Speaking at Microsoft Ignite

I have got the opportunity to speak at Ignite again, this will be my third year I will do a session on this gigantic conference!

I have a Community Theater Session where I would love to have you as a guest if you will also be there and have some time for this topic!

“Using a PowerShell release pipeline for a real-world service provider delivery in Microsoft Azure”

Delivering managed services for a service provider can be cumbersome and often the quality and reliability is not first priority. Utilizing PowerShell and Desired State Configuration makes it repetitive, versionable, and testable! In this real-world case we have implemented a release pipeline to make sure that PowerShell scripts, modules, and dsc configurations are tested before put into production use in Azure Automation.

here you can find it in the session catalog

It is scheduled on Tuesday 4:05-4:25

Lets try to get SMB1 to die …. at least in my lab..

This last weekend there have been quite a buzz about the ransomware that been spreading like the plague based on the fact that there are still so many unpatched servers and clients running windows from the stone age. We can also discuss for a while why in Windows 10 and Windows server 2016 the SMB1 protocol is still enabled and needs to be turned off? One alternative could have been to say that if you want to use this 30 year protocol you would need to enable it and thus knowing the risk and taking that into account when deciding for the legacy track

One way of beeing safe is to of course turn of the computer but that works how long?

In my lab environment I have the luck to only use WIndows 2012 R2 and above, I need to get the computers from the AD and also remove the FS-SMB1 role. The quickest way is to just disable the SMB1 protocol, you know there are users in an ordinary world that kind of does not want servers to be restarted whenever and removing the feature does need a reboot…  So first disable the protocol now and then remove the role when it is time to do the magic reboot


Replace a AD DC without gui and using PowerShell Direct

So in my home lab I had a DC going out of time (it was a technical preview of 2016) and needed to be replaced and I wanted to do it the right way and not login to the console/gui on the actual DC to it once during the removal and deploy of a new one!

So firstly I had to decommission it as a DC and then I created a new image from the media

After this I started the new DC-VM, to use the PowerShell Direct I had to activate the “Guest Service Interface”. one cool thing is when using PowerShell direct I can set the IP address on the NIC within the VM without getting disconnected as I would have been otherwise if using a ordinary powershell remoting session!

When the DCPromo was successfull I could check on the node that it was replicating okay

Looking at the deployment of Azurestack it is during the process utilizing PowerShell Direct and it is a killer feature 😀

Happy PowerShelling!

Updating Pester module to 4.0.2

I was going to do some Operational Testing development in an environment and did see that the new Pester 4.0.2 RC had been released on the PowerShell Gallery!

Woop Niiice, but ey I had already on my newly provisioned Windows Server 2016 the version 3.4.0 of the module and when trying to install from the gallery it complains about the catalog signing..

I wanted to uninstall the 3.4.0 but that one had not been installed with the PowerShell Get so I could not use the Uninstall-Module -Name Pester

So I used the Remove-Item instead, looking at the module base path I could use that one for removal of the folder and files of the 3.4.0 module and then install the 4.0.2

Now back to creating some lovely test files but this time with the 4.0.2 RC version 🙂

Pester Operational Testing results to Slack take2

So I have been doing some work in the infrastructure as code space and I have been utilizing Operational testing with Pester to make sure that the environment is configured and working as intended.

I used Irwin´s work in Active Directory tests and adding several other parts for SQL etc so it would do the tests that was applicable for us! Then I scheduled it to run every day at 9 AM and reportunit created nice html reports like Irwins that was sent to operations email box as an attachment.

Now I got a new request from one of the recipients that they wanted it in a Slack channel instead so I used the Warrens Slack module like Irwin.


So far so good! Though when I had an failed test we did not get any more information in the slack message and we would need to go to the mail and open the Nunit html report to find out what pester tests actually was failing and that is lame right?!

How could I add that information in the slack message so we got to know what tests failed from the same place? Here I had to add a some code to Irwins to make it also display some meaningful information, which in the extension could be utilized by a chatops bot 🙂


As you can see only if I will get more than 0 failed tests I create an array of the errors and then send them as one message

Happy Operations Testing!


Download SysCtr 2016 VHD eval with PowerShell

Hi and hello,

As you maybe know by now the System Center 2016 suite and Windows Server 2016 was released this week during the Ignite conference in Atlanta

I have updated my script that you can use to download the Evaluation VHD´s with all System Center 2016 roles in an easy format ready to import into Hyper-V

Enjoy and start playing!


PowerShell disappeared or…..

Utilizing the mighty Irwin´s Operation testing in the environment I am building and administrering right now is great success. I have set up a scheduled task that runs every morning and giving me a nice report about the status of the environment and if someone have done reconfigurations or just services being down for any reason.

This week though the scheduled task started to failing.

Apparently someone had done some mistreatment to my environment path so the powershell.exe could not be found any more from CMD thus the scheduled task failing..

Screen Shot 2016-09-02 at 11.11.39

First off I could see that a %path% had snuck into, in CMD ECHO %path% shows all paths so some failure during a PS-script as in powershell %path% does not give love in the same way as the cmd console.

There could be other ways but one easy way is to find another server having the path untouched and removing the %path% from this server and adding the right way to system32 and powershell….

Screen Shot 2016-09-04 at 17.15.47

And then to correctly set the path (if you just use $env:path = $real It will only set it for the current session and not being persistent and in this case it is not enough :

Screen Shot 2016-09-04 at 17.16.32

And once that have been done I could verify that powershell was once again found within the CMD

Screen Shot 2016-09-02 at 11.17.31

PowerShell opensourced woop woop

You might have noticed on twitter and other media that now PowerShell has been released as open source and also available not only for your windows environment but also now for Linux and OS X 🙂

The release is available on Github and go there to get your preferred package for your OS! Read the instructions and be aware that this is the first step and the packages for the non-windows is in alpha!

I have a Mac with OS X and have of course installed it

Screen Shot 2016-08-18 at 16.08.36
Screen Shot 2016-08-18 at 16.09.34

Read some more on Snovers blog post here if you want some more insight in why and how and also some cool demos !

Happy powershelling!!

Explorations within AWS – Setting ACLs on temporary SSD store for SQL

I have been quite busy lately and not had the time to update the blog so much that I wanted but I will try to add some posts during the summer!

In the project I am right now we are setting up environments in Amazons cloud AWS. I have used their images AMI for a SQL Always On cluster that spans over two nodes.

The AMI is preinstalled with SQL and ready for incorporation in an domain and the Enterprise version can be used with the r3.2xlarge r3.4xlarge and r3.8xlarge.

Screen Shot 2016-07-15 at 23.01.47

As you can see each of them have an SSD instance storage that can be used as a temporary volume which suits SQL tempdb perfectly. Just go into the SQL configuration and point its tempdb to the temporary storage! The MSSQL service account is a domain account without administrative rights on the server so that is why I explicit set the rights for the volume…

As the AWS documentations clearly tells us:

An instance store provides temporary block-level storage for your instance. This storage is located on disks that are physically attached to the host computer. Instance store is ideal for temporary storage of information that changes frequently, such as buffers, caches, scratch data, and other temporary content

You can specify instance store volumes for an instance only when you launch it. The data in an instance store persists only during the lifetime of its associated instance. If an instance reboots (intentionally or unintentionally), data in the instance store persists. However, data in the instance store is lost under the following circumstances:

  • The underlying disk drive fails
  • The instance stops
  • The instance terminates

So I created a small powershell script that runs each time the instance boots to set ACL´s on that volume for the SQL to be able to create its tempdb files. No tempdb files = no sql service running….

And this is set up as a powershell job that triggers on the server booting

Happy AWS´ing!