DSC Resource versioning fixed with WMF5 Production preview!

Last week I blogged about an issue with the DSC resource folder versioning in a DSC Pull scenario. DSC Resource folder versioning issue in a DSC-Pull scenario.

This week Microsoft released a new version of WMF 5.0  which fixes a whole range of issues.

While you still have to zip your DSC Resource without the version folder, the DSC engine now extracts the ZIP file to the corresponding folder version!

DSC Resource zip structure:

PSDSC_Pull_Server

DSC Resource client structure:

PSDSC_Pull_Client:

This means that now, we can use multiple versions of a DSC Resource on the same client. This will help when for example you only want to update 1 partial configuration on a server that uses a newer resource, while not having to update dependent others.

Disable privacy sensitive settings in Windows 10

Recently a minor discussion started with one of my Facebook friends, where people found the new data collecting engines from Microsoft a bit annoying. Personally I find that Windows 10 has alot more features and stability to offer, and that these settings should not be the reason for you to hold back on a better operating system. However I do understand some people’s concerns.

Example article:  http://lifehacker.com/what-windows-10s-privacy-nightmare-settings-actually-1722267229

This made me think, there should be a way to just quickly disable all those annoyances. Below you can find the result of a quick Posh script that takes care this for you.

DisablePrivacySettings_Win10.ps1

###########################################################################
## Created by Danny den Braver @29-08-2015
##
## I primary made this script due to a minor discussion that started on FB about the Windows 10 Privacy 'flaws'
## This script will disable most of the 'features' that microsoft uses to gain privacy sensitive data
##
## Currently this script disables Telemetry and DataCollection, Wifi Sense, SmartScreen Filter & Cortana
##########################################################################

#region Disable Telemetry and Data Collection

Write-Verbose -Message 'Disabling: Telemetry and Data Collection' -Verbose

# Create registry key to disable Telemetry
New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection" -Name AllowTelemetry -Value '0' -PropertyType DWord -Force | Out-Null 

# Disabling & Stopping service DiagTrack
Set-Service -name DiagTrack -StartupType Disabled
Stop-Service DiagTrack

# Disabling & Stopping App Push Service
Set-Service -name dmwappushservice -StartupType Disabled
Stop-Service dmwappushservice

#endregion

#region Disable Wifi-Sense (Wifi Sharing)

Write-Verbose -Message 'Disabling: Wifi-Sense (Wifi Sharing)' -Verbose

# Create Registry key into policy to disable Wi-fi Sense
New-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\config" -Name AutoConnectAllowedOEM -Value '0' -PropertyType DWord -Force | Out-Null 

#endregion

#region Disable SmartScreen Filter

Write-Verbose -Message 'Disabling: SmartScreen Filter' -Verbose

# Create Registry key into policy to disable Microsoft SmartScreen
New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\System" -Name EnableSmartScreen -Value '0' -PropertyType DWord -Force | Out-Null
 
#endregion

#region Disable Cortana

# Read current user
$whoami = whoami
$domain = ($whoami).split("\")[0]
$username = ($whoami).split("\")[1]

if (Test-Path 'C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe')
{
    Write-Verbose -Message 'Disabling: Cortana' -Verbose
    # Change permissions on Cortana folder & executable
    $objUser = New-Object System.Security.Principal.NTAccount($domain, $username)
    $objFile = Get-Acl 'C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe'
    $objFile.SetOwner($objUser)
    Set-Acl -aclobject $objFile -path 'C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe'
    Set-Acl -aclobject $objFile -path 'C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy'
    icacls 'C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe' /grant "$($whoami):(OI)(CI)F"
    icacls 'C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy' /grant "$($whoami):(OI)(CI)F"

    # Rename Cortana Executable so it no longer starts
    Rename-Item 'C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe' 'Disabled.SearchUI.exe'
}

else 
{
    Write-Verbose -Message 'Check: Cortana was already disabled' -Verbose
}

#endregion

Write-Warning -Message 'Please be aware that you will need to restart your computer for settings to take effect'

DSC Resource folder versioning issue in a DSC-Pull scenario.

Please be aware of the following if you are using DSC Pull with folder versioning in your DSC Resources

In my case, I have a custom DSC Resource named cDNSRecord with the following directory structure: .\cDnsServer\1.1.0.0\DSCResources\cDNSRecord.

It seems that currently as in WMF 5.0 (April 2015 Preview) it is not supported to have resources with folder versioning in a DSC Pull scenario and will most likely end you up with error 4104 in the event log:

ErrorId is 0x1. ErrorDetail is The PowerShell DSC resource % not contain the corresponding MOF file %.

EventID4252-1DSC

A Work-around to this solution is simple:unzip your resource, and remove the folder versioning to for example: .\cDnsServer\DSCResources\cDNSRecord

While you can now use your DSC Resource in a Pull scenario, this does mean that you cannot use multiple versions of a DSC Resource on 1 sever if you use DSC Pull. This also means that if you want to upgrade to a newer version for this DSC Resource you will first need to remove the old version from the C:\Program Files\WindowsPowerShell\Modules directory on this specific server.

If you forget to remove the old folder you will most end up with another errorid 4252 in the event log:

Error Message: Installation of module % failed since the module directory already exists at %.Message ID: ModuleDirectoryAlreadyExistsEventID4252-2DSC

This can be resolved by using the AllowModuleOverwrite = $true value in your LCM configuration.

Hopefully this issue will be resolved in a future release of WMF5.

 

Scan Cluster Volume Health

I created this function some time ago already when we did not have the SCOM Management Pack for Windows Clusters imported yet.

This script basically scans a Cluster, to scan its current CSV State, and report you the current size/usage/freespace available.

The output of this script can be used to filter out unhealthy volumes, or volumes that are filling up!

Function GetClusterVolumeState{
<#
.SYNOPSIS
Retrieve information about the Cluster Volume Health
.DESCRIPTION
The GetClusterVolumeState function retrieves information about the cluster volumes on a certain cluster.
This information will show the Cluster, Volume, Health and Disk space.
.PARAMETER Clusters
One or multiple clusters you would like to retrieve information from
.EXAMPLE
Retrieve information about the Clustervolumes for Cluster01
RI-GetClusterVolumeState -clusters "Cluster01"
.NOTES
This script was written by Danny den Braver @2013, for questions please contact danny@denbraver.com
#>
[CmdletBinding(SupportsShouldProcess=$true)]
param([array][Parameter(Mandatory=$true)]$Clusters)

foreach ($Cluster in $Clusters){
    # Test Connection availability and continue if $true
    $testconnection = Test-Connection $Cluster -Quiet
    if ($testconnection -eq $true){
        Write-Verbose -Message "Scanning: $Cluster for clusterdisk information"
	    # Get CSV Volumes
	    $CSVDisks = Get-ClusterSharedVolume -Cluster $Cluster
	    foreach ($CSVDisk in $CSVDisks){
		    # Get CSV VolumeInformation
		    $CSVVolumeInfo = $CSVDisk | Select -Expand SharedVolumeInfo
		    $CSVFriendlyName = $CSVVolumeInfo.FriendlyVolumeName
		    $CSVVolume = ($CSVFriendlyName.Split("\")[2]).ToLower()
		    $CSVState = $CSVDisk.State
		    # Get CSV free space
		    [int]$CSVDiskDriveFreeSpace = ([math]::round((($CSVVolumeInfo | Select -Expand Partition).FreeSpace / 1GB), 0))
		    # Get CSV total space
		    [int]$CSVDiskSpace = ([math]::round((($CSVVolumeInfo | Select -Expand Partition).Size / 1GB), 0))
		    # Get CSV used Space
		    [int]$CSVDiskDriveUsedSpace = [int]$CSVDiskSpace - [int]$CSVDiskDriveFreeSpace
		    # Get CSV Health
		    if ($CSVState -eq "Online"){
			    if ($CSVVolumeInfo.MaintenanceMode -eq $False){
				    if ($CSVVolumeInfo.RedirectedAccess -eq $True){
					    $CSVHealth = "Warning"
					    $CSVHealthDetails = 'Volume is in redirected mode.'
				    }
				    else {
					    $CSVHealth = "Healthy"
					    $CSVHealthDetails = 'Volume is healthy.'
				    }
			    }
			    else {
				    $CSVHealth = "Maintenance"
				    $CSVHealthDetails = 'Volume is in maintenance mode."'	
			    }									
		    }
		    else {
			    $CSVHealth = "Critical"
			    $CSVHealthDetails = 'Volume is in offline state.'
		    }
 
		    # CSV Output
            $clustername = $cluster -replace ".eu.rabonet.com",""
            $clustername | select   @{l="Clustername";e={$Clustername}},
                                    @{l="Volume"; e={"$CSVVolume"}},
                                    @{l="DiskSpaceGB"; e={"$CSVDiskSpace"}},
                                    @{l="UsedSpaceGB"; e={"$CSVDiskDriveUsedSpace"}},
                                    @{l="FreeSpaceGB"; e={"$CSVDiskDriveFreeSpace"}},
                                    @{l="Health"; e={"$CSVHealth"}},
                                    @{l="Health Description"; e={"$CSVHealthDetails"}}
	    }
    }
    else { Write-Warning "Could not connect to $Cluster" }
}
}

 

Make a SSH Connection using Powershell

Ever needed to connect to a hardware or unix interface from a windows box? For example to manage HP Servers / Interfaces, or to run some code on a Linux appliance?

Over at Powershelladmin.com they have an answer to this: SSH-Sessions powershell module.

Copy the SSH-Sessions folder to your C:\Windows\System32\WindowsPowerShell\v1.0\Modules directory and then unblock the SSH.Net library using Unblock-File C:\Windows\System32\WindowsPowerShell\v1.0\Modules\SSH-Sessions\Renci.SshNet.dll

After that you can just Import-module the SSH-Sessions and you’re on your way:

get-help *ssh*

Name                    Category  Synopsis
----                    --------  --------
Get-SshSession          Function  Shows all, or the specified, SSH sessions in the global $SshSessions var...
Remove-SshSession       Function  Removes opened SSH connections. Use the parameter -RemoveAll to remove a...
New-SshSession          Function  Creates SSH sessions to remote SSH-compatible hosts, such as Linux...
Invoke-SshCommand       Function  Invoke/run commands via SSH on target hosts to which you have already op...
Enter-SshSession        Function  Enter a primitive interactive SSH session against a target host....