Pro Tip: PowerShell DSC Events to Monitor

blivit
blivit

The Problem I need to monitor PowerShell DSC health on all of my nodes. But I do not want to wait for every possible event to happen in production to catch it and add it to my monitoring event list. The Options There are many options for monitoring PowerShell Desired State Configuration (DSC) status on…

0

2017 New Years PowerShell DevOps Study List

Geek Mug
Geek Mug

Microsoft: from “know-it-all” to “learn-it-all” In a recent interview Satya Nadella mentioned the learn-it-all mindset. This is certainly true in the world of PowerShell. We are so far beyond “just a scripting language” now. Wow! Have you been paying attention to PowerShell this year? So many big announcements! Today’s post is a crazy link list…

1

How to run a PowerShell script against multiple Active Directory domains with different credentials

collage
collage

I was working with a customer recently who needed to execute the same script against servers in different Active Directory domains. They had administrative privileges in each domain, but each domain used a different account. You could apply this same scenario to running one query against domain controllers in different domains. Today we’ll explore one…

2

Gnarly Innards: How to live debug PowerShell DSC configurations without using Enable-DSCDebug

CTRL ALT DEL
CTRL ALT DEL

The Problem Have you ever needed to debug a PowerShell Desired State Configuration that appeared to be hanging when it was applying? At that point it’s a little too late to run Enable-DscDebug. Here’s how to debug it anyway… The Solution On the box applying the active configuration you can see the LCM is busy….

0

Use the new PowerShell cmdlet ConvertFrom-String to parse KLIST Kerberos ticket output

NinjaParser
NinjaParser

Tired of hacking away at RegEx and string functions to parse text? This post is for you! ConvertFrom-String In yesterday’s post we reviewed a simple example of the new PowerShell 5.x Convert-String cmdlet. Today we are going to study a complex example with ConvertFrom-String. This cmdlet was first documented here in a PowerShell team blog…

4

Use the new PowerShell cmdlet Convert-String to parse email addresses

NinjaParser
NinjaParser

Tired of hacking away at RegEx and string functions to parse text? This post is for you! New toys PowerShell 5.x includes a number of new features. One of the lesser-known and incredibly powerful is the string conversion set of cmdlets. The names are very similar. Check out how Get-Help describes them: PS C:\> Get-Help…

1

PowerShell Remoting Kerberos Double Hop Solved Securely

ServerA
ServerA

The struggle is real. Are you facing issues with PowerShell remoting and credentials? You remote into your jump box, but then any remoting beyond there gets a big red ACCESS DENIED. Maybe you’ve tried CredSSP, but people say that isn’t safe. Read today’s post for a completely legit, secure, safe, and easy way to enable…

28

PowerShell DSC 101: Using the Script Resource to Enable the Windows Firewall

Windows Firewall
Windows Firewall

Learning PowerShell Desired State Configuration PowerShell DSC is one of my favorite topics to teach, because the technology is simply amazing. Usually I do not have enough time with a customer to teach all of the built-in resources. I would guess that the Script resource is one of the least understood. Today’s post outlines a…

0

Who’s afraid of PowerShell security?

image_thumb860.png
image_thumb860.png

Is PowerShell a vulnerability? Does your organization forbid the use of PowerShell remoting? Has InfoSec blocked remote server administration with PowerShell? Do you want to understand PowerShell security better? This post is for you. Notes from the field… As a Premier Field Engineer I have delivered PowerShell engagements to countless companies and teams. Over the…

4

Quick and easy Active Directory test lab using PowerShell DSC and AzureRM

That Active Directory Test Lab You Have Always Wanted As a Microsoft Premier Field Engineer I have visited countless customers to assess and assist their Active Directory environment. Sadly, the majority of those customers do not have an Active Directory test environment. Today I am going to show you how to quickly deploy and destroy…

5