# Monday, September 29, 2008
What’s the difference between Set-Content and Out-File ?

Specifically, get/set-content works with providers that facilitate content reading and writing. Out-File works only with the FileSystem provider and is for all intents and purposes an alias to the > redirection operator.

An interesting thing to note about get-content and set-content is that you use them indirectly every day. Both the variable and function providers support get- and set-content, and when you use the dollar ($) syntax to read or write to a variable, you are implictly calling get-content and set-content against a path in the variable provider. E.g.

ps> $foo = 5

...is the same as:

ps> ${variable:foo} = 5

e.g. set the content of item foo in the psdrive called "Variable" to 5. This is why you can also write to a file like:

ps> ${c:\temp\foo.txt} = "some content"

...and read it back with:

ps> ${c:\temp\foo.txt}
some content

Ultimately, when using the $ syntax, the "variable" drive is the default drive to read and write content from. Elegant, eh?

Monad | PowerShell | PowerShell 2.0 | Providers
posted on Monday, September 29, 2008 3:25:09 PM (Eastern Daylight Time, UTC-04:00)  #    Comments [0] Trackback
# Sunday, September 14, 2008
Resharper 4.1 is released

Resharper (or R#) is an absolute gem of a tool. After using it for a year, I really don’t know how I got along without before. If you write code in .NET (C# or VB.NET), you owe it to yourself to try it out. Version 4.0 was the first to support C# 3.0:

ReSharper 4 Full Edition and C# Edition extend language support to C# 3.0, including LINQ, implicitly typed locals and arrays, extension methods, automatic properties, lambda expressions, object & collection initializers, anonymous types, expression trees, and partial methods. ReSharper not only analyzes the new constructs, but provides C# 3.0-related enhancements in a number of areas — specifically, warnings, suggestions, code completion options, refactorings, and templates.

The guys at Jetbrains just released versus 4.1. They offer a free thirty-day trial over at http://www.jetbrains.com/resharper/ – do it!

.NET | LINQ | Visual Studio
posted on Sunday, September 14, 2008 3:15:12 PM (Eastern Daylight Time, UTC-04:00)  #    Comments [0] Trackback
# Friday, September 05, 2008
VMWare VMNET Adapters Triggering Public Profile for Windows Firewall

Are you sick and tired of switching the VMWare virtual network adapters from the “public” network profile to a “private” network profile each time you reboot or do something else that causes Vista/Win2008 to forget what you told it to do ten minutes ago? This is probably a familiar sigh (I’m using Workstation):

vmware-unidentified-network

As you can see, the lower two connections are seen to be in a “Public network.” This has the net effect of making Windows believe the whole machine is exposed to a public network, and it will trigger the public profile for Windows Firewall. This is normally a good thing, but in this case it’s just an annoyance. These two network connections are not actually external gateways that can let in the bad guys. They are just dummy adapters for VMWare’s host bridging which allow the virtual machine to access the host machine’s network. Because they don’t identify themselves properly, they are flagged as an “unidentified network,” and your changes are never persisted.

So what do you do? The magic information is buried in MSDN:

Vista automatically identifies and monitors the networks to which a computer connects. If the NDIS_DEVICE_TYPE_ENDPOINT flag is set, the device is an endpoint device and is not a connection to a true external network. Consequently, Windows ignores the endpoint device when Windows identifies networks. The Network Awareness APIs indicate that the device does not connect the computer to a network. For end users in this situation, the Network and Sharing Center and the network icon in the notification area do not show the NDIS endpoint device as connected. However, the connection is shown in the Network Connections Folder. Also, if NDIS_DEVICE_TYPE_ENDPOINT is set, the Windows Firewall ignores the connection when Windows Firewall enforces public, private, or domain policies.

So I hacked together a PowerShell script that will scan your adapters for VMWare’s virtual NICs and make the necessary registry changes. It will also disable/enable cycle the adapters so that the changes take effect. After this is done, you will see them in your Network Connections page – albeit lacking a network category -- and the connections will no longer appear in the Network and Sharing Center nor will they affect your Windows Firewall policy no matter how many times you reboot!

vmware-unidentified-network-1

Here’s the script source below. It requires that you run it in an elevated shell in order to write the registry changes and cycle the adapters’ enabled state.

  1. # see http://msdn2.microsoft.com/en-us/library/bb201634.aspx  
  2. #  
  3. # *NdisDeviceType   
  4. #  
  5. # The type of the device. The default value is zero, which indicates a standard  
  6. # networking device that connects to a network.  
  7. #  
  8. # Set *NdisDeviceType to NDIS_DEVICE_TYPE_ENDPOINT (1) if this device is an  
  9. # endpoint device and is not a true network interface that connects to a network.  
  10. # For example, you must specify NDIS_DEVICE_TYPE_ENDPOINT for devices such as  
  11. # smart phones that use a networking infrastructure to communicate to the local  
  12. # computer system but do not provide connectivity to an external network.   
  13. #  
  14. # Usage: run in an elevated shell (vista/longhorn) or as adminstrator (xp/2003).  
  15. #  
  16. # PS> .\fix-vmnet-adapters.ps1  
  17.  
  18. # boilerplate elevation check  
  19.  
  20. $identity = [Security.Principal.WindowsIdentity]::GetCurrent()  
  21. $principal = new-object Security.Principal.WindowsPrincipal $identity 
  22. $elevated = $principal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)  
  23.  
  24. if (-not $elevated) {  
  25.     $error = "Sorry, you need to run this script" 
  26.     if ([System.Environment]::OSVersion.Version.Major -gt 5) {  
  27.         $error += " in an elevated shell." 
  28.     } else {  
  29.         $error += " as Administrator." 
  30.     }  
  31.     throw $error 
  32. }  
  33.  
  34. function confirm {  
  35.     $host.ui.PromptForChoice("Continue", "Process adapter?",  
  36.         [Management.Automation.Host.ChoiceDescription[]]@("&No", "&Yes"), 0) -eq $true 
  37. }  
  38.  
  39. # adapters key  
  40. pushd 'hklm:\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}' 
  41.  
  42. # ignore and continue on error  
  43. dir -ea 0  | % {  
  44.     $node = $_.pspath  
  45.     $desc = gp $node -name driverdesc  
  46.     if ($desc -like "*vmware*") {  
  47.         write-host ("Found adapter: {0} " -f $desc.driverdesc)  
  48.         if (confirm) {  
  49.             new-itemproperty $node -name '*NdisDeviceType' -propertytype dword -value 1  
  50.         }  
  51.     }  
  52. }  
  53. popd  
  54.  
  55. # disable/enable network adapters  
  56. gwmi win32_networkadapter | ? {$_.name -like "*vmware*" } | % {  
  57.       
  58.     # disable  
  59.     write-host -nonew "Disabling $($_.name) ... " 
  60.     $result = $_.Disable()  
  61.     if ($result.ReturnValue -eq -0) { write-host " success." } else { write-host " failed." }  
  62.       
  63.     # enable  
  64.     write-host -nonew "Enabling $($_.name) ... " 
  65.     $result = $_.Enable()  
  66.     if ($result.ReturnValue -eq -0) { write-host " success." } else { write-host " failed." }  
  67. }  

Have fun.

.NET | Monad | PowerShell | Vista | VMWare | WMI
posted on Friday, September 05, 2008 4:13:52 PM (Eastern Daylight Time, UTC-04:00)  #    Comments [1] Trackback
# Friday, August 15, 2008
Auto mount/unmount new PSDrives for removable drives and network shares in PowerShell v2

The new eventing infrastructure in PowerShell 2.0 is pretty delicious. You couldn’t do the following in 1.0 without a 3rd party snap-in (like my PSEventing snapin), but now it’s all there at the touch of your fingers. Well, it demands a bit of a sniff around WMI too, but hey, it works well.  With this module, anytime you add or remove a removable device like an external harddrive or USB key, or map a new network drive in explorer, PowerShell will now automatically add or remove a corresponding PSDrive for you.

  1. # AutoMount.psm1 v1.0  
  2. # Oisin "x0n" Grehan (MVP)  
  3.  
  4. $query = new-object System.Management.WqlEventQuery  
  5. $query.EventClassName = "__InstanceOperationEvent" 
  6.  
  7. # default to every 2 seconds  
  8. $query.WithinInterval = new-object System.TimeSpan 0,0,2  
  9.  
  10. # this WMI is only available with Windows 2003 and Vista (not XP it appears).  
  11. # this could be rewritten to use different WMI queries to support 2000/NT/XP also.  
  12. $query.QueryString = "Select * from Win32_VolumeChangeEvent" 
  13.  
  14. # attach a watcher  
  15. $watcher = new-object System.Management.ManagementEventWatcher $query 
  16.  
  17. # here we use -SupportEvent instead of -SourceIdentifier  
  18. # this prevents this event from being generally visible  
  19. # also note the use of the call operator to invoke a   
  20. # function in the scope of the module since this action  
  21. # occurs outside of module scope.  
  22. Register-ObjectEvent $watcher -EventName "EventArrived" `  
  23.     -SupportEvent "WMI.VolumeChange" -Action {  
  24.         & (get-module automount) VolumeChangeCallback @args 
  25.     }  
  26.  
  27. # New PSEvents:  
  28. #  
  29. #     PowerShell.DeviceConfigurationChanged  
  30. #     PowerShell.DeviceArrived  
  31. #     PowerShell.DeviceRemoved  
  32. #     PowerShell.DeviceDocking  
  33.  
  34. # win32_volumechangeevent event types  
  35. $eventTypes = @{  
  36.     1 = "ConfigurationChanged";  
  37.     2 = "Arrived";  
  38.     3 = "Removed";  
  39.     4 = "Docking";  
  40. }  
  41.  
  42. # private module level callback function  
  43. function VolumeChangeCallback ($sender, $eventargs) {  
  44.     trap { write-warning $_ }  
  45.  
  46.     $driveName = $eventArgs.NewEvent.DriveName.TrimEnd(":")  
  47.     $eventType = [int]$eventArgs.NewEvent.EventType # was uint16  
  48.  
  49.     $forwardedEvent = "Device$($eventTypes[$eventType])" 
  50.       
  51.     # forward a new simpler event specific to device event type  
  52.     [void]( New-PSEvent "PowerShell.$forwardedEvent" -Sender $driveName `  
  53.         -EventArguments $eventargs )  
  54. }  
  55.  
  56. # hook up our psdrive mount / unmount events  
  57. # and start the WMI watcher  
  58. function Enable-AutoMount {  
  59.  
  60.     Register-PSEvent -SourceIdentifier "PowerShell.DeviceArrived" `  
  61.         -Action {              
  62.             new-psdrive -name $args[0] -psprovider `  
  63.                 filesystem -root "$args[0]:";  
  64.          }  
  65.  
  66.     Register-PSEvent -SourceIdentifier "PowerShell.DeviceRemoved" `  
  67.         -Action {  
  68.             remove-psdrive -name $args[0] -ea 0; # may not exist  
  69.         }  
  70.       
  71.     $watcher.Start()  
  72. }  
  73.  
  74. # tear down our psdrive mount / unmount events  
  75. # and stop the WMI watcher  
  76. function Disable-AutoMount {  
  77.  
  78.     Unregister-PSEvent -SourceIdentifier "PowerShell.DeviceArrived" 
  79.     Unregister-PSEvent -SourceIdentifier "PowerShell.DeviceRemoved" 
  80.       
  81.     $watcher.Stop()  
  82. }  
  83.  
  84. # export functions to control automount  
  85. Export-ModuleMember Enable-AutoMount, Disable-AutoMount  
  86.  
  87. # start watching and (un)mounting  
  88. Enable-AutoMount 

This only works PowerShell v2.0 CTP2, and you’ll need to save it as AutoMount.psm1 in a directory under your documents folder like so (vista example):

%userprofile%\documents\windowspowershell\packages\automount\automount.psm1

You can then load it with the command:

ps> add-module automount

I have this in my profile.  You can temporarily disable automount with the function Disable-AutoMount and reenable it at anytime with Enable-AutoMount. The module also exposes four new events for you to consume yourself. You could, for example, hook your own script to run anytime a device is added and/or removed. This is what I do myself in the module. I hook a WMI event once then forward 1 of 4 possible new events depending on the type of WMI event that was raised.

NOTE: this particular flavour of WMI query only works in Vista and Windows 2003 it appears. I’m looking into getting it working with 2000/XP also.

Have fun!

.NET | Eventing | Modules | Monad | PowerShell 2.0
posted on Friday, August 15, 2008 10:14:47 PM (Eastern Daylight Time, UTC-04:00)  #    Comments [0] Trackback
# Tuesday, August 12, 2008
Time For A Change

It’s getting harder to post useful scripting tips for PowerShell these days as there are so many talented hardcore scripting bloggers around. My day to day is job is not system/network/server administrator; I’m a .NET developer, having started the C# habit about eight or nine years ago with the early CLR 1.0 beta. So, from here on in, I’ve decided that a better direction for me to take from now on is that of a PowerShell developer,  as opposed to a scripter. There are very few (if any?) dedicated PowerShell developer blogs around, and so I figured I should try to fill that gap as best I can. I have a not insignificant amount of experience writing providers, cmdlets and other widgety bits, so it’s a good time to share my experiences. Of course, my way is not “the” way, so please reply with your own experiences/advice/mocking/whatever. ;-)

That said, I am not eschewing scripting altogether – I have some stuff in the pipeline (har-har) concerning areas I’m interested in, like eventing and jobs/remoting.

.NET | Cmdlets | Monad | PowerShell | Providers | PSCX | PSEventing | SharePoint | SnapIns
posted on Tuesday, August 12, 2008 10:03:20 AM (Eastern Daylight Time, UTC-04:00)  #    Comments [0] Trackback
# Monday, August 11, 2008
Tips for using Enumerated Types in PowerShell

Just a handy tip - you don't have to cast enum types in powershell usually. It will do that for you if that's the only constructor (or method) overload that makes sense:

$accessrule = New-Object system.security.AccessControl.FileSystemAccessRule $userName, `
     "Modify",  "ContainerInherit,ObjectInherit", "None", "Allow"

So when I say "only overload that makes sense," what do I mean by that? Take this method for example which has two overloads (meaning it has two different sets of parameters you could use):

void MyMethod(string a, string b, string c)

void MyMethod(string a, enum b, string c)

If you try to call that method with $o.MyMethod("foo", "foo", "foo"), it will pick the first version that takes three strings. In that case, you would have to cast/convert the enum to its native type so that powershell will pick the right method.

.NET | Monad | PowerShell
posted on Monday, August 11, 2008 12:38:22 PM (Eastern Daylight Time, UTC-04:00)  #    Comments [0] Trackback
# Sunday, August 10, 2008
PowerShell v2 one-liner to get clipboard text

With PowerShell’s new –STA startup switch, interacting with the Windows Forms object model was never so easy:

PS> $text = & {powershell –sta {add-type –a system.windows.forms; [windows.forms.clipboard]::GetText()}}

Easy, eh?

Monad | PowerShell | PowerShell 2.0
posted on Sunday, August 10, 2008 11:36:37 AM (Eastern Daylight Time, UTC-04:00)  #    Comments [0] Trackback
# Tuesday, August 05, 2008
Batch remove Zone.Identity information from downloaded files and scripts
blocked file properties

As we all [should] know, running scripts downloaded from the Internet is a risky business. But sometimes you know exactly where they came from, and you trust the source. The problem arrives when you’re on a server without any of your familiar utilities and you’ve just downloaded a zip of several ps1 scripts. Unzipping the zip via the windows built-in zip handler in explorer will preserve the Zone.Identifier information for the extracted files. This means that even if you have your Execution Policy set to RemoteSigned (which most people seem to have – it’s a sensible balance), the now “local” scripts are treated as remote and they will not run. Ideally you should “unblock” the zip file before extracting the files; all extracted files are then also “unblocked.” Unblocking a file is as simple as right-clicking it in Explorer and choosing “Properties.” (see figure 1).

Now, sometimes you don’t have this luxury. Either someone else downloaded/extracted the files or you are logged in remotely via PowerShell Remoting/WINRM for example. Thankfully, the annoyingly talented Mark Russinovich has written a great little tool for stripping NTFS ADS (alternate data streams – where the zone indentifier information is attached to a regular file) called streams.exe. He’s also made the tool easily available via a UNC path: \\live.sysinternals.com\tools\streams.exe Usage is simple: just start in the root directory of the extracted scripts and run: streams –s –d *.ps1 ; the –s means traverse subdirectories and –d instructs it to delete any alternate data streams from the files.

Monad | PowerShell
posted on Tuesday, August 05, 2008 11:35:42 AM (Eastern Daylight Time, UTC-04:00)  #    Comments [0] Trackback

Page rendered at Friday, November 21, 2008 4:52:48 PM (Eastern Standard Time, UTC-05:00)