New PowerShell Features in Windows Server 2016
Good day% HabraUser%! Not so long ago, I was fortunate enough to become the owner of VDS with pre-installed Windows Server 2016 to get acquainted with this operating system and its new features. Due to the fact that for the past few years I have been a fan of administration using PowerShell, it was he who first of all interested me, as I use it in my work daily to automate routine tasks. In the corporate environment today, most often the last used version of Windows 8.1 and Windows Server 2012 R2 operating systems, respectively, I did not pay attention to the changes that Windows 10 brought me on my home computer, and as it turned out in vain. I missed the updated tool, which has become much better, more convenient and faster than previous versions, and I would like to talk about these major changes. Welcome under cat.At the beginning of the list there will be the most minor changes that are designed to make the daily use of this product more comfortable for the administrator:
- The PowerShell editor window can now be resized, a dubious achievement, but now the window can be maximized;
Let's compare:
')
Powershell 2.0
Powershell 5.1 - The next obvious difference that can be seen on the screenshots is syntax highlighting - this is already a very big plus;
- It is followed by another innovation - henceforth, modules and cmdlets of different versions should continue to be supported;
This example is best seen in the screenshots:
Powershell 2.0
Powershell 5.1
As can be seen from the screenshot, a new team has appeared, which, just like the more well-known Update-Help to update the help, serves to update versions of Update-Module modules. - Classes have appeared, there is a separate article on this subject;
- The speed of work with com objects has increased.
About the last point I would like to talk separately. The size of Active Directory in organizations is different, there were cases when it was 20-60 users, and there were also when there are more than several tens of thousands and if in the first case you can do with only a graphical interface, then in the second you can do it, but rather difficult. Few administrators imagine Active Directory as a voluminous database of information from which you can get the data you need to work in a matter of minutes by applying the right approach to it.
Some advertising
The image of Windows Server 2016 appeared only yesterday for download in the Microsoft partners catalog, and today you can familiarize yourself with all its features for only 250 rubles per vpsville.
Lyrical digression...
Microsoft initially presented Active Directory as a tool not only for system administrators, but also for human resources staff. The first must contain everything in working condition in terms of server and software architecture, the latter in turn are responsible for correctly filling the directory. Therefore, as is commonly understood from all sources from which information can be gathered on this issue, the administrator should not create user accounts, and create groups based on Active Directory ideology as well, but in our harsh Russian realities, things are not quite right.
Instead of technical specifications.
Let's imagine that we do not work in the smallest organization and have under control several domain controllers in branches scattered throughout our vast country, respectively, the number of employees we have for example will be at least one thousand people. Recall that the country we have is divided into many time zones and when some just come to work, others are already going to sleep, so the Active Directory management model will be partially centralized, which implies the existence of administrators in the regions, and not only in the central office. We also have internal technical documentation with the requirements of maintaining Active Directory, so that everything would be unified and convenient, we remember that this is a cool database, not just a blooper.
And so we have the knowledge and the task that needs to be solved, let's do just that.
Due to the fact that according to our technical specification, the data we have is very well structured, we can refer to them using standard queries, one such example is the directory of employees that is used in each enterprise.
This is what PowerShell looks like:
Get-ADUser -Filter * -SearchBase "OU=Users,OU=Main Office,DC=MyCompany,DC=ru" -Server 'Domain Controller Name' -Properties displayName, description, physicalDeliveryOfficeName, telephoneNumber, mail, title, department, company, manager | Select displayName, description, physicalDeliveryOfficeName, telephoneNumber, mail, title, department, company, manager | Export-CSV "C:\Export\MainOffice.csv" -NoType -UseCulture -Encoding Unicode Comments on the code
Get-ADUser - a cmdlet that receives an array of users from the search area (-SearchBase) with the properties specified with a comma after the -Properties parameter;
Export-CSV - exports this array to a file.
Export-CSV - exports this array to a file.
As a result, we get a ready-made table with the necessary fields: Name, Account Number, Telephone Number, Mail Address, Position, Department Name, Branch Name, Full Name. The head of the employee. This script works for a few seconds and allows us to change only
$Template_Excel = "C:\PS\.xlsx" $SaveAs = "C:\PS\.xlsx" $AllExcel = @(Get-Process [e]xcel | %{$_.Id}) $MyExcel = New-Object -ComObject Excel.Application $ExcelId = Get-Process excel | %{$_.Id} | Where {$AllExcel -notcontains $_} $MyExcel.Visible = $False $WorkBook = $MyExcel.workbooks.open($Template_Excel) $WorkSheet = $WorkBook.sheets.item("") $Users = Get-ADUser -Filter * -SearchBase "OU=Users,OU=Main Office,DC=MyCompany,DC=ru" -Server 'Domain Controller Name' -Properties displayName, description, physicalDeliveryOfficeName, telephoneNumber, mail, title, department, company, manager | Select sAMAccountName, displayName, description, physicalDeliveryOfficeName, telephoneNumber, mail, title, department, company, manager For($x = 0; $x -le $Users.count; $x++) { $WorkSheet.Rows.Item($x+2).Columns.Item(1) = $Users[$x].displayName $WorkSheet.Rows.Item($x+2).Columns.Item(2) = $Users[$x].description $WorkSheet.Rows.Item($x+2).Columns.Item(3) = $Users[$x].physicalDeliveryOfficeName $WorkSheet.Rows.Item($x+2).Columns.Item(4) = $Users[$x].telephoneNumber $WorkSheet.Rows.Item($x+2).Columns.Item(5) = $Users[$x].mail $WorkSheet.Rows.Item($x+2).Columns.Item(6) = $Users[$x].title $WorkSheet.Rows.Item($x+2).Columns.Item(7) = $Users[$x].department $WorkSheet.Rows.Item($x+2).Columns.Item(8) = $Users[$x].company $WorkSheet.Rows.Item($x+2).Columns.Item(9)= $Users[$x].manager } $Workbook.SaveAs($SaveAs) $MyExcel.quit() Stop-Process -Id $ExcelId -Force -ErrorAction SilentlyContinue Comments on the code
Get-Process - gets the list of processes, in our case [e] xcel;
New-Object - create a new COM object, start your Excel process;
Stop-Process - delete the created object.
New-Object - create a new COM object, start your Excel process;
Stop-Process - delete the created object.
The code in PowerShell has become a bit more, but at the output we received a ready-made file, in which nothing needs to be fixed. There was only one big thing, but this code in Windows 8.1 works ~ 25-40 minutes depending on the number of objects processed, and most of the time it takes to work with the COM object. Accordingly, it was inconvenient to use this approach before the appearance of PowerShell 5 in my life due to the time it took to form the file. In Windows 10 or Windows Server 2016, this script works in a couple of minutes, which allows you to expand the scope of opportunities.
*
* - in the comments to the code the names of the cmdlets are links to the official documentation.
Thank you for reading to the end. Chukchi is not a writer, Chukchi reader.
Source: https://habr.com/ru/post/312616/
All Articles