It seems the ID in filterhashtables for get-winevent is limited to max of 23 items in the array.

Please test this out to see

# there are 23 items in the list.  the last id is a real id that will return results so you can see.
# just hit ctrl-C to cancel since it could take a long time to list all those events
$IDs = 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,4648
get-winevent -filterhashtable @{logname="security"; ID = $IDs}

# now add a 24th item to the list and run cmd again and notice you get no results
$IDs = 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,4648,24
get-winevent -filterhashtable @{logname="security"; ID = $IDs}

WHY?  Seems to be a hardcoded limit that is undocumented?

Hi,

is there a powershell commandlet to distinguish witch RDS Broker is the actual
"Active RD Connection Broker Server" ?

RDS powershell commandlets need active broker name
we've for now two brokers in round robin mode.

but the powershell commandlets don't run when the dns round robin entry is passed on the commandlet
(I guess this is normal as I've understood that although the broker runs as a cluster to reply to user connections,
 only one broker is active for administration 'powershell commandlets ...' ) => Am I wrong ?

I'm using powershell to do administration tasks and the only way I found today
is to have written following code into any of my scripts ...

#Get Active Brk
  try
  {
   $ActiveCBroker = Get-RDConnectionBrokerHighAvailability -ConnectionBroker rds-brk1.contoso.net -ErrorAction Stop
   $ActiveCBroker = ($ActiveCBroker | Select-Object  ActiveManagementServer)
   $ActiveCBroker = $ActiveCBroker.ActiveManagementServer
  }
  catch [Microsoft.PowerShell.Commands.WriteErrorException]
  {
   $ActiveCBroker = Get-RDConnectionBrokerHighAvailability -ConnectionBroker rds-brk2.contoso.net -ErrorAction Stop
   $ActiveCBroker = ($ActiveCBroker | Select-Object  ActiveManagementServer)
   $ActiveCBroker = $ActiveCBroker.ActiveManagementServer
  }
  write-host $ActiveCBroker 

# use $ActiveCBroker into any of my commandlets .... ;) 
...

Thanks.

MCTS Windows Server Virtualization, Configuration

 Invoke-Command -ComputerName $computer -Authentication Kerberos -ScriptBlock { & cmd /c "msiexec.exe /i c$\download\msi\msxml.msi" /qn ADVANCED_OPTIONS=1 CHANNEL=100}

This is not a question but a comment about passing parameters to an auto-elevated script.  There are many examples out there about how to auto-elevate a script so it is running as Administrator but I could not find any examples about passing the parameters from the normal script to the auto-elevated script. 

I finally figured it out through some trial and error so for those that have been searching for a similar solution, here you go...

(If this has been posted elsewhere, please let me know because I have not been able to find it anywhere)

# Check if script is running as Adminstrator and if not use RunAs
Write-Host "Checking if the script is running as Administrator"
$IsAdmin = ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]"Administrator")
if (-not $IsAdmin){
    Write-Host "The script is NOT running as Administrator, restarting PowerShell as Administrator..."
    $cmd = $MyInvocation.MyCommand.Path + " -Parameter1 $Parameter1 -Parameter2 $Parameter2 -Parameter3 $Parameter3"
    $arguments = "-NoProfile -NoExit -Command ""& {$cmd} """
    Start-Process "$psHome\powershell.exe" -Verb Runas -ArgumentList $arguments -WorkingDirectory $localpath -ErrorAction 'stop'
    Break
}
else{
    Write-Host "The script is already running as Administrator"
}

Am I supposed to have DNS tools installed or something to be able to utilize Root\MicrosoftDNS name space? Command below fails both on Windows 2008 and Windows 2012

PS C:\WINDOWS\system32>  Get-WmiObject -Class MicrosoftDNS_AType -NameSpace Root\MicrosoftDNS
Get-WmiObject : Invalid namespace "Root\MicrosoftDNS"
At line:1 char:2+  Get-WmiObject -Class MicrosoftDNS_AType -NameSpace Root\MicrosoftDNS+  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ CategoryInfo          : InvalidArgument: (:) [Get-WmiObject], ManagementException+ FullyQualifiedErrorId : GetWMIManagementException,Microsoft.PowerShell.Commands.GetWmiObjectCommand

Hi All.

I hjave a Ps script that I use to wipe off data from SQL servers as aprt of a decom process.

The script is as follows.

get-childitem F:\ -include *.ldf,*.mdf,*.ndf,*.bak,*.trc,*.txt,*error*,*sqlagent*,*system_heal*,*xel*,*bak*,*logs*,*.mdmp*,*cer* -exclude *System* -recurse | foreach ($_) {remove-item $_.fullname -Force   }

At the moment, it runs into issues with a folder. I would either like to delete the folder as well or actually exclude it. Also as an improcement to the script, I would want it to display the list of files it has deleted.

The error that I get is as follows.

remove-item : Access to the path 'F:\System Volume Information' is denied.
At line:1 char:155
+ ...  foreach ($_) {remove-item $_.fullname -Force   }
+                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : PermissionDenied: (F:\:String) [Remove-Item], UnauthorizedAccessException
    + FullyQualifiedErrorId : RemoveItemUnauthorizedAccessError,Microsoft.PowerShell.Commands.RemoveItemCommand

Confirm
The item at F:\ has children and the Recurse parameter was not specified. If you continue, all children
will be removed with the item. Are you sure you want to continue?
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"):

Thanks in advance.

Background: I am trying to figure out a way to automatically assign a telephone number to a user in Lync based on a set of DID block assignments provided by our ISP.

I realize that using the PowerShell range command probably isn't the way to go because it stores it as an integer as opposed to a string. In addition, trying to use more than 10 digits presents an error. I am wondering if there is an alternative way do get a range of numbers?

My current script works somewhat, but I'd like to get your opinions. I am currently doing something like this:

$Block = XXXXXXX..XXXXXXX| ForEach-Object { "tel:+1XXX$_" }
$Used = Get-CsUser | Where { $_.LineURI -like 'tel:+1XXX*' } | Select -ExpandProperty LineURI | Sort
$Available = Compare $Block $Used

So I've created a script for disabling exchange mailboxes and moving them to a disabled OU in AD.  I currently have this set to run once a week via scheduled tasks but instead would like to kick it up to nightly and improve on the logging.

Right now, the only items I record are the name of the person and the OU they were originally in.  I'd also like to include the groups they were a member of.  I could easily enough include all the groups they were a member of in the email but here is the twist.

Since we are going to a nightly run of this script, we would want to keep at least a weeks worth of logs in a text file as a just in case.  After a week, the log would be cleared.  I know that would be a counter but I can't even wrap my mind around how that would work.  Is it even possible?

#Finds all users who have the AD attributes
#	wWWHomePage = Updated_by_GroupID
#	msExchHideFromAddressLists = True
#	msExchHomeServerName not empty
#	emailaddress contains @MyDomain.com
#   useraccountcontrol = 514 (disabled)

Import-Module ActiveDirectory
add-pssnapin Microsoft.Exchange.Management.PowerShell.E2010

#Declare Variables
$users = $null
$ADgroups = $null
$username = $null
$user = $null
$LogFile = "C:\Scripts\TerminateUsersLogFile.txt"
$LogFile2 = "C:\Scripts\UserNamesMovedtoDisabledOU.txt"
$EmailLogTo = "myEmail@MyDomain.com"

#Generates log file
Start-Transcript -path $LogFile

#Performs search for all users in AD filtering only AD user with wWWWHomePage = Updated_by_GroupID, msExchHideFromAddressLists = True, msExchHomeServerName not empty and emailaddress contains @MyDomain.com
$users = Get-ADUser -properties name, emailaddress -Filter {(HomePage -eq "Updated_by_GroupID") -and (msExchHideFromAddressLists -eq $true) -and (emailaddress -like "*@MyDomain.com") -and (msExchHomeServerName -ne "$null") -and (useraccountcontrol -eq "514")}
$users.name -Replace '^cn=([^,]+).+$','$1'

#loops through all users
foreach ($user in $users){

$user.name -Replace '^cn=([^,]+).+$','$1'

#Copies the current OU into the Notes field in the AD User Object.
$newvar = ($user).distinguishedname
set-aduser $user -replace @{info="$newvar"}

# Removes user from all AD groups except Domain Users.
$ADgroups = Get-ADPrincipalGroupMembership -Identity $user | where {$_.Name -ne "Domain Users"}
Remove-ADPrincipalGroupMembership -Identity "$($user)" -MemberOf $ADgroups -Confirm:$false

#Disables their Exchange Mailbox.
Disable-Mailbox -Identity $user.EmailAddress -Confirm:$False

#Moves their AD user object to disabled OU.
Move-ADObject -Identity "$($user.DistinguishedName)" -TargetPath "Disabled Users OU" -Confirm:$false

Write-Output $user.name >> C:\Scripts\UserNamesMovedtoDisabledOU.txt

}

Stop-Transcript

# Email the log file
$emailFrom = "MyEmail@MyDomain.com"
$emailTo = $EmailLogTo
$subject = "Terminated Users Cleaned in AD"
$content = Get-Content $LogFile2 | ForEach-Object {$_.Split("`r`n")}
$body = [string]::Join("`r`n",$content)
$smtpServer = "SMTP.MyDomain.com"
$smtp = new-object Net.Mail.SmtpClient($smtpServer)
$smtp.Send($emailFrom, $emailTo, $subject, $body)

clear-content C:\Scripts\UserNamesMovedtoDisabledOU.txt

I am going to do a SharePoint upgrade this weekend from 2010 to 2013.

I need this script to run against every Active Directory user automatically, not just one at a time. How do I get this get this script to do that? I figure I create a pipeline, I just don't know where.

Here is the script:

Please help me! Thank you!

Hi,

I tried to insert Pipe-Delimiters at positions in text file, but i get this error, please some can help sort it.

$path ="c:\bkps\sample.txt"
$Positions=@(2,9,16,32)
$dat = Get-Content $path
$Positions | foreach {$dat
$dat=$dat.Insert($_,'|')
}
$dat > $path

Method invocation failed because [System.Object[]] doesn't contain a method named 'Insert'.
At line:5 char:17+ $dat=$dat.Insert <<<< ($_,'|')+ CategoryInfo          : InvalidOperation: (Insert:String) [], RuntimeException+ FullyQualifiedErrorId : MethodNotFound

Hi,

Is it possible to replace all first character of every word in a string with UpperCase?

$="autocad lite"

Should look "Autocad Lite" .

Thanks,

François

Hi All,

I'm conducting an audit of all folders on network shares that are spread accross several servers.  I'm very new to PS but from my research I have put together the following:

Get-ChildItem \\server\share -Recurse | Where-Object{($_.psiscontainer)} | Get-Acl | select-object path -expandproperty access | Export-CSV results.csv

This has been working ok but I hit an 'unauthrosied operation' error when it trys a folder that I do not have permissions to (i'm running as domain admin).  That's fine but it's a termination error which I can't seem to work around.  I have tried things like -ErrorAction SilentlyContinue but it just stops without producing the error and will not continue.  I have also tried a try and catch which I found on Technet but can't seem to get the -recurse to work:

$fse = Get-ChildItem \\server\share -recurse | Where-Object{($_.psiscontainer)}
$fse | %{$f=$_; try { get-acl $_.FullName } catch { Write-Warning "Failed to access $($f.FullName)" }}

I've tried my best to get the code to continue after the error but I just can't see what I am doing wrong.  Any ideas?

Also, I have many many shares to test which are all listed in a spreadsheet.  I'm been trying to research how I can use this spreadsheet instead of writing in the server and share for every one I want to test.  However this is now going way above my head and I can't get anywhere near to a semi-working example.  Is there a way I can use the above to reference a spreadsheet and test each share that is listed?

Many Thanks.

Hi all, i am having trouble testing this out, basicaly i have a big array of citrix sessions that i want to send messages to, so i chunk that array into 80, leaves me with about 100 sessions per, i think the chunking is workng fine its the jobs i am not sure if its running through all of them... I just want to make sure if 8000 variables are going in, it runs through 8000 variables and performs the operation

Code:

Add-PSSnapin Citrix.XenApp.Commands -ErrorAction SilentlyContinue
$env = "test"
$all = get-xasession -BrowserName $env | ? {($_.state -ne "listening") -and ($_.sessionname -ne "console")}
#split the list
$n = 80
$chunks = @{}
$count = 0
$all |% {$chunks[$count % $n] += @($_);$count++}
0..($n-1) |% {
start-job -scriptblock {
    ForEach ($session in $args){
    Add-PSSnapin Citrix.XenApp.Commands -ErrorAction SilentlyContinue
    Send-XASessionMessage -SessionId $session.SessionId -ServerName $session.ServerName -MessageTitle "Message from Citrix Admin" -MessageBody "test"
}
} -ArgumentList $chunks[$_] > $null
}

Could someone take a look and run a possible test?

Thanks

I am trying to get a list of active users in AD who are a member of any group with the word Citrix in the name. Having an issue with piping between GetAdUSer and Get-ADGroupMember. This is the script that I am trying to use:

$Groups = Get-ADGroup -filter {Name -like "Citrix*"} | Select-Object Name
ForEach ($Group in $Groups)
   {write-host " "
    write-host "$($group.name)"
    write-host "----------------------------"

 Get-Aduser -Filter {enabled -eq "True"} | Get-ADGroupMember -identity $($group.name) -recursive | Select-Object samaccountname
| Out-File C:\temp\Citrix4.txt 
}

Any help would be greatly appreciated.

Hi Guys,

New to powershell, i am trying to build a CSV with multiple Events i pull from multiple logs.

I'm having a problem appending an Array, it seams that at each append (+=) my array get re-written with all the information from the current stage (instead of just a new record)

p.s. I was trying to get all the results in one shot, but gave up :( i can't figure out how to use join to combine both records when there is multiple results and i cant get my evtcn query to give me the table i want... i will rework this when my experience is higher :) in the meantime += should work no?

here is an exemple:

$Myresults = @()
$Myresult = New-Object PSObject
 

#counts nb of repetition the event is found. 
$evtcn=Get-WinEvent  -logname application -filterxpath "*[System[Provider[@Name='MSExchangeIS'] and (EventID=9782) and TimeCreated[@SystemTime>='2014-11-02T13:30:00.000Z' and @SystemTime<='2014-11-03T13:30:00.999Z'] ]]" | select-object -property id,logname,providername |  Group-Object | Where-Object {$_.Count -gt 0}

$error.clear()  # clears error "log"
# get 1 exemple of EventID 9782

$evt=Get-WinEvent  -logname application -filterxpath "*[System[Provider[@Name='MSExchangeIS'] and (EventID=9782) and TimeCreated[@SystemTime>='2014-11-02T13:30:00.000Z' and @SystemTime<='2014-11-03T13:30:00.999Z'] ]]" | Select-object -Property id,logname,providername,timecreated,message | sort id -unique
if ($error.count -eq 0) # if it finds an event, add to a temporary object to combine both results
{
   add-member -InputObject $myresult -MemberType NoteProperty -Name id -Value $evt.id -force
   add-member -InputObject $myresult -MemberType NoteProperty -Name timecreated -Value $evt.timecreated -force
   add-member -InputObject $myresult -MemberType NoteProperty -Name logname -Value $evt.logname -force
   add-member -InputObject $myresult -MemberType NoteProperty -Name providername -Value $evt.providername -force
   add-member -InputObject $myresult -MemberType NoteProperty -Name message -Value $evt.message -force
   add-member -InputObject $myresult -MemberType NoteProperty -Name nboftimesfound -Value $evtcn.count -force
   $myresults += $myresult  # add results to my final array.
   $myresults # displays current state of array (added this so i can figure out whats going on)
}
 
 # redoes the code with a different EventID.
$evtcn=Get-WinEvent  -logname System -filterxpath "*[System[Provider[@Name='USER32'] and (EventID=1074) and TimeCreated[@SystemTime>='2014-11-02T13:30:00.000Z' and @SystemTime<='2014-11-03T13:30:00.999Z'] ]]" | select-object -property id,logname,providername |  Group-Object | Where-Object {$_.Count -gt 0}
$error.clear()
$evt=Get-WinEvent  -logname System -filterxpath "*[System[Provider[@Name='USER32'] and (EventID=1074) and TimeCreated[@SystemTime>='2014-11-02T13:30:00.000Z' and @SystemTime<='2014-11-03T13:30:00.999Z'] ]]" | Select-object -Property id,logname,providername,timecreated,message | sort id -unique
if ($error.count -eq 0)
{
   add-member -InputObject $myresult -MemberType NoteProperty -Name id -Value $evt.id -force
   add-member -InputObject $myresult -MemberType NoteProperty -Name timecreated -Value $evt.timecreated -force
   add-member -InputObject $myresult -MemberType NoteProperty -Name logname -Value $evt.logname -force
   add-member -InputObject $myresult -MemberType NoteProperty -Name providername -Value $evt.providername -force
   add-member -InputObject $myresult -MemberType NoteProperty -Name message -Value $evt.message -force
   add-member -InputObject $myresult -MemberType NoteProperty -Name nboftimesfound -Value $evtcn.count -force
   $myresults += $myresult
   $myresults
}
 
 #export results to a CSV
$myresults | Export-CSV "D:\scripts\eventlog.csv"
"done" | out-file -filepath D:\scripts\evtdone.txt

Anthony Cartier-Info

Hi,

Can anyone point me in the right direction.

I want to modify and ACL on a remote server, but i cannot assign a variable inside the invoke-command where i'm also refferencing an local variable.

When the first invoke-command is ran i get an error:

A Using variable cannot be retrieved. A Using variable can be used only with Invoke-Command, Start-Job, or InlineScript in the script workflow. When it is used with Invoke-Command, the Using variable is valid only

$DriveFunctionDirectoryStructure="z:\projects\1"

-Session$s-ScriptBlock{$acl=get-acl$using:DriveFunctionDirectoryStructure}

-Session$s-ScriptBlock{$acl.SetAccessRuleProtection($using:True,$using:ToggleAccessRuleFlag)}

-Session$s-ScriptBlock{Start-Sleep-Seconds5}

-Session$s-ScriptBlock{$rule=New-ObjectSystem.Security.AccessControl.FileSystemAccessRule("localdomain\$using:groupName","$using:AccessOption","ContainerInherit, ObjectInherit","None","Allow")}

-Session$s-ScriptBlock{$acl.AddAccessRule($rule)}

-Session$s-ScriptBlock{Set-Acl$using:DriveFunctionDirectoryStructure$acl}

Hi, as the title suggest, I want to explicitly use PowerShell 2.0 to execute scripts and commands, why? Because SharePoint 2010 only supports PowerShell 2.0. So my problem:

I have SharePoint 2010 installed on a Windows Server 2012 (with PowerShell 4.0 as default). When I execute a SharePoint PowerShell command on the server, it only works when I go to a PowerShell 2.0 console (powershell.exe -v 2). But when I am on another server and start a PowerShell 2.0 console, the remote session I create with e.g. Enter-PSSession is always PowerShell 4.0, the version of the host. This will prevent me from executing SharePoint commands remotely

So my question is, is it possible in some way to force a specific version of PowerShell with a remote session?

I am seeing a series of four errors pop up in my logging routine, but only after a certain software has been installed (specifically Autodesk AutoCAD 2014 versions) and the errors are rather odd. Like this

log4cplus:ERROR Please initialize the log4cplus system properly.

And they seem to crop up at random spots within the script, not at a specific line number. I am hoping this is something from the bowels of PowerShell and someone recognizes it and can point me in the right direction to start trouble shooting.

Gordon

I have a PowerShell script to run routine maintenance on my WSUS server and it is exhibiting odd behavior that I have been unable to resolve. The script is scheduled to run every day. It performs the clean-up tasks every day and runs the database maintenance script on Sunday. The database maintenance part of the script works every time. The clean-up part will frequently report no data. If I log into the server under the account the task runs under and manually run the script it works. If I log into the server as myself and execute the task it works. If I remotely trigger the task I get the periodic lack of data. Here's my script:

$LogFile = "c:\Scripts\WSUSCleanup.log"
$LogFile2 = "c:\Scripts\WSUSDbMaint.log"
$MaxLines = 10000
$nl = [Char]13 + [Char]10

If (Test-Path $LogFile) { $LogFileData = Get-Content $LogFile -Tail $MaxLines }
Else { $LogFileData = "" }
$LogFileData += "-----------------------------------------------" + $nl + "Beginning cleanup at " + (Get-Date -Format "yyyy/MM/dd HH:mm:ss zzz") + $nl
Import-Module UpdateServices
$out = Get-WsusServer -Name wsus.domain.com -PortNumber 8531 -UseSsl | Invoke-WsusServerCleanup -CleanupObsoleteComputers -CleanupObsoleteUpdates -CleanupUnneededContentFiles -CompressUpdates -DeclineExpiredUpdates -DeclineSupersededUpdates
$LogFileData += $out
$LogFileData += $nl + "Finished cleanup at " + (Get-Date -Format "yyyy/MM/dd HH:mm:ss zzz")
Out-File -FilePath $LogFile -Encoding ascii -InputObject $LogFileData

If ((Get-Date -Format "ddd") -eq "Sun")
    {
    If (Test-Path $LogFile2) { $LogFileData = Get-Content $LogFile2 -Tail $MaxLines }
    Else { $LogFileData = "" }
    $LogFileData += "------------------------------------------------------------" + $nl + "Beginning database maintenance at " + (Get-Date -Format "yyyy/MM/dd HH:mm:ss zzz") + $nl
    cd 'C:\Program Files\Microsoft SQL Server\110\Tools\Binn'
    $out = SQLCMD.EXE -E -S np:\\.\pipe\MICROSOFT##WID\tsql\query -i c:\scripts\WSUSDbMaintenance.sql
    $LogFileData += $out
    $LogFileData += $nl + "Finished database maintenance at " + (Get-Date -Format "yyyy/MM/dd HH:mm:ss zzz")
    Out-File -FilePath $LogFile2 -Encoding ascii -InputObject $LogFileData
    }

Here is a except from the Clean-Up log:

Beginning cleanup at 2014/10/20 10:54:34 -07:00



Finished cleanup at 2014/10/20 10:57:12 -07:00
-----------------------------------------------
Beginning cleanup at 2014/10/21 10:54:05 -07:00

Obsolete Updates Deleted:0
Expired Updates Declined: 0
Obsolete Updates Deleted:0
Updates Compressed:1304
Obsolete Computers Deleted:5
Diskspace Freed:3139221020

Finished cleanup at 2014/10/21 10:57:27 -07:00
-----------------------------------------------
Beginning cleanup at 2014/10/22 10:54:01 -07:00

Obsolete Updates Deleted:0
Expired Updates Declined: 0
Obsolete Updates Deleted:0
Updates Compressed:200
Obsolete Computers Deleted:0
Diskspace Freed:582233144

Finished cleanup at 2014/10/22 10:54:52 -07:00
-----------------------------------------------
Beginning cleanup at 2014/10/23 10:54:03 -07:00

Obsolete Updates Deleted:0
Expired Updates Declined: 0
Obsolete Updates Deleted:0
Updates Compressed:154
Obsolete Computers Deleted:0
Diskspace Freed:482770256

Finished cleanup at 2014/10/23 10:54:56 -07:00
-----------------------------------------------
Beginning cleanup at 2014/10/24 10:54:03 -07:00



Finished cleanup at 2014/10/24 10:58:33 -07:00
-----------------------------------------------
Beginning cleanup at 2014/10/25 10:54:03 -07:00



Finished cleanup at 2014/10/25 10:55:39 -07:00
-----------------------------------------------
Beginning cleanup at 2014/10/26 10:54:03 -07:00



Finished cleanup at 2014/10/26 10:55:26 -07:00
-----------------------------------------------
Beginning cleanup at 2014/10/27 09:33:21 -07:00



Finished cleanup at 2014/10/27 09:35:16 -07:00

hi, there..

how to get vcpu vm with searching by vmid not by vmname?

Get-VMProcessor -VMName "VMName", but i want search by vmid. how?