OFFICIAL

MICROSOFT

LEARNING

PRODUCT

6434A
Lab Instructions and Answer Key: Automating Windows Server 2008 Administration with Windows PowerShell
® TM

Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. The names of manufacturers, products, or URLs are provided for informational purposes only and Microsoft makes no representations and warranties, either expressed, implied, or statutory, regarding these manufacturers or the use of the products with any Microsoft technologies. The inclusion of a manufacturer or product does not imply endorsement of Microsoft of the manufacturer or product. Links may be provided to third party sites. Such sites are not under the control of Microsoft and Microsoft is not responsible for the contents of any linked site or any link contained in a linked site, or any changes or updates to such sites. Microsoft is not responsible for webcasting or any other form of transmission received from any linked site. Microsoft is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement of Microsoft of the site or the products contained therein. © 2008 Microsoft Corporation. All rights reserved. Microsoft, and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. All other trademarks are property of their respective owners.

Technical Reviewer: Trevor Barry

Product Number: 3639 Part Number C90-06038 Released: 07/2008

Lab Instructions: Introduction to Windows PowerShell™

1

Module 1
Lab Instructions: Introduction to Windows PowerShell™
Contents:
Exercise 1: Installing Windows PowerShell Exercise 2: Customizing Windows PowerShell 2 3

2

Lab Instructions: Introduction to Windows PowerShell™

Lab: Implementing Windows PowerShell

Exercise 1: Installing Windows PowerShell
Scenario
You are a Windows Server 2008 administrator for Woodgrove Bank. You plan to automate several Windows Server administration tasks by using Windows PowerShell, in addition to using the shell for interactive systems management. Therefore, you need to install Windows PowerShell on Windows Server 2008. Knowing that Windows PowerShell depends on the .NET Framework, you will first ensure that this framework is installed prior to installing Windows PowerShell.

Exercise Overview
In this exercise you will select and install the correct build of Windows PowerShell v1.0. The main tasks for this exercise are as follows: 1. 2. 3. Start the 6434A-NYC-DC1 virtual machine and log on as Administrator. Verify that the Windows PowerShell system requirements are met. Install Windows PowerShell.

Lab Instructions: Introduction to Windows PowerShell™

3

Task 1: Start the 6434A-NYC-DC1 virtual machine and log on as Administrator
• Start 6434A-NYC-DC1 and log on as Administrator using the password Pa$$w0rd.

Task 2: Verify that the Windows PowerShell system requirements are met
• • • Ensure that .NET Framework v2.0 or later is installed. Ensure that the server operating system is compatible with Windows PowerShell. Make a note of the server operating system and architecture (x64 or x86).

Task 3: Install Windows PowerShell
• • From the Administrative Tools menu, open Server Manager. Add the Windows PowerShell feature.
Results: After this exercise, you should have installed Windows PowerShell on 6434A-NYC-DC1.

Exercise 2: Customizing Windows PowerShell
Scenario
An administrator in your company, Woodgrove Bank, has a visual impairment and cannot easily read the Windows PowerShell console when it is set to use the default colors. You need to customize the console window to use different colors that provide greater contrast. You also need to ensure that the shell can run scripts that you and the other administrators at the bank have written, as well as downloaded scripts that have been digitally signed.

Exercise Overview
In this exercise you will set the script execution policy in Windows PowerShell and customize the appearance of the Windows PowerShell console window. The main tasks for this exercise are as follows: 1. Set the script execution policy.

4

Lab Instructions: Introduction to Windows PowerShell™

2.

Customize the appearance of the Windows PowerShell console window.

Task 1: Set the script execution policy
• Set the script execution policy to RemoteSigned.

Task 2: Customize the appearance of the Windows PowerShell console window
• • • Configure the console window to have a buffer width of 100 characters and a physical width of 80 characters. Configure the console window to have white text on a dark green background. Feel free to change the colors to meet your personal preferences. Ensure that QuickEdit Mode is selected.
Results: After this exercise, you should have set the script execution policy to allow for script execution, and customized the Windows PowerShell console window.

Lab Instructions: Overview of Windows PowerShell™

1

Module 2
Lab Instructions: Overview of Windows PowerShell™
Contents:
Exercise 1: Learning Cmdlets and Defining Aliases Exercise 2: Holding the Output of a Cmdlet 2 3

2

Lab Instructions: Overview of Windows PowerShell™

Lab: Working with Windows PowerShell Cmdlets, Aliases, Objects, and Variables

Exercise 1: Learning Cmdlets and Defining Aliases
Scenario
You are an administrator for Woodgrove Bank. You plan to automate several Windows Server administrative tasks by using Windows PowerShell. To maximize your efficiency with Windows PowerShell, you decide to create custom abbreviations for the cmdlets that you will use most frequently. Therefore, you need to learn the necessary cmdlets and define aliases for them. Many tasks that you need to automate involve accessing the event logs; therefore, you decide to start by finding cmdlets that work with the event logs. You also need a quick way to save the output of Windows PowerShell operations in a file; consequently, you also intend to find cmdlets that work with output and files.

Exercise Overview
In this exercise, you will identify the cmdlets necessary to perform specific tasks, and you will create a new alias to one of those cmdlets. The main tasks for this exercise are as follows:

Lab Instructions: Overview of Windows PowerShell™

3

1. 2. 3.

Start the 6434A-NYC-DC1 virtual machine, log on as Administrator, and start Windows PowerShell. Identify the cmdlets that perform a specific task. Create an alias.

Task 1: Start the 6434A-NYC-DC1 virtual machine, log on as Administrator, and start Windows PowerShell
• • Start 6434A-NYC-DC1 and log on as Administrator using the password Pa$$w0rd. Open Windows PowerShell.

Task 2: Identify the cmdlets that perform a specific task
• • Identify the cmdlet that displays a list of Windows event log entries. Identify the cmdlet that pipes output to a specified text file.

Task 3: Create an alias
• Create an alias named OF that references the cmdlet used to pipe output to a specified text file.
Results: After this exercise, you should have identified two cmdlets and created an alias for one of those cmdlets.

Exercise 2: Holding the Output of a Cmdlet
Scenario
You need to capture the output of a cmdlet so that the output can be used to perform other tasks. You also want to be able to review the output at a later time. At Woodgrove Bank, one of your administrative duties involves keeping track of the processes that are running on your servers. You periodically need to make snapshots of the list of processes running on each server; but occasionally, you need to work with these lists right away. Therefore, you decide to keep the list of processes in Windows PowerShell variable and then save the list of processes in that variable to a text file.

4

Lab Instructions: Overview of Windows PowerShell™

Exercise Overview
In this exercise you will run a cmdlet and retain its output in a variable. The main tasks for this exercise are as follows: 1. 2. Obtain the currently running processes and store them in a variable. Display the processes stored in a variable.

Task 1: Obtain the currently running processes and store them in a variable
• Use the Get-Process cmdlet to retrieve the currently running processes. Store the results of the cmdlet in a variable named $processes.

Task 2: Display the processes stored in a variable
• • Display the processes stored in the $processes variable. Write the contents of $processes to a text file.
Results: After this exercise, you should have run a cmdlet and retained its output in a variable. You should also have displayed the contents of that variable.

Lab Instructions: Building Pipelines for Assembly-Line Style Processing

1

Module 3
Lab Instructions: Building Pipelines for Assembly-Line Style Processing
Contents:
Exercise 1: Evaluating Process Properties Using the Get-Member Cmdlet Exercise 2: Calculating Process Memory Usage Exercise 3: Using Associative Array Variables Exercise 4 Sorting and Selecting Elements from a Resultant Set of Data 2 3 4 5

2

Lab Instructions: Building Pipelines for Assembly-Line Style Processing

Lab: Implementing Pipelines in Windows PowerShell

Exercise 1: Evaluating Process Properties Using the Get-Member Cmdlet
Scenario
You need to use Windows PowerShell to perform several tasks related to running processes. In order to do so, you need to identify the appropriate process object properties. The servers that you manage at Woodgrove Bank must be monitored with respect to virtual memory utilization and physical memory utilization, including the amount of non-paged memory that is being used. These memory utilizations must be tracked per process so that you can evaluate which processes are the biggest consumers, and so that you can track growth in memory utilizations over time due to increasing traffic through the services hosted by your servers.

Exercise Overview
In this exercise you will use the Get-Member cmdlet to identify various properties of a Process object. The main tasks for this exercise are as follows:

Lab Instructions: Building Pipelines for Assembly-Line Style Processing

3

1. 2.

Start the 6434A-NYC-DC1 virtual machine, log on as Administrator, and start Windows PowerShell. Identify specific properties of a Process object.

Task 1: Start the 6434A-NYC-DC1 virtual machine, log on as Administrator, and start Windows PowerShell
• • Start 6434A-NYC-DC1 and log on as Administrator using the password Pa$$w0rd. Open Windows PowerShell.

Task 2: Identify specific properties of a Process object
• • Use Windows PowerShell to display all the properties for a Process object. Examine the list of Process object properties to determine the properties that represent the following aspects of the process: • • • Virtual memory utilization Paged memory utilization Non-paged memory utilization

Results: After this exercise, you should have discovered the Process object properties that represent the virtual memory utilization, paged memory utilization, and nonpaged memory utilization of a process.

Exercise 2: Calculating Process Memory Usage
Scenario
Lately at Woodgrove Bank, concerns have been raised as to whether your servers have adequate RAM to deal with the increased traffic load created by many new users after a recent merger. You need to identify which services and applications are consuming the most memory. In order to narrow down which processes are responsible for high memory consumption, you need to calculate and display the amount of memory used by the processes running on a server.

4

Lab Instructions: Building Pipelines for Assembly-Line Style Processing

Exercise Overview
In this exercise, you will use Windows PowerShell to calculate the memory usage for the processes running on a computer. The main tasks for this exercise are as follows: 1. Display memory utilization statistics for running processes.

Task 1: Display memory utilization statistics for running processes
• • • Display the average paged memory used by all running processes. Display the total virtual memory used by all running processes. Display the average, total, minimum, and maximum values for virtual and paged memory utilization by all running processes.

Results: After this exercise, you should have displayed various memory utilization statistics for the processes running on a computer.

Exercise 3: Using Associative Array Variables
Scenario
You monitor many of the servers in the data centers of Woodgrove Bank remotely from a central network operation center. You use powerful systems management products to accomplish some of your goals, but some tasks are best handled with custom Windows PowerShell scripts. One of the scripts that you are writing needs to keep track of the computer name, primary management IP address, and the operating system that the server is running. You need to create an associative array to store multiple pieces of information in a single variable, and utilize the array to access specified pieces of information.

Exercise Overview
In this exercise you will create and utilize an associative array. The main tasks for this exercise are as follows: 1. 2. Create an associative array and populate it with values. Display specified members of an associative array.

Lab Instructions: Building Pipelines for Assembly-Line Style Processing

5

Task 1: Create an associative array and populate it with values
• Create an associative array and store it in a variable named $arr. Populate the array with the following key/value pairs: • • • Name/Server2 IP/192.168.10.10 OS/Windows Server 2008

Task 2: Display specified members of an associative array
• Using the variable $arr created in Task 1, display only the value for the IP key.
Results: After this exercise, you should have created an associative array and displayed specific values from within the array.

Exercise 4: Sorting and Selecting Elements from a Resultant Set of Data
Scenario
You have determined that the amount of physical memory in some of the servers that you administer at Woodgrove Bank is inadequate. You need to create a report that describes the processes that are running on a server. You need to sort this set of objects so that they appear in the correct order, and ensure that only the necessary object property values are displayed. You decide to sort by the physical memory used by each process, with the largest consumer at the beginning of the list and the process with the smallest memory footprint at the end of the list. In order to focus on only the necessary information, you then decide to report only the process names and physical memory utilization values, and also to limit the list to the top ten processes that are using disproportionately large amounts of memory.

Exercise Overview
In this exercise you will retrieve the currently running processes and display them in a sorted table that includes a subset of the processes and their properties. The main tasks for this exercise are as follows: 1. 2. Sort processes into the desired order. Select the desired properties of a process.

6

Lab Instructions: Building Pipelines for Assembly-Line Style Processing

3.

Select a subset of the available processes.

Task 1: Sort processes into the desired order
• Use the Get-Process cmdlet to retrieve all running processes. Sort them so that the processes using the most paged memory are displayed first.

Task 2: Select the desired properties of a process
• Use the Get-Process cmdlet to retrieve all running processes. Sort them so that the processes using the most paged memory are displayed first. Format the output so that it is displayed as a table that includes only the names of the processes and paged memory utilization.

Task 3: Select a subset of the available processes
• Use the Get-Process cmdlet to retrieve all running processes. Sort them so that the processes using the most paged memory are displayed first. Format the output so that it is displayed as a table that includes only the names of the processes and paged memory utilization. Display only the first 10 processes.
Results: After this exercise, you should have created a table that displays a sorted subset of running processes.

Lab Instructions: Managing Processes and Formatting Cmdlet Output

1

Module 4
Lab Instructions: Managing Processes and Formatting Cmdlet Output
Contents:
Exercise 1: Implementing Basic Formatting Control Exercise 2: Formatting with the -f Operator Exercise 3: Implementing Advanced Formatting 2 4 5

2

Lab Instructions: Managing Processes and Formatting Cmdlet Output

Lab: Output Formatting and Process Control with Windows PowerShell

Exercise 1: Implementing Basic Formatting Control
Scenario
You are an administrator for Woodgrove Bank. You need to format the output of Windows PowerShell cmdlets so that administrative information is displayed in an appropriate manner. Three of the common types of data that you work with are services, event log entries, and processes. You choose an appropriate formatting cmdlet to suit each type of data and the task at hand. In addition, you choose specific properties of the different kinds of objects you work with so that both the format and specific data that is presented in that format is easy to understand.

Exercise Overview
In this exercise you will use formatting cmdlets to create basic customized formatting. The main tasks for this exercise are as follows: 1. 2. Start the 6434A-NYC-DC1 virtual machine, log on as Administrator, and start Windows PowerShell. Format services in a table.

Lab Instructions: Managing Processes and Formatting Cmdlet Output

3

3. 4.

Format event log entries in a list. Format processes in a wide list.

Task 1: Start the 6434A-NYC-DC1 virtual machine, log on as Administrator, and start Windows PowerShell
1. 2. Start 6434A-NYC-DC1 and log on as Administrator using the password Pa$$w0rd. Open Windows PowerShell.

Task 2: Format services in a table
• Display a list of installed services in a table, so that the table includes columns only for the name and current status (running or stopped) of the services. The table should not span the width of the Windows PowerShell window. Display a list of installed services in a table, so that the table includes columns only for the name, current status (running or stopped) services, and whether or not the service can be paused.

Task 3: Format event log entries in a list
• Display the 20 most recent System event log entries in a list. The list should include all properties of the event log entry objects.

Task 4: Format processes in a wide list
• • Display a two-column list of currently running process names. Display a two-column list of currently running process descriptions.
Results: After this exercise, you should have five custom-formatted displays for various operating system object types.

4

Lab Instructions: Managing Processes and Formatting Cmdlet Output

Exercise 2: Formatting with the -f Operator
Scenario
You are creating a script that will display messages regarding running processes. Your manager at Woodgrove Bank expects clear and concise information that is presented in an easy to understand format. You need to present her with information about the memory utilization of specific processes at various points in time. You need to insert formatted data into the messages so that the messages have a clear meaning. You have chosen to use the–f formatting operator of Windows PowerShell to help in this task.

Exercise Overview
In this exercise, you will use the -f operator to provide custom formatting for various operating system objects and data. The main tasks for this exercise are as follows: 1. 2. 3. Insert data into a string. Insert numerically formatted data into a string. Insert date-formatted data into a string.

Task 1: Insert data into a string
• • • Retrieve all running processes and store them in a variable named $processes. Use the -f operator to display the string, "The second process is x," so that "x" is the name of the second process in $processes. Use the -f operator to display the string, "The second process is x, and it is using y bytes of virtual memory," so that "x" is the name of the second process in $processes, and "y" is the amount of virtual memory being used by that process.

Task 2: Insert numerically formatted data into a string
• • Retrieve all running processes and store them in a variable named $processes. Use the -f operator to display the string, "The second process is x, and it is using yMB of virtual memory," so that "x" is the name of the second process in $processes, and "y" is the amount of virtual memory being used by that

Lab Instructions: Managing Processes and Formatting Cmdlet Output

5

process. Display the virtual memory in megabytes, formatted as a number with no digits after the decimal point.

Task 3: Insert date-formatted data into a string
• • Use the Get-Date cmdlet to retrieve the current date and store it in a variable named $now. Display the string, "Today is x," where "x" is the current date formatted as a short date (such as MM/DD/YYYY or DD/MM/YYYY, depending on the regional settings of your computer).
Results: After this exercise, you should have produced various strings that include formatted data.

Exercise 3: Implementing Advanced Formatting
Scenario
You are creating a formatted report for your supervisor and need to ensure that the report contains the correct data. Your supervisor is the director of IT at Woodgrove Bank, and she is very busy. You want to ensure that the units of information that you are reporting are consistent with other reports that she uses. Some of the necessary data needs to be calculated using a mathematical expression. Specifically, the virtual memory utilization of processes should be reported in units of megabytes rather than in units of bytes. However, the available data is provided in units of bytes. You decide to test the expression and reporting format and then generate the report by providing a calculated property to the Windows PowerShell table formatter.

Exercise Overview
In this exercise you will use the Format-Table cmdlet to implement advanced formatting, including calculated columns in a table. The main tasks for this exercise are as follows: 1. 2. Prototype a calculated column using the -f operator Create a table that contains a calculated column

6

Lab Instructions: Managing Processes and Formatting Cmdlet Output

Task 1: Prototype a calculated column using the -f operator
• • Retrieve a list of processes into a variable named $processes. Use the -f operator to display the virtual memory utilization of the first process in $processes. The virtual memory utilization should be displayed in megabytes, using numeric formatting, with no digits after the decimal point.

Task 2: Create a table that contains a calculated column
• Display a list of all running processes in a table that includes the names of the processes and their virtual memory utilization. The virtual memory utilization should be displayed in megabytes, using numeric formatting, with no digits after the decimal point.
Results: After this exercise, you should have created a table that uses a calculated column.

Lab Instructions: Introduction to Scripting with Windows PowerShell™

1

Module 5
Lab Instructions: Introduction to Scripting with Windows PowerShell™
Contents:
Exercise 1: Writing and Running a Script Exercise 2: Customizing Profiles 2 3

2

Lab Instructions: Introduction to Scripting with Windows PowerShell™

Lab: Implementing Scripts in Windows PowerShell

Exercise 1: Writing and Running a Script
Scenario
Another administrator in Woodgrove Bank needs to regularly generate a report of running processes that includes specific information. You need to write a script that will enable the other administrator to perform this task without manually entering Windows PowerShell commands.

Exercise Overview
In this exercise you will write a Windows PowerShell script that displays specified information about running processes. The main tasks for this exercise are as follows: 1. 2. 3. 4. Start the 6434A-NYC-DC1 virtual machine and log on as Administrator. Create an empty script file. Add Windows PowerShell commands to the script. Run the script and verify its operation.

Lab Instructions: Introduction to Scripting with Windows PowerShell™

3

Task 1: Start the 6434A-NYC-DC1 virtual machine and log on as Administrator
1. Start 6434A-NYC-DC1 and log on as Administrator using the password Pa$$w0rd.

Task 2: Create an empty script file
• • Use Windows Explorer to create a new folder named C:\Scripts. Use Windows Explorer to create a new text file named Mod5Task2.ps1.

Task 3: Add Windows PowerShell commands to the script
• • Use Windows Notepad to open Mod5Task2.ps1. Add the Windows PowerShell command that will display the currently running processes in a table format, so that only the name, physical memory utilization, and virtual memory utilization of the process are displayed. The table columns should not have excess blank space between them.

Task 4: Run the script and verify its operation
• Run Mod5Task2.ps1 and verify that it displays the desired information,
Results: After this exercise, you should have created a script which, when executed, displays information about processes running on the server.

Exercise 2: Customizing Profiles
Scenario
You and the other administrators at Woodgrove Bank frequently use Windows PowerShell to automate Windows Server administrative tasks. You need to become more efficient at using the shell and must create shorter aliases to some of the common cmdlets that you run. You want these aliases to be available each time that you open the shell; therefore, you add them to your Windows PowerShell profile. When your colleagues see how efficient you are with these aliases, they might want to use them too, so you will likely be sharing your profile changes with them.

4

Lab Instructions: Introduction to Scripting with Windows PowerShell™

Exercise Overview
In this exercise you will create a Windows PowerShell profile and configure it to automatically create aliases each time that the shell is opened. The main tasks for this exercise are as follows: 1. 2. 3. Create a blank profile script. Add commands to the profile. Test the profile and verify its operation.

Task 1: Create a blank profile script
• Use Windows Explorer to create a new, blank Windows PowerShell profile script that will open only for your user account, and only for the default shell instance.

Task 2: Add commands to the profile
• • To the profile that you created, add the command that creates an alias named Gel for the cmdlet Get-EventLog. To the profile you created, add the command that creates an alias named Of for the cmdlet Out-File.

Task 3: Test the profile and verify its operation
• • • Close and reopen Windows PowerShell. Run Gel Security and ensure that the security event log entries are displayed. Run Ps | Of C:\Scripts\Processes.txt and verify that a file named C:\Scripts\Processes.txt is created, and that the file contains a list of currently running processes.
Results: After this exercise, you should have created a Windows PowerShell profile that automatically creates aliases each time the shell is opened.

Lab Instructions: Implementing Flow Control and Functions

1

Module 6
Lab Instructions: Implementing Flow Control and Functions
Contents:
Exercise 1: Adding Flow Control in a Script Exercise 2: Creating Functions 2 4

2

Lab Instructions: Implementing Flow Control and Functions

Lab: Implementing Functions and Flow Control in Windows PowerShell

Exercise 1: Adding Flow Control in a Script
Scenario
You are a network administrator for Woodgrove Bank. You need to use Windows PowerShell to inventory operating system versions, including the version of the latest installed service pack, from several computers. You decide to use information that is available via Windows Management Instrumentation (WMI) and choose the Win32_OperatingSystem class to retrieve this information. Because the Caption property of this class provides a more verbose operating system product name than you want to display, you choose to use Windows PowerShell flow control to help translate the operating system build number into a short representation of the operating system version.

Exercise Overview
In this exercise, you will control the flow of processing of script code blocks. The main tasks for this exercise are as follows: 1. Start the 6434A-NYC-DC1 virtual machine, log on as Administrator, and start Windows PowerShell.

Lab Instructions: Implementing Flow Control and Functions

3

2. 3.

Retrieve the Windows build number and service pack version from a computer. Write a script that uses the build number to display the operating system version.

Task 1: Start the 6434A-NYC-DC1 virtual machine, log on as Administrator, and start Windows PowerShell
• 1. Start 6434A-NYC-DC1, log on as Administrator using the password Pa$$w0rd, and start Windows PowerShell.

Task 2: Retrieve the Windows build number and service pack version from a computer
• • • • Use the Get-WmiObject cmdlet to retrieve the Win32_OperatingSystem class from 6434A-NYC-DC1 Store the retrieved class in a variable. Use the -computerName parameter of Get-WmiObject to specify NYC-DC1 as the computer name. Use the variable containing the retrieved class to display the BuildNumber and ServicePackMajorVersion properties.

Task 3: Write a script that uses the build number to display the operating system version
• • Create a new, blank script named Mod6Task3.ps1. To the script, add commands that accomplish the following tasks: • • Store the computer name NYC-DC1 into a variable named $computer. Use Get-WmiObject to retrieve the Win32_OperatingSystem class from the computer name stored in $computer. Store the retrieved class in a variable named $os. Store "0" in a variable named $osver. Use a switch construct to examine the BuildNumber property of the $os variable. Store a short version of the operating system version in the variable $osver, according to the following rules:

• •

4

Lab Instructions: Implementing Flow Control and Functions

• • • • • • •

If the build number is 2195, store "Win2000" in $osver. If the build number is 2600, store "WinXP" in $osver. If the build number is 3790, store "Win2003" in $osver. If the build number is 6000, store "Vista" in $osver. Otherwise, store "Win2008" in $osver.

Display output similar to this: NYC-DC1: Win2008 SP0 Run the script named Mod6Task3.ps1.

Results: After this exercise, you should have created a script that retrieves and displays the operating system version and latest installed service pack version from a specified computer.

Exercise 2: Creating Functions
Scenario
You are an administrator for Woodgrove Bank. You have written a script that retrieves the Windows operating system name and service pack version number from a remote computer. However, you need to perform this task frequently, so you want to make the script more easily accessible from within Windows PowerShell. You decide to convert your script to a function and define this function in your Windows PowerShell profile so that it does not need be defined for each new instance of Windows PowerShell.

Exercise Overview
In this exercise, you will create a function and add it to their profile. The main tasks for this exercise are as follows: 1. 2. Rewrite Mod6Task3.ps1 as a function. Add the function to your Windows PowerShell profile.

Task 1: Rewrite Mod6Task3.ps1 as a function
• • Copy Mod6Task3.ps1 to Mod6Function.ps1. Modify Mod6Function.ps1 so that the code is contained within a function named Get-OSVersion.

Lab Instructions: Implementing Flow Control and Functions

5

• • • • •

The function should accept one input argument named $computer. The contents of the function should use the $computer input argument rather than the $computer variable previously defined in the script. The function should return its output rather than writing it to the console window.

After defining the function, add the command Get-OSVersion NYC-DC1 to the script. Run Mod6Function.ps1 and verify its output.

Task 2: Add the function to your Windows PowerShell profile
• • Add the Get-OSVersion function to your Windows PowerShell profile. Close and re-open Windows PowerShell, and run Get-OSVersion NYC-DC1 to verify the availability of the function.
Results: After this exercise, you should have created the Get-OSVersion function and added it to your profile.

Lab Instructions: Working with Files, the Registry, and Certificate Stores

1

Module 7
Lab Instructions: Working with Files, the Registry, and Certificate Stores
Contents:
Exercise 1: Searching for Certain Files Exercise 2: Modifying Registry Entries Exercise 3: Generating Reports Exercise 4: Generating Reports on the Security Log Exercise 5: Comparing Files 2 4 5 6 7

2

Lab Instructions: Working with Files, the Registry, and Certificate Stores

Lab: Working with Files, the Registry, and Certificate Stores

Exercise 1: Searching for Certain Files
Scenario
You are an administrator for Woodgrove Bank. Another administrator has asked you to locate several files on a server, and you have decided to use Windows PowerShell to accomplish the task. You also need to locate all files containing a specific text string. This text string is a copyrighted phrase which must be reviewed and potentially changed by other users.

Exercise Overview
In this exercise, you will search within a folder for all files of a certain type, for files having a certain name, and for files that contain a particular text string that represents the trademarked name of a product.

Lab Instructions: Working with Files, the Registry, and Certificate Stores

3

The main tasks for this exercise are as follows: 1. 2. 3. 4. Start the 6434A-NYC-DC1 virtual machine and log on as Administrator. List all XML files residing in the C:\Windows folder. Locate a particular file residing in the C:\Program Files folder. Locate all text files containing a particular text string.

Task 1: Start the 6434A-NYC-DC1 virtual machine and log on as Administrator
1. Start 6434A-NYC-DC1 and log on as Administrator using the password Pa$$w0rd.

Task 2: List all XML files residing in the C:\Windows folder
• • Open Windows PowerShell and change to the C:\Windows folder. List all files having the file name extension "xml."

Task 3: Locate a particular file residing in the C:\Program Files folder
• • In Windows PowerShell, change to the C:\Program Files folder. Locate all copies of the file named Oledb32.dll.

Task 4: Locate all text files containing a particular text string
• • Change to the C:\Windows\System32\WindowsPowerShell folder. Write a script or command that displays the full path and name of all files in the folder having the file name extension "txt". For files that contain the word "PowerShell," also display the line number where the word "PowerShell" can be found within that file.
Results: After this exercise, you should have located files of a specified file type, or files having a specified name. You should also have located all files containing a specified trademarked term.

4

Lab Instructions: Working with Files, the Registry, and Certificate Stores

Exercise 2: Modifying Registry Entries
Scenario
A new IT security policy at Woodgrove Bank requires that certain kinds of scripts be code signed. As an administrator at the bank, you decide to reconfigure the Windows Script Host (WSH) not to use software restriction policies to determine if a script is trusted for execution. For greater security you will also configure the WSH to execute only those scripts that carry a digital signature.

Exercise Overview
In this exercise, you will modify a set of registry entries, changing the TrustPolicy settings for Windows Script Host. The main tasks for this exercise are as follows: 1. 2. Modify the WinSAFER registry setting for WSH Create the TrustPolicy setting for the WSH

Task 1: Modify the WinSAFER registry setting for WSH
• In Windows PowerShell, navigate to the \HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host registry key. Modify the UseWinSAFER setting to have a value of 0.

Task 2: Create the TrustPolicy setting for the WSH
• In Windows PowerShell, navigate to the \HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host registry key. Create a new setting called TrustPolicy and set it to have a decimal value of 2.
Results: After this exercise, you should have modified the WSH registry settings so that only scripts that are digitally signed will be executed, regardless of the Software Restriction Policies settings.

Lab Instructions: Working with Files, the Registry, and Certificate Stores

5

Exercise 3: Generating Reports
Scenario
Some of the servers that you administer at Woodgrove Bank are file servers that have been used to store collections of bitmap files, which is against corporate policy. You also want to scan for any large files except for dynamically linked libraries. As a result, you have decided to produce various reports designed to help clean up the file system of a server. You need to produce a report listing files of a disallowed type and a report listing files whose size is greater than a specified amount.

Exercise Overview
In this exercise, you will generate a report of disallowed files on a server, and of large files on a server. The main tasks for this exercise are as follows: 1. 2. Produce a report showing disallowed files Produce a report showing large files

Task 1: Produce a report showing disallowed files
• • • Use Windows PowerShell to produce a report that shows the location of all files that have a "bmp" file name extension. The report should be in CSV format and should contain two columns that show the directory path and file name of each file. Name the report file Bitmaps.csv.

Task 2: Produce a report showing large files
• • • • Use Windows PowerShell to produce a report that shows the location and size of all files with a file size greater than 10 MB. The report should exclude files with the file name extension "dll." The report should be in CSV format, and contain three columns that show the directory path, file name, and size in bytes of each file. Name the report file BigFiles.csv.

6

Lab Instructions: Working with Files, the Registry, and Certificate Stores

Results: After this exercise, you should have produced two reports that can be used to help clean up the file system of a server.

Exercise 4: Generating Reports on the Security Log
Scenario
A security auditor working for Woodgrove Bank asks you to provide a report, in CSV format, of specified security audit events from a server. Knowing that Windows PowerShell can be used to select the appropriate information, you use the shell to first retrieve the required security audit events, and then, after you have manually confirmed that the proper events have been selected, you export the selected event information to a comma separated values (CSV) file.

Exercise Overview
In this exercise, you will scan the system event log for all instances of a particular event ID and generate a CSV file containing the results. The main tasks for this exercise are as follows: 1. 2. Retrieve audit events that match the specified criteria Create a report using the retrieved audit events

Task 1: Retrieve audit events that match the specified criteria
• Retrieve and display the security event log events having an event ID of 4634, 4672, or 4624.

Task 2: Create a report using the retrieved audit events
• • Using the command created for Task 1, create a CSV file containing the event ID, entry type, and time generated properties for each audit event. Name the CSV file AuditLog.csv.
Results: After this exercise, you should have created a CSV report containing the specified audit events.

Lab Instructions: Working with Files, the Registry, and Certificate Stores

7

Exercise 5: Comparing Files
Scenario
You are responsible for maintaining a Windows Server 2008 computer. You need to document the services that are installed on the computer. Periodically, you need to compare the services that are currently-installed on your computer to the documented set of services and report any differences.

Exercise Overview
In this exercise, you will create a baseline of installed services on a computer. You will then install new services, and demonstrate how the baseline can be used to audit the current configuration of the server and display discrepancies. The main tasks for this exercise are as follows: 1. 2. 3. Create a baseline of installed services Install additional services on the computer Compare the baseline to the current state

Task 1: Create a baseline of installed services
• Create an XML file that contains a snapshot of the services that are currently installed on the computer.

Task 2: Install additional services on the computer
• • Start Server Manager. Add the Fax Server role and any required features.

Task 3: Compare the baseline to the current state
• • Compare the snapshot created in Task 1 to the services that are currently installed on the computer, and display any differences. Display the names of only those services that are different.
Results: After this exercise, you should have created a baseline configuration file and used it to audit the services that are installed on a server.

8

Lab Instructions: Working with Files, the Registry, and Certificate Stores

Lab Instructions: Managing the Windows Operating System Using Windows PowerShell™ and WMI

1

Module 8
Lab Instructions: Managing the Windows Operating System Using Windows PowerShell™ and WMI
Contents:
Exercise 1: Using WMI Classes in Windows PowerShell Exercise 2: Using WMI Type Accelerators Exercise 3: Managing Disk Volumes in Windows PowerShell Exercise 4: Defragmenting Disk Volumes Using Windows PowerShell Exercise 5: Managing IIS 7.0 Properties Using WMI 2 4 5 6 7

2

Lab Instructions: Managing the Windows Operating System Using Windows PowerShell™ and WMI

Lab: Managing the Windows Operating System with Windows PowerShell and WMI

Exercise 1: Using WMI Classes in Windows PowerShell
Scenario
As an administrator for Woodgrove Bank, you often need to retrieve information about computers on your network. This information includes inventory information, such as operating system version numbers, and operational information, such as the processes that are currently running on a computer. You have chosen to use Windows Management Instrumentation (WMI) classes in Windows PowerShell to retrieve and process this information.

Lab Instructions: Managing the Windows Operating System Using Windows PowerShell™ and WMI

3

Exercise Overview
In this exercise, you will use WMI classes in Windows PowerShell. The main tasks for this exercise are as follows: 1. 2. 3. 4. Start the 6434A-NYC-DC1 virtual computer and log on as Administrator. Retrieve the operating system and service pack version information from a computer. Retrieve information related to services that are installed on a computer. Remove a shared folder from a computer.

Task 1: Start the 6434A-NYC-DC1 virtual computer and log on as Administrator
• • Start the 6434A-NYC-DC1 virtual computer and log on as Administrator using the password Pa$$w0rd. Open Windows PowerShell.

Task 2: Retrieve the operating system and service pack version information from a computer
• • • Retrieve all instances of the Win32_OperatingSystem WMI class from the local computer. Display only those properties that contain the operating system build number and the major version number of the latest installed service pack. Complete this task using a technique that can be used either for the local computer or for remote computers.

Task 3: Retrieve information related to services that are installed on a computer
• Create a list of installed services that includes the service name, the user account that the service uses to log on, and the start mode that the service is configured to use.

4

Lab Instructions: Managing the Windows Operating System Using Windows PowerShell™ and WMI

Task 4: Remove a shared folder from a computer
• • Retrieve all instances of the Win32_Share class that have a Name property containing "FileShare". Execute the Delete() method of all retrieved Win32_Share instances.
Results: After this exercise, you should have retrieved inventory and operational information from a computer using a technique that can be used for either the local computer or for remote computers.

Exercise 2: Using WMI Type Accelerators
Scenario
You administer file servers for Woodgrove Bank. Creation of new shared folders and running programs remotely are common tasks in your job. As new committees and projects form every week, you need to ensure that people have access to shared folders to support their latest endeavors. As a part of your remote management duties, you frequently need to launch software on servers and workstations throughout the organization. You need to create a new shared folder so that users can access shared documents on one of the file servers that you maintain at Woodgrove Bank. You also need to use Windows PowerShell to launch new processes, including doing so on remote computers. You choose to use WMI type accelerators to accomplish these tasks.

Exercise Overview
In this exercise, you will create a shared folder and launch a new process. The main tasks for this exercise are as follows: 1. 2. 3. Create a folder to share. Share the folder. Launch a new process.

Task 1: Create a folder to share
• Create a folder named C:\SharedDocuments.

Lab Instructions: Managing the Windows Operating System Using Windows PowerShell™ and WMI

5

Task 2: Share the folder
• • Use the [WMICLASS] type accelerator to retrieve the Win32_Share class. Use the Create() method of the Win32_Share class to create a new shared folder named Docs for the C:\SharedDocuments folder.

Task 3: Launch a new process
• • Use the [WMICLASS] type accelerator to retrieve the Win32_Process class. Use the Create() method of the Win32_Process class to launch Windows Notepad.
Results: After this exercise, you should have created a new shared folder and launched Windows Notepad.

Exercise 3: Managing Disk Volumes in Windows PowerShell
Scenario
In this exercise, you will produce an inventory report of the disk volumes on a computer. Your report will include information such as total size, space available, and other information, and will be used for capacity planning on the current and future servers that you administer at Woodgrove Bank. You also need to produce reports that list all the volumes that are attached to a computer, for inventory purposes.

Exercise Overview
In this exercise, you will manage disk volumes in Windows PowerShell. The main tasks for this exercise are as follows: 1. 2. Report on free disk space for local disk volumes. Report on all volumes attached to a computer.

Task 1: Report on free disk space for local disk volumes
• • Create a report that uses the Win32_Volume class to display the drive letter, total space, and free space for local hard disks only. Display the report in table format on the screen.

6

Lab Instructions: Managing the Windows Operating System Using Windows PowerShell™ and WMI

Task 2: Report on all volumes attached to a computer
• • Create a report that shows all attached volumes. The report should include the volume name (drive letter) and its drive type number. Save the report in a CSV file named DriveInventory.csv.

Results: After this exercise, you should have produced drive volume reports that can be used for inventory and capacity planning purposes.

Exercise 4: Defragmenting Disk Volumes Using Windows PowerShell
Scenario
Many of the NTFS volumes that you administer at Woodgrove Bank are heavily utilized, with files being created, modified, and deleted at a rapid rate. As such, the allocation of clusters to the files on these volumes can quickly become fragmented. Your manager has asked if you can automate scheduling of defragmentation of these values based on a needed versus not needed analysis and to track the frequency and dates of when each volume is defragmented. As the first step in prototyping this automation, you will use WMI in Windows PowerShell to defragment a small hard disk.

Exercise Overview
The main tasks for this exercise are as follows: 1. Defragment the E drive.

Task 1: Defragment the E drive
• • Use WMI to obtain the Win32_Volume instance that represents the E drive. Note that the backslash (\) character is a special character in WMI. If you specify a filter, you must type two backslashes. For example, instead of "E:\," you would type "E:\\." Run the Defrag() method of the instance that you obtained.
Results: After this exercise, you should have defragmented the E drive on your virtual machine.

Lab Instructions: Managing the Windows Operating System Using Windows PowerShell™ and WMI

7

Exercise 5: Managing IIS 7.0 Properties Using WMI
Scenario
You are a Web server administrator for Woodgrove Bank. You need to write a set of Windows PowerShell functions that will make it easier and faster to maintain Web sites running under IIS 7.0.

Exercise Overview
In this exercise, students will manage IIS 7.0 properties by using WMI. The main tasks for this exercise are as follows: 1. 2. 3. 4. Start the 6434A-NYC-DC1 virtual machine and log on as Administrator. Install IIS 7.0 Write the Get-WebSiteStatus function. Write the Restart-WebSite function.

Task 1: Start the 6434A-NYC-DC1 virtual machine and log on as Administrator
• • Start the 6434A-NYC-DC1 virtual machine and log on as Administrator. Open Windows PowerShell.

Task 2: Install IIS 7.0
• • Use Server Manager to install IIS 7.0. Ensure that you select the following Management Tools: • • • • IIS Management Console IIS Management Scripts and Tools Management Service IIS 6 Management Compatibility

Task 3: Write the Get-WebSiteStatus function
• Write a Windows PowerShell function named Get-WebSiteStatus.

8

Lab Instructions: Managing the Windows Operating System Using Windows PowerShell™ and WMI

The function must accept the name of a Web site as an input argument, and the function must output the state of the Web site: Running, Stopped, Stopping, Starting, or Unknown. The function should use WMI to retrieve the specified Web site, execute its GetState() method, and display the result. • Use the function to retrieve the status of the default Web site.

Task 4: Write the Restart-WebSite function
• Write a Windows PowerShell function named Restart-WebSite. The function must accept the name of a Web site as an input argument. The function should retrieve that Web site and execute its Stop() and Start() methods. • Use the function to restart the default Web site.
Results: After this exercise, you should have written two functions that help make IIS 7.0 Web site maintenance easier.

Lab Instructions: Administering Microsoft® Active Directory® with Windows PowerShell™

1

Module 9
Lab Instructions: Administering Microsoft® Active Directory® with Windows PowerShell™
Contents:
Exercise 1: Managing Active Directory Domain and Forest Properties Exercise 2: Maintaining Active Directory with ADSI Exercise 3: Maintaining Relationships in Active Directory with ADSI 2 4 6

Exercise 4: Managing IIS 7.0 with the .NET Web.Administration.ServerManager Class 7

2

Lab Instructions: Administering Microsoft® Active Directory® with Windows PowerShell™

Lab: Administering Active Directory with Windows PowerShell

Exercise 1: Managing Active Directory Domain and Forest Properties
Scenario
You are an administrator for Woodgrove Bank who is responsible for systems security. You and your IT director are concerned about maintaining adequate password policies, because many bank computers, such as those used for teller access, are near public view. You have heard reports of security breaches at other banks due to weak password security. You need to create a report that displays the password policies for your Active Directory domain.

Lab Instructions: Administering Microsoft® Active Directory® with Windows PowerShell™

3

Exercise Overview
In this exercise, students will manage Active Directory domain and forest properties. The main tasks for this exercise are as follows: 1. 2. Obtain a reference to the domain. Display domain password policy properties.

Task 1: Start the 6434A-NYC-DC1 virtual machine and log on as Administrator
• Start the 6434A-NYC-DC1 virtual machine and log on as Administrator using the password Pa$$w0rd.

Task 2: Obtain a reference to the domain
• • Use Windows PowerShell to obtain a reference to the current domain. Store the reference in the variable $domain.

Task 3: Display domain password policy properties
• • Display the list of domain properties by using Get-Member. Display the following settings from the password policy for the domain: • • • Minimum password length Password history length Maximum password age

Results: After this exercise, you should have displayed the domain password policies for your domain.

4

Lab Instructions: Administering Microsoft® Active Directory® with Windows PowerShell™

Exercise 2: Maintaining Active Directory with ADSI
Scenario
You are a directory administrator for Woodgrove Bank. Each week, the company provides you with a text file that lists new employees and the branches that they work in. The file is in comma-separated values (CSV) format. You need to use the file to create new Active Directory user accounts. You have chosen to use the CSV import capabilities and the ADSI type accelerator in Windows PowerShell to accomplish this.

Exercise Overview
In this exercise, students will maintain Active Directory objects using ADSI in Windows PowerShell. The main tasks for this exercise are as follows: 1. 2. 3. Write a script that creates an organizational unit. Create a sample CSV file. Write a script that imports the CSV file and creates user accounts.

Task 1: Write a script that creates an organizational unit
• • Use Windows Notepad to create an OU. In the file, type the following information: • • • • $dom = [ADSI]"LDAP://dc=woodgrovebank,dc=com" $ou = $dom.Create( "organizationalUnit", "ou=Tellers" ) $ou.SetInfo()

Save the file.

Lab Instructions: Administering Microsoft® Active Directory® with Windows PowerShell™

5

Task 2: Create a sample CSV file
• • • Use Notepad to create a file named Users.csv. Double-check to be sure that Windows Notepad does not add a "txt" filename extension. In the file, type the following information: • • • • FullName,LogonName,Branch Jesper Aaberg,Jesper,New York City Syed Abbas,Syed,Seattle

Save the file.

Task 3: Write a script that imports the CSV file and creates user accounts
• Write a Windows PowerShell script that performs the following steps: • • Read the contents of the CSV file. For each line in the file, excluding the first row, create a new user account. • • • • • The "FullName" column is the canonical name (CN) of the user. The "LogonName" column is the SAM Account Name of the user. The "Branch" column is the Department of the user. The new user accounts should be disabled (this is the default). The user accounts must be created in the Tellers OU.

Results: After this exercise, you should have written a script that reads a CSV file and uses the information in it to create new user accounts.

6

Lab Instructions: Administering Microsoft® Active Directory® with Windows PowerShell™

Exercise 3: Maintaining Relationships in Active Directory with ADSI
Scenario
At Woodgrove Bank, corporate reorganizations seem to be a fairly regular exercise. Even without such reorganizations, the turnover rate for some of the bank jobs seems to be going for a world record, and promotions in the branch offices seem to occur every month. As a directory administrator supporting the Human Resources department, you need to maintain up-to-date manager and direct report information for the enterprise. Each time that a new person is promoted or hired to a manager position, people who report directly to that person need to be updated in the directory. As an Active Directory administrator, you are responsible for maintaining reporting hierarchy information for the organization. You regularly update the manager attribute for several users in the Woodgrove Bank Active Directory domain. You decide to start by configuring the user accounts for workers in the Seattle branch with the appropriate manager.

Exercise Overview
In this exercise, students will manage relationships between user accounts and groups using ADSI in Windows PowerShell. The main tasks for this exercise are as follows: 1. 2. Retrieve the user account of the new manager. Update the accounts of selected users.

Task 1: Retrieve the user account of the new manager
• • Run a command that retrieves the user account for Kristian Gotsch in the Executives OU. Store the account in the variable $mgr. Set the variable $mgrname to contain the DN of Kristian Gotsch.

Lab Instructions: Administering Microsoft® Active Directory® with Windows PowerShell™

7

Task 2: Update the accounts of selected users
• • Dot source the GetUser.ps1 and SetUser.ps1 scripts into the shell. Write a one-liner that performs the following steps: • • • Retrieves all user accounts in the domain Keeps only those user accounts whose Department attribute is "Seattle." Update the manager attribute of those accounts to have Kristian Gotsch as the manager.

Results: After this exercise, you should have updated two user accounts to have a new manager attribute.

Exercise 4: Managing IIS 7.0 with the .NET Web.Administration.ServerManager Class Scenario
You are a Web server administrator for Woodgrove Bank. For security reasons, new promotions and new products need to be published to separate Web sites that are distinct from the regular Web sites for the bank. Because these new promotions come out regularly, new Web sites need to be created frequently. You want to write a Windows PowerShell script that automates the creation of new IIS 7.0 Web sites.

Exercise Overview
In this exercise, students will manage IIS 7.0 by using the .NET Web.Administration.ServerManager class. The main tasks for this exercise are as follows: 1. Write a Windows PowerShell script that creates a new Web site.

Task 1: Write a Windows PowerShell script that creates a new Web site
• Write a script that accepts several parameters: • • • Web site root directory path Web site name Web site HTTP port

8

Lab Instructions: Administering Microsoft® Active Directory® with Windows PowerShell™

The script should create a new IIS 7.0 Web site on the local computer, using the parameters that are provided. • • Test the script by using it to create a new Web site named MyWeb, with a root path of C:\Inetpub\wwwroot2, and a port of 8080. Check your results in Microsoft® Internet Explorer® by browsing to http://localhost:8080.
Results: After this exercise, you should have created a script that automates the creation of new IIS 7.0 Web sites.

Lab Instructions: Administering Group Policy in Windows PowerShell™ Using COM

1

Module 10
Lab Instructions: Administering Group Policy in Windows PowerShell™ Using COM
Contents:
Exercise 1: Retrieving a GPO by Using a COM Object Exercise 2: Copying Group Policy Settings Exercise 3: Backing Up and Restoring a GPO Exercise 4: Generating Group Policy Reports 2 3 4 5

2

Lab Instructions: Administering Group Policy in Windows PowerShell™ Using COM

Lab: Administering Group Policy in Windows PowerShell

Exercise 1: Retrieving a GPO by Using a COM Object
Scenario
You are a directory administrator for Woodgrove Bank. You need to use Windows PowerShell to retrieve a Group Policy object (GPO) from Active Directory so that you can perform several management tasks that use the GPO.

Exercise Overview
In this exercise, you will use COM objects in Windows PowerShell. The main tasks for this exercise are as follows: 1. 2. Start the 6434A-NYC-DC1 virtual machine and log on as Administrator. Retrieve the GPO that has the display name GPO1, and store it in a variable.

Lab Instructions: Administering Group Policy in Windows PowerShell™ Using COM

3

Task 1: Start the 6434A-NYC-DC1 virtual machine and log on as Administrator
• • Start the 6434A-NYC-DC1 virtual machine and log on as Administrator using the password Pa$$w0rd. Open Windows PowerShell.

Task 2: Retrieve the GPO that has the display name GPO1, and store it in a variable
• • • • • Instantiate the GPMC COM object. Retrieve a reference to the woodgrovebank.com domain. Create GPO search criteria and retrieve all GPOs in the domain. Use the Where-Object cmdlet to filter out all GPOs except the one that has the display name "GPO1". Store the GPO in a variable named $gpo.
Results: After this exercise, you should have retrieved the GPO named GPO1 and stored it in the variable $gpo.

Exercise 2: Copying Group Policy Settings
Scenario
You are a directory administrator for Woodgrove Bank. You need to make a copy of an existing GPO to form the basis for a new GPO. This approach is typically used when a department needs settings that are similar to those of another department that already has a useful GPO, but linking is not appropriate because the two departments need to maintain different policy settings throughout their life cycle.

Exercise Overview
In this exercise, students will copy Group Policy settings from one GPO to another. The main tasks for this exercise are as follows: 1. Copy the Group Policy object GPO1 to GPO3.

4

Lab Instructions: Administering Group Policy in Windows PowerShell™ Using COM

Task 1: Copy the Group Policy object GPO1 to GPO3.
• Copy GPO1 to a new GPO named GPO3. Use the CopyTo() method of the $gpo object, and use the $domain object as a target.
Results: After this exercise, you should have copied GPO1 to GPO3.

Exercise 3: Backing Up and Restoring a GPO
Scenario
You are a directory administrator for Woodgrove Bank. You need to back up a GPO, and test your ability to restore it. You use this feature most often to move GPOs back and forth from your test environment to your production environment.

Exercise Overview
In this exercise, students will back up and restore GPOs. The main tasks for this exercise are as follows: 1. 2. 3. Back up the GPO1 GPO. Delete the GPO1 GPO. Restore the GPO1 GPO.

Task 1: Back up the GPO1 GPO
• • Create a folder named C:\GPOBackup. Use the Backup() method of the $gpo object to back up GPO1 to a file named GPO1Backup.

Task 2: Delete the GPO1 GPO
• Use the GPMC to delete the GPO1 GPO, which is linked to the Tellers OU.

Lab Instructions: Administering Group Policy in Windows PowerShell™ Using COM

5

Task 3: Restore the GPO1 GPO
• • • Obtain a reference to the GPOBackup folder. Use the SearchBackups() method to load all backed-up GPOs. Use the Where-Object cmdlet to filter out all GPOs that do not have a GPODisplayName property of GPO1. Store the remaining GPO in a variable named $backup. Use the RestoreGPO() method of the domain to restore the $backup object.
Results: After this exercise, you should have backed up, deleted, and restored a GPO.

Exercise 4: Generating Group Policy Reports
Scenario
You are a directory administrator for Woodgrove Bank. You need to restore a GPO, but prior to doing so you need to generate a report describing the contents of the GPO. You want the report to be in HTML format.

Exercise Overview
In this exercise, you will generate Group Policy change reports. The main tasks for this exercise are as follows: 1. Create an HTML report of the backed-up GPO named GPO1.

Task 1: Create an HTML report of the backed-up GPO named GPO1
• • Use the GenerateReport() method of the $backup object to generate an HTML report named GPO1.html. View the report in Internet Explorer.
Results: After this exercise, you should have viewed an HTML report of a backed-up GPO.

Lab Answer Key: Introduction to Windows PowerShell™

1

Module 1
Lab Answer Key: Introduction to Windows PowerShell™
Contents:
Exercise 1: Installing Windows PowerShell Exercise 2: Customizing Windows PowerShell 2 4

2

Lab Answer Key: Introduction to Windows PowerShell™

Lab: Implementing Windows PowerShell
Logon information:
• • • Virtual Machine: 6434A-NYC-DC1 User name: Administrator Password: Pa$$w0rd

Estimated time: 20 minutes

Exercise 1: Installing Windows PowerShell
Scenario
You are a Windows Server 2008 administrator for Woodgrove Bank. You plan to automate several Windows Server administration tasks by using Windows PowerShell, in addition to using the shell for interactive systems management. Therefore, you need to install Windows PowerShell on Windows Server 2008. Knowing that Windows PowerShell depends on the .NET Framework, you will first ensure that this framework is installed prior to installing Windows PowerShell.

Exercise Overview
In this exercise you will select and install the correct build of Windows PowerShell v1.0.

Note: This document refers to the domain controller by its virtual machine name 6434A-NYC-DC1, whereas the internal computer name in the Windows server within that virtual machine is NYC-DC1. The VM name and Windows computer name are not identical.

Lab Answer Key: Introduction to Windows PowerShell™

3

Task 1: Start the 6434A-NYC-DC1 virtual machine and log on as Administrator
1. 2. Open the Virtual Server Remote Control Client and double-click 6434ANYC-DC1. Log on as Administrator using the password Pa$$w0rd.

Task 2: Verify that the Windows PowerShell system requirements are met
1. If Server Manager is already running, bring its window to the front. If Server Manager is not currently running, launch it now as follows: Click Start, point to Administrative Tools, and then click Server Manager. Under Features, verify that the .NET Framework is installed. If it is not: a. b. c. Click Add features. Expand .NET Framework 3.0 Features and select .NET Framework 3.0. Click Next.

2.

d. Click Install. e. Click Close.

Task 3: Install Windows PowerShell
1. 2. 3. 4. 5. 6. 7. If Server Manager is not open, click Start, point to Administrative Tools, and then click Server Manager. Select Features. Click Add features. Select Windows PowerShell. Click Next. Click Install. Click Close.

Results: After this exercise, you should have installed Windows PowerShell on 6434A-NYC-DC1.

4

Lab Answer Key: Introduction to Windows PowerShell™

Exercise 2: Customizing Windows PowerShell
Scenario
An administrator in your company, Woodgrove Bank, has a visual impairment and cannot easily read the Windows PowerShell console when it is set to use the default colors. You need to customize the console window to use different colors that provide greater contrast. You also need to ensure that the shell can run scripts that you and the other administrators at the bank have written, as well as downloaded scripts that have been digitally signed.

Exercise Overview
In this exercise you will set the script execution policy in Windows PowerShell, and customize the appearance of the Windows PowerShell console window.

Task 1: Set the script execution policy
1. 2. Click Start, point to All Programs, and then point to Windows PowerShell 1.0. Right-click Windows PowerShell and click Run as Administrator. Type Set-ExecutionPolicy RemoteSigned unless your instructor has specified an execution policy other than RemoteSigned. Press ENTER. Question: What is the danger of using the Unrestricted execution policy? Answer: Any script can run without having a digital signature, creating a situation in which malicious scripts can be downloaded from the Internet and executed.

Lab Answer Key: Introduction to Windows PowerShell™

5

Task 2: Customize the appearance of the Windows PowerShell console window
1. 2. 3. 4. Click the control box in the upper-left corner of the Windows PowerShell window. Select Properties. On the Layout tab, for the Screen Buffer Size, specify a Width of 100, and for the Window Size, specify a Width of 80. On the Colors tab, select Screen Background and select the dark green color swatch (third from the left). Your instructor might specify an alternate color or allow you to choose your own. On the Options tab, ensure that the QuickEdit Mode check box is selected, and click OK. Type Exit and press ENTER.

5. 6.

Results: After this exercise, you should have set the script execution policy to allow for script execution, and customized the Windows PowerShell console window.

Lab Answer Key: Overview of Windows PowerShell™

1

Module 2
Lab Answer Key: Overview of Windows PowerShell™
Contents:
Exercise 1: Learning Cmdlets and Defining Aliases Exercise 2: Holding the Output of a Cmdlet 3 4

2

Lab Answer Key: Overview of Windows PowerShell™

Lab: Working with Windows PowerShell Cmdlets, Aliases, Objects, and Variables
Logon information:
• • • Virtual machine: 6434A-NYC-DC1 User name: Administrator Password: Pa$$w0rd

Estimated time: 45 minutes

Lab Answer Key: Overview of Windows PowerShell™

3

Exercise 1: Learning Cmdlets and Defining Aliases Scenario
You are an administrator for Woodgrove Bank. You plan to automate several Windows Server administrative tasks by using Windows PowerShell. To maximize your efficiency with Windows PowerShell, you decide to create custom abbreviations for the cmdlets that you will use most frequently. Therefore, you need to learn the necessary cmdlets and define aliases for them. Many tasks that you need to automate involve accessing the event logs; therefore, you decide to start by finding cmdlets that work with the event logs. You also need a quick way to save the output of Windows PowerShell operations in a file; consequently, you also intend to find cmdlets that work with output and files.

Exercise Overview
In this exercise, you will identify the cmdlets necessary to perform specific tasks, and you will create a new alias to one of those cmdlets.

Task 1: Start the 6434A-NYC-DC1 virtual machine, log on as Administrator, and start Windows PowerShell
1. 2. 3. Open the Virtual Server Remote Control Client and double-click 6434A-NYC-DC1. Log on as Administrator using the password Pa$$w0rd. Click Start, point to All Programs, point to Windows PowerShell 1.0, and click Windows PowerShell.

Task 2: Identify the cmdlets that perform a specific task
1. 2. 3. 4. Type Get-Command –noun eventlog and press ENTER. Make a note of the cmdlet, Get-EventLog, that is displayed. Type Get-Command –noun file or Get-Command –verb out and press ENTER. Make a note of the cmdlet, Out-File, that performs the desired task.

4

Lab Answer Key: Overview of Windows PowerShell™

Task 3: Create an alias
1. 2. Type New-Alias of out-file and press ENTER. Type Get-Alias to verify the creation of the new alias, then press ENTER. Question: If you close and re-open Windows PowerShell, is your new alias still available? Answer: No. Aliases persist for the duration of the current shell session only. Question: How can you create a persistent alias? Answer: Create the alias in your Windows PowerShell profile by adding the appropriate New-Alias cmdlets or cmdlets to the profile script.
Results: After this exercise, you should have identified two cmdlets and created an alias for one of those cmdlets.

Exercise 2: Holding the Output of a Cmdlet Scenario
You need to capture the output of a cmdlet so that the output can be used to perform other tasks. You also want to be able to review the output at a later time. At Woodgrove Bank, one of your administrative duties involves keeping track of the processes that are running on your servers. You periodically need to make snapshots of the list of processes running on each server; but occasionally, you need to work with these lists right away. Therefore, you decide to keep the list of processes in Windows PowerShell variable and then save the list of processes in that variable to a text file.

Exercise Overview
In this exercise you will run a cmdlet and retain its output in a variable.

Lab Answer Key: Overview of Windows PowerShell™

5

Task 1: Obtain the currently running processes and store them in a variable
• If you closed Windows PowerShell in the previous exercise, launch a new instance using the following method: click Start, point to All Programs, point to Windows PowerShell 1.0, and click Windows PowerShell. Type $processes = get-process and press ENTER.

Task 2: Display the processes stored in a variable
1. 2. Type $processes and press ENTER. Type $processes | out-file c:\processes.txt and press ENTER. (Your instructor might specify an alternate filename or location.)
Results: After this exercise, you should have run a cmdlet and retained its output in a variable. You should also have displayed the contents of that variable.

Lab Answer Key: Building Pipelines for Assembly-Line Style Processing

1

Module 3
Lab Answer Key: Building Pipelines for Assembly-Line Style Processing
Contents:
Exercise 1: Evaluating Process Properties Using the Get-Member Cmdlet Exercise 2: Calculating Process Memory Usage Exercise 3: Using Associative Array Variables Exercise 4: Sorting and Selecting Elements from a Resultant Set of Data 3 4 5 6

2

Lab Answer Key: Building Pipelines for Assembly-Line Style Processing

Lab: Implementing Pipelines in Windows PowerShell
Logon information:
• • • Virtual machine: 6434A-NYC-DC1 User name: Administrator Password: Pa$$w0rd

Estimated time: 45 minutes

Lab Answer Key: Building Pipelines for Assembly-Line Style Processing

3

Exercise 1: Evaluating Process Properties Using the GetMember Cmdlet
Scenario
You need to use Windows PowerShell to perform several tasks related to running processes. In order to do so, you need to identify the appropriate process object properties. The servers that you manage at Woodgrove Bank must be monitored with respect to virtual memory utilization and physical memory utilization, including the amount of non-paged memory that is being used. These memory utilizations must be tracked per process so that you can evaluate which processes are the biggest consumers, and so that you can track growth in memory utilizations over time due to increasing traffic through the services hosted by your servers.

Exercise Overview
In this exercise you will use the Get-Member cmdlet to identify various properties of a Process object.

Task 1: Start the 6434A-NYC-DC1 virtual machine, log on as Administrator, and start Windows PowerShell
1. 2. 3. Open the Virtual Server Remote Control Client and double-click 6434A-NYCDC1. Log on as Administrator using the password Pa$$w0rd. Click Start, point to All Programs, point to Windows PowerShell 1.0, and click Windows PowerShell.

4

Lab Answer Key: Building Pipelines for Assembly-Line Style Processing

Task 2: Identify specific properties of a Process object
1. 2. Type Get-Process | Get-Member and press ENTER. Examine the list of Process object properties to determine the properties that represent: • • • Virtual memory utilization: VM Paged memory utilization: PM Non-paged memory utilization: NPM

Results: After this exercise, you should have identified the Process object properties that represent the virtual memory utilization, paged memory utilization, and nonpaged memory utilization of a process.

Exercise 2: Calculating Process Memory Usage
Scenario
Lately at Woodgrove Bank, concerns have been raised as to whether your servers have adequate RAM to deal with the increased traffic load created by many new users after a recent merger. You need to identify which services and applications are consuming the most memory. In order to narrow down which processes are responsible for high memory consumption, you need to calculate and display the amount of memory used by the processes running on a server.

Exercise Overview
In this exercise, you will use Windows PowerShell to calculate the memory usage for the processes running on a computer.

Task 1: Display memory utilization statistics for running processes
1. 2. 3. Type Get-Process | Measure-Object PM –average and press ENTER. Type Get-Process | Measure-Object VM –sum and press ENTER. Type Get-Process | Measure-Object PM,VM –average –sum –min -max and press ENTER.
Results: After this exercise, you should have displayed various memory utilization statistics for the processes running on a computer.

Lab Answer Key: Building Pipelines for Assembly-Line Style Processing

5

Exercise 3: Using Associative Array Variables
Scenario
You monitor many of the servers in the data centers of Woodgrove Bank remotely from a central network operation center. You use powerful systems management products to accomplish some of your goals, but some tasks are best handled with custom Windows PowerShell scripts. One of the scripts that you are writing needs to keep track of the computer name, primary management IP address, and the operating system that the server is running. You need to create an associative array to store multiple pieces of information in a single variable, and utilize the array to access specified pieces of information.

Exercise Overview
In this exercise you will create and utilize an associative array.

Task 1: Create an associative array and populate it with values
• Type the following, making sure you press ENTER after each line: $arr = @{"Name"="Server2"; "IP"="192.168.10.10"; "OS"="Windows Server 2008"}

Note: The prompt ">>" indicates that line continuation rules are in effect. If you see the ">>" prompt, it means that the lines that you type will be considered as part of the prior line. Therefore, either continue to type more if you are continuing the command that you started (or continued) in the previous line, or type a blank line at the ">>" prompt to end the current statement or command if you are finished entering that command.

6

Lab Answer Key: Building Pipelines for Assembly-Line Style Processing

Task 2: Display specified members of an associative array
• Type $arr.IP and press ENTER.
Results: After this exercise, you should have created an associative array and displayed specific values from within the array.

Exercise 4: Sorting and Selecting Elements from a Resultant Set of Data
Scenario
You have determined that the amount of physical memory in some of the servers that you administer at Woodgrove Bank is inadequate. You need to create a report that describes the processes that are running on a server. You need to sort this set of objects so that they appear in the correct order, and ensure that only the necessary object property values are displayed. You decide to sort by the physical memory used by each process, with the largest consumer at the beginning of the list and the process with the smallest memory footprint at the end of the list. In order to focus on only the necessary information, you then decide to report only the process names and physical memory utilization values, and also to limit the list to the top ten processes that are using disproportionately large amounts of memory.

Exercise Overview
In this exercise you will retrieve the currently running processes and display them in a sorted table that includes a subset of the processes and their properties.

Task 1: Sort processes into the desired order
• Type Get-Process | Sort-Object PM -descending and press ENTER.

Lab Answer Key: Building Pipelines for Assembly-Line Style Processing

7

Task 2: Select the desired properties of a process
• Type Get-Process | Sort-Object PM –descending | Select-Object Name,PM and press ENTER. Question: How can you use aliases and abbreviated parameter names to shorten this command? Answer: ps | sort pm –des | select name,pm

Task 3: Select a subset of the available processes
• Type Get-Process | Sort-Object PM –descending | Select-Object Name,PM – first 10 and press ENTER.
Results: After this exercise, you should have created a table that displays a sorted subset of running processes.

Lab Answer Key: Managing Processes and Formatting Cmdlet Output

1

Module 4
Lab Answer Key: Managing Processes and Formatting Cmdlet Output
Contents:
Exercise 1: Implementing Basic Formatting Control Exercise 2: Formatting with the -f Operator Exercise 3: Implementing Advanced Formatting 2 4 5

2

Lab Answer Key: Managing Processes and Formatting Cmdlet Output

Lab: Output Formatting and Process Control with Windows PowerShell
Logon information:
• • • Virtual machine: 6434A-NYC-DC1 User name: Administrator Password: Pa$$w0rd

Estimated time: 60 minutes

Exercise 1: Implementing Basic Formatting Control
Scenario
You are an administrator for Woodgrove Bank. You need to format the output of Windows PowerShell cmdlets so that administrative information is displayed in an appropriate manner. Three of the common types of data that you work with are services, event log entries, and processes. You choose an appropriate formatting cmdlet to suit each type of data and the task at hand. In addition, you choose specific properties of the different kinds of objects you work with so that both the format and specific data that is presented in that format is easy to understand.

Exercise Overview
In this exercise you will use Windows PowerShell formatting cmdlets to create basic customized formatting.

Note: Ensure that you are typing each command at a regular Windows PowerShell prompt (for example, PS C:\Users\Administrator>). If the prior command has not been completed, and you have a line continuation prompt (for example, >>) then type CTRL+C prior to entering a new command.

Lab Answer Key: Managing Processes and Formatting Cmdlet Output

3

Task 1: Start the 6434A-NYC-DC1 virtual machine, log on as Administrator, and start Windows PowerShell
1. 2. 3. Open the Virtual Server Remote Control Client and double-click 6434A-NYC-DC1. Log on as Administrator using the password Pa$$w0rd. Click Start, point to All Programs, point to Windows PowerShell 1.0, and click Windows PowerShell.

Task 2: Format services in a table
1. 2. Type Get-Service | Format-Table Name,Status –autosize and press ENTER. Type Get-Service | Format-Table Name,Status,CanPause and press ENTER. Question: How can you see which other properties are available for display in a table? Answer: Type Get-Service | Get-Member and press ENTER.

Task 3: Format event log entries in a list
• Type Get-EventLog System –newest 20 | Format-List * and press ENTER. Question: Creating a list that shows all object properties often results in long lists. What is one practical purpose for such a list? Answer: To see all of the properties along with examples of the values that those properties contain.

Task 4: Format processes in a wide list
1. 2. Type Get-Process | Format-Wide and press ENTER. Type Get-Process | Format-Wide description and press ENTER. Question: Which name does Format-Wide select by default? Answer: If you do not specify a property to display, Format-Wide looks for a Name property.
Results: After this exercise, you should have five custom formatted displays for various operating system object types.

4

Lab Answer Key: Managing Processes and Formatting Cmdlet Output

Exercise 2: Formatting with the -f operator
Scenario
You are creating a script that will display messages regarding running processes. Your manager at Woodgrove Bank expects clear and concise information that is presented in an easy to understand format. You need to present her with information about the memory utilization of specific processes at various points in time. You need to insert formatted data into the messages so that the messages have a clear meaning. You have chosen to use –f formatting operator of Windows PowerShell to help in this task.

Exercise Overview
In this exercise, you will use the -f operator to provide custom formatting for various operating system objects and data.

Note: Take special care when you are typing format strings. When you use format strings such as "{0:d}" or "{1:N0}" be sure to use braces on either side of the parameter specifier, and a colon (not a comma) between the parameter number (for example, 0, 1, etc.) and the format type (for example, "d", "N0"). Additionally, be careful not to introduce a space between a numeric value and the multiplier suffix such as 1MB; this must be written as 1MB and not 1 MB.

Task 1: Insert data into a string
1. 2. 3. Type $processes = Get-Process and press ENTER. Type "The second process is {0}" –f $processes[1].Name, then press ENTER. Type "The second process is {0}, and it is using {1:N0} bytes of virtual memory." –f $processes[1].Name, $processes[1].VM, then press ENTER.

Task 2: Insert numerically formatted data into a string
1. 2. Type $processes = Get-Process and press ENTER. Type "The second process is {0}, and it is using {1:N0} bytes of virtual memory." –f $processes[1].Name, ($processes[1].VM / 1MB), and press ENTER

Lab Answer Key: Managing Processes and Formatting Cmdlet Output

5

Task 3: Insert date-formatted data into a string
1. 2. Type $now = get-date and press ENTER. Type "Today is {0:d}" –f $now and press ENTER.

Results: After this exercise you should have produced various strings that include formatted data.

Exercise 3: Implementing Advanced Formatting
Scenario
You are creating a formatted report for your supervisor and need to ensure that the report contains the correct data. Your supervisor is the director of IT at Woodgrove Bank, and she is very busy. You want to ensure that the units of information that you are reporting are consistent with other reports that she uses. Some of the necessary data needs to be calculated using a mathematical expression. Specifically, the virtual memory utilization of processes should be reported in units of megabytes rather than in units of bytes. However, the available data is provided in units of bytes. You decide to test the expression and reporting format and then generate the report by providing a calculated property to the Windows PowerShell table formatter.

Exercise Overview
In this exercise you will use the Format-Table cmdlet to implement advanced formatting, including calculated columns in a table.

Task 1: Prototype a calculated column using the -f operator
1. 2. Type $processes = Get-Process and press ENTER. Type "{0:N0}" –f ($processes[0].vm / 1MB) and press ENTER.

Task 2: Create a table that contains a calculated column
• Type Get-Process | Format-Table Name,@{Expression={"{0:N0}" –f ($_.vm/1MB)};Label="VM"}. Press ENTER.
Results: After this exercise you should have created a table that uses a calculated column.

Lab Answer Key: Introduction to Scripting with Windows PowerShell™

1

Module 5
Lab Answer Key: Introduction to Scripting with Windows PowerShell™
Contents:
Exercise 1: Writing and Running a Script Exercise 2: Customizing Profiles 2 4

2

Lab Answer Key: Introduction to Scripting with Windows PowerShell™

Lab: Implementing Scripts in Windows PowerShell
Logon information:
• • • Virtual machine: 6434A-NYC-DC1 User name: Administrator Password: Pa$$w0rd

Estimated time: 45 minutes

Exercise 1: Writing and Running a Script
Scenario
Another administrator in Woodgrove Bank needs to regularly generate a report of running processes that includes specific information. You need to write a script that will enable the other administrator to perform this task without manually entering Windows PowerShell commands.

Exercise Overview
In this exercise you will write a Windows PowerShell script that displays specified information about running processes.

Task 1: Start the 6434A-NYC-DC1 virtual machine and log on as Administrator
1. 2. Open the Virtual Server Remote Control Client and double-click NYC-DC1. Log on as Administrator using the password Pa$$w0rd.

Lab Answer Key: Introduction to Scripting with Windows PowerShell™

3

Task 2: Create an empty script file
1. 2. 3. 4. 5. 6. Open Windows Explorer and open the C drive. Right-click and point to New, then select Folder. Name the new folder Scripts. Open the Scripts folder. Right-click and point to New, then select Text Document. Name the new file Mod5Task2.ps1. Question: What happens if you have Windows Explorer configured to hide filename extensions for known file types? Answer: The new file is really named Mod5Task2.ps1.txt, although the “.txt” portion of the filename is hidden. 7. Select the option to keep the filename extension.

Task 3: Add Windows PowerShell commands to the script
1. 2. 3. 4. Right-click Mod5task2.ps1 and click Edit. On the first line of the file, type Get-Process | Format-Table Name,PM,VM – autoSize. From the File menu, select Save. Close Windows Notepad.

Task 4: Run the script and verify its operation
1. 2. 3. Open Windows PowerShell: click Start, point to All Programs, point to Windows PowerShell 1.0, and click Windows PowerShell. Type CD C:\Scripts and press ENTER. Type .\Mod5Task2 and press ENTER.
Results: After this exercise, you should have created a script which, when executed, displays information about processes running on the server.

4

Lab Answer Key: Introduction to Scripting with Windows PowerShell™

Exercise 2: Customizing Profiles
Scenario
You and the other administrators at Woodgrove Bank frequently use Windows PowerShell to automate Windows Server administrative tasks. You need to become more efficient at using the shell and must create shorter aliases to some of the common cmdlets that you run. You want these aliases to be available each time that you open the shell; therefore, you add them to your Windows PowerShell profile. When your colleagues see how efficient you are with these aliases, they might want to use them too, so you will likely be sharing your profile changes with them.

Exercise Overview
In this exercise you will create a Windows PowerShell profile and configure it to automatically create aliases each time that the shell is opened.

Task 1: Create a blank profile script
1. 2. 3. 4. 5. Open Windows Explorer. Browse to the Documents folder for your user. Right-click the Documents folder, point to New, and select Folder. Name the folder WindowsPowerShell. Be careful not to put any spaces in the name. Double-click the WindowsPowerShell folder to display its contents in the right pane. Right-click in the right pane, point to New, and select Text Document. Name the file Microsoft.PowerShell_profile.ps1, taking care to use this exact spelling and punctuation of the name. Question: What is a significant security risk that is associated with profiles? Answer: If Windows PowerShell is configured so that unsigned scripts can be run, your profile can be modified by malicious code. Your profile will then execute automatically the next time that you open the shell, also executing any malicious code that was inserted.

6.

Lab Answer Key: Introduction to Scripting with Windows PowerShell™

5

Task 2: Add commands to the profile
1. 2. 3. 4. 5. Right-click Microsoft.PowerShell_profile.ps1 and select Edit. On the first line of the file, type New-Alias Gel Get-EventLog. On the second line of the file, type New-Alias Of Out-File. Save the file. Close Notepad.

Task 3: Test the profile and verify its operation
1. 2. 3. Close and reopen Windows PowerShell. Type Gel Security and press ENTER. Type Ps | Of C:\Scripts\Processes.txt and press ENTER.
Results: After this exercise, you should have created a Windows PowerShell profile that automatically creates aliases each time the shell is opened.

Lab Answer Key: Implementing Flow Control and Functions

1

Module 6
Lab Answer Key: Implementing Flow Control and Functions
Contents:
Exercise 1: Adding Flow Control in a Script Exercise 2: Creating Functions 3 5

2

Lab Answer Key: Implementing Flow Control and Functions

Lab: Implementing Functions and Flow Control in Windows PowerShell
Logon information:
• • • Virtual Machine: 6434A-NYC-DC1 User name: Administrator Password: Pa$$w0rd

Estimated time: 50 minutes

Lab Answer Key: Implementing Flow Control and Functions

3

Exercise 1: Adding Flow Control in a Script
Scenario
You are a network administrator for Woodgrove Bank. You need to use Windows PowerShell to inventory operating system versions, including the version of the latest installed service pack, from several computers. You decide to use information that is available via Windows Management Instrumentation (WMI) and choose the Win32_OperatingSystem class to retrieve this information. Because the Caption property of this class provides a more verbose operating system product name than you want to display, you choose to use Windows PowerShell flow control to help translate the operating system build number into a short representation of the operating system version.

Task 1: Start the 6434A-NYC-DC1 virtual machine, log on as Administrator, and start Windows PowerShell
1. 2. 3. If the 6434A-NYC-DC1 virtual machine is not already running, open the Virtual Server Remote Control Client and double-click 6434A-NYC-DC1. If you are not already logged on to the VM as Administrator, log on as Administrator using the password Pa$$w0rd. If Windows PowerShell is not still running, click Start, point to All Programs, point to Windows PowerShell 1.0, and click Windows PowerShell.

Task 2: Retrieve the Windows build number and service pack version from a computer
1. 2. Type $wmi = Get-WmiObject Win32_OperatingSystem –computerName NYC-DC1, and press ENTER. Type $wmi | select BuildNumber,ServicePackMajorVersion, and press ENTER.

4

Lab Answer Key: Implementing Flow Control and Functions

Task 3: Write a script that uses the build number to display the operating system version
1. 2. 3. 4. 5. 6. Ensure that the folder C:\Scripts exists. If it does not, create it using Windows Explorer. In Windows Explorer, open the C:\Scripts folder, right-click in the right pane, point to New, and select Text Document. Name the text document Mod6Task3.ps1. Accept the change in filename extension. Right-click Mod6Task3.ps1 and select Open to open the file in Windows Notepad. In Notepad, type the following commands, pressing ENTER after each line: $computer = "NYC-DC1" $os = Get-WmiObject Win32_OperatingSystem –computerName $computer $osver = "0" switch ($os.BuildNumber) { 2195 { $osver="Win2000" } 2600 { $osver="WinXP" } 3790 { $osver="Win2003" } 6000 { $osver="Vista" } default { $osver="Win2008" } } $output = "{0}: build {1} : {2}" -f $computer,$os.buildnumber,$osver Write-Host $output

Lab Answer Key: Implementing Flow Control and Functions

5

7. 8. 9.

Save the file. Close Notepad. In Windows PowerShell, type the complete path and filename to Mod6Task3.ps1 to execute it and verify its output. The full path to type is C:\Scripts\Mod6Task3.ps1 (followed by the ENTER key).

Note: If the current location in the shell is the folder in which you saved the script, then you can use a relative path such as .\Mod6Task3.ps1. Alternatively, you can use an absolute full path. When you use an absolute full path, be sure to either include grave accents before spaces or use quotation marks around the whole path.

Question: How can you learn about the properties that are available for the Win32_OperatingSystem class? Answer: Run Gwmi win32_operatingsystem | gm and examine the output of Get-Member.
Results: After this exercise, you should have created a script that retrieves and displays the operating system version and latest installed service pack version from a specified computer.

Exercise 2: Creating Functions
Scenario
You are an administrator for Woodgrove Bank. You have written a script that retrieves the Windows operating system name and service pack version number from a remote computer. However, you need to perform this task frequently, so you want to make the script more easily accessible from within Windows PowerShell.

6

Lab Answer Key: Implementing Flow Control and Functions

Task 1: Rewrite Mod6Task3.ps1 as a function
1. 2. 3. 4. 5. In Windows Explorer, right-click Mod6Task3.ps1 and select Copy. Right-click within the same folder and select Paste. Rename the pasted file to Mod6Function.ps1. Right-click Mod6Function.ps1 and select Open to open the file in Windows Notepad. Modify the contents of Mod6Function.ps1 to be as follows: Function Get-OSVersion ($computer) { $os = Get-WmiObject Win32_OperatingSystem –computerName $computer $osver = "0" switch ($os.BuildNumber) { 2195 { $osver="Win2000" } 2600 { $osver="WinXP" } 3790 { $osver="Win2003" } 6000 { $osver="Vista" } default { $osver="Win2008" } } $output = "{0}: build {1} : {2}" –f $computer,$os.buildnumber,$osver return $output } Get-OSVersion NYC-DC1

Note: Consider making the changes using a technique similar to the following: First, add the function declaration line Function Get-OSVersion( $computer ){ at the top of the file. Next, mark the end of the function by putting a line with a closing brace } at the end of the file. Then add the line Get-OSVersion NYC-DC1 to the end of the file. Modify the body of the function as follows. Delete the line $computer = "NYC-DC1" because the computer name is now passed as an argument parameter to the function. Change Write-Host to return (toward the bottom of the function). Consider indenting all lines in the body of the function by pressing TAB at the beginning of each line in the function.

Lab Answer Key: Implementing Flow Control and Functions

7

6. 7. 8.

Save the changes to the Mod6Function.ps1 file. Close Notepad. In Windows PowerShell, type the complete path and filename to Mod6Function.ps1 to execute it and verify its output. The full path to type is: C:\Scripts\Mod6Function.ps1 (followed by the ENTER key).

Task 2: Add the function to your Windows PowerShell profile
1. 2. 3. Right-click Mod6Function.ps1 and select Open to open the file in Windows Notepad. Select all of the function text and press CTRL+C. Use Windows Explorer to locate \Users\Administrator\Documents\WindowsPowerShell\Windows.PowerShel l_profile.ps1. Right-click the file and select Open to open it in Windows Notepad. Move the cursor to the end of the file and press CTRL+V. Save the file. Close Windows PowerShell, if it is open. Open Windows PowerShell. Type Get-OSVersion NYC-DC1 and press ENTER to verify the availability of the function.
Results: After this exercise, you should have created the Get-OSVersion function and added it to your profile.

4. 5. 6. 7.

Lab Answer Key: Working with Files, the Registry, and Certificate Stores

1

Module 7
Lab Answer Key: Working with Files, the Registry, and Certificate Stores
Contents:
Exercise 1: Searching for Certain Files Exercise 2: Modifying Registry Entries Exercise 3: Generating Reports Exercise 4: Generating Reports on the Security Log Exercise 5: Comparing Files 3 5 6 7 8

2

Lab Answer Key: Working with Files, the Registry, and Certificate Stores

Lab: Working with Files, the Registry, and Certificate Stores
Logon Information:
• • • Virtual Machines: 6434A-NYC-DC1 User Name: Administrator Password: Pa$$w0rd

Estimated time: 75 minutes

Lab Answer Key: Working with Files, the Registry, and Certificate Stores

3

Exercise 1: Searching for Certain Files
Scenario
You are an administrator for Woodgrove Bank. Another administrator has asked you to locate several files on a server, and you have decided to use Windows PowerShell to accomplish the task. You also need to locate all files containing a specific text string. This text string is a copyrighted phrase that must be reviewed and potentially changed by other users.

Exercise Overview
In this exercise, you will search within a folder for all files of a certain type, for files having a certain name, and for files that contain a particular text string that represents the trademarked name of a product.

Task 1: Start the 6434A-NYC-DC1 virtual machine and log on as Administrator
• Start 6434A-NYC-DC1 and log on as Administrator using the password Pa$$w0rd.

Task 2: List all XML files residing in the C:\Windows folder
1. 2. 3. Open Windows PowerShell. Type Cd C:\Windows and press ENTER. Type Dir –recurse –include "*.xml" and press ENTER. Question: What happens if you run only Dir *.xml –recurse? Answer: That does not achieve the desired result; *.xml is taken as the –path parameter of the command, rather than as a filter.

4

Lab Answer Key: Working with Files, the Registry, and Certificate Stores

Task 3: Locate a particular file residing in the C:\Program Files folder
1. Type Cd C:\Program` Files and press ENTER.

Note: The grave accent character after the word Program escapes the normal interpretation of the following space character, such that "C:\Program Files" is considered as the value of the -Path parameter to the Set-Location cmdlet, which is aliased as cd. Without the grave accent, the space between the words Program and Files separates "C:\Program" as a value of the -Path parameter, and "Files" as another parameter. This would generate an error such as "A parameter cannot be found that matches the parameter name 'files'. This example uses the grave accent. However, you can also use either apostrophes or quotation marks (also known as single or double quotes) around the space or around the whole path value, such as "C:\Program Files"

2.

Type Dir –recurse –include "oledb32.dll" and press ENTER.

Task 4: Locate all files containing a particular text string
1. 2. Type Cd C:\Windows\System32\WindowsPowerShell and press ENTER. Type Dir –recurse –include *.txt | ForEach-object { write-host $_.FullName; Get-Content $_.FullName | select-string "PowerShell" | select LineNumber } and press ENTER. Question: What is the logic followed by this command? Answer: First, the Dir command retrieves all files matching the criteria. Those files are piped to ForEach-Object, which works with them one at a time. For each file, the FullName property is written by using Write-Host. Then, the GetContent cmdlet retrieves the content from the file. The content is piped to Select-String, which looks for matches for “PowerShell.” Any matches that are produced are piped to Select-Object, which selects only the LineNumber property.
Results: After this exercise, you should have located files of a specified file type, or files having a specified name. You should also have located all files containing a specified trademarked term.

Lab Answer Key: Working with Files, the Registry, and Certificate Stores

5

Exercise 2: Modifying Registry Entries
Scenario
A new IT security policy at Woodgrove Bank requires that certain kinds of scripts be code signed. As an administrator at the bank, you decide to reconfigure the Windows Script Host (WSH) not to use software restriction policies to determine if a script is trusted for execution. For greater security you will also configure the WSH to execute only those scripts that carry a digital signature.

Exercise Overview
In this exercise, you will modify a set of registry entries, changing the TrustPolicy settings for Windows Script Host.

Task 1: Modify the WinSAFER registry setting for Windows Script Host
1. 2. 3. Open Windows PowerShell. Type Cd "HKLM:\Software\Microsoft\Windows Script Host\Settings" and press ENTER. Type Set-ItemProperty . usewinsafer 0 and press ENTER. Question: What happens if you run this command from the HKLM:\Software\Microsoft\Windows Script Host\ folder? Answer: Because the UseWinSAFER value is a property of the Settings items, you have to be in the Settings item in order to use this command as shown. Alternatively, you could stay in the WSH key and run Set-ItemProperty Settings usewinsafer 0. This alternate command specifies the path of the Item so that Windows PowerShell can retrieve the property.

Task 2: Create the TrustPolicy setting for the Windows Script Host
1. 2. Type Cd "HKLM:\Software\Microsoft\Windows Script Host\Settings" and press ENTER. Type New-ItemProperty -path . -name TrustPolicy -type dword -value 2 and press ENTER.
Results: After this exercise, you should have modified the WSH registry settings so that only scripts that are digitally signed will be executed, regardless of the Software Restriction Policies settings.

6

Lab Answer Key: Working with Files, the Registry, and Certificate Stores

Exercise 3: Generating Reports
Scenario
Some of the servers that you administer at Woodgrove Bank are file servers that have been used to store collections of bitmap files, which is against corporate policy. You also want to scan for any large files except for dynamically linked libraries. As a result, you have decided to produce various reports designed to help clean up the file system of a server. You need to produce a report listing files of a disallowed type and a report listing files whose size is greater than a specified amount.

Exercise Overview
In this exercise, you will generate a report of disallowed files on a server, and of large files on a server.

Task 1: Produce a report showing disallowed files
1. 2. Type Cd C:\ and press ENTER. Type Dir -recurse -include "*.bmp" | select fullname,name | export-csv Bitmaps.csv and press ENTER.

Note: Ensure that you use Set-Location (alias cd) to a file system path prior to working with files at relative paths, in case the current location is in another store, such as the registry.

Task 2: Produce a report showing large files
1. 2. Type Cd C:\ and press ENTER. Type Dir -exclude "*.dll" -recurse | where { $_.length -gt 10mb } | select name,fullname,length | export-csv BigFiles.csv, then press ENTER.
Results: After this exercise, you should have produced two reports that can be used to help clean up the file system of a server.

Lab Answer Key: Working with Files, the Registry, and Certificate Stores

7

Exercise 4: Generating Reports on the Security Log
Scenario
A security auditor working for Woodgrove Bank asks you to provide a report, in CSV format, of specified security audit events from a server. Knowing that Windows PowerShell can be used to select the appropriate information, you use the shell to first retrieve the required security audit events, and then, after you have manually confirmed that the proper events have been selected, you export the selected event information to a comma separated values (CSV) file.

Exercise Overview
In this exercise, you will scan the system event log for all instances of a particular event ID and generate a CSV file containing the results.

Task 1: Retrieve audit events that match the specified criteria
• Type Get-eventlog security | where { (4634,4672,4624) -contains $_.eventid } | select eventid,entrytype,timegenerated. Then press ENTER.

Task 2: Create a report using the retrieved audit events
1. 2. Type Cd C:\ and press ENTER. Type Get-eventlog security | where { (4634,4672,4624) -contains $_.eventid } | select eventid,entrytype,timegenerated | export-csv AuditLog.csv. Then press ENTER.
Results: After this exercise, you should have created a CSV report containing the specified audit events.

8

Lab Answer Key: Working with Files, the Registry, and Certificate Stores

Exercise 5: Comparing Files
Scenario
You are responsible for maintaining a Windows Server 2008 computer. You need to document the services that are installed on the computer. Periodically, you need to compare the services that are currently-installed on your computer to the documented set of services and report any differences.

Exercise Overview
In this exercise, you will create a baseline of installed services on a computer. You will then install new services and demonstrate how the baseline can be used to audit the current configuration of the server and display discrepancies.

Task 1: Create a baseline of installed services
1. 2. Type Cd $HOME and press ENTER. Type Get-Service | Export-CliXML Services.xml and press ENTER.

Task 2: Install additional services on the computer
1. 2. 3. 4. 5. 6. 7. 8. Click Start, point to Administrative Tools, and select Server Manager. Select Roles, and then click Add Roles. Click Next. Select Fax Server. Click Add Required Role Services. Click Next on each dialog box, then click Install. Click Close. Close Server Manager.

Lab Answer Key: Working with Files, the Registry, and Certificate Stores

9

Task 3: Compare the baseline to the current state
• Type Compare-Object (Import-CliXml Services.xml) (Get-Service) – property DisplayName, then press ENTER. Question: What happens if you try to compare on the Name property instead? Answer: The objects imported from the XML file do not have a matching Name property, so every service shows up as a difference. By comparing on the DisplayName property, you achieve the desired results.
Results: After this exercise, you should have created a baseline configuration file and used it to audit the services that are installed on a server.

Lab Answer Key: Managing the Windows Operating System Using Windows PowerShell™ and WMI

1

Module 8
Lab Answer Key: Managing the Windows Operating System Using Windows PowerShell™ and WMI
Contents:
Exercise 1: Using WMI Classes in Windows PowerShell Exercise 2: Using WMI Type Accelerators Exercise 3: Managing Disk Volumes in Windows PowerShell Exercise 4: Defragmenting Disk Volumes Using Windows PowerShell Exercise 5: Managing IIS 7.0 Properties Using WMI 2 4 5 6 7

2

Lab Answer Key: Managing the Windows Operating System Using Windows PowerShell™ and WMI

Lab: Managing Disk Volumes with Windows PowerShell and WMI
Logon Information:
• • • Virtual Machines: 6434A-NYC-DC1 User Name: Administrator Password: Pa$$w0rd

Estimated time: 75 minutes

Exercise 1: Using WMI Classes in Windows PowerShell
Scenario
As an administrator for Woodgrove Bank, you often need to retrieve information about computers on your network. This information includes inventory information, such as operating system version numbers, and operational information, such as the processes that are currently running on a computer. You have chosen to use Windows Management Instrumentation (WMI) classes in Windows PowerShell to retrieve and process this information.

Exercise Overview
In this exercise, you will use WMI classes in Windows PowerShell.

Task 1: Start the 6434A-NYC-DC1 virtual computer and log on as Administrator
1. 2. Start the 6434A-NYC-DC1 virtual computer and log on as Administrator using the password Pa$$w0rd. Open Windows PowerShell.

Lab Answer Key: Managing the Windows Operating System Using Windows PowerShell™ and WMI

3

Task 2: Retrieve the operating system and service pack version information from a computer
• Type Get-WmiObject Win32_OperatingSystem | Select BuildNumber,ServicePackMajorVersion, and press ENTER. Question: How could you modify this command so that it can run against a remote computer? Answer: Add the –computerName parameter to the Get-WmiObject cmdlet. Question: When can the –credential parameter of Get-WmiObject be used to specify alternate credentials? Answer: Only when connecting to remote computers; WMI does not permit alternate credentials for local connections.

Task 3: Retrieve information related to services installed on a computer
• Type Get-WmiObject Win32_Service | Select Name,StartName,StartMode and press ENTER. Question: How is the Win32_Service class different from the objects returned by the Get-Service cmdlet? Answer: The Win32_Service class exposes additional information, including the StartMode and StartName properties, which is not exposed by the GetService cmdlet.

Task 4: Remove a shared folder from a computer
• Type Get-WmiObject Win32_Share –filter "name='FileShare'" | ForEach-Object { $_.Delete() }. Press ENTER.
Results: After this exercise, you should have retrieved inventory and operational information from a computer, using a technique that could be used for either the local computer or for remote computers.

4

Lab Answer Key: Managing the Windows Operating System Using Windows PowerShell™ and WMI

Exercise 2: Using WMI Type Accelerators
Scenario
You administer file servers for Woodgrove Bank. Creation of new shared folders and running programs remotely are common tasks in your job. As new committees and projects form every week, you need to ensure that people have access to shared folders to support their latest endeavors. As a part of your remote management duties, you frequently need to launch software on servers and workstations throughout the organization. You need to create a new shared folder so that users can access shared documents. You also need to use Windows PowerShell to launch new processes, including doing so on remote computers. You choose to use WMI type accelerators to accomplish these tasks.

Exercise Overview
In this exercise, you will create a shared folder and launch a new process.

Task 1: Create a folder to share
• Type Md C:\SharedDocuments and press ENTER.

Task 2: Share the folder
Note: For the syntax of the Create() method, see Create Method of the Win32_Share Class.

1. 2.

Type $sf = [WMICLASS]"Win32_Share" and press ENTER. Type $sf.Create("C:\SharedDocuments","Docs",0) and press ENTER. Question: Does the new share show up in Windows Explorer? Answer: Yes. There is no difference when creating a share this way than there is when using Windows Explorer to do so. Question: What are the permissions on the new share? Answer: Because they were not specified in the Create() method, the default permissions allowing everyone to have Read permission are used.

Lab Answer Key: Managing the Windows Operating System Using Windows PowerShell™ and WMI

5

Task 3: Launch a new process
Note: For the syntax of the Create() method, see Create Method of the Win32_Process Class.

1. 2.

Type $pr = [WMICLASS]"Win32_Process" and press ENTER. Type $pr.Create("Notepad.exe") and press ENTER.
Results: After this exercise, you should have created a new shared folder and launched Windows Notepad.

Exercise 3: Managing Disk Volumes in Windows PowerShell
Scenario
In this exercise, you will produce an inventory report of the disk volumes of a computer. Your report will include information such as total size, space available, and other information, and will be used for capacity planning. You also need to produce reports that list all of the volumes attached to a computer, for inventory purposes.

Exercise Overview
In this exercise, you will manage disk volumes in Windows PowerShell.

Task 1: Report on free disk space for local disk volumes
• Type Get-WmiObject Win32_Volume -filter "drivetype=3" | Format-Table Name,Capacity,FreeSpace –autoSize. Press ENTER. Question: Could you modify this report to include a calculated column that shows the percentage of free space? Answer: It depends. On a large drive, the free space and capacity properties are 64-bit integers because they contain potentially large numbers. Windows PowerShell v1.0 contains a bug that prevents you from performing math operations with 64-bit integers, so you would not be able to calculate a percentage on a large drive.

6

Lab Answer Key: Managing the Windows Operating System Using Windows PowerShell™ and WMI

Task 2: Report on all volumes attached to a computer
• Type Get-WmiObject win32_volume | Select name,drivetype | Export-CSV DriveInventory.csv. Press ENTER.
Results: After this exercise, you should have produced drive volume reports that can be used for inventory and capacity planning purposes.

Exercise 4: Defragmenting Disk Volumes in Windows PowerShell
Scenario
Many of the NTFS volumes that you administer at Woodgrove Bank are heavily utilized, with files being created, modified, and deleted at a rapid rate. As such, the allocation of clusters to the files on these volumes can quickly become fragmented. Your manager has asked if you can automate scheduling of defragmentation of these values based on a needed versus not needed analysis and to track the frequency and dates of when each volume is defragmented. As the first step in prototyping this automation, you will use WMI in Windows PowerShell to defragment a small hard disk.

Task 1: Defragment the E: drive
1. 2. Type Get-WmiObject Win32_Volume | Get-Member Defrag* and press ENTER. Type Get-WmiObject Win32_Volume –filter "Name='E:\\'" | ForEach-Object { $_.Defrag( $false ) }. Press ENTER. Question: Is there a way to check the fragmentation of a volume before using the Defrag() method? Answer: Yes, by using the DefragAnalysis() method of the Win32_Volume class.
Results: After this exercise, you should have defragmented the E drive on your virtual machine.

Lab Answer Key: Managing the Windows Operating System Using Windows PowerShell™ and WMI

7

Exercise 5: Managing IIS 7.0 Properties using WMI
Scenario
You are a Web server administrator for Woodgrove Bank. You need to write a set of Windows PowerShell functions that will make it easier and faster to maintain Web sites running under IIS 7.0.

Exercise Overview
In this exercise, students will manage IIS 7.0 properties by using WMI.

Task 1: Start the 6434A-NYC-DC1 virtual machine and log on as Administrator
1. 2. Start the 6434A-NYC-DC1 virtual machine and log on as Administrator using the password Pa$$w0rd. Open Windows PowerShell

Task 2: Install IIS 7.0
1. 2. 3. 4. 5. If Server Manager is not already open, click Start, point to Administrative Tools, and choose Server Manager. In the left pane, click Roles. In the right pane, in the Roles Summary, click the Add Roles link. This opens up the Add Roles Wizard. On the Before You Begin page, click Next. On the Select Server Roles page, select the Web Server (IIS) check box. In the Add Roles Wizard dialog box that comes up, click Add Required Features. The dialog box will close automatically. On the Select Server Roles page, click Next. On the Web Server (IIS) page, click Next.

6. 7.

8

Lab Answer Key: Managing the Windows Operating System Using Windows PowerShell™ and WMI

8.

On the Select Role Services page, scroll down to the bottom of the services list. Under Management Tools, do the following: • • • IIS Management Console: This check box is already selected. Leave it selected. IIS Management Scripts and Tools: Select this check box. Management Service: Select this check box. The Add Features Required for Management Service dialog box pops up. Click Add Required Features. IIS 6 Management Compatibility: Select this check box.

• 9.

On the Select Role Services page, click Next.

10. On the Confirm Installation Selections page, click Install. 11. On the Installation Results page, click Close. 12. Close Server Manager.

Task 3: Write the Get-WebSiteStatus function
1. 2. 3. 4. 5. Open Windows Explorer and open the C drive. Open the Scripts folder. In the right pane, right-click and point to New, then select Text Document. Name the new file Mod8Task3.ps1. In Notepad, open Mod8Task3.ps1. Type the following Windows PowerShell function named Get-WebSiteStatus, pressing ENTER after each command: Function Get-WebSiteStatus { Param($site="Default Web Site") $site = Get-WmiObject –namespace root\webadministration site ` –filter "name='$site'" switch( $site.GetState().ReturnValue ){ 1 { write "Started" } 2 { write "Starting" } 3 { write "Stopped" } 4 { write "Stopping" } 5 { write "Unknown" } } }

Lab Answer Key: Managing the Windows Operating System Using Windows PowerShell™ and WMI

9

6. 7. 8.

Save the file and exit Notepad. In Windows PowerShell, type . C:\Scripts\Mod8Task3.ps1 and press ENTER. Type Get-WebSiteStatus "Default Web Site" and press ENTER. Question: How could this function be made available every time that you open Windows PowerShell? Answer: By adding it to your Windows PowerShell profile.

Task 4: Write the Restart-WebSite function
1. 2. 3. 4. In Windows Explorer, open the C:\Scripts folder. In the right pane, right-click and point to New, then select Text Document. Name the new file Mod8Task4.ps1. In Notepad, open Mod8Task4.ps1. Type the following Windows PowerShell function named Restart-WebSite, pressing ENTER after each line: Function Restart-WebSite { Param($site="Default Web Site") $site = Get-WmiObject –namespace root\webadministration site ` –filter "name='$site'" $site.Stop() $site.Start() } 5. 6. 7. Save the file and exit Notepad. In Windows PowerShell, type . C:\Scripts\Mod8Task4.ps1 and press ENTER. Type Restart-WebSite "Default Web Site" and press ENTER.
Results: After this exercise, you should have written two functions that help make IIS 7.0 Web site maintenance easier.

Lab Answer Key: Administering Microsoft® Active Directory® with Windows PowerShell™

1

Module 9
Lab Answer Key: Administering Microsoft® Active Directory® with Windows PowerShell™
Contents:
Exercise 1: Managing Active Directory Domain and Forest Properties Exercise 2: Maintaining Active Directory with ADSI Exercise 3: Maintaining Relationships in Active Directory with ADSI 2 4 7

Exercise 4: Managing IIS 7.0 with the .NET Web.Administration.ServerManager Class 8

2

Lab Answer Key: Administering Microsoft® Active Directory® with Windows PowerShell™

Lab: Administering Active Directory with Windows PowerShell
Logon Information:
• • • Virtual Machines: 6434A-NYC-DC1 User Name: Administrator Password: Pa$$w0rd

Estimated time: 80 minutes

Exercise 1: Managing Active Directory Domain and Forest Properties
Scenario
You are an administrator for Woodgrove Bank who is responsible for systems security. You and your IT director are concerned about maintaining adequate password policies, because many bank computers, such as those used for teller access, are near public view. You have heard reports of security breaches at other banks due to weak password security. You need to create a report that displays the password policies for your Active Directory domain.

Exercise Overview
In this exercise, students will manage Active Directory domain and forest properties.

Task 1: Start the 6434A-NYC-DC1 virtual machine and log on as Administrator
1. 2. Start the 6434A-NYC-DC1 virtual machine and log on as Administrator using the password Pa$$w0rd. Open Windows PowerShell.

Lab Answer Key: Administering Microsoft® Active Directory® with Windows PowerShell™

3

Task 2: Obtain a reference to the domain
• Type $domain = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain(). Then press ENTER.

4

Lab Answer Key: Administering Microsoft® Active Directory® with Windows PowerShell™

Task 3: Display domain password policy properties
1. 2. 3. 4. Type $domain.GetDirectoryEntry() | Get-Member and press ENTER. Type $domain.GetDirectoryEntry().minPwdLength and press ENTER. Type $domain.GetDirectoryEntry().pwdHistoryLength and press ENTER. Type $domain.GetDirectoryEntry().maxPwdAge and press ENTER. Question: Why does maxPwdAge not show? Answer: The MaxPwdAge property is not simply a value. Rather, it is a COM interface in and of itself. You can verify this by running $domain.GetDirectoryEntry().maxPwdAge | Get-Member. Because of the way that the .NET Framework exposes this kind of object to Windows PowerShell, you might not always be able to retrieve values for every object property.
Results: After this exercise, you should have displayed the domain password policies for your domain.

Exercise 2: Maintaining Active Directory with ADSI
Scenario
You are a directory administrator for Woodgrove Bank. Each week, the company provides you with a text file that lists new employees and the branches that they work in. The file is in comma-separated values (CSV) format. You need to use the file to create new Active Directory user accounts. You have chosen to use the CSV import capabilities and the ADSI type accelerator in Windows PowerShell to accomplish this.

Exercise Overview
In this exercise, students will maintain Active Directory objects using ADSI in Windows PowerShell.

Lab Answer Key: Administering Microsoft® Active Directory® with Windows PowerShell™

5

Task 1: Write a script that creates an organizational unit
1. 2. Click Start, click Run, type Notepad, and click OK. In the file, type the following information: $dom = [ADSI]"LDAP://dc=woodgrovebank,dc=com" $ou = $dom.Create( "organizationalUnit", "ou=Tellers" ) $ou.SetInfo() 3. 4. 5. 6. From the File menu, select Save As. Type C:\Scripts\Tellers.ps1 and click OK. Close Notepad. In Windows PowerShell, run the script by typing: C:\Scripts\Tellers.ps1

Task 2: Create a sample CSV file
1. 2. 3. Ensure that the folder C:\Scripts exists. Click Start, click Run, type Notepad, and click OK. In the file, type the following information: FullName,LogonName,Branch Jesper Aaberg,Jesper,New York City Syed Abbas,Syed,Seattle 4. 5. 6. From the File menu, select Save As. Type C:\Scripts\Users.csv and click Save. Close Notepad.

6

Lab Answer Key: Administering Microsoft® Active Directory® with Windows PowerShell™

Task 3: Write a script that imports the CSV file and creates user accounts
1. 2. Click Start, click Run, type Notepad, and click OK. In the file, type the following information: $users = Import-Csv c:\scripts\users.csv $ou = [ADSI]"LDAP://ou=Tellers,dc=woodgrovebank,dc=com" foreach ($user in $users) { $cn = "cn=" + $user.fullname $account = $ou.create("user",$cn) $account.put("SAMAccountName",$user.logonname) $account.put("Department",$user.branch) $account.setinfo() } 3. 4. 5. 6. From the File menu, select Save As. Type C:\Scripts\Users.ps1 and click Save. Close Notepad. In Windows PowerShell, type C:\Scripts\Users.ps1 and press ENTER. Question: Why are the user accounts disabled by default? Answer: This is a default behavior of Windows Server 2008. It is designed so that user accounts cannot actually be used until they are explicitly enabled. This approach creates a more secure-by-default environment.
Results: After this exercise, you should have written a script that reads a CSV file and uses the information in it to create new user accounts.

Lab Answer Key: Administering Microsoft® Active Directory® with Windows PowerShell™

7

Exercise 3: Maintaining Relationships in Active Directory with ADSI
Scenario
At Woodgrove Bank, corporate reorganizations seem to be a fairly regular exercise. Even without such reorganizations, the turnover rate for some of the bank jobs seems to be going for a world record, and promotions in the branch offices seem to occur every month. As a directory administrator supporting the Human Resources department, you need to maintain up-to-date manager and direct report information for the enterprise. Each time that a new person is promoted or hired to a manager position, people who report directly to that person need to be updated in the directory. As an Active Directory administrator, you are responsible for maintaining reporting hierarchy information for the organization. You regularly update the manager attribute for several users in the Woodgrove Bank Active Directory domain. You decide to start by configuring the user accounts for workers in the Seattle branch with the appropriate manager.

Exercise Overview
In this exercise, students will manage relationships between user accounts and groups using ADSI in Windows PowerShell.

Task 1: Retrieve the user account of the new manager
1. 2. Type $mgr = [adsi]"LDAP://cn=Kristian Gotsch,ou=Executives,dc=woodgrovebank,dc=com" , then press ENTER. Type $mgrname = $mgr.distinguishedname.psbase.value and press ENTER.

8

Lab Answer Key: Administering Microsoft® Active Directory® with Windows PowerShell™

Task 2: Update the accounts of selected users
1. In Windows PowerShell, change to the directory containing the Getuser.ps1 and Setuser.ps1 scripts. For example, if the location is E:\Democode, then type Cd E:\Democode and press ENTER. Within Windows PowerShell, type . ./Getuser.ps1 and press ENTER.

2.

Note: It is important to use dot sourcing when running the getuser.ps1 script because the Get-User function in that script is not defined with global scope. Be careful to place a space between the first and second dots. Additionally, note that the name of the script is intentionally different than the function that it defines. The script is named getuser.ps1 whereas the function is named Get-User. The same guidelines also apply to setuser.ps1.

3. 4.

Within Windows PowerShell, type . ./Setuser.ps1 and press ENTER. Type Get-User '*' | ? { $_.department -eq "Seattle" } | Set-User "manager=${mgrname}" and press ENTER.
Results: After this exercise, you should have updated two user accounts to have a new manager attribute.

Exercise 4: Managing IIS 7.0 with the .NET Web.Administration.ServerManager class
Scenario
You are a Web server administrator for Woodgrove Bank. For security reasons, new promotions and new products need to be published to separate Web sites that are distinct from the regular Web sites for the bank. Because these new promotions come out regularly, new Web sites need to be created frequently. You want to write a Windows PowerShell script that automates the creation of new IIS 7.0 Web sites.

Exercise Overview
In this exercise, students will manage IIS 7.0 by using the .NET Web.Administration.ServerManager class.

Lab Answer Key: Administering Microsoft® Active Directory® with Windows PowerShell™

9

Task: Write a Windows PowerShell script that creates a new Web site
1. 2. In Windows Explorer, on the C drive, create a new folder called inetpub. In the inetpub folder, create a subfolder called wwwroot2. Open Notepad. Write a script that accepts the following parameters, remembering to press ENTER after each command: Param($dir,$name,$port) $iisDir = "$env:SystemRoot\System32\inetsrv" [System.Reflection.Assembly]::LoadFrom( "$iiSDir\Microsoft.Web.Administration.dll" ) $iisManager = New-Object Microsoft.Web.Administration.ServerManager $site = $iisManager.Sites.Add( $name, $dir, $port ) $site.Sites($name).ServerAutoStart = $True $iisManager.CommitChanges() 3. 4. 5. Save the script as C:\Scripts\NewSite.ps1. Exit Notepad. In Windows PowerShell, type C:\Scripts\NewSite c:\inetpub\wwwroot2 MyWeb 8080 and press ENTER. Click Start, click Run, type http://localhost:8080, and click OK. Question: How could this script be made part of a larger Web site provisioning script? Answer: Encapsulate the script in a function named New-WebSite, and include the function in any other script that requires this functionality.
Results: After this exercise, you should have created a script that automates the creation of new IIS 7.0 Web sites.

Lab Answer Key: Administering Group Policy in Windows PowerShell™ Using COM

1

Module 10
Lab Answer Key: Administering Group Policy in Windows PowerShell™ Using COM
Contents:
Exercise 1: Retrieving a GPO by Using a COM Object Exercise 2: Copying Group Policy Settings Exercise 3: Backing Up and Restoring a GPO Exercise 4: Generating Group Policy Reports 2 4 5 7

2

Lab Answer Key: Administering Group Policy in Windows PowerShell™ Using COM

Lab: Administering Group Policy in Windows PowerShell
Logon information:
• • • Virtual Machine: 6434A-NYC-DC1 User name: Administrator Password: Pa$$w0rd

Estimated time: 45 minutes

Exercise 1: Retrieving a GPO by Using a COM Object
Scenario
You are a directory administrator for Woodgrove Bank. You need to use Windows PowerShell to retrieve a Group Policy object (GPO) from Active Directory so that you can perform several management tasks that use the GPO.

Exercise Overview
In this exercise, you will use COM objects in Windows PowerShell.

Task 1: Start the 6434A-NYC-DC1 virtual machine and log on as Administrator
1. 2. Start the 6434A-NYC-DC1 virtual machine and log on as Administrator using the password Pa$$w0rd. Open Windows PowerShell

Task 2: Retrieve the GPO that has the display name GPO1 and store it in a variable
• Type the following commands, making sure to press ENTER after each: $gpmc = New-Object –comObject GPMgmt.Gpm $domain = $gpmc.GetDomain("woodgrovebank.com","","") $gpo1 = $domain.CreateGPO() $gpo1.DisplayName = "GPO1" $sc = $gpmc.CreateSearchCriteria() $all = $domain.SearchGPOs($sc)

Lab Answer Key: Administering Group Policy in Windows PowerShell™ Using COM

3

$gpo = $all | Where-Object { $_.DisplayName –eq "GPO1"} $gpo

Note: The value of $gpo must be defined for the following exercises to be completed successfully.

Results: After this exercise, you should have retrieved the GPO named GPO1 and stored it in the variable $gpo.

4

Lab Answer Key: Administering Group Policy in Windows PowerShell™ Using COM

Exercise 2: Copying Group Policy Settings
Scenario
You are a directory administrator for Woodgrove Bank. You need to make a copy of an existing GPO to form the basis for a new GPO. This approach is typically used when a department needs settings that are similar to those of another department that already has a useful GPO, but linking is not appropriate because the two departments need to maintain different policy settings throughout their life cycle.

Exercise Overview
In this exercise, students will copy Group Policy settings from one GPO to another.

Task 1: Copy the Group Policy object GPO1 to GPO3
• Type $gpo.CopyTo(0,$domain,"GPO3") and press ENTER. Question: When you copied the GPO, were its settings also copied? Answer: Yes. You can verify this in the Group Policy Management Console by opening GPO3 and browsing to Computer Configuration, Policies, Windows Settings, Security Settings, Password Policy. Note that the Password History setting is enabled because it was copied from GPO1.
Results: After this exercise, you should have copied GPO1 to GPO3.

Lab Answer Key: Administering Group Policy in Windows PowerShell™ Using COM

5

Exercise 3: Backing Up and Restoring a GPO
Scenario
You are a directory administrator for Woodgrove Bank. You need to back up a GPO, and test your ability to restore it. You use this feature most often to move GPOs back and forth from your test environment to your production environment.

Exercise Overview
In this exercise, students will back up and restore GPOs.

Task 1: Back up the GPO1 GPO
• Type the following commands, pressing ENTER after each: Mkdir C:\GPOBackup $gpo.Backup("C:\GPOBackup","GPO1Backup")

Task 2: Delete the GPO1 GPO
1. 2. 3. 4. 5. 6. Click Start, point to Administrative Tools, and click Group Policy Management Console. Expand the forest and domain until you see the Group Policy Objects folder. Select the Group Policy Objects folder. Select the GPO named GPO1 and press DELETE. Click Yes to confirm deletion, and then click OK. Close the Group Policy Management Console.

6

Lab Answer Key: Administering Group Policy in Windows PowerShell™ Using COM

Task 3: Restore the GPO1 GPO
• Type the following commands, pressing ENTER after each: $directory = $gpmc.GetBackupDir("C:\GPOBackup") $sc = $gpmc.CreateSearchCriteria() $constants = $gpmc.GetConstants() $backups = $directory.SearchBackups($sc) $backup = $backups | Where-Object { $_.GPODisplayName –eq "GPO1" } $domain.RestoreGPO($backup,$constants.DoNotValidateDC) Question: When you restore a GPO, is it re-linked to its original containers in the directory? Answer: No. Although the GPO itself is backed up and can be restored, that backup does not include the locations where the GPO was linked. Link information is stored in the directory and must be backed up and restored as part of the directory.
Results: After this exercise, you should have backed up, deleted, and restored a GPO.

Lab Answer Key: Administering Group Policy in Windows PowerShell™ Using COM

7

Exercise 4: Generating Group Policy Reports
Scenario
You are a directory administrator for Woodgrove Bank. You need to restore a GPO, but prior to doing so you need to generate a report describing the contents of the GPO. You want the report to be in HTML format.

Exercise Overview
In this exercise, you will generate Group Policy change reports.

Task 1: Create an HTML report of the backed-up GPO named GPO1
1. Type the following commands, pressing ENTER after each: $report = $backup.GenerateReport($constants.ReportHTML) $report.result | Out-File C:\GPOBackup\GPO1.html 2. Click Start, click Run, type iexplore c:\GPOBackup\GPO1.html, and click OK.

Results: After this exercise, you should have viewed an HTML report of a backed-up GPO.

Sign up to vote on this title
UsefulNot useful