basic powershell toolmaking - spiceworld 2016 session
TRANSCRIPT
Scripting as a Second LanguageBasic PowerShell Toolmaking
Rob Dunn - @maximillianx
• Lead Systems Administrator• IT Pro for 22 years • In the Spiceworks Community since 2007• Pure Capsaicin since 2014
Sponsored by Netwrix – www.netwrix.com
Free products:• Change Notifier for AD, File Servers, Group Policy• Account Lockout Examiner Tool• Password Expiration Notifier• Effective Permissions Analyzer• And more!Flagship Product:• Audit (Active Directory, Azure AD, Oracle, SharePoint, VMware, O365, and more)
Icon can go here (see icon slide)
#SPICEWORLD2016
• My take on the Difference Between a Script and a Tool
• Toolmaking with a Tool (not just me), the ISE• The Genesis of the Tool• Demo!
What We’ll Cover Icon can go here (see icon slide)
#SPICEWORLD2016
A simple script is a file containing a series of runtime instructions which can be executed repeatedly with a relatively specific focus which produces an expected outcome.
Typically, the user running the script doesn’t have much, if any control over the output.
What is a Simple Script?
#SPICEWORLD2016
• Input• Functional• Output
What is a Tool – Three Types
#SPICEWORLD2016
What do We Use to Make Our PowerShell Scripts and Tools? [Demo]
Use the right tool for the job!
• Not NotePad or other text-based editors• Something that is “PowerShell”
aware• This could be Visual Studio,
VSCode, Sapien PowerShell Studio, or…the FREE Microsoft ISE.
Advantages?
1. Easily execute single lines or sections of code
2. Tab completion of parameters, properties & methods
3. Debugging, error discovery, and syntax highlighting
4. Add-on support
Icon can go here (see icon slide)
#SPICEWORLD2016
Toolmaking: My Thought Process
Problem Level of Need
Output Input
#SPICEWORLD2016
Start with a bit of code that you’ve used once or twice and build your script around that.
Today’s Method: Build From the “Inside Out”
Get-Command - Find that cmdlet you’re looking for
Get-Help (RTFM, right?! Don’t forget to ‘Update-Help’ as well!)
Get-Member - Find out the methods and properties associated with an object*
* Pretty much everything in PowerShell is an object
Quick review: Cmdlets you must know
Quick review: What is a PowerShell Object?
It’s a “thing” that represents something.
You can also think of it like a row in a database table - with a twist
Properties• $Friend.FirstName = Scott• $Friend.LastName = Brosnan• $Friend.Height = 1.7272• $Friend.Funny = $True• $Friend.BurnsUnderAStreetL
ampBecauseHeMustBeAVampireNotATwilightVampireTheOtherKind= $True
$Chair
$Friend = Get-Friend | Where-Object FirstName –eq “Scott”$Friend.BeatBox(20)
$Friend
Methods• $Friend.Complain• $Friend.TellHorribleJoke• $Friend.TakeDownStorage
Array• $Friend.BeatBox
Quick review: What is a PowerShell Object?
It’s a “thing” that represents something.
You can also think of it like a row in a database table - with a twist
$Chair
$Friend = Get-Friend | Where-Object FirstName –eq “Scott”$Friend.BeatBox(20)
$Friend
Get Event Log Entries surrounding an item of interest
The Scenario
Place and center icon here above topic title (see icon slide)
#SPICEWORLD2016
#SPICEWORLD2016
The Problem
A service account is experiencing a lockout in the middle of the night. IT needs to gather all the event log entries from the system log x minutes before and x minutes after the time of a specified event to see if there is “something else” going on.
Icon can go here (see icon slide)
#SPICEWORLD2016
The IT manager has determined this problem occurs enough times to warrant a closer look at the symptoms by his junior staff; preferably by utilizing a consistent method when the problem recurs.
The Level Of Need Icon can go here (see icon slide)
#SPICEWORLD2016
The IT manager would like to have all the surrounding event log entries in a view which can be browsed or exported to CSV for further analysis; potentially in Excel so they can compare them.
The Output Icon can go here (see icon slide)
#SPICEWORLD2016
1. The date and time of Event we’re interested in2. The range of minutes before and after the event to gather other
possible interesting information.
The Input (our Parameters) Icon can go here (see icon slide)
#SPICEWORLD2016
…find system event log items x minutes before and x minutes after event of interest occurs…output events to end user as objects
BONUS: Can we get these items from ALL event logs?
To use these parameters, our script needs to:
Icon can go here (see icon slide)
Let’s Code!
Place and center icon here above topic title (see icon slide)
#SPICEWORLD2016
#SPICEWORLD2016
• Comment-Based Help• Format your script – look like a Pro!• Make your scripts and functions single purpose, name them
accordingly• Use Microsoft supported verbs to name your functions and scripts
(Get-Verb)• Configure Execution Policy to run PS1 files (Set-ExecutionPolicy –ExecutionPolicy RemoteSigned, etc.)
Best Practices Icon can go here (see icon slide)
#SPICEWORLD2016
1. Save your file as a .PS1 and share with your co-workers
2. Create a module (easier than it sounds)
Share and Enjoy! I.e. Extra Credit
#SPICEWORLD2016
[Book] PowerShell in a Month of Lunches, Don Jones & Jeffery Hicks[Book] PowerShell ToolMaking in a Month of Lunches, Don Jones & Jeffery Hicks[Web] PowerShell 3.0 JumpStart, Microsoft Virtual Academy, Jason Helmick, Jeffery Snover*
*heck, anything by Jeffery Snover, I mean, he invented it!
Learning PowerShell?
Thank you!