Advanced Automation Using Windows PowerShell 3.0Kenneth Hansen

Program Manager

Microsoft Corporation

Steven Murawski, MVP

System Administrator

StackExchange

Session Overview

• Technical Level: 400• Intended Audience: IT administrators &

scripters• Learning Objectives: • Thoughts - Automation and PowerShell• Play – Demos simple and not so simple• Opine – A specific advanced automation technique

Scale is “great and terrible”

Great Terrible

Business is Good => $$

More servers=> More Failures

We have a Job

Rapid change is “great and terrible”

Great Terrible

Business can respond to match the market=> $$

More Change=> More Failures

We have a Job

Continuous service availability +Continuous rapid release cycle +Continuous deployment_________

Automation

What everybody wants…

$$IdeaBusiness Development Operations

“Hindsight is …”• The trigger for this event was a network configuration

change

• We will audit our change process and increase the automation to prevent this mistake from happening in the future

• …we focus on building software and services to survive failures

http://aws.amazon.com/message/65648/

Quote: Daniel Hansen

Windows Server Management PhilosophyIn the past, Windows Server was a great operating system

• for a single server• and its devices

Windows Server 2012 is a great operating system• for many servers• and the devices that connect them• whether they are physical or virtual• on premises or off premises

PowerShell Automation is…

PowerShell “Sacred Vow”

• We know…• Admins are busy and don’t have time• Learning a new language and system (aka PowerShell) takes time!

• We vow… • Learn PowerShell and we will make it the best investment you ever

made• We will leverage what you learn over and over and over

The Journey• PowerShell 1.0• Introduced a great scripting language for local machine management• Great APIs for developers to write cmdlets and providers• Microsoft Exchange made a big bet on PowerShell• Shipped with Windows Server 2008

• PowerShell 2.0• Shipped with Windows 7 and Windows Server 2008 R2• Remoting introduced: 1:1, Fan-out, Fan-in, Implicit remoting• Introduced ISE: Syntax coloring, Graphical debugging, Intl. support• Introduced Modules: Self containing packaging mechanism• IT Pros can create PowerShell cmdlets using PowerShell script• Huge feature set: • Background Jobs, Restricted Sessions, Transactions, Out-GridView, Eventing

Windows PowerShell 3.0 Features

Windows PowerShell Workflow.NET Framework 4 supportAdd-Member improvementsComputer cmdletsCSV handling improvementsGet-ChildItem attributesGet-Command improvementsGet-Content -TailBetter history supportSecurity cmdlet fixesSelect-Object optimizationsSelect-String improvementsTee-Object -AppendDisconnected sessionsIdle timeout & server buffering controlInvoke-Command in disconnected sessionsDisconnected jobsSTA mode by defaultRun with PowerShell context menuUpdated console font & brandingConsole host start perf improvementsETW logging and tracingScheduled jobsNew Group Policy settingsOutput redirection for all streamsDynamic types & formatsWord wrapDefault properties on custom objects

Updatable help systemMethod overload discoveryHelpUri attribute supportHelpFile property on FunctionInfoSimplified Where and ForEachRemoting local variables via $usingArray syntax for scalarsNew parser built on DLRCustom parameter value defaultsGeneric method invocationTypecasting deserialized objectsImproved method overload selectionNew objects from hash tablesOrdered hash tablesTypecasting for parameter valuesPipeline paging APIsNested pipeline APIs$PSScriptRoot and $PSCommandPathImproved module discovery & importNew module manifest keysPublic abstract syntax treeRunspace pool cleanup APIPublic tab completionWindows RT API supportObsolete cmdlet attributeVerb & noun on FunctionInfoWeb & REST cmdletsJSON cmdlets

CIM cmdlet authoring from WMI v2CIM .NET APIsCore CIM cmdletsRuntime script compilationEngine reliability improvementsBetter Get-ChildItem network perfCmdlet definition filesCertificate provider improvementsCredentials for FileSystem providerAlternate NTFS data stream supportMove-Item across drivesRemote module discovery & importRemote session autodisconnect & retryTransport options for remote sessionsModule loggingRunAs and SharedHost supportJob integration with Task SchedulerAlternate credential support for jobsModule autoloadingCommand discovery improvementsSpecial character handlingLiteralPath support for core cmdletsImproved tab completionSession configuration filesIntellisenseWindows Management Framework 3.0WinPE supportWindows RT support

Windows PowerShell Web AccessXAML-based workflowsScript-based workflowsControl Panel cmdletsUnblock-File cmdletWorkflow helpCmdlet to activity conversionWorkflow persistenceImproved WMI object formattingHeterogeneous object formattingWorkflow loggingWorkflow extensibilityCommon workflow parametersWorkflow execution environmentWindows PowerShell Web ServicesSnippetsISE Add-onsIntelliSense supportShow-CommandGet-Help -ShowWindowRestart Manager supportScript autosave supportOut-GridView -PassThruXML syntax highlightingBlock selectCollapsible regionsContextual F1 supportScript Explorer

DEMO: PowerShell WorkflowDEMO

DEMO: Scheduled JobsDEMO

DEMO: Array SyntaxDEMO

DEMO: V3.0 –gt V2.0DEMODEMO: Enhanced ISEDEMO

DEMO: Delegated AdminDEMO

DEMO: RemotingDEMO

DEMO: CEC / CIM ResultsDEMO

Windows PowerShell 3.0 Themes

Simple & Easy v3.0 -gt v2.0

Robust & Scalable

Comprehensive Coverage

Standards-based

Management CEC• CEC: Common Engineering Criteria

• What: All Microsoft server products are required to comply with a set of engineering requirements as part of the CEC

• Goal: Reduce the overall total cost of ownership through improved integration, manageability, security, reliability, and other critical infrastructure

• Requirement: All management surfaces must be exposed via PowerShell cmdlets or providers

• Result: COVERAGE

Rough Coverage Comparison

Windows Server 2012Core cmdlets: 305Total cmdlets: 2300Modules: 239

Windows Server 2008 R2Core cmdlets: 249

Total cmdlets: 456

Modules: 10

CIM Based CmdletsLeverage WMI Investment

Write a WMI v2 provider

Write a Cmdlet Definition File (.cdxml)

Get PowerShell cmdlets with a low cost of entry

BenefitsNo dependency on .NET FrameworkIdeal for low level components (file system, networking)Remoting over CIM using WSMan and CimSessions

<?xml version="1.0" encoding="utf-8"?>

<PowerShellMetadata xmlns="http://schemas.microsoft.com/cmdlets-over-objects/2009/11">

<Class ClassName="ROOT/StandardCimv2/MSFT_NetAdapter" ClassVersion="1.0.0">

<Version>1.0</Version>

<DefaultNoun>NetAdapter</DefaultNoun>

<InstanceCmdlets>

<GetCmdletParameters DefaultCmdletParameterSet="ByName">

<QueryableProperties>

<Property PropertyName="Name">

<Type PSType ="string"/>

<RegularQuery AllowGlobbing="true">

<CmdletParameterMetadata PSName="Name" Position="0" CmdletParameterSets="ByName" />

</RegularQuery>

</Property>

...

New Cmdlets in Windows PowerShell 3.0Thousands more in Windows Server 2012

Jobs• Add-JobTrigger• Disable-JobTrigger• Enable-JobTrigger• Get-JobTrigger• New-JobTrigger• Remove-JobTrigger• Set-JobTrigger• Disable-ScheduledJob• Enable-ScheduledJob• Get-ScheduledJob• Register-ScheduledJob• Set-ScheduledJob• Unregister-ScheduledJob• Get-ScheduledJobOption• New-ScheduledJobOption• Set-ScheduledJobOption

ISE• Get-IseSnippet• Import-IseSnippet• New-IseSnippet

CIM• Get-CimAssociatedInstance• Get-CimClass• Get-CimInstance• Get-CimSession• Invoke-CimMethod• New-CimInstance• New-CimSession• New-CimSessionOption• Register-CimIndicationEvent• Remove-CimInstance• Remove-CimSession• Set-CimInstance

Remoting• Connect-PSSession• Disconnect-PSSession• Receive-PSSession• New-

PSSessionConfigurationFile• Test-PSSessionConfigurationFile• New-PSTransportOption

Workflow• New-PSWorkflowExecutionOption• New-PSWorkflowSession• Invoke-AsWorkflow• Resume-Job• Suspend-Job

Web• ConvertFrom-Json• ConvertTo-Json• Invoke-RestMethod• Invoke-WebRequest

Other• New-WinEvent• Unblock-File• Show-Command• Rename-Computer• Save-Help• Update-Help• Get-TypeData• Remove-TypeData• Get-ControlPanelItem• Show-ControlPanelItem

Available Everywhere• Windows 8, Windows RT, & Windows Server 2012 Full

Server• PowerShell Remoting enabled by default on server SKUs

• Server Core• With or without Server Graphical Shell or Graphical Management

Tools• CIM modules remotable without PowerShell or .NET Framework

installed

• Windows Preinstallation Environment (WinPE) 4.0• Non-Windows Platforms Via NanoWEBM / OMI• Windows Management Framework 3.0• Windows Server 2008 / Windows 7 / Windows Server 2008 R2

(+Server Core)

• Windows PowerShell Web Access• Access to PowerShell via web browser interface• Cross-platform support (IE, Firefox, Safari, Opera, Chrome)

Windows PowerShell 3.0 Themes

Simple & Easy v3.0 -gt v2.0

Robust & Scalable

Comprehensive Coverage

Standards-based

Windows PowerShell ISEIntegrated Scripting Environment

• IntelliSense• Snippets• Add-on Tools• Show-Command pane• Regions• F1 Help window• Rich copy & block select• Single pane I/O• AutoSave support• XML syntax highlighting• Debugger enhancements• Recent items list

IntelliSense

Simple & Easy for New Users

Windows PowerShell ISE• IntelliSense• Tab completion• Editor

enhancements• Autosave

support• Snippets

Command Discovery• Get-Command

discovery cache

• Automatic module importing

• Show-Command

• Run with PowerShell

Help System Improvements• Updatable help• Contextual F1• Get-Help ˗ShowWindow

• Word wrap in help output

Syntax & Language• Simplified

Where & ForEach

• $PSItem alias for $_

• Array syntax for singletons

• Get-ChildItem

Simple & Easy for Existing Users

ETS

Ordered hash tablesNew objects fromhash tablesAdd-Member improvementsDefault properties oncustom objects

Types & Formats

Dynamic types & formatsTypecasting deserialized objectsTypecasting parameter valuesHeterogeneous object formatting

Cmdlets

Custom parametervalue defaultsSelect-String improvementsSpecial character handlingLiteralPath support forcore cmdlets

ISE

XML syntax highlightingCommand + output insingle paneOut-GridView -PassThruRestart Manager support

Windows PowerShell 3.0 Themes

Simple & Easy v3.0 -gt v2.0

Robust & Scalable

Comprehensive Coverage

Standards-based

Intro to RemotingTypes of Remoting

Command Why

Interactive Enter-PSSession Like I’m on that computer

Background

Invoke-Command -AsJob When it’s going to take a while

FanOut Invoke-Command –Computer

When I need to do it on a lot of computers

FanIn Import-PSSession -Session

Brings that computer “local”

…and… Sessions

New-PSSession Enables a persistent connection

Robust Session Connectivity• Remote sessions remain in a "Connected" state during transient

network glitches or failures for up to 3 minutes• After 3 minutes, remote sessions automatically transition to a

new "Disconnected" state• Persistent commands and jobs can continue to run even if the

session is disconnected• Client can reconnect to a disconnected session after network

connectivity with the server has been restored• Cmdlets for managing disconnected sessions:• Disconnect-PSSession: Manually disconnects a session connection from a remote

computer• Connect-PSSession: Reestablishes a session connection with a remote computer• Receive-PSSession: Resumes execution of a command on a remote session and

retrieves the session output.; implicitly reconnects to session (without Connect-PSSession command)

Simple & Easy Delegated Administration• Session Configuration Files• Easy remote endpoint creation• Uses .psd1 PowerShell data files• Declarative name-value pairs• No scripting required

• RunAs• New settings within WSMan plug-in• RunAsUser & RunAsPassword• Allows running remote sessions with different creds

• SharedHost• Normally each session runs in a separate process• Allows multiple remote sessions to run in same process

Scheduled Jobs• Job Scheduling allows you to schedule the

execution of a PowerShell background jobSupport for a rich set of triggers

Once at a specific date & timeDaily, weekly, or custom interval (day, week, month)With a specific repetition duration or intervalAt log on, at startup, or with a random delayUnder a different user account

New PSScheduledJob module with 16 cmdlets*-JobTrigger to create scheduled triggers*-ScheduledJob to register, unregister, and change scheduled job definitions*-ScheduledJobOption to configure advanced settings*-Job to retrieve results from scheduled, workflow, and background jobs

PowerShell WorkflowMulti-machine orchestration engine built on Windows Workflow Foundation and .NET 4.0• Launch-able from command-line or SC Orchestrator• Reliably execute long-running management tasks

across multiple machines or IT processes• Robust: Able to suspend & resume individual workflows, survive machine

reboots• Performant: Connection pooling, workflow throttling, and shared hosting• Scalable: Execute multiple tasks in parallel, common parameters for multi-

machine• Reliable: Automatic connection and action retry with configurable intervals• Familiar: Author workflows as PowerShell scripts or using XAML, manage as

PSJobs

Configuration and Continuous Deployment

Intent EnvironmentConfiguration(Dev -> Test -> Production)

$WebConfigEnv = @{ ComputerName = $VMServerNames Name = 'FourthCoffee'} …

Structural Configuration

$WindowsFeature = @{ Name="Web-Server", "Web-ASP-NET45" Ensure="Present"}…

Make It So Idempotent Automation

foreach -parallel ($featureName in $Name){ $feature = Get-WindowsFeature -Name $featureName if(($Ensure -eq "Present") -and (!$feature.Installed)) { Install-WindowsFeature -Name $featureName } ….}…

Windows PowerShell 3.0 Themes

Simple & Easy v3.0 -gt v2.0

Robust & Scalable

Comprehensive Coverage

Standards-based

STANDARD: Common Information Model• CIM: Common Information Model• Open standard defined by the Distributed Management Task Force

(DMTF) for managing systems, networks, applications, and services• CIM Schema - standardized model for management objects:

processes, computers, printers, etc.• CIM Profiles - Profiles - collections of CIM models and associated

behaviors for particular management areas: power, virtualization, storage, etc.

• CIM defines a consistent way to manage everything in your environment

• WMI: Windows Management Instrumentation• Formal remote access to CIM on Windows• Common way to expose management objects from COM and .NET• WMI v1: Access to CIM over DCOM• WMI v2: Access to CIM over WS-Man• PowerShell cmdlets automatically generated from WMI v2 providers

STANDARD: WSMan• WSMan: Web Services for Management• DMTF industry standard protocol to access CIM• Defines client and server roles• Defines a common set of operations to access management objects• Works across firewalls• Implemented by various hardware and software vendors• Provides web services access to CIM on heterogeneous devices

• WinRM: Windows Remote Management• Microsoft implementation of the WSMan protocol• Exposes WMI classes via WSMan• Microsoft extensions to WSMan enable PowerShell remoting• 1-1, 1-many, many-1

Management OData IIS Extension• Open Data Protocol (OData): RESTful web protocol based on HTTP and

JSON for querying and updating data• Provides an ability to manage Windows Servers from various type of

devices : Windows, Non Windows (PowerShell is not available)• Allows to plugin Windows Server management via PowerShell into a

simplified management application experience:• By using familiar web protocol conventions • By benefitting from broad client support (Java script, PERL, .NET…)

• Processes OData requests and converts them into PowerShell invocations to perform the management function• Optional feature on Windows Server 8 for hosting PowerShell cmdlets as OData

endpoints.• Hosted in IIS; resource schema and authorization module supplied by the

customer

STANDARD: Storage Management Initiative-Spec• SMI-S: Storage Management Initiative - Specification

• Developed by the Storage Networking Industry Association (SNIA)• Ratified as ISO/IEC 24775:2011

• Windows Storage Management API• Comprehensive: Discovery, pool / logical unit / volume creation, TP, snapshots,

replication• Extensible: Supports all of SMI-S plus vendor proprietary extensions via pass-through• Partners: EMC, HP, Dell Equalogic, Dell Compellent, NetApp, HDS, LSI, IBM, Xiotech

Complete set of PowerShell cmdlets for all API operations

Windows PowerShell 3.0 Themes

Simple & Easy v3.0 -gt v2.0

Robust & Scalable

Comprehensive Coverage

Standards-based

Top Votes on Connect

• Bug with Default Formatter• *-item cmdlets ignore items containing "[]" • Square Bracket "Range" globbing is a BUG not

a FEATURE• Can’t redirect all the output pipelines• Get-ACL (and some other cmdlets) need

support for the LiteralPath parameter• Get-Command doesn't show function if 2

modules are loaded that have same function name

• Get-Command doesn't display information about duplicate commands

• Foreach should not execute the loop body for a scalar value of $null

• Default properties on custom objects • Select-Object optimization• Set-AuthenticodeSignature fails on scripts

created from ISE• Multiple ambiguous overloads• Move-Item cmdlet can’t move items between

different PSDrives• Same command with different output fails if

run in sequence

Capture Warning, Verbose, Debug and Host Output via alternate streamsAdd enumeration parameter to Get-ChildItem cmdlet to specify Container/Non-container/Bothdir -ad and other Get-ChildItem improvements Make it easier to create custom objectsOrdered hashes as an optionModules: Unable to determine script module filename at load time (there should be a $psmoduleinfo)Get-Command and Get-Help should display the ModuleNameMVP: Get-Module output should sort by name by defaultPSV2: Lazy pipeline - ability for cmdlets to say "NO MORE"Add auto-variable $PSScriptRootScript Logging needs to be improvedImport-Csv should have -Encoding parameteradd an -Append Switch to Export-CSVTee-Object Needs -Append parameterAdd "sst" alias for Select-String cmdlet

Bugs Suggestions

Partner Feedback• .NET 4.0 / CLR 4.0 support• Updatable help system• Performance improvements and public AST• Disconnect / reconnect of remote sessions• Calling cmdlets from cmdlets• Batch command invocation• Module cmdlet improvements• Runspace pool cleanup API• Add/remove dynamic type and format data• Paging APIs for cmdlets• ETW logging• Generic method invocation

Call to Action• Windows PowerShell 3.0 provides a comprehensive,

resilient, and simple way to automate the management of servers in your network

• Pick up the RTM bits today• Windows 8• Windows Server 2012 • Windows Management Framework 3.0

THE END

Evaluation

Complete your session evaluations today and enter to win prizes daily. Provide your feedback at a CommNet kiosk or log on at www.2013mms.com.Upon submission you will receive instant notification if you have won a prize. Prize pickup is at the Information Desk located in Attendee Services in the Mandalay Bay Foyer. Entry details can be found on the MMS website.

We want to hear from you!

Resources

http://channel9.msdn.com/Events

Access MMS Online to view session recordings after the event.

© 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.