PowerShell: New-Password Function

Scriptimus PowerShell Banner

OK, so I’ve been off the grid for a while now. But that doesn’t mean I’ve not been busy. Quite the opposite in fact. I’ve taken a year out from work on paternity with my baby Son. During this time, I did a lot of training in my lab developing new skills and solidifying other more fundamental skills. I’ve also passed a couple of certified exams and have built a new lab from a new HP Micro-server that I juiced up. I’m currently planning to take the MCSA: Server 2012 R2 exam and have been training in my lab and doing a lot of PowerShell DSC based automation. Hopefully I’ll be able to share some if not all of this knowledge and experience soon. I thought it best to return with a simple post so here goes.

During my time off I wrote a simple function to generate a password from random characters. I posted it yesterday here in the Microsoft Script Center Script Repository . Here’s a quick screenshot demo:

Demo

And here’s a simplified version for discussion.

Function New-Password {

    Param(

        [int]$length=30,

        [alias("U")]
        [Switch]$Uppercase,

        [alias("L")]
        [Switch]$LowerCase,

        [alias("N")]
        [Switch]$Numeric,

        [alias("S")]
        [Switch]$Symbolic

    )

        If ($Uppercase) {$CharPool += ([char[]](65..90))}
        If ($LowerCase) {$CharPool += ([char[]](97..122))}
        If ($Numeric) {$CharPool += ([char[]](48..57))}
        If ($Symbolic) {$CharPool += ([char[]](33..47))
                       $CharPool += ([char[]](33..47))}

        If ($CharPool -eq $null) {
            Throw 'You must select at least one of the parameters "Uppercase" "LowerCase" "Numeric" or "Symbolic"'
        }

        (Get-Random -InputObject $CharPool -Count $length) -join ''

}

The only issue with this was working out each of the character types. Fortunately I learned, through testing, that you could return a series of ASCII characters by indexing them.

[char[]](65..90)

PowerShell Characters

For example, this line of code places the lowercase characters a-z in a variable (really a string type object) called $L.

$L = ([char[]](97..122))

PowerShell Characters LowerCase

Here you add 92 characters in turn to a string object called $CharPool.

$CharPool += ([char[]](65..90))
$CharPool += ([char[]](97..122))
$CharPool += ([char[]](48..57))
$CharPool += ([char[]](33..47))
$CharPool += ([char[]](33..47))

Yes, I really counted them!

PowerShell Count Characters

Next, I needed to work out how to get a number of random characters from the pool so I used the Get-Random cmdlet.

$CharPool = ([char[]](97..122))
Get-Random -InputObject $CharPool -Count 5

The problem with this though is that each of the characters are on a new line.

Get-Random

Then I remembered the -Join operator.

(Get-Random -InputObject $CharPool -Count 5) -join ''

PowerShell Get-Random Join

Enjoy.

Posted in PowerShell | Tagged , , | 10 Comments

SCCM PowerShell: Connect to SCCM Function

 

 

Today’s post is another time-saver function I wrote to connect to SCCM. Again, it is designed to eliminate the need to hard code the module path and/or the SCCM primary site. It allows me to just type Connect-SCCM to import the module then enter to the SCCM PSdrive.

Like my MDT function this one locates the install path from the registry to help discover the module location. It will then detect the SCCM PS drive automagically and set the location to it.

I’ve uploaded it to the Technet script repository here and again below is the simplified version.

Function Connect-SCCM { 

    If (!(Get-Module ConfigurationManager)) { 

        [String]$SCCMInstall = ((Get-ItemProperty 'HKLM:\SOFTWARE\Microsoft\ConfigMgr10\Setup').'UI Installation Directory') 

            Import-Module ($SCCMInstall +'bin\ConfigurationManager.psd1') -Scope Global 

    }         

    Set-Location ((get-psdrive -PSProvider CMSite).Name+":") 

}
Posted in MDT 2010, MDT 2012, MDT 2013, PowerShell | Tagged , , | 2 Comments

MDT PowerShell: Connect to MDT Function

 

Todays post is a time-saver function I wrote to connect to MDT shares. It allows me to just type Connect-MDT to import the module then enter to the MDT PSdrive.

It discovers the location of the MDT module(from the registry) and uses the Restore-MDTPersistentDrive cmdlet to restore the hosts existing MDT PSDrives. It will then set the location to the first MDT PSDrive thus eliminating the need to hard code the deployment share path. Ta-daa!

Connect-MDT

 

I’ve uploaded it to the Technet script repository and below is the simplified version.

http://gallery.technet.microsoft.com/Connect-to-MDT-Function-a5e7484c

Function Connect-MDT {

 If (!(Get-Module MicrosoftDeploymentToolkit)) {

     [String]$MDTInstall = ((Get-ItemProperty 'HKLM:\SOFTWARE\Microsoft\Deployment 4').Install_Dir)

     Import-Module ($MDTInstall +'Bin\MicrosoftDeploymentToolkit.psd1') -Scope Global

 }

 $MDTPSDrive = Restore-MDTPersistentDrive -verbose

 Set-Location ($MDTPSDrive.Name +':')

}
Posted in MDT 2010, MDT 2012, MDT 2013, PowerShell | Tagged , , | 5 Comments

The malware apocalypse for Windows XP begins in just 1 day! Or does it?

XPGravestone

It doesn’t seem like 12 years since Windows XP and Office 2003 first arrived but now their time will draw closer to the end in less than 2 days. At this point Microsoft will drop Enterprise support for the products potentially making the products legacy and an increasing security risk?

What does this really mean for security? Well if I was a ‘bad guy’ I’d be waiting until the 8th April 2014 before unleashing any exploits I discovered for Windows XP and Office 2003. The reason is Microsoft will no longer engineer security patches for the products. Experts are describing this time as the malware apocalypse for Windows XP.

MemorableMomentsinZombieZinema38-1

The fact that most UK cashpoints, Self service retail tills and NHS hospitals are still on XP is really surprising. There is a wealth of free information on the internet to help organisations make the move from XP. This kinda makes me think of my mum’s old Jamaican saying:

“Those who wont hear, must feel!”

As with Y2K, the apocalypse came and went without so much as a flutter and I was looking forward this time to observe this foretold carnage however, this time the government has stepped in to try to stay the execution. This gives the public sector security patches for a further 12 months while they migrate from XP. After then perhaps the darkness will really begin.

BlackLanterns

Posted in Uncategorized | 5 Comments

LTI/ZTI Scripting: Add computer to an AD Group

I’m currently doing some intense SCCM 2012 training so I’ve not been posting or in the forums recently. I’ve still been responding to emails though.

I received an email from a reader earlier this week. He wanted to add the current computer to an AD security group during his deployment.

It turns out that I wrote such a script a few weeks earlier. It’s in the repository here.

The script will add the current computer to an AD Group that is set in the customsettings.ini

The script is then run in a task sequence with the command line:

cscript.exe “%SCRIPTROOT%\ZTIAddMember.wsf

The code below is a sample of the customsettings.ini changes.

[Settings]
Priority=Default
Properties=CustomProperty, ADGroup 

[Default]
OSInstall=Y
ADGroup = LDAP://CN=IT Computers,OU=Groups,DC=corp,DC=continuum,DC=com

The code is “As is”. No refunds!

Posted in MDT 2010, MDT 2012, SCCM, Scripting | Tagged , , , , | 24 Comments

Hotfix rollup released for Windows 7 SP1 and Windows Server 2008 R2 SP1.

MicrosoftUpdateCatalog

Big news in deployment right now. Microsoft has release a hotfix rollup is for Windows 7 SP1 and Windows Server 2008 R2 SP1. So it’s kinda like Service Pack 1 and a half. There are 4 flavours 2008R2 Itanium/x64 and Windows 7 x86/x64.

You can get it from Microsoft Update Catalog by clicking the link here.

MU_Updates

You can then add the updates to your basket and download them.

There’s a Microsoft KB article here. Article KB2775511

The updates are in a format suitable for importing into the Packages folder of your MDT deployment share.

MU_MDT_Packages

Posted in Deployment, Windows 7 | Tagged , , , , | 9 Comments

Deployment Terminology

There are a many terms used to describe the deployment of operating systems and its associated practices. Here are some of the most popular ones and an explanation of when to use them.

Deployment.
The process of applying operating system images to a computer(sometimes called build). This may also include it’s associated framework inc. drivers, patches, service packs, applications etc. The term is a general phrase that describes the process as a whole.

Windows Image Deployment (WIM Imaging).
This term describes any of the methods used to apply images based on the Windows Imaging file format.  

Operating System Deployment(OSD).
This term can be used literally but usually refers to the deployment of images using the OSD feature of System Center Configuration Manager.

Lite-Touch Deployment (LTI).
This describes the use of Microsoft Deployment Toolkit to apply images. This includes any such  methods including PXE boot with Windows Deployment Services

Zero-Touch Deployment (ZTI).
This describes applying images with System Center Configuration Manager with Microsoft Deployment Toolkit integrated.

User-Driven Installation (UDI).
This is Zero-Touch deployment that is initiatedby a user using the User Driven Installation feature of MDT. It could also refer to any other method of deployment where the user user initiates the build.

Imaging.
The term ‘imaging’ when appending a noun can refer to where the image is being deployed from but it’s not totally accurate terminology. eg WDS Imaging, File Share Imaging, 

Below are a few useful links to various articles on this topic.

Operating System Deployment Terminology This is a glossary of most of the popular imaging process technical terms.

Choosing a Deployment Strategy This post will demystify the terms High Touch, Lite-Touch and Zero-Touch.

Deployment Dilemmas This post will explain the following terms – In-Place Upgrade, New Installation, Refresh and Replace.

Posted in Uncategorized | 1 Comment