Eric's Technical Outlet

Learning the hard way so you don't have to

Announcing Windows Admin Center Certificate Selector

Have you started using Windows Admin Center (WAC) in your environment? If not, I strongly encourage you to try it out. It creates a single HTML 5 web page to control multiple Windows and Windows Server installations. It can make a lot of your maintenance tasks easier, even if you only have a few Windows systems to manage. Eventually, it might replace all those pesky MMCs.

Unfortunately, it still has a number of usability problems, especially when it comes to managing WAC itself. Of these, the supported procedure for installing or replacing the PKI certificate that WAC uses on its web page is particularly onerous.

So, I’ve created a simple application to make the process easier. You bring a WAC installation and a good certificate, and I’ll handle the rest.

The tool looks into the local certificate store and presents you with a list. Select one, and if it checks out, it will install it for you:

If it doesn’t like something about the certificate, then one or more of the checks will fail and it will not allow you to use the certificate:

It uses Microsoft’s supported certificate update method in the background, essentially acting as a front-end.

How to Obtain the WAC Certificate Selector

You can find the latest release on its GitHub page. I have only been able to test on a handful of systems, so I’m marking it as a public beta for now. Please exercise caution when running on production systems. Report any problems using the GitHub Issues page.

I look forward to your feedback!

Advertisements

Magic in PowerShell Scripts Lets Evil Win

When my daughter was younger, my family would gather around the television and watch the series Once Upon a Time. Of its dominant recurring themes, one oft-repeated line in particular stands out: “Magic always has a price.” In the show, when the characters used non-trivial magic, some sort of dire consequence was sure to follow (plot allowing, of course). Their takeaway: never use magic without a willingness to pay the price. That lesson works for PowerShell scripters, too.

Read more of this post

Change the Default Error Action to Improve Your PowerShell Scripts’ Usability

Have you ever run a PowerShell script and gotten a wall of red text? Maybe even scrolling red text? If you’re a grizzled scripting veteran, you probably already know how to start troubleshooting that. But, did it really need to subject you to all of that? What about scripting newcomers? Does the PowerShell world really need to behave that way? Fortunately, we have a vastly superior alternative.

Read more of this post

Corefig Has Been Murdered, Long Live Corefig!

The important part: I am still working on Corefig. There will be a new version. It will improve greatly upon previous versions.

The bad part: the project has suffered a serious setback. It will take some time to recover.

Read more of this post

Use PowerShell to Discover Long-Distance CIM (WMI) Relationships

Usually when you need information from CIM (WMI), you only need to query a single instance. Sometimes, you need to dig through a series of class relationships to find what you want. I’ve built a pair of PowerShell scripts to make that easier.

Read more of this post

Change Default Cmdlet Parameters in Script Without Changing the Global Defaults

PowerShell provides the $PSDefaultParameterValues global variable so that you can pre-configure arguments for specific parameters on cmdlets that you use regularly. But, what if you want to do the same thing in a script? What if you want to do it without breaking anything in the existing global variable? With only a bit of work, you can.

Read more of this post

“Incorrect Function” and “Encryption Oracle Remediation” Errors

Starting with the April 2018 Windows security patches, Microsoft began cleaning up a remote execution vulnerability in CredSSP. Unfortunately, truly fixing it requires that patched systems reject CredSSP communications from unpatched systems. Developers control which authentication methods their applications use, and they won’t necessarily make you aware. So far, I have seen problems in Remote Desktop Connection and System Center products. Read more of this post

Using PowerShell for Consistent, Repeatable Windows Features Selection

Deploying Windows Servers can be a pain, even when you’ve got a templating system. How do I know that the template matches my current requirements? What do I know now that I didn’t know when that template was built? How do I easily manage the one-off differences between that template and the needs of this new system?

It’s even worse when you don’t have a template system or have overriding reasons to not to use one. You’re stuck building each new server from scratch, checking those boxes like it’s your first time.

Or, are you?

If you’re looking for a fast way to save or copy the list of selected Windows Server features and roles and apply them to a new system, PowerShell can easily help.

Read more of this post

Microsoft Storage Spaces vs. AMD SB950 RAID

This is a quick comparison of a parity Storage Space vs. RAID-5 on the same system.

Read more of this post

WiX: Add Browse for File Capability to Installer

Do you want to add the ability for a user to browse for a file to your WiX installer project? The problem is fairly straightforward, and according to my searches, a lot of people have solved it. Unfortunately, no one seems to want to publish it. Here’s how I solved it.

Also, if you’re looking for a way to have an external custom action update a text box, that’s here, too.

Read more of this post