Eric's Technical Outlet

Learning the hard way so you don't have to

Category Archives: General IT

Announcing Windows Admin Center Certificate Selector

Have you started using Windows Admin Center (WAC) in your environment? If not, I strongly encourage you to try it out. It creates a single HTML 5 web page to control multiple Windows and Windows Server installations. It can make a lot of your maintenance tasks easier, even if you only have a few Windows systems to manage. Eventually, it might replace all those pesky MMCs.

Unfortunately, it still has a number of usability problems, especially when it comes to managing WAC itself. Of these, the supported procedure for installing or replacing the PKI certificate that WAC uses on its web page is particularly onerous.

So, I’ve created a simple application to make the process easier. You bring a WAC installation and a good certificate, and I’ll handle the rest.

The tool looks into the local certificate store and presents you with a list. Select one, and if it checks out, it will install it for you:

If it doesn’t like something about the certificate, then one or more of the checks will fail and it will not allow you to use the certificate:

It uses Microsoft’s supported certificate update method in the background, essentially acting as a front-end.

How to Obtain the WAC Certificate Selector

You can find the latest release on its GitHub page. I have only been able to test on a handful of systems, so I’m marking it as a public beta for now. Please exercise caution when running on production systems. Report any problems using the GitHub Issues page.

I look forward to your feedback!

Advertisements

Magic in PowerShell Scripts Lets Evil Win

When my daughter was younger, my family would gather around the television and watch the series Once Upon a Time. Of its dominant recurring themes, one oft-repeated line in particular stands out: “Magic always has a price.” In the show, when the characters used non-trivial magic, some sort of dire consequence was sure to follow (plot allowing, of course). Their takeaway: never use magic without a willingness to pay the price. That lesson works for PowerShell scripters, too.

Read more of this post

Change the Default Error Action to Improve Your PowerShell Scripts’ Usability

Have you ever run a PowerShell script and gotten a wall of red text? Maybe even scrolling red text? If you’re a grizzled scripting veteran, you probably already know how to start troubleshooting that. But, did it really need to subject you to all of that? What about scripting newcomers? Does the PowerShell world really need to behave that way? Fortunately, we have a vastly superior alternative.

Read more of this post

Corefig Has Been Murdered, Long Live Corefig!

The important part: I am still working on Corefig. There will be a new version. It will improve greatly upon previous versions.

The bad part: the project has suffered a serious setback. It will take some time to recover.

Read more of this post

“Incorrect Function” and “Encryption Oracle Remediation” Errors

Starting with the April 2018 Windows security patches, Microsoft began cleaning up a remote execution vulnerability in CredSSP. Unfortunately, truly fixing it requires that patched systems reject CredSSP communications from unpatched systems. Developers control which authentication methods their applications use, and they won’t necessarily make you aware. So far, I have seen problems in Remote Desktop Connection and System Center products. Read more of this post

Using PowerShell for Consistent, Repeatable Windows Features Selection

Deploying Windows Servers can be a pain, even when you’ve got a templating system. How do I know that the template matches my current requirements? What do I know now that I didn’t know when that template was built? How do I easily manage the one-off differences between that template and the needs of this new system?

It’s even worse when you don’t have a template system or have overriding reasons to not to use one. You’re stuck building each new server from scratch, checking those boxes like it’s your first time.

Or, are you?

If you’re looking for a fast way to save or copy the list of selected Windows Server features and roles and apply them to a new system, PowerShell can easily help.

Read more of this post

PowerShell: Find Local Applications Blocked By a Remote Firewall

I’m sure we’ve all been there. You get an application that a vendor wrote and tested on a single, unfirewalled subnet. They sell it to you and you put it in your higher-security, multi-subnetted, firewalled environment, and it all falls down and goes boom. The vendor swears they’ve given you all the firewall information and then you go around-and-around for a few days, pulling network traces, etc.

So, I have thrown together a little script suite that should help you get to the bottom of it a little more quickly. Of course, a lot of times, you open one port only to discover that there is another port that will be needed that you couldn’t detect until the first one was open. Not much I can do about that in a PowerShell script, but watch the Altaro blog because I plan to demonstrate how to set up a test environment in Hyper-V to do this whole thing in a few minutes as opposed to the hours, or even weeks, it can sometimes take otherwise.

Read more of this post

Video Course Giveaway: Enter for a chance to win a free copy of my Hyper-V cluster video series

For the contest we have 4 copies of Building and Managing a Virtual Environment with Hyper-V Server 2012 R2 [Video] to be given away to 4 lucky winners.

How to enter:

To enter to win your copy of this video course, all you need to do is come up with a comment below highlighting the reason “why you would like to win this video course”.

Duration of the contest & selection of winners:

The contest is valid for 1 week from September 22nd, 2014 to September 29th, 2014, and is open to everyone. Winners will be selected on the basis of the contents of their posted comment.

About the video course:

Video Series Image

Building and Managing a Virtual Environment with Hyper-V Server 2012 R2 is a video series designed to present the complexities of Hyper-V and failover cluster configuration in easily digestible chunks. The segments feature demonstrations of the concepts explained in the video, being executed on an actual Hyper-V cluster.

You’ll begin with the basics of setting up your nodes, gathering them into the cluster, and working with your shared storage system. Then you’ll get an in-depth tour of managing your systems using the built-in graphical tools and PowerShell cmdlets. With that foundation, you’ll learn advanced concepts of virtual machine migration and cluster protection. You’ll also discover detailed maintenance steps, such as how Cluster-Aware Updating keeps your nodes patched without impacting virtual machines.

Building and Managing a Virtual Environment with Hyper-V Server 2012 R2 will present you with the knowledge and examples you need to successfully design and deploy your own Hyper-V clusters.

PowerShell: Use RACADM to Delete a Dell DRAC User by Index

Dell’s DRAC web interface allows you to create and modify DRAC users, but not remove them. The RACADM.EXE utility has the power to do this, but the syntax isn’t easy to remember. Rather than look it up each time, you can easily script this with PowerShell.

Read more of this post

PowerShell: Script that Calls Itself Recursively

To have a PowerShell script that calls itself recursively, use the following construct:

Invoke-Expression -Command $PSCommandPath

If the script uses parameters, use the following construct:

Invoke-Expression -Command ($PSCommandPath + ' -Parameter1 FixedValue -Parameter2 $VariableValue')

If you want to call the script exactly as it was initially called (be careful!):

Invoke-Expression -Command $PSCmdlet.MyInvocation.Line

Read more of this post