Monthly Archives: April 2015

QuickTip: Update Windows Defender definitions using Update-MPSignature

Since protecting your computer is as important as anything it might be nice to know that there is also a PowerShell cmdlet available to manually update your virus and malware definitions:

Update-MPSignature

So for example if you would like your Windows Defender definitions to be updated every time a new PowerShell window is opened the following code could be added to your PowerShell profile:

Update-MPSignature -AsJob

I added in the -AsJob so the updating will take place in the background and PowerShell is immediately available to use. To add this to your current PowerShell profile you could execute the following code:

Add-Content -Path $Profile -Value "`r`nUpdate-MPSignature -AsJob`r`n"

The next time you launch PowerShell it will automatically update your definitions:

Update-MPSignature

Share

Active Directory Friday: Find empty Organizational Unit

As an Active Directory Administrator there are some moments, few and far in between where you might have a moment to yourself. In this article I will give you a short line of code so you can use this moment to find out if you have any empty Organizational Units in your domain. The definition of empty is an OU that does not contain any child objects. By this definition an OU containing another OU would not be considered empty. Because there is no LDAP filter for this we will take a look at how to do this using the Cmdlets and the [adsisearcher] type accelerator.

In the following example I will use Get-ADOrganizationalUnit in combination with an if-statement and Get-ADObject to gather empty OUs:

1
2
3
4
5
Get-ADOrganizationalUnit -Filter * | ForEach-Object {
	   if (-not (Get-ADObject -SearchBase $_ -SearchScope OneLevel -Filter * )) {
      		$_
   	}
}

So lets have a look at what this code does, the first portion is straight forward, gather all OUs using the Get-ADOrganizationalUnit cmdlet and pipe it into the ForEach-Object cmdlet. The if-statement is the interesting part here, I am using the Get-ADObject cmdlet to establish if this OU contains any child object, by setting the SearchBase to that OU and setting the SearchScope to OneLevel. Setting the SearchScope to OneLevel will only return direct child objects of the parent, the OU, without returning the OU itself. Because of this Get-ADObject will not return any objects if the OU is empty.

For more information about the SearchScope parameter and the possible arguments have a look at the following link: Specifying the Search Scope

Because you might not have the ActiveDirectory module loaded in your current PowerShell session it can be useful to know the [adsisearcher] alternative:

1
2
([adsisearcher]'(objectcategory=organizationalunit)').FindAll() | Where-Object {
   -not (-join $_.GetDirectoryEntry().psbase.children) }

This is a slightly different approach to illustrate a different method of gathering empty OUs, here we check the Children property part of the base object that is retrieved. The -join operator is used to ensure the -not does not evaluate the empty System.DirectoryServices.DirectoryEntries object as true.

Using the logic in this post it is also possible to filter for other specific objects contained in the OUs. For example display OUs that only have user objects, display OUs with both user and computer objects and so on.

For more information on this subject please refer to the following links:

Additional resources
Specifying the Search Scope
Get-ADObject
Get-ADOrganizationalUnit

New article on PowerShell Magazine: Connect to Azure Virtual Machines without being prompted for credentials

The mstsc tool unfortunately does not support credentials, because of this I have written a short function that uses mstsc in combination a input of username and password or a PowerShell credential object. In the tip on PowerShell Magazine I show how to use this function to connect to Azure virtual machines. The full article  is available on PowerShell Magazine : Connect to Azure Virtual Machines without being prompted for credentials

Connect-Mstsc –ComputerName cloudservice.cloudapp.net:58142 –U jaapbrasser -P secretpw1

For more articles like this, have a look at the External Articles section of my blog, it contains all the articles I have posted on external sources such as PowerShell Magazine.

Links in this Article
PSTip: Connect to Azure Virtual Machines without being prompted for credentials
PowerShell Magazine
External Articles
Connect-Mstsc
My entries in TechNet Script Gallery
Share

New article on PowerShell Magazine: Change a drive letter using Win32_Volume class

In Powershell there are a lot of neat little tricks available, today I will show how to change a drive letter using the Win32_Volume WMI class. The full article  is available on PowerShell Magazine : Change a drive letter using Win32_Volume class

$DvdDrive = Get-CimInstance -Class Win32_Volume -Filter "driveletter='F:'"
Set-CimInstance -InputObject $DvdDrive -Arguments @{DriveLetter="Z:"}

For more articles like this, have a look at the External Articles section of my blog, it contains all the articles I have posted on external sources such as PowerShell Magazine.

Links in this Article
PSTip: Change a drive letter using Win32_Volume class
PowerShell Magazine
External Articles
Share

QuickTip: Automate variable creation using New-Variable

Occasionally I get the question: “But what if I want to create fifty variables, how do I do that in PowerShell?”. My initial thought usually is: “Why?”, but seeing as there might be some scenarios in which it can be useful to batch create a large number of variables. Aside from that it is also just interesting to see how to do things like this in PowerShell.

For example if we would like to create group A-Z as empty arrays the following code can be used:

65..90 | ForEach-Object {
 New-Variable "Group$([char]$_)" -Value @()
}

Personally I would prefer creating a hash table which contains all these arrays as it is easier to work with. If you would like to automatically create a hash table that can be done in a similar manner using the following code:

65..90 | ForEach-Object -Begin {
 $HashTable = @{}
} -Process {
 $HashTable."Group$([char]$_)" = @()
}

Storing the arrays in a hash table has the advantage of having a single point of access, for example by accessing the GetEnumerator() method to display the key – value pairs that are contained in the hash table:

$HashTable.GetEnumerator()
Share