Error Handling, Part 1: Overview

It happens to all of us: our perfect script will run in to something it doesn't understand, doesn't know how to deal with, and out comes the red text.  It was probably something simple, like someone mistyped the command, or that file was moved by someone trying to be "helpful".

Whatever the reason, you find yourself looking at a garbled mess of angry red text.  Or, even worse: it was a script you had running automatically, and now you have no idea what went wrong.  Fortunately, PowerShell comes with many ways to deal with errors.

Error Handling isn't a sexy or fun topic, but it is vital to writing good scripts.  In this series, I hope to give you enough to get started.

Read More

State of the Bear

It's been a while since my last post, so I thought I'd say a few things about what I've been up to the last few months.  While I may not have posted here, I have been quite busy, and working on a lot of other things.

A lot of what I've been doing is just using PowerShell for what it does best: administering systems.  Through that, I've learned a lot and have grown my tool belt plenty, but the project I'm working on right now is probably the biggest thing I've done with PowerShell yet: I'm creating a full user management application for provisioning and disabling user accounts in both Active Directory and Office 365 to make a complex process simple for low level techs.  The most exciting part of it for me is that I'm building it as a fully functional GUI application using WPF.  I'm not using any expensive toolkit like PowerShell Studio to build it, either, so I'm building the GUI in Visual Studio (by the way, VS 2015 Community is out, and it's great!), loading it in to my script with a couple of functions I adapted from things I found online, then adding actions to the button clicks to make them execute my PowerShell code.

Through this, I've been learning a lot about WPF, how to lay out a GUI with XAML, and the .NET framework.

I'm hoping to share the things I'm learning from this, along with many other things, very soon.

Pipe output to the clipboard using clip.exe

Quick one today, a very simple trick I learned a few days ago: if you need to copy and paste your output from the console, instead of using the markup tools built in to cmd.exe, you can simply pass your output directly to the clipboard.  No big trick needed for this; just pipe the output to clip.exe and it will be put on the clipboard, ready to be pasted wherever you need.  It's built in to the OS, so you don't need to download and install anything.

Let's say I have a list of user account I've grabbed from Active Directory and saved to the variable $users, and I need to send that list in an email.  I could enter "$users" by itself on the command line, then select and hit enter to copy.  Then I would paste the list...and find I need to strip out all of the white space this creates. It's not hard, but it can be inconvenient sometimes, especially if it's a long list.

Instead, I could just run "$users | clip.exe" and get the same effect, only without jumping through hoops, without the chance of over or under selecting, and without selecting a bunch of extra white space.

It's really that easy.  Just add " | clip.exe" to the end and it will throw the screen output into the clipboard directly instead of on to the screen, and then you can paste it normally.

I really should start using GitHub

Okay, not a PowerShell thing (directly, anyway), just finding that my method of storing my code is becoming unmanageable.  Basically, what I've been doing is throwing everything in my Google Drive, which is overall very convenient, but over time is showing to be unwieldy.  Especially since, though I write a change log with my more important scripts, I have no way to go back to an old version of my code.

I already had a GitHub account, I've just not been using it.  So, depending on how things work, I'll probably start sharing more of my code from there rather than embedding it directly here, and just provide a link to it instead.

In my limited interaction with GitHub in the past, it was fantastic and fairly easy to use.  If you're looking for a way to store your code, and even collaborate, it's a great system for it.  If you're on GitHub already, I'm on there as poshcodebear.  You can find me here:

There's not much there yet, but I'm going to start migrating my code to there soon so you'll see things start to pop up.

Test execution speed with Measure-Command

When hacking away at a shell or writing a quick on-off script that will only do a handful of things and only once, knowing how fast each part works isn't that big of a deal.  When you're writing something that will get reused over and over, especially if it's something that's working against a large collection (such as, for example, running a WMI query against every computer in your domain), knowing how quickly different commands run could be quite important, especially if you're looking to improve execution speed.

To test execution speed, I use Measure-Command.

Read More

Better place to PowerShell (say goodbye to cmd.exe)

I'll be honest, I hate cmd.exe, which is what PowerShell uses by default.  It's functional, but crude, old fashioned and basic. I had been using ConEmu for some time, and it's an excellent product, but I ran into another that I feel fixes all of the problems with cmd (and even the last nagging issue I had with ConEmu): Cmder.  It uses ConEmu for the console emulator, it's completely portable, and when you just need a windows command prompt (rather than PowerShell), it gives you a Bash-like shell experience (unfortunately, trying to get the bash-like enhancements to work in PowerShell broke tab completion for PowerShell cmdlets for me, so I had to stick with PowerShell style tab completion).

Anyway, it's a great functioning, great looking console emulator, and I highly recommend giving it a try.

Discovering folders with severed inheritance

What do you do when you find your network file share permissions are a little...weird?  That when you go to add permissions to a folder, some of the sub folders still remain out of reach?  Then, when you check them manually, you find that someone, at some point, disabled inheritance on that folder, and for no good reason.  Or, worse, someone set up the shares with a bunch of severed inheritance, mainly because they didn't know how to manage folder permissions well.

Whatever the reason, knowing where inheritance is severed in your file shares is not only useful, but critical to properly manage your shares.  To discover those inheritances, just go through each folder, one by one, and write down each one tha...

Wait!  There's got to be a better way to do this!

Fortunately, Get-Acl is here to help.  The AccessControl.DirectorySecurity objects it returns for folders has a property called "AreAccessRulesProtected", which when set to True, means inheritance is disabled.  So, I wrote a quick script to help locate and document this.  Note that you will need to be using an account with at least read permissions to all of the folders you are targeting; also, I've done this for a single server with multiple shares, each share I've put in a text file.  It will be easy to modify that as you need. 

When will you be 1 billion seconds old?

I was watching this video from Neil deGrasse Tyson where he explains just how rich Bill Gates is (it's a fun video to watch, check it out here:  In it, he talks about how old you will be when you've reached your billionth second (it's close to 32 years, BTW), and mentioned having taken the time to compute this, and that someone will probably write an app to do this.

So of course, I said "that should be easy enough for PowerShell!".  It was.  Ridiculously easy, in fact.  So, for some fun, you, too, can quickly calculate when you can celebrate your billionth second!  (I used some sample data not actually linked to anyone's birthday that I know)

Note that the time is in 24 hour format (though you can use 12 hour format by adding AM or PM to the end), and that the date is the US standard format, so if your localization is different, you'll probably need to use your localized standard.

Whoever has the above birthday will celebrate their 1 billionth second on Saturday, April 24, 2021 at 7:41:40 PM.

Find-PCBCrypto: Function to aid in finding CryptoLocker encrypted files

CryptoLocker is a nasty beast of a bug causing all manner of havoc.  If it's done nothing else, one positive impact it has had on IT is that we're making sure our backups aren't being ignored.

One of the hardest parts still, though, is finding what got hit, and who got hit, and in a timely enough manner to minimize the damage done.  Part of that problem is that there is no scanner that can definitively detect CryptoLocker encrypted files, specifically because they just look like any encrypted file; there is no virus fingerprint to be had.

So, how to scan for its fingerprints proactively?  It seemed like a nearly impossible task (I'm no malware expert, so figuring out how to detect something like this isn't my forte).  When I started digging in to the problem, though, I did learn a few key pieces to the puzzle.

Read More