[UPDATE] PowerShell - Monitor and Report Active Directory Group Membership Change

UPDATE: The most recent update is available on Github

I found some time to update the script "Monitor Active Directory Membership changes". This is the version 1.6.

To summarize, this script allow you to monitor Active Directory groups membership changes. The script will send your a report via email only when a change occur. I explained in details in my last post how the script work.

So what are the main changes in this version ?

  • SearchRoot you can now specify the Organization Unit path(s) where all your groups are located, the script will take care of the rest and watch them all. You also have the option to filter using the parameters SearchScope, GroupType, GroupScope.
  • File you can now specify one or multiple files where the list of groups is saved. Distinguished Names, SID, GUID, GroupName, Domain\GroupName are accepted.

Previous post related to this script:
[2013/10] PowerShell - Monitor and Report Active Directory Group Membership Change
[2012/03] Powershell - Monitor Active Directory Groups membership change

Thank you: I want to thank those who sent me suggestions via email or posts comments, I'm very happy to see that this script is helping a lot of my fellow sysadmins.


PowerShell - Add AD Site Subnet

Last month I posted a script that report the Missing Subnets from the Active Directory. The script goes on each Domain Controllers and get the last x entries from the NETLOGON.log file.
Once this report is generated, you might want to check with your Telecom guy/team to get the correct network mask, correct site of each entries and fix this situation.

Reminder: Subnet objects (class subnet) define network subnets in Active Directory. A network subnet is a segment of a TCP/IP network to which a set of logical IP addresses is assigned. Subnets group computers in a way that identifies their physical proximity on the network. Subnet objects in Active Directory are used to map computers to sites.

Today I will show how to add those missing subnets in your Active Directory using PowerShell on Windows Server 2012 and Previous versions via ADSI.


PowerShell - Get-DomainComputer (ADSI)

The following function use ADSI to query Computer objects from the Active Directory. Optionally an alternate credentials and/or a different domain can be specified.

Once in a while, everyone "enjoy" doing Auditing at work...,ok maybe not everyone :-).... so last week, an colleague of mine needed to get the name of the Primary user of each workstations that connect to one of their critical application.

Lucky for me, first he had the list of workstations and second we have the name of the primary user information in the Active Directory located in the description property ! :-) (This is added when the computer is built and joined to the domain the first time).

So he asked me if I could help and get this information somehow. My answer was obviously ... PowerShell!
This could be done very easily using the ActiveDirectory Module but unfortunately RSAT (Remote Server Administrator Tools) feature was not installed on his computer. Why not use ADSI then ? :-)


PowerShell - Using ADSI with alternate Credentials

The following PowerShell code will show you how to run ADSI with alternate credentials to get information from the Active Directory.

I will query Group objects in this example, my filter is define by the following line: "(objectCategory=Group)"


PowerShell 4.0 is now available

PowerShell 4.0 has been released by Microsoft and  is now available to download and install with the Windows Management Framework 4.0 (WMF 4.0).

Windows PowerShell

Windows PowerShell is a task-based command-line shell and scripting language designed especially for system administration. Built on the .NET Framework, Windows PowerShell helps IT professionals and power users control and automate the administration of the Windows operating system and applications that run on Windows.

Windows PowerShell allows you to run scripts, functions, and modules of cmdlets. Cmdlets are simple verb-noun commands that help you automate management of roles and features that run on the Windows operating system.

After you install WMF 4.0, Windows PowerShell is upgraded to version 4.0.



PowerShell - Renaming a bunch of folders

In my previous post I talked about Organizing my script directory, naming convention, preferences and bottlenecks... Today let's reorganize some of those script folders.

Renaming a bunch of folders

At my work, all the scripts related to VMware are named ESX-<Category>-<Explicit Title>. And I use the same naming convention at home for my own scripts. So let's say I want to rename all those *ESX* folders by VMWARE instead.
Something like this: VMWARE-<Category>-<Explicit Title>

PowerShell - Organizing my Scripts

With time, the number of PowerShell scripts I write keeps growing and growing, and I feel it is getting more and more difficult to find what I have done in the past. I won't say that all my scripts are great! Especially when I look at the scripts I wrote back in 2010/2011 or even 2012. I'm really happy to see the evolution as I keep learning about PowerShell. And honestly ... I think it is really fun to update old scripts, and it is always a good topic for a new blog post.

Today I will talk about my scripts directory, how I maintain it, which naming convention I use, what are my bottlenecks, my preferences ...


PowerShell - Report the AD Missing Subnets from the NETLOGON.log

Today I will share with you a script that report the Missing Subnets detected in the NetLogon file(s) of your Active Directory Domain Controller(s).

Update: See my Github repository for the most recent version

Missing Subnets

When a computer is joined to a domain It knows for sure of which AD domain it is a member. However once the computer is joined to the domain, It may or may not know which AD site it belongs to. Even if it thinks it knows the AD site, it may not even be in the correct AD site (e.g. because it was moved, AD site was renamed, Subnet not declared, Subnet was removed from a site and add to another...etc.).


PowerShell - Get a SubString out of a String using RegEx

Last week one of my colleague asked me if I could help him with some Regular Expression (Regex) to select some text inside a String.

I don't work a lot with RegEx but when I do, I use tools like PowerRegex from Sapien, RegExr, the technet help for about_Regular_Expressions or RegExlib.com. And to be honest, most of the time I'm trying to avoid it...trying to find a solution the "PowerShell Way"  before trying with Regex...


So here is what he asked me
Out of the following string "OU=MTL1,OU=CORP,DC=FX,DC=LAB" (Which is a Distinguished Name), he wanted to get the name "MTL1", (SiteCode for Montreal).


PowerShell - Get-DomainUser

Today one of my IT coworkers, in another department, sent a couple of emails to the Ops to get the username (SamAccount) from a couple of Active Directory users accounts. This guy, which is not familiar with AD, had only the DisplayName properties information.

I wrote him back that he could just request RSAT(Remote Server Administration Tools) to be installed on his workstation or just use this small PowerShell that I just wrote in minutes. Since Active Directory does not require any specific permission to access this kind of information. Here is the code, nothing advanced, but it does the work ;-)

function Get-DomainUser {
    $Search = [adsisearcher]"(&(objectCategory=person)(objectClass=User)(displayname=$DisplayName))"
    foreach ($user in $($Search.FindAll())){
        New-Object -TypeName PSObject -Property @{
            "DisplayName" = $user.properties.displayname
            "UserName"    = $user.properties.samaccountname
            "Description" = $user.properties.description}


PS C:\> Get-DomainUser -DisplayName "jonathan*" | Format-List
UserName    : {JonathanD}
Description : {Account of Jonathan Delpiero}
DisplayName : {Jonathan Delpiero}

UserName    : {DumoulinJ}
Description : {Account of Jonathan Dumoulin}
DisplayName : {Jonathan Dumoulin}


PowerShell - Monitor and Report Active Directory Group Membership Change

UPDATE 2016/05/03: The most recent update is available on Github

See also the related blogpost: http://www.lazywinadmin.com/2013/11/update-powershell-monitor-and-report.html

Today I will update a post that I published at the beginning of last year : Monitor Active Directory Membership changes. I updated the script to add some of the things I learned during the Scripting Games 2013 back in April/May. The script will also create a nice html report and send it via Email.

Basically, the script will monitor the Active Directory groups that you specify and notify you if a change occurred since the last time it checked.


PowerShell Studio 2012 - WinForms - GUI ToolMaking

In my previous post I showed how to create a quick PowerShell GUI to append some colored text in a RichTextBox control using Sapien PowerShell Studio 2012.

Today I will go a bit further and show you how to create a tool to query some information from a remote computer. I will first send the Output to Out-GridView cmdlet and then show you how to send it to a DataGridView control inside the GUI.

The tool will query Services, Processes and Shares from a Remote Computer.
You will need to specify the ComputerName and the Credential required to perform those actions. The goal is to show how to create something very simple so I did not write any Error Handling or any conditional code in this version.

One cool thing to mention when using PowerShell Studio 2012 is, if you add some controls like a DataGridView, a Listview or a ListBox, PowerShell Studio 2012 will add some functions to help you Load/Add/Refresh those controls. I will show you below in the part "Replacing the Out-Gridview by a DataGridView Control"


Blogger - Adding PowerShell code in your blog post

From time to time you might be interested to have your code syntax highlighted or presented with a neat format in your blog posts.

Plain text is boring and it can really mess up the layout of your post. Also It can be very hard to understand some code without some sort of syntax highlighting.

Here are a few methods that I found useful for Blogger: (those can probably be applied to Wordpress and other platforms)

  • Method 1: Using Syntax Highlighter from Alex Gorbatchev
  • Method 2: Using an Editor to copy the code as HTML language
  • Method 3: HTML CSS Rectangle (PowerShell console look a like)
  • Method 4: Embedded code using Gist (GitHub)


PowerShell Studio 2012 - WinForms - Creating a basic GUI (Video)

The following post will demo how to create a basic Graphical User Interface with SAPIEN PowerShell Studio 2012.

Update: See also the second part of this post: PowerShell Studio 2012 - WinForms - GUI ToolMaking

Last year I released a PowerShell script called LazyWinAdmin 0.4 which is a script that generate a Graphical User Interface. I used SAPIEN PowerShell Studio 2012 to create this Interface and write my PowerShell code.

LazyWinAdmin script allows SysAdmins/IT Pros to Query Information on their Workstation / Servers and to Perform some actions like :
  • List Shares (with local path), Processes, Services, ...
  • Test the Connection, Permission, PowerShell Remoting, RDP availability ...
  • Reboot/Shutdown
  • Query and Kill any RDP Session opened
  • Etc...

Since then, I got a lot of emails asking me questions about PowerShell and how to make GUIs using PowerShell Studio 2012. So here is a quick demo..


WS2012 Storage - Creating a Storage Pool and a Storage Space (aka Virtual Disk) using PowerShell

In my previous posts I talked about how to use NFS and iSCSI technologies hosted on Windows Server 2012 and how to deploy those to my Home Lab ESXi servers.

One point I did not covered was: How to do the Initial setup with the physical disk, Storage pooling and the creating the Virtual Disk(s) ?

The cost to acquire and manage highly available and reliable storage can represent a significant part of the IT budget. Windows Server 2012 addresses this issue by delivering a sophisticated virtualized storage feature called Storage Spaces as part of the WS2012 Storage platform. This provides an alternative option for companies that require advanced storage capabilities at lower price point.


PowerShell - Free Trainings from Microsoft Virtual Academy

Update: Getting Started with PowerShell 3.0 and Advanced Tools & Scripting with PowerShell 3.0 recorded videos are now available on Microsoft Virtual Academy. Links below.

I get a lot of questions from my friends and coworkers about PowerShell ...
"Hey FX, How can i get all the process that start by... and then kill them all in PowerShell ?
"How can I add a Windows Feature in W2012 in PowerShell ?"
"How can I get the list of programs installed on those 50 computers using PowerShell ?"
 "How can I change the Multipath policy of all my LUNs in VMware vSphere using PowerShell (PowerCli) ?"

Well if you are just like them, you'll be happy to hear that Microsoft Virtual Academy will offer not one, but Two free PowerShell trainings !! Here are the details.


WS2012 Storage - iSCSI Target Server - Configuring an iSCSI Initiator on VMware vSphere 5.1

I recently switched the backend storage of my VMware vSphere 5.1 Home Lab from FreeNas (OS based on UNIX) to iSCSI (Windows Server 2012 Storage Feature). The reason is that I wanted to play with the PowerShell iSCSI modules and do some tests with SMB v3.0.

In a previous post I showed how to create an iSCSI target using PowerShell on Windows Server 2012. Today I will demonstrate how I set the VMware vSphere 5.1 Software iSCSI Adapter using PowerCli and create the datastore using the LUN created in my previous post. I won't cover how to assign the iSCSI traffic to a dedicated PortGroup and dedicated NICs.


WS2012 Storage - iSCSI Target Server - Create an iSCSI target using PowerShell

For my Virtual Machines needs, some LUNS are presented to my VMware vSphere 5.1 Servers and until now, my lab storage was handle by FreeNas using iSCSI.
For tests purposes, I replaced this FreeNas by Windows Server 2012 to take care of that part.

Note: Before writing this post, I grouped my physical disks together into a container called storage pools to manage those disks as a single storage space. Afterwards, in these storage pools, I created virtual disks (aka LUN) on which I specify a layout, ... which is simply a raid level.


In the following post I will talk about the following points:
  • Quick iSCSI Terminology
  • Quick look at iSCSI Target Management (GUI and PowerShell iSCSI Modules)
  • Installing the Windows Feature iSCSI Server Target (PowerShell)
  • Creating a iSCSI Virtual Disk (aka LUN) (PowerShell)
  • Creating a iSCSI Target and assigning it to one or more initiator(s) (PowerShell)
    • Finding the iSCSI Qualified Name (IQN) (vSphere Client and PowerCLI)
  • Assigning a iSCSI Virtual Disk (LUN) to a iSCSI Target (PowerShell) 


Note: The iSCSI protocol is fully documented by the RFC 3720 and RFC 3721

iSCSI: iSCSI stands for Internet Small Computer System Interface.
It's an Internet Protocol (IP)-based storage networking standard for linking data storage facilities.
iSCSI is used to facilitate data transfers over a network (LAN, WAN or Internet) and transferring data by carrying SCSI commands over IP networks. iSCSI leverages the Ethernet network and does not require any specialized hardware

source: http://blogs.technet.com/b/filecab/

iSCSI Target Server: is the server that shares the storage, it runs the iSCSI Target. The server (machine) consumes the storage is called iSCSI initiator.

iSCSI Initiator: Typically, it is an application server. For example, iSCSI Target provides storage to a SQL server, the SQL server will be the iSCSI initiator in this deployment.

Target: It is an object which allows the iSCSI initiator to make a connection. The Target keeps track of the initiators which are allowed to be connected to it. The Target also keeps track of the iSCSI virtual disks which are associated with it. Once the initiator establishes the connection to the Target, all the iSCSI virtual disks associated with the Target will be accessible by the initiator.

iSCSI Virtual Disk: It also referred to as iSCSI LUN. It is the object which can be mounted by the iSCSI initiator. On Windows Server 2012, the iSCSI virtual disk is backed by the VHD file.

iSCSI Connection: iSCSI initiator makes a connection to the iSCSI Target Server by logging on to a Target. There could be multiple Targets on the iSCSI Target Server, each Target can be accessed by a defined list of initiators. Multiple initiators can make connections to the same Target. However, this type of configuration is only supported with clustering. Because when multiple initiators connects to the same Target, all the initiators can read/write to the same set of iSCSI virtual disks, if there is no clustering (or equivalent process) to govern the disk access, corruption will occur. With Clustering, only one machine is allowed to access the iSCSI virtual disk at one time.

IQN: iSCSI Qualified Name. It is a unique identifier of the Target or Initiator. The Target IQN is shown when it is created on the Server. The initiator IQN can be found by typing a simple "iscsicli" cmd in the command window or using Get-InitiatorPort in PowerShell

Using iscsicli

Using PowerShell (module iSCSI) with the Cmdlet Get-InitiatorPort


Enabling Change Block Tracking (CBT) on a vSphere 5.1 VM with PowerShell/PowerCli

In one of my previous post, I created two PowerShell functions to enable Copy/Paste operations on VMware vSphere 5.1 between a Guest OS and the vSphere Client remote console.
Today we'll use a very similar piece of code to Enable Change Block Tracking (CBT) on one or more Virtual Machines.

I already talked about CBT in the past, but I just wanted to create re-usable PowerShell functions that will help me when I need it.


How to Enable Copy/Paste Operations Between GuestOS and Remote Console on vSphere 5.1 (GUI and PowerCli)

In this blogpost I will explain how to enable Copy/Paste operations between the Guest Operating System and the Remote Console on VMware vSphere 5.1 via the GUI and PowerCli (PowerShell for VMware).

VMware does not recommend this manipulation to avoid and limit Exposure of Sensitive Data Copied to the Clipboard section.

Using the GUI this procedure requires the VM(s) to be powered off. Who wants to do that? Not me...

Check the second part of this procedure using PowerCli, this can be applied without powering off the VM. However you'll need to do a stun/unstun operation (i.e. power on/off, suspend/resume, create/delete snapshot/storage VMotion) to achieve the same thing.

Using the Graphical User Interface (GUI)

Applying advanced settings to a VM can be a daunting task.
Doing this manipulation via the GUI is pretty heavy. When dealing with even a few VMs, this can be a very time consuming task time consuming...

The "Configuration Parameters" button is not available while the VM is Powered On.

1 - Power down your VM(s)

2 - Go into Edit Setting, under the Option tab, and select General under Advanced.
You'll see the Configuration Parameters button...

3 - Click on Add Row and enter the Name and Value for each of the following items:
  • isolation.tool.copy.disable = FALSE
  • isolation.tool.paste.disable = FALSE


PowerShell SCCM 2007 Module - My contribution

I recently contributed to a PowerShell module called SCCM Automation created by Andre Bocchini. (SCCM stands for System Center Configuration Manager)

Take a look at it on GitHub here: https://github.com/andrebocchini/sccm-powershell-automation-module Andre really did an awesome job on this module!

This Module for SCCM 2007 (which does not come with a set of PowerShell Cmdlets) allows you to query Computers, Collections, Advertisements etc... (Check the Full list of Cmdlets)

However against big SCCM environment I notice some functions queries were very slow to report object.
After inspecting the code, I tweaked some parts of the code, especially on the Get-WmiObject queries.
Those modifications are now part of the module.


Installing Microsoft System Center Orchestrator 2012 SP1

In one of my last post I installed a new SQL Server 2012 in my Home Lab. This was a requirement for a few incoming home lab projects. One of those projects is Microsoft System Center 2012 Orchestrator. I will have to install, configure and manage this product at my work and thought it would be nice to get familiar with it. 

In 2009, Microsoft bought a company called Opalis that offers an automation platform for orchestrating and integrating IT tools to decrease the cost of datacenter operations while improving the reliability of IT processes. It enables IT organizations to automate best practices, such as those found in Microsoft Operations Framework (MOF) and Information Technology Infrastructure Library (ITIL). Opalis operates through workflow processes that coordinate System Center and other management tools to automate incident response, change and compliance, and service-lifecycle management processes.

Opalis was recently renamed Orchestrator and integrated into the System Center suite.

The following procedure will cover a basic/generic install of System Center Orchestrator 2012. This is to be used as a template or POC only.


What's New in Windows PowerShell 4.0

Microsoft just updated the page "What's New in PowerShell" to include information about Windows PowerShell 4.0. They also added a page about Desired State Configuration.

You can try PowerShell 4.0 by either downloading the Windows Server 2012 R2 Preview which has been release just a few hours ago, or by doing the Desired State Configuration Lab from Channel9.

I highly encourage you to check-out this documentation. From my point of view, the following features are very interesting:


Installing Microsoft SQL Server 2012 Standard Edition SP1 in my Home Lab

Currently I'm playing with some products from the Microsoft System Center 2012 Suite in my Home Lab. I'm Starting the whole installation by installing a new Virtual Machine with Microsoft SQL Server 2012 (Standard Edition).

I used a dedicated VM that will be used to host the database of Configuration Manager 2012 and Orchestrator 2012 (at least.. for now)



1 - After launching the SQL 2012 Server Installation, you should first run the System Configuration Checker. This small tool will check if you have every requirements to install SQL Server.


Scripting Games 2013 - Advanced Event 5 - The Logfile Labyrinth

This is my solution for the Advanced Event 5.
I did not have much time to work on this event, but here is the script I submitted.

Download [Skydrive]

Dr. Scripto finds himself in possession of a bunch of IIS log files, much like the one at
http://morelunches.com/files/powershell3/LogFiles.zip, if you need one to practice with. He’s keeping all of the log files in a folder, and he’s left the log files with their default filenames, which he’s given a .LOG filename extension. All of the files are for a single Web site, on a single Web server.

He’d like you to write a tool that accepts a path, and then simply scans through each file in that path somehow, generating a list of each unique client IP address that have been used to access the Web site. No IP address should appear more than once in your output, and you don’t need to sort the output in any way.

Your tool should optionally accept an IP address mask like “192.0.1.*” and only display IP addresses that match the specified pattern. If run without a pattern, display all IP addresses.

Regardless of the addresses found in the sample file linked above, you should assume that any legal IP address may appear in the files Dr. Scripto needs to scan. Your command should scan all of the files in the folder (and the folder doesn’t contain any other kind of file) and produce a single set of results. If an IP address appears in multiple log files and it’s likely that will be the case then your final output should still only list that IP address.


Scripting Games 2013 - Advanced Event 4 - An Auditing Adventure

This is my solution for the Advanced Event 4 of the Scripting Games 2013.
This event was a bit challenging for me... In the past, I played with Quest Active Directory snap-in to create a bunch of Monitoring tools and some other small automation tasks, but that's about it. (Example Monitor Active Directory Groups membership change).

Let's see how I solved it.


Scripting Games 2013 - Advanced Event 3 - A Disk Decision

This is my solution for the Advanced Event #3.
Unfortunately I don't expect a very high score in the Leader board since I did not submit the good version of my script... Shame.... But anyway I learned a bit from this event and wanted to share my solution. Hope this help someone out-there.

Download [SkyDrive]

Dr. Scripto has been fielding a lot of calls from the Help Desk lately. They’ve been asking him to look up information about the local hard drives in various servers – mainly size and free space information. He doesn’t mind helping, but all the requests have been getting in the way of his naps. He’s asked you to write a tool comand that can get the information for the help desk – and theywants the output in an HTML file. The HTML file should look something like this:
The Doctor says you should parameterize your command – he wants to be able to pipe in one or more computer names as strings.The resulting HTML does need to go into an HTML file on disk someplace, and that file should have the computer name (e.g., the computer SERVER1 should have Server1.html, SERVER2 should have server2.html, and so on). A parameter should let him indicate the path (directory) to write the files to. Also, he wants you to pay special attention to the following:
  • The browser displays “Disk Free Space Report” in the page tab when viewing the report.
  • “Local Fixed Disk Report” is in the H2 (“Heading 2”) HTML style.If you can actually add the computer name to that – bonus!
  • The report ends with an HTML horizontal rule and the date and time that the report was generated.
  • The size and free space values are shown as gigabytes (GB) and megabytes (MB) respectively, each to two decimal places.
The command you write can assume that both WMI and CIM are available on the remote computers, and that all the necessary firewall rules and authentication have already been taken care of.


Finding the disk information
We'll have to use WMI/CIM to get this information on the remote computers.
To find which class to use, I typed the following commands:

Get-CimClass *disk*
Get-CimClass *disk* -PropertyName *size*


Scripting Games 2013 - Advanced Event 2 - An Inventory Intervention

Now that event 2 is closed for new entries. Here is the solution I proposed.

Download the instruction here [skydrive]

Dr. Scripto finally has the budget to buy a few new virtualization host servers, but he needs to make some room in the data center to accommodate them. He thinks it makes sense to get rid of his lowest-powered old servers first… but he needs to figure out which ones those are.
This is just the first wave, too – there’s more budget on the horizon so it’s possible he’ll need to run this little report a few times. Better make a reusable tool.

All of the virtualization hosts run Windows Server, but some of them don’t have Windows PowerShell installed, and they’re all running different OS versions. The oldest OS version is Windows 2000 Server (he knows, and he’s embarrassed  but he’s just been so darn busy). The good news is that they all belong to the same domain, and that you can rely on having a Domain Admin account to work with.

The good Doctor has asked you to write a PowerShell tool that can show him each server’s name, installed version of Windows, amount of installed physical memory, and number of installed processors. 
For processors, he’ll be happy getting a count of cores, or sockets, or even both – whatever you can reliably provide across all these different versions of Windows. He has a few text files with computer names – he’d like to pipe the computer names, as strings, to you tool, and have your tool query those computers.

Key Points

  • Some Remote Server don't have PowerShell
  • Different OS versions (oldest is Window Server 2000)
  • Domain Environment, Domain Admin credential.
  • Output of the script: ServerName, Version of Windows, Amount of Physical Memory, Processors Count, Sockets Count, Cores Count.
  • Script can receive ComputerName injected via the pipeline


PowerShell Summit NA 2013 - Recorded Videos

Recently I was lucky enough to attend the PowerShell Summit in Redmond,WA, this was a great opportunity to meet a lot of PowerShell people, MVPs, Writers, Bloggers, Trainers, IT Pros, DevOps, ... and some members of the PowerShell Team who created this amazing tool.

One of the Summit attendee Aaron Hoover recorded some of the sessions he attended using his webcam.

Find bellow the list of session available on his Youtube Account:

You can also download the materials used by the presenters and the list of sessions on PowerShell.org.

Thanks for Reading! If you have any questions, leave a comment or send me an email at fxcat@lazywinadmin.com. I invite you to follow me on Twitter: @lazywinadm


Scripting Games 2013 - Advanced Event 1 - An Archival Atrocity

Last week I was one of the lucky PowerShell Summit attendees and had the chance to assist to the official launch of the Scripting Games 2013 !! (with a special video created by Sean ;-)

Apart from the PowerShell stars like Ed Wilson, Don Jones, Bruce Payette, Alan Renouf, Lee Holmes, Richard Siddaway, Jeffery Snover.... I met some awesome people there and It was really cool to talk about our passion for PowerShell, How this amazing tool is saving our life each days!

Scripting Games 2013 - Advanced Event #1 - An Archival Atrocity

For the first time, I decided this year to participate to the Scripting Games 2013 organize and hosted by the PowerShell.org team.

I chose the Advanced Track and here is the first script I submitted yesterday.

Feel free to comment and send me your critics.


2013 Scripting Games - Competitor Guide

Don Jones just released the Competitor Guide for the 2013 Scripting Games online.

This year the Games will be hosted by PowerShell.org (Previous ones where organize by the Scripting Guy Ed Wilson). This event is scheduled to start during the PowerShell Summit in Seattle (between the 22nd and the 24th of April).

Make sure to read the Guidelines and check the different tracks available to you (Beginner or Advanced).

Download the Competitor Guide [PDF]

The Scripting Games is a great event for those who want to learn more or improve their skills with Windows PowerShell. I'm planning myself to participate to the Advanced Event. My Script will be post and explained here.

PowerShell/WinForm - Active Directory User Unlocker

An Active Directory account may be automatically locked, if the domain's security policy has been configured to lock accounts after a number of unsuccessful logon attempts.

If an account has been locked out, the lockouttime attribute will contain a Win32 time value that indicates when the account was locked.

An easy way to search for locked out accounts is an LDAP query similar to

You can integrate this query in the saved queries of your Active Directory Users and Computers MMC.


The following script will use PowerShell to generate a WinForm and give you the ability to unlock account right from the interface. The goal is to do something simple and functional, nothing fancy.

The GUI was created using PowerShell Studio from SAPIEN. You can try this tool by going on Sapien.com

No Module Required

The beautiful part of it is that no Active Directory Module or Quest Active Directory Snapin are required
In my case I used ADSI: [ADSISearcher]

If you want to know more about ADSISearcher check this article from the Scripting Guy

Graphical User Interface

Under Windows 8


Deploying and Configuring vCenter Server Appliance 5.1

In this post I will describe how I installed and configured vCSA in my Home Lab from the vSphere Client. I will also show how to access the vSphere Web client once the installation is completed.

What is VMware vCenter ?

Before I start, It should be good to revisit the definition of VMware vCenter.

VMware vCenter Server provides a centralized and extensible platform for managing virtual infrastructure. VMware vCenter Server, formerly VMware VirtualCenter, manages VMware vSphere environments allowing IT administrators simple and automated control over the virtual environment to deliver infrastructure with confidence.

  • Provides centralized control and visibility at every level of virtual infrastructure
  • Delivers the security and availability of vSphere through automated proactive management
  • Empowers a broad partner ecosystem to extend virtualization capabilities


How to Deploy an OVF Template from a Remote Web Server

In the following post I am going to explain how to deploy an OVF Template from an URL.

The VMware vSphere Client allows you to deploy and export virtual machines, virtual appliances, and vApps stored in Open Virtual Machine Format (OVF).

An appliance is a pre-configured virtual machine that typically includes a preinstalled guest operating system and other software.

Methods to deploy an OVF Template
Using vSphere Client you have a couple of methods available to you :
  • Remote web server (URL)
  • Local Disk, USB keychain drives or CD/DVD drives
  • Shared network drives
  • OVFTool (Command-line utility from VMware that allows you to import and export OVF packages to and from a wide variety of VMware platform products.)

In most cases, Administrators would probably browse their Local Disks or Network Shares.
However, In my case I want to deploy a template using the local datastore of my ESXi host, using an URL.


The Simplest Way to Create a Bootable Windows Server 2012 or Windows 8 USB Key

After I passed my VCP510-DV last week, I wanted to rebuild my Home Lab using Windows Server 2012 for the Storage part, instead of FreeNas.

Part of the rebuild, I needed to install Windows Server 2012 on top of the old FreeNas box. Hard task since I don't have a DVD player in the case... :-/

Hence, USB Boot it is...

I was surprise to see how easy it is to create a Bootable Windows Server 2012 (R1 or R2)/Windows 8/8.1 USB Key.

What do you need:

Once Installed, Launch Windows 7 USB/Download Tool
The first step is to select your ISO


The PowerShell Certification

Update 2013/07/07: It seems that the Certification is now ONLY available after doing the in-person class offered by Concentrated Technology :-(

Don Jones just announced the creation of the PowerShell "Certification"!!

This is available for anybody who want to test their PowerShell scripting knowledge. The PowerShell "certification" is under the VERIFIED EFFECTIVE™ brand.

The certification name: Windows PowerShell 3.0 Toolmaking

More information:

To pass the certification you will need to pay the Examination cost (150$) and complete/return the Program License Agreement file. Once those steps complete you will then receive your scenario.