$PSVersionTable

To download and install the latest version of SB-Tools from the PowerShell Gallery, type

Install-Module SB-Tools,POSH-SSH -Force

SB-Tools contains functions that depend on POSH-SSH module, and they’re typically installed together.

To load the SB-Tools and POSH-SSH modules type:

Import-Module SB-Tools,POSH-SSH -DisableNameChecking

To view a list of cmdlets/functions in SB-Tools, type

Get-Command -Module SB-Tools

To view the built-in help of one of the SB-Tools functions/cmdlets, type

help <function/cmdlet name> -show

such as

help Convert-IpAddressToMaskLength -show


Export-SessionCommand function to export PS script commands to remote PS session


Have you been in the situation where you’re in a PS session trying to run commands against one or more remote computers using PowerShell Remoting sessions? You may have PS modules and cmdlets in the current PS session that are not available in the remote session(s). This function will allow you to export local PS session commands to remote PS sessions. The native Export-PSSession cmdlet seems to do the opposite – bringing remote session cmdlets to local PS session.

Export-SessionCommand PowerShell function is part of the SB-Tools PowerShell module. This function takes one or more Powershell script functions/commands from current session and exports them to a remote PS session. This function will ignore and not export binary functions.  Exported functions will persist on the remote computer for the user profile used with the PS remote session.

The function takes the following parameters:

Command

This is a required parameter. This is one or more script commands available in the current PS session. For example Update-SmbMultichannelConnection cmdlet/function of the SmbShare PS module.
To see available script commands, you can use:

Get-Command | ? { $_.CommandType -eq 'function' }

ModuleName

This is an optional parameter that defaults to ‘SBjr’ if not provided. This is the name of the module that this function will create on the remote computer under the user profile of the remote PS session. This will over-write prior existing module with the same name.

Session

System.Management.Automation.Runspaces.PSSession object usually obtained by using New-PSSession cmdlet

Example

$Session = New-PSSession -ComputerName 'Mycomp.MyDomain.com' -Credential (Get-SBCredential -UserName 'domain\user')

Export-SessionCommand get-saervice,get-sbdisk,bla,get-bitlockerstatus,get-service -Session $Session -Verbose


To use the SB-Tools PowerShell module which is available in the PowerShell Gallery, you need PowerShell 5. To view your PowerShell version, in an elevated PowerShell ISE window type

$PSVersionTable

To download and install the latest version of SB-Tools from the PowerShell Gallery, type

Install-Module SB-Tools,POSH-SSH -Force

SB-Tools contains functions that depend on POSH-SSH module, and they’re typically installed together.

To load the SB-Tools and POSH-SSH modules type:

Import-Module SB-Tools,POSH-SSH -DisableNameChecking

To view a list of cmdlets/functions in SB-Tools, type

Get-Command -Module SB-Tools

To view the built-in help of one of the SB-Tools functions/cmdlets, type

help <function/cmdlet name> -show

such as

help Convert-IpAddressToMaskLength -show


Get-SBWMI function to query WMI with Timeout option


29 September 2017 update:

I’ve added an additional parameter to allow passing a PSCredential object to this function/cmdlet. This is helpful when the user running the script/cmdlet does not have permissions on the target computer. Another enhancement in this update to to trap errors resulting from failure to WMI connect to the target computer like in case of ‘Access Denied’, or ‘RPC Server not available’ errors.


Get-SBWMI PowerShell function is part of the SB-Tools PowerShell module. It provides similar functionality to the native Get-WMIObject cmdlet with added option: Timeout.

The function takes 1 required parameter; ‘Class’. For example

Get-SBWMI Win32_computerSystem

will return output similar to:

It also accepts the following optional parameters:

Property

Property name of the provided ‘Class’ such as ‘NumberofLogicalProcessors’ property of the ‘Win32_computerSystem’ class:

Get-SBWMI Win32_computerSystem -Property NumberofLogicalProcessors

Filter

In the format Property=Value such as ‘DriveLetter=e:’

Get-SBWMI -Class Win32_Volume -Filter 'DriveLetter=e:'

ComputerName

Remote computer name or IP address

Get-SBWMI Win32_computersystem -ComputerName mgmt

NameSpace

The default is ‘root\cimv2’. To see name spaces type:

(Get-WmiObject -Namespace 'root' -Class '__Namespace').Name

TimeOut

In seconds. The default is 20.

This is a particularly helpful option especially if you’re in the situation of trying to query many hundreds or thousands of computers, where the vast majority respond quickly but few can drag out for several minutes or not respond at all causing the script to hang if using the native Get-WMIObject cmdlet.


To use the SB-Tools PowerShell module which is available in the PowerShell Gallery, you need PowerShell 5. To view your PowerShell version, in an elevated PowerShell ISE window type

$PSVersionTable

To download and install the latest version of SB-Tools from the PowerShell Gallery, type

Install-Module SB-Tools,POSH-SSH -Force

SB-Tools contains functions that depend on POSH-SSH module, and they’re typically installed together.

To load the SB-Tools and POSH-SSH modules type:

Import-Module SB-Tools,POSH-SSH -DisableNameChecking

To view a list of cmdlets/functions in SB-Tools, type

Get-Command -Module SB-Tools

To view the built-in help of one of the SB-Tools functions/cmdlets, type

help <function/cmdlet name> -show

such as

help Convert-IpAddressToMaskLength -show


Convert-IpAddressToMaskLength and Convert-MaskLengthToIpAddress PowerShell functions


Convert-IpAddressToMaskLength and Convert-MaskLengthToIpAddress PowerShell functions are two supporting functions in the SB-Tools PowerShell module that do what their names suggest.

These two functions come in handy when manipulating IPv4 addresses. For example, when adding/removing IPv4 address to/from a network interface using PowerShell during automated provisioning.

For example, the Get-NetIPAddress cmdlet of the NetTCPIP module, returns information similar to

Notice that the familiar dotted decimal subnet mask is missing. Instead we get ‘PrefixLength’ which is the number of bits that represent the network address out of the 32 bit IPv4 address. So, a 24 bit prefix means a 255.255.255.0 subnet mask.

The Convert-IpAddressToMaskLength function takes one or more dotted decimal subnet masks and returns the corresponding bit lengths. For example

Convert-IpAddressToMaskLength 255.0.0.0,255.192.0.0,255.255.255.224

will return 8,10,27

Similarly, the Convert-MaskLengthToIpAddress 9,11,28 will return:


To use the SB-Tools PowerShell module which is available in the PowerShell Gallery, you need PowerShell 5. To view your PowerShell version, in an elevated PowerShell ISE window type

$PSVersionTable

To download and install the latest version of SB-Tools from the PowerShell Gallery, type

Install-Module SB-Tools,POSH-SSH -Force

SB-Tools contains functions that depend on POSH-SSH module, and they’re typically installed together.

To load the SB-Tools and POSH-SSH modules type:

Import-Module SB-Tools,POSH-SSH -DisableNameChecking

To view a list of cmdlets/functions in SB-Tools, type

Get-Command -Module SB-Tools

To view the built-in help of one of the SB-Tools functions/cmdlets, type

help <function/cmdlet name> -show

such as

help Convert-IpAddressToMaskLength -show


StorSimple 8k software release 4.0


Around mid February 2017, Microsoft released StorSimple software version 4.0 (17820). This is a release that includes firmware and driver updates that require using Maintenance mode and the serial console.

Using this PowerShell script to save the Version 4.0 cmdlets and compare them to Version 3.0, I got:

storsimple40-a

Trying the new cmdlets, the Get-HCSControllerReplacementStatus cmdlet returns a message like:

storsimple40-b

The Get-HCSRehydrationJob returns no output (no restore jobs are running)

The Invoke-HCSDisgnostics seems pretty useful and returns output similar to:

storsimple40-c

The cmdlet takes a little while to run. In this case it took 14 minutes and 38 seconds:

storsimple40-d

It returns data from its several sections like;

System Information section:

storsimple40-e

This is output similar to what we get from the Get-HCSSystem cmdlet for both controllers.

Update Availability section:

storsimple40-f

This is output similar to Get-HCSUpdateAvailability cmdlet, although the MaintenanceModeUpdatesTitle property is empty !!??

storsimple40-g

Cluster Information section:

storsimple40-h

This is new exposed information. I’m guessing this is the output of some Get-HCSCluster cmdlet, but this is pure speculation on my part. I’m also guessing that this is a list of clustered roles in a traditional Server 2012 R2 failover cluster.

Service Information section:

storsimple40-i

This is also new exposed information. Get-Service is not an exposed cmdlet.

Failed Hardware Components section:

storsimple40-j

This is new exposed information. This device is in good working order, so this list may be false warnings.

Firmware Information section:

storsimple40-k

This output is similar to what we get from Get-HCSFirmwareVersion cmdlet

Network Diagnostics section:

storsimple40-l

Most of this information is not new, but it’s nicely bundled into one section.

Performance Diagnostics section:

storsimple40-m

Finally, this section provides new information about read and write latency to the configured Azure Storage accounts.

The full list of exposed cmdlets in Version 4.0 is:

Clear-DnsClientCache
Set-CloudPlatform
Select-Object
Restart-HcsController
Resolve-DnsName
Out-String
Out-Default
Set-HcsBackupApplianceMode
Measure-Object
Invoke-HcsmServiceDataEncryptionKeyChange
Invoke-HcsDiagnostics
Get-History
Get-Help
Get-HcsWuaVersion
Get-HcsWebProxy
Invoke-HcsSetupWizard
Set-HcsDnsClientServerAddress
Set-HcsNetInterface
Set-HcsNtpClientServerAddress
Test-HcsNtp
Test-HcsmConnection
Test-Connection
Sync-HcsTime
Stop-HcsController
Start-Sleep
Start-HcsUpdate
Start-HcsPeerController
Start-HcsHotfix
Start-HcsFirmwareCheck
Set-HcsWebProxy
Set-HcsSystem
Set-HcsRemoteManagementCert
Set-HcsRehydrationJob
Set-HcsPassword
Get-HcsUpdateStatus
Trace-HcsRoute
Get-HcsUpdateAvailability
Get-HcsSupportAccess
Enable-HcsRemoteManagement
Enable-HcsPing
Enable-HcsNetInterface
Disable-HcsWebProxy
Disable-HcsSupportAccess
Disable-HcsRemoteManagement
Enable-HcsSupportAccess
Disable-HcsPing
Test-NetConnection
Test-HcsStorageAccountCredential
TabExpansion2
Reset-HcsFactoryDefault
prompt
Get-NetAdapter
Disable-HcsNetInterface
Enable-HcsWebProxy
Enter-HcsMaintenanceMode
Enter-HcsSupportSession
Get-HcsRoutingTable
Get-HcsRemoteManagementCert
Get-HcsRehydrationJob
Get-HcsNtpClientServerAddress
Get-HcsNetInterface
Get-HcsFirmwareVersion
Get-HcsDnsClientServerAddress
Get-HCSControllerReplacementStatus
Get-HcsBackupApplianceMode
Get-Credential
Get-Command
Export-HcsSupportPackage
Export-HcsDataContainerConfig
Exit-PSSession
Exit-HcsMaintenanceMode
Get-HcsSystem
Update-Help