We meet the third PowerShell (part I)
the Pace of development of modern technologies is such that we barely keep up. But today we'll jump ahead a little, learn about the new PowerShell v3, and look around not only the eyes but also let us touch hands.
I gathered under Hyper-V two machines on Windows Server 2012 RC, created a single-domain forest called
Also, should mention that not all the terminology I use has already been localized and is in Microsoft language portal, so I give their translation exactly as I understand these terms, and in brackets give the original title in English.
First, let's simply list is:
the
After it starts, without arguments, a window appears from which emanates the grandeur and glamour:
If you had to look for TechNet a particular cmdlet, and then use the objects .NET, here here please, all modules, all the cmdlets that look – don't want to.
Here, if you please, cmdlets managing DNS server and DNS client service, and if you choose a module, such as a network, you can view the cmdlets configure the routing table or, say, the TCP/IP settings for network interfaces.
I also tried to look for the word "share", "user", "acl", "policy", "adapter", and so on and so forth, it is interesting.
Related to the previous, but not directly independent. In PowerShell v2 in Windows Server 2008 R2, in order to perform certain operations, you need to connect a particular module, PowerShell v3 automatically determines which module is responsible for the cmdlet runs in the background of this module loads without any issues.
the
We get an error, because it is not loaded module GroupPolicy:
the
Now, if you repeat, then all is fine:
In PowerShell v3 are all well initially:
Then, as I thought, the developers have decided to bring the language to SQL, well at least traced some analogy. The fact that they introduced a new syntax for the
the
instead of
the
in my opinion, questionable.
Another thing is the
the
instead of
the
nothing, without any curly brackets with dollars-quotes.
Also, there are a couple of new operators:
The great innovation that I want to tell in the first part of this configuration session in conjunction with the administrative delegation. Actually the file is a configuration file with the extension .pssc, which just contains a hash table of properties and values: authorship, language, variables, function definitions, etc. In the same configuration session, there are other properties:
the
Get the picture, like this:
You can see how many adjustable parameters? You can even compare with the picture that appears when you run this command in PowerShell v2 and feel the difference.
But how to use it? And I'll show you, I confess, I long enough was picked to write these few lines. So, sequentially executed:
the
Mind you, I have limited configuration only the module
Easy stuff, right? Limiting the modules and cmdlets inside PowerShell, we can easily in our team of administrators some employees to make responsible for DNS, others for network, and users, for example, to give the right to make snapshots of their machines on Hyper-V in VDI, and no one will know the credentials of the user under which the task is running! And the finished configuration file is only transferred from one place to all other servers with similar functions.
In the next part we will go forth, or rather up the list, analyze reliable session, scheduled jobs and, of course, workflows. Well, maybe a little touch on the new PowerShell ISE, there is also something to look at.
Article based on information from habrahabr.ru
Stand
I gathered under Hyper-V two machines on Windows Server 2012 RC, created a single-domain forest called
litware.inc. Two machines in the domain are called, respectively, w2012dc1.litware.inc and w2012cl1.litware.inc. On w2012dc1 revolve domain services and DNS, and w2012cl1 turns anything but, in fact, most OSes. Also in the domain there is a user user1, the member domain users. You can, of course, was to install on a second machine Windows 8 RC, so to speak, for beauty, but I decided to save a little disk space by taking one parent virtual hard disk, and to him they put two child instead of using two independent virtual hard disks.Also, should mention that not all the terminology I use has already been localized and is in Microsoft language portal, so I give their translation exactly as I understand these terms, and in brackets give the original title in English.
what's New
First, let's simply list is:
the
workflows (eng. Workflows) is some processes running sequentially or in parallel, performing complex management tasks. Actually in PowerShell v3 now includes support for Windows Workflow Foundation, and do PowerShell workflows are repeatable, parallelisme, interruptible, and recoverable.
Reliable session (eng. Robust sessions) is a session of PowerShell, automatically recover after network problems and the like interrupts. Also this technology allows you to disconnect from a session on one machine and connect to the same session to another.
Scheduled tasks (eng. Scheduled jobs) is a PowerShell job that can be performed with a certain interval, or in response to some event.
Special configuration for session (eng. Custom session configurations) – For every PowerShell session you can predefine a specific set of parameters and save them in a special configuration file, then to enter the given session.
Simplified the language syntax (eng. Simplified language syntax) is allegedly a simplified syntax allows the PowerShell script to look less like a program and more similar to natural human language.
cmdlets (eng. Cmdlet discovery) – automatic loading of the module containing the cmdlet if this module is of course installed on the machine.
Show-Command is just one of the new cmdlets that we, perhaps, begin.
Show-Command
After it starts, without arguments, a window appears from which emanates the grandeur and glamour:
If you had to look for TechNet a particular cmdlet, and then use the objects .NET, here here please, all modules, all the cmdlets that look – don't want to.
Here, if you please, cmdlets managing DNS server and DNS client service, and if you choose a module, such as a network, you can view the cmdlets configure the routing table or, say, the TCP/IP settings for network interfaces.
I also tried to look for the word "share", "user", "acl", "policy", "adapter", and so on and so forth, it is interesting.
Cmdlet discovery
Related to the previous, but not directly independent. In PowerShell v2 in Windows Server 2008 R2, in order to perform certain operations, you need to connect a particular module, PowerShell v3 automatically determines which module is responsible for the cmdlet runs in the background of this module loads without any issues.
the
Get-GPO-All | ft Id #Let us just interested in the Id column, no frillsWe get an error, because it is not loaded module GroupPolicy:
the
Import-Module GroupPolicyNow, if you repeat, then all is fine:
In PowerShell v3 are all well initially:
Simplified language syntax
Then, as I thought, the developers have decided to bring the language to SQL, well at least traced some analogy. The fact that they introduced a new syntax for the
Foreach-Object and Where-Object. Although the practical value of the Foreach:the
Get-Service | Foreach Nameinstead of
the
Get-Service | Foreach {$_.Name}in my opinion, questionable.
Another thing is the
Where:the
Get-Service | Where Status -eq Runninginstead of
the
Get-Service | Where {$_.Status-eq "Running"}nothing, without any curly brackets with dollars-quotes.
Also, there are a couple of new operators:
In and NotIn, indicating the range. With them, I think it is more than clear:Custom session configurations
The great innovation that I want to tell in the first part of this configuration session in conjunction with the administrative delegation. Actually the file is a configuration file with the extension .pssc, which just contains a hash table of properties and values: authorship, language, variables, function definitions, etc. In the same configuration session, there are other properties:
the
Get-PSSessionConfiguration | Get-MemberGet the picture, like this:
You can see how many adjustable parameters? You can even compare with the picture that appears when you run this command in PowerShell v2 and feel the difference.
But how to use it? And I'll show you, I confess, I long enough was picked to write these few lines. So, sequentially executed:
the
$defSSDL = (Get-Item WSMan:\localhost\Service\RootSDDL).Value #Take SSDL "default"
$SecDescriptor = New-Object -TypeName Security.AccessControl.CommonSecurityDescriptor $false, $false, $defSSDL #Create a security descriptor
$user = Get-ADUser user1 #Find the Active Directory user you want, but better, of course, the power to give groups
$SecDescriptor.DiscretionaryAcl.AddAccess([System.Security.AccessControl.AccessControlType]::Allow $user.SID.Value 268435456, [System.Security.AccessControl.InheritanceFlags]::None, [System.Security.AccessControl.PropagationFlags]::None) #Add our user SID
$sddl = $SecDescriptor.GetSddlForm("All") #Pick up what happened
$creds = Get-Credential "administrator@litware.inc" #Enter credentials of the administrator
New-PSSessionConfigurationFile -Path .\DnsRead.pssc -SessionType RestrictedRemoteServer -VisibleCmdlets "Show-DnsServer*" -ModulesToImport DnsServer #Create configuration file
Register-PSSessionConfiguration -Name DnsRead -Path .\DnsRead.pssc -AccessMode Remote-securitydescriptorsddl parameter $sddl RunAsCredential $creds #Register the configurationMind you, I have limited configuration only the module
DnsServer and only the cmdlets that begin with Show-DnsServer, this ensures that although the shell and will be executed with the privileges of user administrator@litware.inc, but the remote user user1 from a remote machine w2012cl1 will not be able to do anything, except perhaps this:Easy stuff, right? Limiting the modules and cmdlets inside PowerShell, we can easily in our team of administrators some employees to make responsible for DNS, others for network, and users, for example, to give the right to make snapshots of their machines on Hyper-V in VDI, and no one will know the credentials of the user under which the task is running! And the finished configuration file is only transferred from one place to all other servers with similar functions.
In the next part we will go forth, or rather up the list, analyze reliable session, scheduled jobs and, of course, workflows. Well, maybe a little touch on the new PowerShell ISE, there is also something to look at.
